0x4) (async)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0) (async)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r3, 0xffffffffffffffff, 0x24}, 0x10) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000001980)={0x1, 0xb, &(0x7f00000004c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x9d, 0x0, 0x0, 0x0, 0x80}, [@func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffa}, @cb_func={0x18, 0x0, 0x4, 0x0, 0xfffffffffffffffe}, @ldst={0x1, 0x0, 0x0, 0x8, 0x6, 0x20, 0xffffffffffffffff}, @generic={0x0, 0x2, 0x6, 0x5, 0x1f}, @map_val={0x18, 0x9, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x7fff}, @call={0x85, 0x0, 0x0, 0x30}]}, &(0x7f0000000540)='GPL\x00', 0x19e3, 0x1000, &(0x7f0000000580)=""/4096, 0x41000, 0x14, '\x00', r1, 0x1e, 0xffffffffffffffff, 0x8, &(0x7f0000001880)={0x4, 0x1}, 0x8, 0x10, &(0x7f00000018c0)={0x4, 0x5, 0x5, 0x6}, 0x10, 0x0, r2, 0x0, &(0x7f0000001940)=[0x1, 0xffffffffffffffff, r3]}, 0x80) (async)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x2) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x3, 0x4, &(0x7f0000000080)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0x3}, @exit, @ldst={0x1, 0x2, 0x3, 0x5, 0x4, 0xfffffffffffffff8, 0x1}, @generic={0x8, 0xd, 0x6, 0x7, 0x7f}], &(0x7f0000000100)='GPL\x00', 0x80, 0x67, &(0x7f0000000140)=""/103, 0x41000, 0x10, '\x00', 0x0, 0x16, 0xffffffffffffffff, 0x8, &(0x7f00000001c0)={0x1, 0x4}, 0x8, 0x10, &(0x7f0000000200)={0x4, 0xd, 0x2, 0x80000000}, 0x10, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, &(0x7f0000000240)=[0x1, 0xffffffffffffffff]}, 0x80) (async)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000001c80)={r3, 0x20, &(0x7f0000001c40)={&(0x7f0000001bc0), 0x0, 0x0, &(0x7f0000001c00)=""/11, 0xb}}, 0x10) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000001d00)={0x0, 0x11, &(0x7f0000001a00)=@framed={{0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x6}, [@btf_id={0x18, 0x1, 0x3, 0x0, 0x2}, @generic={0x10, 0x9, 0xd, 0x6f2, 0x7ff}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x8a}, @cb_func={0x18, 0x0, 0x4, 0x0, 0xfffffffffffffffc}, @map_idx_val={0x18, 0x8, 0x6, 0x0, 0x7, 0x0, 0x0, 0x0, 0x9}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x5}, @map_fd={0x18, 0x6, 0x1, 0x0, r3}, @ldst={0x0, 0x3, 0x2, 0x5, 0xa, 0x40, 0xfffffffffffffffc}, @call={0x85, 0x0, 0x0, 0x34}]}, &(0x7f0000001ac0)='syzkaller\x00', 0x2, 0x20, &(0x7f0000001b00)=""/32, 0x41100, 0x18, '\x00', 0x0, 0x1b, r3, 0x8, &(0x7f0000001b40)={0x4, 0x2}, 0x8, 0x10, &(0x7f0000001b80)={0x1, 0xf, 0xd, 0x3}, 0x10, r5, r0, 0x0, &(0x7f0000001cc0)=[r3]}, 0x80) (async)
mkdir(&(0x7f00000003c0)='./file1\x00', 0x8) (async)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000300)={&(0x7f0000000000)='./file1\x00', r4}, 0x10) (async)

10:52:42 executing program 1:
syz_clone(0x4c020000, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_clone(0x0, &(0x7f0000000000)="cffbb0723681cf1b26266839178731394ee267c96dc84b1eff56290effdd174eda3fba54e5b85083e473ce765a75905f3e2d59f24541ea2c17ae54ec02fbaa336a151b472970c6ef158e2bfe234f1a65e8c19ada2f4731585ee3d47f6d22c3058940ec9b4cd66485284eaa6fd74a8b936f2deaea5f0f17ee2680493c122a28cd0e5bd2b6637cd119ca24e5ce6b65fd223721d54d229510e3a545de713abb593aab1dc666effb3058d045d2c41b453dca8f9452a6c2e5b8629cc1461f43f8228e8a986e41eb0907f7311037115ddf4334450b944692077f1d7d8745968e556fcba457e4266acc83418b7d268d2aa8baa909af2d15f4", 0xf5, &(0x7f0000000100), &(0x7f0000000140), &(0x7f0000000180)="e0d6040d32c05fd0365cf5a3c6e6194238497dcd4885ae63a10f3d0e67645943bebf2f81e077ce26ff741f522569f58d924327463e4c8e4cd2e72d8ce69f0c0bdef9b7e53c453812")

10:52:42 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNGETSNDBUF(r0, 0x800454d3, &(0x7f0000000140))
ioctl$TUNSETIFINDEX(r0, 0x400454da, &(0x7f0000000040))
openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x80400, 0x0)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335)

10:52:42 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000380)={&(0x7f0000000340)='./file1\x00'}, 0x10)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000480)={&(0x7f0000000440)='./file0\x00'}, 0x10) (async)
unlink(&(0x7f0000000400)='./file1\x00') (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001840)={r0, 0xe0, &(0x7f0000001740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000001580)=[0x0], ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0x4, 0x9, &(0x7f00000015c0)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000001600)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000001640)=[{}, {}, {}], 0x18, 0x10, &(0x7f0000001680), &(0x7f00000016c0), 0x8, 0x10, 0x8, 0x8, &(0x7f0000001700)}}, 0x10) (async)
r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000001900), 0x4) (async)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r3, 0xffffffffffffffff, 0x24}, 0x10) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000001980)={0x1, 0xb, &(0x7f00000004c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x9d, 0x0, 0x0, 0x0, 0x80}, [@func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffa}, @cb_func={0x18, 0x0, 0x4, 0x0, 0xfffffffffffffffe}, @ldst={0x1, 0x0, 0x0, 0x8, 0x6, 0x20, 0xffffffffffffffff}, @generic={0x0, 0x2, 0x6, 0x5, 0x1f}, @map_val={0x18, 0x9, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x7fff}, @call={0x85, 0x0, 0x0, 0x30}]}, &(0x7f0000000540)='GPL\x00', 0x19e3, 0x1000, &(0x7f0000000580)=""/4096, 0x41000, 0x14, '\x00', r1, 0x1e, 0xffffffffffffffff, 0x8, &(0x7f0000001880)={0x4, 0x1}, 0x8, 0x10, &(0x7f00000018c0)={0x4, 0x5, 0x5, 0x6}, 0x10, 0x0, r2, 0x0, &(0x7f0000001940)=[0x1, 0xffffffffffffffff, r3]}, 0x80) (async)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x2) (async)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x3, 0x4, &(0x7f0000000080)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0x3}, @exit, @ldst={0x1, 0x2, 0x3, 0x5, 0x4, 0xfffffffffffffff8, 0x1}, @generic={0x8, 0xd, 0x6, 0x7, 0x7f}], &(0x7f0000000100)='GPL\x00', 0x80, 0x67, &(0x7f0000000140)=""/103, 0x41000, 0x10, '\x00', 0x0, 0x16, 0xffffffffffffffff, 0x8, &(0x7f00000001c0)={0x1, 0x4}, 0x8, 0x10, &(0x7f0000000200)={0x4, 0xd, 0x2, 0x80000000}, 0x10, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, &(0x7f0000000240)=[0x1, 0xffffffffffffffff]}, 0x80) (async)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000001c80)={r3, 0x20, &(0x7f0000001c40)={&(0x7f0000001bc0), 0x0, <r5=>0x0, &(0x7f0000001c00)=""/11, 0xb}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000001d00)={0x0, 0x11, &(0x7f0000001a00)=@framed={{0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x6}, [@btf_id={0x18, 0x1, 0x3, 0x0, 0x2}, @generic={0x10, 0x9, 0xd, 0x6f2, 0x7ff}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x8a}, @cb_func={0x18, 0x0, 0x4, 0x0, 0xfffffffffffffffc}, @map_idx_val={0x18, 0x8, 0x6, 0x0, 0x7, 0x0, 0x0, 0x0, 0x9}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x5}, @map_fd={0x18, 0x6, 0x1, 0x0, r3}, @ldst={0x0, 0x3, 0x2, 0x5, 0xa, 0x40, 0xfffffffffffffffc}, @call={0x85, 0x0, 0x0, 0x34}]}, &(0x7f0000001ac0)='syzkaller\x00', 0x2, 0x20, &(0x7f0000001b00)=""/32, 0x41100, 0x18, '\x00', 0x0, 0x1b, r3, 0x8, &(0x7f0000001b40)={0x4, 0x2}, 0x8, 0x10, &(0x7f0000001b80)={0x1, 0xf, 0xd, 0x3}, 0x10, r5, r0, 0x0, &(0x7f0000001cc0)=[r3]}, 0x80) (async)
mkdir(&(0x7f00000003c0)='./file1\x00', 0x8) (async)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000300)={&(0x7f0000000000)='./file1\x00', r4}, 0x10)

10:52:42 executing program 4:
syz_clone(0x4c020000, 0x0, 0x0, 0x0, 0x0, 0x0)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000000)=@abs, 0x6e, &(0x7f00000002c0)=[{&(0x7f0000000080)=""/115, 0x73}, {&(0x7f0000000380)=""/182, 0xb6}, {&(0x7f00000001c0)=""/197, 0xc5}], 0x3, &(0x7f0000000300)=[@cred={{0x1c}}], 0x20}, 0x40002140)

10:52:42 executing program 0:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000080)={&(0x7f0000000000)='./file0\x00', 0x0, 0x8}, 0x10)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0)

10:52:42 executing program 1:
syz_clone(0x4c020000, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_clone(0x0, &(0x7f0000000000)="cffbb0723681cf1b26266839178731394ee267c96dc84b1eff56290effdd174eda3fba54e5b85083e473ce765a75905f3e2d59f24541ea2c17ae54ec02fbaa336a151b472970c6ef158e2bfe234f1a65e8c19ada2f4731585ee3d47f6d22c3058940ec9b4cd66485284eaa6fd74a8b936f2deaea5f0f17ee2680493c122a28cd0e5bd2b6637cd119ca24e5ce6b65fd223721d54d229510e3a545de713abb593aab1dc666effb3058d045d2c41b453dca8f9452a6c2e5b8629cc1461f43f8228e8a986e41eb0907f7311037115ddf4334450b944692077f1d7d8745968e556fcba457e4266acc83418b7d268d2aa8baa909af2d15f4", 0xf5, &(0x7f0000000100), &(0x7f0000000140), &(0x7f0000000180)="e0d6040d32c05fd0365cf5a3c6e6194238497dcd4885ae63a10f3d0e67645943bebf2f81e077ce26ff741f522569f58d924327463e4c8e4cd2e72d8ce69f0c0bdef9b7e53c453812")
syz_clone(0x4c020000, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
syz_clone(0x0, &(0x7f0000000000)="cffbb0723681cf1b26266839178731394ee267c96dc84b1eff56290effdd174eda3fba54e5b85083e473ce765a75905f3e2d59f24541ea2c17ae54ec02fbaa336a151b472970c6ef158e2bfe234f1a65e8c19ada2f4731585ee3d47f6d22c3058940ec9b4cd66485284eaa6fd74a8b936f2deaea5f0f17ee2680493c122a28cd0e5bd2b6637cd119ca24e5ce6b65fd223721d54d229510e3a545de713abb593aab1dc666effb3058d045d2c41b453dca8f9452a6c2e5b8629cc1461f43f8228e8a986e41eb0907f7311037115ddf4334450b944692077f1d7d8745968e556fcba457e4266acc83418b7d268d2aa8baa909af2d15f4", 0xf5, &(0x7f0000000100), &(0x7f0000000140), &(0x7f0000000180)="e0d6040d32c05fd0365cf5a3c6e6194238497dcd4885ae63a10f3d0e67645943bebf2f81e077ce26ff741f522569f58d924327463e4c8e4cd2e72d8ce69f0c0bdef9b7e53c453812") (async)

10:52:42 executing program 0:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000080)={&(0x7f0000000000)='./file0\x00', 0x0, 0x8}, 0x10) (async)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0)

10:52:42 executing program 2:
r0 = getpid()
perf_event_open(&(0x7f0000000080)={0x4, 0x80, 0x4, 0x3, 0x82, 0x6, 0x0, 0xffffffffffffffff, 0x58000, 0x6, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xb9f, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x4000, 0xb66, 0x0, 0x4, 0x5, 0x379e, 0x50, 0x0, 0x3, 0x0, 0x9}, r0, 0x1, 0xffffffffffffffff, 0x9)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000240)={0xffffffffffffffff, 0x58, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r1=>0x0}}, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r2, 0xffffffffffffffff, 0x24}, 0x10)
r3 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300), 0x4)
getpid()
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x12, 0xb, &(0x7f0000000140)=@framed={{0x18, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x3}, [@initr0={0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x8001}, @alu={0x7, 0x1, 0x4, 0x2, 0x6, 0x4, 0x18}, @alu={0x4, 0x1, 0x0, 0x1, 0x7, 0x18, 0xfffffffffffffffc}, @map_idx={0x18, 0x4, 0x5, 0x0, 0xc}, @ldst={0x2, 0x3, 0x3, 0x7, 0x7, 0x10}, @exit]}, &(0x7f0000000040)='syzkaller\x00', 0x3, 0x0, 0x0, 0x41100, 0x4, '\x00', r1, 0xf, r2, 0x8, &(0x7f0000000280)={0x1, 0x2}, 0x8, 0x10, &(0x7f00000002c0)={0x2, 0x3, 0x1, 0x6}, 0x10, 0xffffffffffffffff, r3, 0x0, &(0x7f0000000340)=[0x1]}, 0x80)
mkdir(&(0x7f0000000100)='./file0\x00', 0x0)

10:52:42 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNGETSNDBUF(r0, 0x800454d3, &(0x7f0000000140))
ioctl$TUNSETIFINDEX(r0, 0x400454da, &(0x7f0000000040))
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335)

10:52:42 executing program 0:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000080)={&(0x7f0000000000)='./file0\x00', 0x0, 0x8}, 0x10)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000080)={&(0x7f0000000000)='./file0\x00', 0x0, 0x8}, 0x10) (async)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0) (async)

10:52:42 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
unlink(&(0x7f00000000c0)='./file0\x00')
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000080)={&(0x7f0000000000)='./file0\x00', 0x1}, 0x10)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r0, 0xffffffffffffffff, 0x24}, 0x10)
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000140)={0xffffffffffffffff, r0}, 0xc)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x36)

10:52:42 executing program 4:
syz_clone(0x4c020000, 0x0, 0x0, 0x0, 0x0, 0x0)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000000)=@abs, 0x6e, &(0x7f00000002c0)=[{&(0x7f0000000080)=""/115, 0x73}, {&(0x7f0000000380)=""/182, 0xb6}, {&(0x7f00000001c0)=""/197, 0xc5}], 0x3, &(0x7f0000000300)=[@cred={{0x1c}}], 0x20}, 0x40002140)

10:52:42 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
unlink(&(0x7f00000000c0)='./file0\x00')
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000080)={&(0x7f0000000000)='./file0\x00', 0x1}, 0x10)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r0, 0xffffffffffffffff, 0x24}, 0x10)
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000140)={0xffffffffffffffff, r0}, 0xc)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x36)

10:52:42 executing program 0:
mkdir(&(0x7f0000000040)='./file0\x00', 0x80)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000080)={&(0x7f0000000000)='./file1\x00'}, 0x10)

10:52:42 executing program 2:
r0 = getpid()
perf_event_open(&(0x7f0000000080)={0x4, 0x80, 0x4, 0x3, 0x82, 0x6, 0x0, 0xffffffffffffffff, 0x58000, 0x6, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xb9f, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x4000, 0xb66, 0x0, 0x4, 0x5, 0x379e, 0x50, 0x0, 0x3, 0x0, 0x9}, r0, 0x1, 0xffffffffffffffff, 0x9)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000240)={0xffffffffffffffff, 0x58, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r1=>0x0}}, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r2, 0xffffffffffffffff, 0x24}, 0x10)
r3 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300), 0x4)
getpid() (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x12, 0xb, &(0x7f0000000140)=@framed={{0x18, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x3}, [@initr0={0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x8001}, @alu={0x7, 0x1, 0x4, 0x2, 0x6, 0x4, 0x18}, @alu={0x4, 0x1, 0x0, 0x1, 0x7, 0x18, 0xfffffffffffffffc}, @map_idx={0x18, 0x4, 0x5, 0x0, 0xc}, @ldst={0x2, 0x3, 0x3, 0x7, 0x7, 0x10}, @exit]}, &(0x7f0000000040)='syzkaller\x00', 0x3, 0x0, 0x0, 0x41100, 0x4, '\x00', r1, 0xf, r2, 0x8, &(0x7f0000000280)={0x1, 0x2}, 0x8, 0x10, &(0x7f00000002c0)={0x2, 0x3, 0x1, 0x6}, 0x10, 0xffffffffffffffff, r3, 0x0, &(0x7f0000000340)=[0x1]}, 0x80) (async)
mkdir(&(0x7f0000000100)='./file0\x00', 0x0)

10:52:42 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
unlink(&(0x7f00000000c0)='./file0\x00')
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000080)={&(0x7f0000000000)='./file0\x00', 0x1}, 0x10)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r0, 0xffffffffffffffff, 0x24}, 0x10)
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000140)={0xffffffffffffffff, r0}, 0xc)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x36)

10:52:42 executing program 0:
mkdir(&(0x7f0000000040)='./file0\x00', 0x80)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000080)={&(0x7f0000000000)='./file1\x00'}, 0x10)
mkdir(&(0x7f0000000040)='./file0\x00', 0x80) (async)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0) (async)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000080)={&(0x7f0000000000)='./file1\x00'}, 0x10) (async)

10:52:42 executing program 1:
syz_clone(0x4c020000, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
syz_clone(0x0, &(0x7f0000000000)="cffbb0723681cf1b26266839178731394ee267c96dc84b1eff56290effdd174eda3fba54e5b85083e473ce765a75905f3e2d59f24541ea2c17ae54ec02fbaa336a151b472970c6ef158e2bfe234f1a65e8c19ada2f4731585ee3d47f6d22c3058940ec9b4cd66485284eaa6fd74a8b936f2deaea5f0f17ee2680493c122a28cd0e5bd2b6637cd119ca24e5ce6b65fd223721d54d229510e3a545de713abb593aab1dc666effb3058d045d2c41b453dca8f9452a6c2e5b8629cc1461f43f8228e8a986e41eb0907f7311037115ddf4334450b944692077f1d7d8745968e556fcba457e4266acc83418b7d268d2aa8baa909af2d15f4", 0xf5, &(0x7f0000000100), &(0x7f0000000140), &(0x7f0000000180)="e0d6040d32c05fd0365cf5a3c6e6194238497dcd4885ae63a10f3d0e67645943bebf2f81e077ce26ff741f522569f58d924327463e4c8e4cd2e72d8ce69f0c0bdef9b7e53c453812")

10:52:42 executing program 2:
r0 = getpid()
perf_event_open(&(0x7f0000000080)={0x4, 0x80, 0x4, 0x3, 0x82, 0x6, 0x0, 0xffffffffffffffff, 0x58000, 0x6, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0xb9f, 0x2, @perf_bp={&(0x7f0000000000), 0x2}, 0x4000, 0xb66, 0x0, 0x4, 0x5, 0x379e, 0x50, 0x0, 0x3, 0x0, 0x9}, r0, 0x1, 0xffffffffffffffff, 0x9)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000240)={0xffffffffffffffff, 0x58, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r1=>0x0}}, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r2, 0xffffffffffffffff, 0x24}, 0x10)
r3 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300), 0x4)
getpid() (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x12, 0xb, &(0x7f0000000140)=@framed={{0x18, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x3}, [@initr0={0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x8001}, @alu={0x7, 0x1, 0x4, 0x2, 0x6, 0x4, 0x18}, @alu={0x4, 0x1, 0x0, 0x1, 0x7, 0x18, 0xfffffffffffffffc}, @map_idx={0x18, 0x4, 0x5, 0x0, 0xc}, @ldst={0x2, 0x3, 0x3, 0x7, 0x7, 0x10}, @exit]}, &(0x7f0000000040)='syzkaller\x00', 0x3, 0x0, 0x0, 0x41100, 0x4, '\x00', r1, 0xf, r2, 0x8, &(0x7f0000000280)={0x1, 0x2}, 0x8, 0x10, &(0x7f00000002c0)={0x2, 0x3, 0x1, 0x6}, 0x10, 0xffffffffffffffff, r3, 0x0, &(0x7f0000000340)=[0x1]}, 0x80)
mkdir(&(0x7f0000000100)='./file0\x00', 0x0)

10:52:42 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNGETSNDBUF(r0, 0x800454d3, &(0x7f0000000140))
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335)

10:52:42 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
unlink(&(0x7f00000000c0)='./file0\x00')
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000080)={&(0x7f0000000000)='./file0\x00', 0x1}, 0x10)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r0, 0xffffffffffffffff, 0x24}, 0x10)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x36)

10:52:42 executing program 4:
syz_clone(0x4c020000, 0x0, 0x0, 0x0, 0x0, 0x0)

10:52:42 executing program 0:
mkdir(&(0x7f0000000040)='./file0\x00', 0x80) (async)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000080)={&(0x7f0000000000)='./file1\x00'}, 0x10)

10:52:42 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x0, 0xff, 0x3, 0x7, 0x894, 0x1, 0x1, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x2, 0x1}, 0x48)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000080)={&(0x7f0000000000)='./file1\x00', r0}, 0x10)

10:52:42 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
unlink(&(0x7f00000000c0)='./file0\x00')
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000080)={&(0x7f0000000000)='./file0\x00', 0x1}, 0x10)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x36)

10:52:42 executing program 0:
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r0, 0xffffffffffffffff, 0x24}, 0x10)
perf_event_open$cgroup(&(0x7f0000000100)={0x0, 0x80, 0x7, 0x0, 0x7, 0x0, 0x0, 0xfff, 0xe00c1, 0x4, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x8, 0x2, @perf_config_ext={0x6, 0x1}, 0x89002, 0x8, 0x7, 0x1, 0x8000000000000001, 0x0, 0x1, 0x0, 0x8000, 0x0, 0x5}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0x102)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0)

10:52:42 executing program 4:
syz_clone(0x4c020000, 0x0, 0x0, 0x0, 0x0, 0x0)

10:52:42 executing program 4:
syz_clone(0x4c020000, 0x0, 0x0, 0x0, 0x0, 0x0)

10:52:42 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0) (async)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x0, 0xff, 0x3, 0x7, 0x894, 0x1, 0x1, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x2, 0x1}, 0x48)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000080)={&(0x7f0000000000)='./file1\x00', r0}, 0x10)

10:52:42 executing program 1:
syz_clone(0x4e220000, 0x0, 0x0, 0x0, 0x0, 0x0)

10:52:42 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335)

10:52:42 executing program 0:
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r0, 0xffffffffffffffff, 0x24}, 0x10)
perf_event_open$cgroup(&(0x7f0000000100)={0x0, 0x80, 0x7, 0x0, 0x7, 0x0, 0x0, 0xfff, 0xe00c1, 0x4, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x8, 0x2, @perf_config_ext={0x6, 0x1}, 0x89002, 0x8, 0x7, 0x1, 0x8000000000000001, 0x0, 0x1, 0x0, 0x8000, 0x0, 0x5}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0x102)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0)

10:52:42 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
unlink(&(0x7f00000000c0)='./file0\x00')
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000080)={&(0x7f0000000000)='./file0\x00', 0x1}, 0x10)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x36)

10:52:42 executing program 4:
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000000)=@abs, 0x6e, &(0x7f00000002c0)=[{&(0x7f0000000080)=""/115, 0x73}, {&(0x7f0000000380)=""/182, 0xb6}, {&(0x7f00000001c0)=""/197, 0xc5}], 0x3, &(0x7f0000000300)=[@cred={{0x1c}}], 0x20}, 0x40002140)

10:52:42 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x0, 0xff, 0x3, 0x7, 0x894, 0x1, 0x1, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x2, 0x1}, 0x48)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000080)={&(0x7f0000000000)='./file1\x00', r0}, 0x10)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0) (async)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x0, 0xff, 0x3, 0x7, 0x894, 0x1, 0x1, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x2, 0x1}, 0x48) (async)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000080)={&(0x7f0000000000)='./file1\x00', r0}, 0x10) (async)

10:52:42 executing program 0:
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r0, 0xffffffffffffffff, 0x24}, 0x10) (async)
perf_event_open$cgroup(&(0x7f0000000100)={0x0, 0x80, 0x7, 0x0, 0x7, 0x0, 0x0, 0xfff, 0xe00c1, 0x4, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x8, 0x2, @perf_config_ext={0x6, 0x1}, 0x89002, 0x8, 0x7, 0x1, 0x8000000000000001, 0x0, 0x1, 0x0, 0x8000, 0x0, 0x5}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
mkdir(&(0x7f0000000000)='./file0\x00', 0x102)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0)

10:52:42 executing program 4:
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000000)=@abs, 0x6e, &(0x7f00000002c0)=[{&(0x7f0000000080)=""/115, 0x73}, {&(0x7f0000000380)=""/182, 0xb6}, {&(0x7f00000001c0)=""/197, 0xc5}], 0x3, &(0x7f0000000300)=[@cred={{0x1c}}], 0x20}, 0x40002140)

10:52:42 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
unlink(&(0x7f00000000c0)='./file0\x00')
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x36)

10:52:42 executing program 2:
recvmsg$unix(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000100)=@abs, 0x6e, &(0x7f0000000080)=[{&(0x7f0000000000)=""/39, 0x27}], 0x1, &(0x7f0000000180)=[@cred={{0x1c}}], 0x20}, 0x2142)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0)
recvmsg$unix(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000200), 0x6e, &(0x7f00000002c0)=[{&(0x7f0000000280)=""/6, 0x6}], 0x1, &(0x7f0000000400)=ANY=[@ANYBLOB="1c000000000000000100002302000800e7e6810bca59f4237e784158258e2c664f2668468102fe762ad5978f2a6e91f59edc", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000018000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00'], 0x98}, 0x60)

10:52:42 executing program 2:
recvmsg$unix(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000100)=@abs, 0x6e, &(0x7f0000000080)=[{&(0x7f0000000000)=""/39, 0x27}], 0x1, &(0x7f0000000180)=[@cred={{0x1c}}], 0x20}, 0x2142)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0)
recvmsg$unix(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000200), 0x6e, &(0x7f00000002c0)=[{&(0x7f0000000280)=""/6, 0x6}], 0x1, &(0x7f0000000400)=ANY=[@ANYBLOB="1c000000000000000100002302000800e7e6810bca59f4237e784158258e2c664f2668468102fe762ad5978f2a6e91f59edc", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000018000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00'], 0x98}, 0x60)
recvmsg$unix(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000100)=@abs, 0x6e, &(0x7f0000000080)=[{&(0x7f0000000000)=""/39, 0x27}], 0x1, &(0x7f0000000180)=[@cred={{0x1c}}], 0x20}, 0x2142) (async)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0) (async)
recvmsg$unix(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000200), 0x6e, &(0x7f00000002c0)=[{&(0x7f0000000280)=""/6, 0x6}], 0x1, &(0x7f0000000400)=ANY=[@ANYBLOB="1c000000000000000100002302000800e7e6810bca59f4237e784158258e2c664f2668468102fe762ad5978f2a6e91f59edc", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000018000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00'], 0x98}, 0x60) (async)

10:52:42 executing program 4:
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000000)=@abs, 0x6e, &(0x7f00000002c0)=[{&(0x7f0000000080)=""/115, 0x73}, {&(0x7f0000000380)=""/182, 0xb6}, {&(0x7f00000001c0)=""/197, 0xc5}], 0x3, &(0x7f0000000300)=[@cred={{0x1c}}], 0x20}, 0x40002140)

10:52:42 executing program 1:
syz_clone(0x4e220000, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_clone(0x4e220000, 0x0, 0x0, 0x0, 0x0, 0x0) (async)

10:52:42 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x36)

10:52:42 executing program 0:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
socketpair(0x1a, 0x80000, 0x7, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
recvmsg(r0, &(0x7f0000000700)={0x0, 0x0, &(0x7f0000000600)=[{&(0x7f0000000100)=""/224, 0xe0}, {&(0x7f0000000200)=""/145, 0x91}, {&(0x7f0000000080)=""/44, 0x2c}, {&(0x7f00000002c0)}, {&(0x7f0000000300)}, {&(0x7f0000000740)=""/248, 0xf8}, {&(0x7f0000000440)=""/148, 0x94}, {&(0x7f0000000500)=""/224, 0xe0}], 0x8, &(0x7f0000000680)=""/88, 0x58}, 0x2021)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000300)={&(0x7f00000002c0)='./file1\x00', 0x0, 0x18}, 0x10)

10:52:42 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335)

10:52:42 executing program 2:
recvmsg$unix(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000100)=@abs, 0x6e, &(0x7f0000000080)=[{&(0x7f0000000000)=""/39, 0x27}], 0x1, &(0x7f0000000180)=[@cred={{0x1c}}], 0x20}, 0x2142)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0)
recvmsg$unix(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000200), 0x6e, &(0x7f00000002c0)=[{&(0x7f0000000280)=""/6, 0x6}], 0x1, &(0x7f0000000400)=ANY=[@ANYBLOB="1c000000000000000100002302000800e7e6810bca59f4237e784158258e2c664f2668468102fe762ad5978f2a6e91f59edc", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000018000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00'], 0x98}, 0x60)

10:52:42 executing program 4:
syz_clone(0x4c020000, 0x0, 0x0, 0x0, 0x0, 0x0)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x40002140)

10:52:42 executing program 2:
ioctl$TUNSETVNETLE(0xffffffffffffffff, 0x400454dc, &(0x7f0000000080))
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000000)=0xffffffffffffffff, 0x12)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0)
unlink(&(0x7f0000000140)='./file1\x00')
bpf$BPF_MAP_FREEZE(0x16, &(0x7f0000000100), 0x4)

10:52:42 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335)

10:52:42 executing program 3:
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x36)

10:52:42 executing program 0:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
socketpair(0x1a, 0x80000, 0x7, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
recvmsg(r0, &(0x7f0000000700)={0x0, 0x0, &(0x7f0000000600)=[{&(0x7f0000000100)=""/224, 0xe0}, {&(0x7f0000000200)=""/145, 0x91}, {&(0x7f0000000080)=""/44, 0x2c}, {&(0x7f00000002c0)}, {&(0x7f0000000300)}, {&(0x7f0000000740)=""/248, 0xf8}, {&(0x7f0000000440)=""/148, 0x94}, {&(0x7f0000000500)=""/224, 0xe0}], 0x8, &(0x7f0000000680)=""/88, 0x58}, 0x2021)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000300)={&(0x7f00000002c0)='./file1\x00', 0x0, 0x18}, 0x10)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
socketpair(0x1a, 0x80000, 0x7, &(0x7f0000000000)) (async)
recvmsg(r0, &(0x7f0000000700)={0x0, 0x0, &(0x7f0000000600)=[{&(0x7f0000000100)=""/224, 0xe0}, {&(0x7f0000000200)=""/145, 0x91}, {&(0x7f0000000080)=""/44, 0x2c}, {&(0x7f00000002c0)}, {&(0x7f0000000300)}, {&(0x7f0000000740)=""/248, 0xf8}, {&(0x7f0000000440)=""/148, 0x94}, {&(0x7f0000000500)=""/224, 0xe0}], 0x8, &(0x7f0000000680)=""/88, 0x58}, 0x2021) (async)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0) (async)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000300)={&(0x7f00000002c0)='./file1\x00', 0x0, 0x18}, 0x10) (async)

10:52:42 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335)

10:52:42 executing program 2:
ioctl$TUNSETVNETLE(0xffffffffffffffff, 0x400454dc, &(0x7f0000000080))
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000000)=0xffffffffffffffff, 0x12)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0)
unlink(&(0x7f0000000140)='./file1\x00')
bpf$BPF_MAP_FREEZE(0x16, &(0x7f0000000100), 0x4)
ioctl$TUNSETVNETLE(0xffffffffffffffff, 0x400454dc, &(0x7f0000000080)) (async)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000000)=0xffffffffffffffff, 0x12) (async)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0) (async)
unlink(&(0x7f0000000140)='./file1\x00') (async)
bpf$BPF_MAP_FREEZE(0x16, &(0x7f0000000100), 0x4) (async)

10:52:42 executing program 1:
syz_clone(0x4e220000, 0x0, 0x0, 0x0, 0x0, 0x0)

10:52:42 executing program 4:
syz_clone(0x4c020000, 0x0, 0x0, 0x0, 0x0, 0x0)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x40002140)

10:52:42 executing program 0:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
socketpair(0x1a, 0x80000, 0x7, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
recvmsg(r0, &(0x7f0000000700)={0x0, 0x0, &(0x7f0000000600)=[{&(0x7f0000000100)=""/224, 0xe0}, {&(0x7f0000000200)=""/145, 0x91}, {&(0x7f0000000080)=""/44, 0x2c}, {&(0x7f00000002c0)}, {&(0x7f0000000300)}, {&(0x7f0000000740)=""/248, 0xf8}, {&(0x7f0000000440)=""/148, 0x94}, {&(0x7f0000000500)=""/224, 0xe0}], 0x8, &(0x7f0000000680)=""/88, 0x58}, 0x2021) (async)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000300)={&(0x7f00000002c0)='./file1\x00', 0x0, 0x18}, 0x10)

10:52:42 executing program 3:
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x36)

10:52:42 executing program 2:
ioctl$TUNSETVNETLE(0xffffffffffffffff, 0x400454dc, &(0x7f0000000080))
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async, rerun: 32)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000000)=0xffffffffffffffff, 0x12) (async, rerun: 32)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0) (async)
unlink(&(0x7f0000000140)='./file1\x00') (async, rerun: 64)
bpf$BPF_MAP_FREEZE(0x16, &(0x7f0000000100), 0x4) (rerun: 64)

10:52:42 executing program 5:
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x335)

10:52:42 executing program 5:
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x335)

10:52:42 executing program 3:
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x36)

10:52:42 executing program 0:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000080)={&(0x7f0000000000)='./file1\x00', 0x0, 0x8}, 0x10)

10:52:42 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
unlink(&(0x7f00000000c0)='./file0\x00')
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000080)={&(0x7f0000000000)='./file0\x00', 0x1}, 0x10)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r0, 0xffffffffffffffff, 0x24}, 0x10)
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000140)={0xffffffffffffffff, r0}, 0xc)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x36)

10:52:42 executing program 5:
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x335)

10:52:42 executing program 3:
mkdir(0x0, 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x36)

10:52:42 executing program 1:
r0 = syz_clone(0x44220000, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000580)={&(0x7f0000000540)='./file0\x00', 0x0, 0x18}, 0x10)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r1, r2, 0x24}, 0x10)
recvmsg$unix(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000000c0)=""/12, 0xc}], 0x1, &(0x7f0000000140)=[@cred={{0x1c}}], 0x20}, 0xeebd51bff2d9e55c)
r3 = bpf$ITER_CREATE(0x21, &(0x7f00000001c0)={r1}, 0x8)
recvmsg$unix(r3, &(0x7f0000000500)={&(0x7f0000000200)=@abs, 0x6e, &(0x7f0000000380)=[{&(0x7f0000000280)=""/254, 0xfe}], 0x1, &(0x7f00000003c0)=[@rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0x130}, 0x40000002)
perf_event_open(&(0x7f0000000040)={0x4, 0x80, 0x9, 0x7, 0x80, 0x7, 0x0, 0x6, 0x9020, 0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x9, 0x1, @perf_bp={&(0x7f0000000000), 0x3}, 0x0, 0x7, 0x7f, 0xd, 0x89d, 0x100, 0x55, 0x0, 0x401, 0x0, 0x4}, r0, 0x8, r1, 0x1)

10:52:42 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335)

10:52:42 executing program 4:
syz_clone(0x4c020000, 0x0, 0x0, 0x0, 0x0, 0x0)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x40002140)

10:52:42 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
unlink(&(0x7f00000000c0)='./file0\x00')
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000080)={&(0x7f0000000000)='./file0\x00', 0x1}, 0x10)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r0, 0xffffffffffffffff, 0x24}, 0x10)
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000140)={0xffffffffffffffff, r0}, 0xc)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x36)

10:52:42 executing program 3:
mkdir(0x0, 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x36)

10:52:42 executing program 0:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0) (async, rerun: 32)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000080)={&(0x7f0000000000)='./file1\x00', 0x0, 0x8}, 0x10) (rerun: 32)

10:52:42 executing program 3:
mkdir(0x0, 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x36)

10:52:42 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335)

10:52:42 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
unlink(&(0x7f00000000c0)='./file0\x00')
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000080)={&(0x7f0000000000)='./file0\x00', 0x1}, 0x10)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r0, 0xffffffffffffffff, 0x24}, 0x10)
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000140)={0xffffffffffffffff, r0}, 0xc)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x36)

10:52:42 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(0x0, 0x36)

10:52:42 executing program 4:
syz_clone(0x4c020000, 0x0, 0x0, 0x0, 0x0, 0x0)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0)

10:52:42 executing program 0:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000080)={&(0x7f0000000000)='./file1\x00', 0x0, 0x8}, 0x10)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0) (async)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000080)={&(0x7f0000000000)='./file1\x00', 0x0, 0x8}, 0x10) (async)

10:52:42 executing program 1:
r0 = syz_clone(0x44220000, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0) (async)
r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000580)={&(0x7f0000000540)='./file0\x00', 0x0, 0x18}, 0x10)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r1, r2, 0x24}, 0x10) (async)
recvmsg$unix(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000000c0)=""/12, 0xc}], 0x1, &(0x7f0000000140)=[@cred={{0x1c}}], 0x20}, 0xeebd51bff2d9e55c) (async)
r3 = bpf$ITER_CREATE(0x21, &(0x7f00000001c0)={r1}, 0x8)
recvmsg$unix(r3, &(0x7f0000000500)={&(0x7f0000000200)=@abs, 0x6e, &(0x7f0000000380)=[{&(0x7f0000000280)=""/254, 0xfe}], 0x1, &(0x7f00000003c0)=[@rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0x130}, 0x40000002) (async)
perf_event_open(&(0x7f0000000040)={0x4, 0x80, 0x9, 0x7, 0x80, 0x7, 0x0, 0x6, 0x9020, 0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x9, 0x1, @perf_bp={&(0x7f0000000000), 0x3}, 0x0, 0x7, 0x7f, 0xd, 0x89d, 0x100, 0x55, 0x0, 0x401, 0x0, 0x4}, r0, 0x8, r1, 0x1)

10:52:42 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335)

10:52:42 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
unlink(&(0x7f00000000c0)='./file0\x00')
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000080)={&(0x7f0000000000)='./file0\x00', 0x1}, 0x10)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r0, 0xffffffffffffffff, 0x24}, 0x10)
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000140)={0xffffffffffffffff, r0}, 0xc)

10:52:42 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(0x0, 0x36)

10:52:42 executing program 0:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
close(0xffffffffffffffff)
r0 = getpid()
perf_event_open(&(0x7f0000000100)={0x0, 0x80, 0xd1, 0x5, 0x40, 0xfd, 0x0, 0x3, 0x2000, 0x9, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x3, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x80, 0x4, @perf_bp={&(0x7f0000000000), 0xb}, 0x10, 0x1, 0x81, 0x8, 0x8000000000000001, 0x2c, 0x7, 0x0, 0xcd6f, 0x0, 0x7415}, r0, 0x7, 0xffffffffffffffff, 0x4)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r1, 0xffffffffffffffff, 0x24}, 0x10)
ioctl$TUNGETFEATURES(r1, 0x800454cf, &(0x7f0000000200))
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r1, 0x4008240b, &(0x7f0000000180)={0x5, 0x80, 0x86, 0x81, 0x2, 0x2, 0x0, 0x0, 0x20, 0x8, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000080), 0x2}, 0x89030, 0x8eb, 0x7f, 0x9, 0x3, 0x6, 0x62f5, 0x0, 0x20, 0x0, 0xffffffffffffff0d})

10:52:42 executing program 4:
syz_clone(0x4c020000, 0x0, 0x0, 0x0, 0x0, 0x0)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x40002140)

10:52:42 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335)

10:52:42 executing program 0:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
close(0xffffffffffffffff) (async, rerun: 64)
r0 = getpid() (rerun: 64)
perf_event_open(&(0x7f0000000100)={0x0, 0x80, 0xd1, 0x5, 0x40, 0xfd, 0x0, 0x3, 0x2000, 0x9, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x3, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x80, 0x4, @perf_bp={&(0x7f0000000000), 0xb}, 0x10, 0x1, 0x81, 0x8, 0x8000000000000001, 0x2c, 0x7, 0x0, 0xcd6f, 0x0, 0x7415}, r0, 0x7, 0xffffffffffffffff, 0x4) (async)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0) (async)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r1, 0xffffffffffffffff, 0x24}, 0x10) (async, rerun: 32)
ioctl$TUNGETFEATURES(r1, 0x800454cf, &(0x7f0000000200)) (async, rerun: 32)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r1, 0x4008240b, &(0x7f0000000180)={0x5, 0x80, 0x86, 0x81, 0x2, 0x2, 0x0, 0x0, 0x20, 0x8, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000080), 0x2}, 0x89030, 0x8eb, 0x7f, 0x9, 0x3, 0x6, 0x62f5, 0x0, 0x20, 0x0, 0xffffffffffffff0d})

10:52:42 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(0x0, 0x36)

10:52:42 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
unlink(&(0x7f00000000c0)='./file0\x00')
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000080)={&(0x7f0000000000)='./file0\x00', 0x1}, 0x10)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r0, 0xffffffffffffffff, 0x24}, 0x10)

10:52:42 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335)

10:52:42 executing program 0:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
close(0xffffffffffffffff) (async)
r0 = getpid()
perf_event_open(&(0x7f0000000100)={0x0, 0x80, 0xd1, 0x5, 0x40, 0xfd, 0x0, 0x3, 0x2000, 0x9, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x3, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x80, 0x4, @perf_bp={&(0x7f0000000000), 0xb}, 0x10, 0x1, 0x81, 0x8, 0x8000000000000001, 0x2c, 0x7, 0x0, 0xcd6f, 0x0, 0x7415}, r0, 0x7, 0xffffffffffffffff, 0x4) (async)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r1, 0xffffffffffffffff, 0x24}, 0x10)
ioctl$TUNGETFEATURES(r1, 0x800454cf, &(0x7f0000000200))
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r1, 0x4008240b, &(0x7f0000000180)={0x5, 0x80, 0x86, 0x81, 0x2, 0x2, 0x0, 0x0, 0x20, 0x8, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000080), 0x2}, 0x89030, 0x8eb, 0x7f, 0x9, 0x3, 0x6, 0x62f5, 0x0, 0x20, 0x0, 0xffffffffffffff0d})

10:52:42 executing program 1:
r0 = syz_clone(0x44220000, 0x0, 0x0, 0x0, 0x0, 0x0) (async, rerun: 32)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0) (async, rerun: 32)
r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000580)={&(0x7f0000000540)='./file0\x00', 0x0, 0x18}, 0x10)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r1, r2, 0x24}, 0x10) (async)
recvmsg$unix(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000000c0)=""/12, 0xc}], 0x1, &(0x7f0000000140)=[@cred={{0x1c}}], 0x20}, 0xeebd51bff2d9e55c) (async)
r3 = bpf$ITER_CREATE(0x21, &(0x7f00000001c0)={r1}, 0x8)
recvmsg$unix(r3, &(0x7f0000000500)={&(0x7f0000000200)=@abs, 0x6e, &(0x7f0000000380)=[{&(0x7f0000000280)=""/254, 0xfe}], 0x1, &(0x7f00000003c0)=[@rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0x130}, 0x40000002) (async, rerun: 64)
perf_event_open(&(0x7f0000000040)={0x4, 0x80, 0x9, 0x7, 0x80, 0x7, 0x0, 0x6, 0x9020, 0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x9, 0x1, @perf_bp={&(0x7f0000000000), 0x3}, 0x0, 0x7, 0x7f, 0xd, 0x89d, 0x100, 0x55, 0x0, 0x401, 0x0, 0x4}, r0, 0x8, r1, 0x1) (rerun: 64)

10:52:42 executing program 4:
syz_clone(0x4c020000, 0x0, 0x0, 0x0, 0x0, 0x0)
getpid()

10:52:42 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0)

10:52:42 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
unlink(&(0x7f00000000c0)='./file0\x00')
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000080)={&(0x7f0000000000)='./file0\x00', 0x1}, 0x10)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)

10:52:42 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335)

10:52:42 executing program 0:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000080)={&(0x7f0000000000)='./file0\x00'}, 0x10)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0)

10:52:42 executing program 0:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000080)={&(0x7f0000000000)='./file0\x00'}, 0x10)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000080)={&(0x7f0000000000)='./file0\x00'}, 0x10) (async)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0) (async)

10:52:42 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, 0x0)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335)

10:52:42 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
unlink(&(0x7f00000000c0)='./file0\x00')
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000080)={&(0x7f0000000000)='./file0\x00', 0x1}, 0x10)

10:52:42 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x700)

10:52:42 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
unlink(&(0x7f00000000c0)='./file0\x00')

10:52:42 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, 0x0)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335)

10:52:43 executing program 1:
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)

10:52:43 executing program 3:
syz_clone(0x5c028000, 0x0, 0x0, 0x0, 0x0, 0x0)

10:52:43 executing program 4:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
recvmsg(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000100)=@l2tp6={0xa, 0x0, 0x0, @private2}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000180)=""/188, 0xbc}, {&(0x7f0000000240)=""/114, 0x72}], 0x2, &(0x7f00000002c0)=""/4096, 0x1000}, 0x40002122)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0)

10:52:43 executing program 2:
unlink(&(0x7f00000000c0)='./file0\x00')

10:52:43 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, 0x0)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335)

10:52:43 executing program 0:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async, rerun: 32)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000080)={&(0x7f0000000000)='./file0\x00'}, 0x10) (async, rerun: 32)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0)

10:52:43 executing program 2:
unlink(&(0x7f00000000c0)='./file0\x00')

10:52:43 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335)

10:52:43 executing program 4:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x500)

10:52:43 executing program 0:
mkdir(&(0x7f0000000040)='./file0\x00', 0x37)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x12)
bpf$LINK_GET_FD_BY_ID(0x1e, &(0x7f0000000080), 0x4)

10:52:43 executing program 2:
unlink(&(0x7f00000000c0)='./file0\x00')

10:52:43 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335)

10:52:43 executing program 1:
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)

10:52:43 executing program 0:
mkdir(&(0x7f0000000040)='./file0\x00', 0x37)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x12)
bpf$LINK_GET_FD_BY_ID(0x1e, &(0x7f0000000080), 0x4)
mkdir(&(0x7f0000000040)='./file0\x00', 0x37) (async)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x12) (async)
bpf$LINK_GET_FD_BY_ID(0x1e, &(0x7f0000000080), 0x4) (async)

10:52:43 executing program 2:
mkdir(0x0, 0x0)
unlink(&(0x7f00000000c0)='./file0\x00')

10:52:43 executing program 3:
syz_clone(0x4c020000, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = getpid()
perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, r0, 0xe, 0xffffffffffffffff, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r1, 0xffffffffffffffff, 0x24}, 0x10)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={r0, r1, 0x0, 0x1, &(0x7f0000000000)='\x00'}, 0x30)

10:52:43 executing program 4:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x2e)

10:52:43 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335)

10:52:43 executing program 4:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f00000000c0)='./file1\x00', 0xffffffffffffffa1)

10:52:43 executing program 2:
mkdir(0x0, 0x0)
unlink(&(0x7f00000000c0)='./file0\x00')

10:52:43 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x335)

10:52:43 executing program 1:
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)

10:52:43 executing program 0:
mkdir(&(0x7f0000000040)='./file0\x00', 0x37)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x12) (async, rerun: 32)
bpf$LINK_GET_FD_BY_ID(0x1e, &(0x7f0000000080), 0x4) (rerun: 32)

10:52:43 executing program 2:
mkdir(0x0, 0x0)
unlink(&(0x7f00000000c0)='./file0\x00')

10:52:43 executing program 4:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f00000000c0)='./file1\x00', 0xc)

10:52:43 executing program 1:
syz_clone(0x4c020000, 0x0, 0x0, 0x0, 0x0, 0x0)
getpid()

10:52:43 executing program 0:
r0 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_ext={0x1c, 0x3, &(0x7f0000000340)=ANY=[@ANYBLOB="95000000000000fe74e6d2166017f0ffff00000900000000bb435386000000601e53f7b87c9e1c3a77c4c4fbcb293d175b29ce5126486a468307b777f6de20e66cbad4578c89ed8d238bbbdbb225a7f3cc753e1fc5e2453ee674280d6c8828b42f74aa19e3240d7e7080664b3cf41576adbf183e95b70a125085f6ebdbc713646098d02fb5dfc0bdd07924529a3bf41a5a5558dd12bfe7ee097a304b5b0545a1423b7cee0ff5a89d8f56dd6ead0250c5602ccda88491fb8b01d1fb360c8d9b6a1d1657655ea6a82af041590f27ee7d20088b3d244489bf0f4d2477d42a4e4506633306671585d9f1112ac967181a3214ed808eb0d7757bbe2fe4f80559bf8f696cf47fa6778807aa15f96ffe406bcee638aa2226dbae5e8e41c875fc9caea92da818550b0abd7d55f2967226617d090807d8fad0bab614a98c67c20ac6fb475a399162ca0437484b0728194f2fd6c80834818e7454d050c20dcace5e34f6469fc9e5bb0e44f3444d59d3ebd034b8fcd7d415b6546a6e97a3de8f599edce2720b17f18dd39671b997ad067d7156d7844d0ec4a2c4c5471e3d7ca74731b2f4e05f0d21196d299a000000"], &(0x7f0000000100)='syzkaller\x00', 0x1f, 0x88, &(0x7f0000000140)=""/136, 0x41000, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x2, 0x4}, 0x8, 0x10, &(0x7f0000000240)={0x1, 0x9, 0x9, 0x1}, 0x10, 0x34ce}, 0x80)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000300)={&(0x7f0000000000)='./file1\x00', r0}, 0x10)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0)

10:52:43 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f00000000c0)='./file1\x00', 0xec00000000000000)

10:52:43 executing program 4:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x7)

10:52:43 executing program 0:
r0 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_ext={0x1c, 0x3, &(0x7f0000000340)=ANY=[@ANYBLOB="95000000000000fe74e6d2166017f0ffff00000900000000bb435386000000601e53f7b87c9e1c3a77c4c4fbcb293d175b29ce5126486a468307b777f6de20e66cbad4578c89ed8d238bbbdbb225a7f3cc753e1fc5e2453ee674280d6c8828b42f74aa19e3240d7e7080664b3cf41576adbf183e95b70a125085f6ebdbc713646098d02fb5dfc0bdd07924529a3bf41a5a5558dd12bfe7ee097a304b5b0545a1423b7cee0ff5a89d8f56dd6ead0250c5602ccda88491fb8b01d1fb360c8d9b6a1d1657655ea6a82af041590f27ee7d20088b3d244489bf0f4d2477d42a4e4506633306671585d9f1112ac967181a3214ed808eb0d7757bbe2fe4f80559bf8f696cf47fa6778807aa15f96ffe406bcee638aa2226dbae5e8e41c875fc9caea92da818550b0abd7d55f2967226617d090807d8fad0bab614a98c67c20ac6fb475a399162ca0437484b0728194f2fd6c80834818e7454d050c20dcace5e34f6469fc9e5bb0e44f3444d59d3ebd034b8fcd7d415b6546a6e97a3de8f599edce2720b17f18dd39671b997ad067d7156d7844d0ec4a2c4c5471e3d7ca74731b2f4e05f0d21196d299a000000"], &(0x7f0000000100)='syzkaller\x00', 0x1f, 0x88, &(0x7f0000000140)=""/136, 0x41000, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x2, 0x4}, 0x8, 0x10, &(0x7f0000000240)={0x1, 0x9, 0x9, 0x1}, 0x10, 0x34ce}, 0x80)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000300)={&(0x7f0000000000)='./file1\x00', r0}, 0x10)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_ext={0x1c, 0x3, &(0x7f0000000340)=ANY=[@ANYBLOB="95000000000000fe74e6d2166017f0ffff00000900000000bb435386000000601e53f7b87c9e1c3a77c4c4fbcb293d175b29ce5126486a468307b777f6de20e66cbad4578c89ed8d238bbbdbb225a7f3cc753e1fc5e2453ee674280d6c8828b42f74aa19e3240d7e7080664b3cf41576adbf183e95b70a125085f6ebdbc713646098d02fb5dfc0bdd07924529a3bf41a5a5558dd12bfe7ee097a304b5b0545a1423b7cee0ff5a89d8f56dd6ead0250c5602ccda88491fb8b01d1fb360c8d9b6a1d1657655ea6a82af041590f27ee7d20088b3d244489bf0f4d2477d42a4e4506633306671585d9f1112ac967181a3214ed808eb0d7757bbe2fe4f80559bf8f696cf47fa6778807aa15f96ffe406bcee638aa2226dbae5e8e41c875fc9caea92da818550b0abd7d55f2967226617d090807d8fad0bab614a98c67c20ac6fb475a399162ca0437484b0728194f2fd6c80834818e7454d050c20dcace5e34f6469fc9e5bb0e44f3444d59d3ebd034b8fcd7d415b6546a6e97a3de8f599edce2720b17f18dd39671b997ad067d7156d7844d0ec4a2c4c5471e3d7ca74731b2f4e05f0d21196d299a000000"], &(0x7f0000000100)='syzkaller\x00', 0x1f, 0x88, &(0x7f0000000140)=""/136, 0x41000, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x2, 0x4}, 0x8, 0x10, &(0x7f0000000240)={0x1, 0x9, 0x9, 0x1}, 0x10, 0x34ce}, 0x80) (async)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000300)={&(0x7f0000000000)='./file1\x00', r0}, 0x10) (async)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0) (async)

10:52:43 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
unlink(0x0)

10:52:43 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x335)

10:52:43 executing program 4:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x4)

10:52:43 executing program 1:
syz_clone(0x4c020000, 0x0, 0x0, 0x0, 0x0, 0x0)
getpid()

10:52:43 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
unlink(0x0)

10:52:43 executing program 3:
r0 = syz_clone(0x4c020000, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={r0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000000)='#&\xdf@\x00'}, 0x30)
r1 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000080)='cgroup.threads\x00', 0x2, 0x0)
write$cgroup_pid(r1, &(0x7f00000000c0)=r0, 0x12)

10:52:44 executing program 0:
r0 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_ext={0x1c, 0x3, &(0x7f0000000340)=ANY=[@ANYBLOB="95000000000000fe74e6d2166017f0ffff00000900000000bb435386000000601e53f7b87c9e1c3a77c4c4fbcb293d175b29ce5126486a468307b777f6de20e66cbad4578c89ed8d238bbbdbb225a7f3cc753e1fc5e2453ee674280d6c8828b42f74aa19e3240d7e7080664b3cf41576adbf183e95b70a125085f6ebdbc713646098d02fb5dfc0bdd07924529a3bf41a5a5558dd12bfe7ee097a304b5b0545a1423b7cee0ff5a89d8f56dd6ead0250c5602ccda88491fb8b01d1fb360c8d9b6a1d1657655ea6a82af041590f27ee7d20088b3d244489bf0f4d2477d42a4e4506633306671585d9f1112ac967181a3214ed808eb0d7757bbe2fe4f80559bf8f696cf47fa6778807aa15f96ffe406bcee638aa2226dbae5e8e41c875fc9caea92da818550b0abd7d55f2967226617d090807d8fad0bab614a98c67c20ac6fb475a399162ca0437484b0728194f2fd6c80834818e7454d050c20dcace5e34f6469fc9e5bb0e44f3444d59d3ebd034b8fcd7d415b6546a6e97a3de8f599edce2720b17f18dd39671b997ad067d7156d7844d0ec4a2c4c5471e3d7ca74731b2f4e05f0d21196d299a000000"], &(0x7f0000000100)='syzkaller\x00', 0x1f, 0x88, &(0x7f0000000140)=""/136, 0x41000, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x2, 0x4}, 0x8, 0x10, &(0x7f0000000240)={0x1, 0x9, 0x9, 0x1}, 0x10, 0x34ce}, 0x80)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000300)={&(0x7f0000000000)='./file1\x00', r0}, 0x10) (async)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0)

10:52:44 executing program 4:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x2e00000000000000)

10:52:44 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
unlink(0x0)

10:52:44 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x335)

10:52:44 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x600000000000000)

10:52:44 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x500000000000000)

10:52:44 executing program 1:
syz_clone(0x4c020000, 0x0, 0x0, 0x0, 0x0, 0x0)
getpid()
syz_clone(0x4c020000, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
getpid() (async)

10:52:44 executing program 4:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x313000000000000)

10:52:44 executing program 0:
mkdir(&(0x7f0000000000)='./file0\x00', 0xa1)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000080)={&(0x7f0000000040)='./file1\x00'}, 0x10)
bpf$OBJ_GET_MAP(0x7, &(0x7f00000001c0)={&(0x7f0000000180)='./file1\x00', 0x0, 0x10}, 0x10)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000140)={&(0x7f0000000100)='./file1\x00', 0x1}, 0x10)

10:52:44 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x10000000000000)

10:52:44 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x4000000000000)

10:52:44 executing program 4:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x40000000000)

10:52:44 executing program 0:
mkdir(&(0x7f0000000000)='./file0\x00', 0xa1)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000080)={&(0x7f0000000040)='./file1\x00'}, 0x10)
bpf$OBJ_GET_MAP(0x7, &(0x7f00000001c0)={&(0x7f0000000180)='./file1\x00', 0x0, 0x10}, 0x10)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000140)={&(0x7f0000000100)='./file1\x00', 0x1}, 0x10)
mkdir(&(0x7f0000000000)='./file0\x00', 0xa1) (async)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0) (async)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000080)={&(0x7f0000000040)='./file1\x00'}, 0x10) (async)
bpf$OBJ_GET_MAP(0x7, &(0x7f00000001c0)={&(0x7f0000000180)='./file1\x00', 0x0, 0x10}, 0x10) (async)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000140)={&(0x7f0000000100)='./file1\x00', 0x1}, 0x10) (async)

10:52:44 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f00000000c0)='./file1\x00', 0xff010000)

10:52:44 executing program 2:
syz_clone(0x4c020000, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = getpid()
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r1, 0xffffffffffffffff, 0x24}, 0x10)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000180)={r0, r1, 0x0, 0x5, &(0x7f00000000c0)='[,)^\x00'}, 0x30)
recvmsg$unix(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000000), 0x6e, &(0x7f0000000240)=[{&(0x7f0000000080)}, {&(0x7f0000000400)=""/87, 0x57}, {&(0x7f0000000080)=""/5, 0x5}, {&(0x7f0000000100)=""/70, 0x46}, {&(0x7f00000001c0)=""/121, 0x79}], 0x5, &(0x7f0000000480)=[@cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, <r2=>0xffffffffffffffff]}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0xb8}, 0x0)
openat$cgroup(r2, &(0x7f00000002c0)='syz1\x00', 0x200002, 0x0)

10:52:44 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)

10:52:44 executing program 4:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f00000000c0)='./file1\x00', 0xfbffffff)

10:52:44 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f00000000c0)='./file1\x00', 0xf6ffffff)

10:52:44 executing program 1:
r0 = bpf$ITER_CREATE(0x21, &(0x7f0000000000), 0x8)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000040)={0xffffffffffffffff, r0, 0x11}, 0x10)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$tipc(r1, &(0x7f00000017c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001740)='8', 0x1}, 0x0)
r2 = syz_clone(0x4c020000, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='objagg_obj_parent_unassign\x00', r0}, 0x10)
syz_open_procfs$namespace(r2, &(0x7f0000000080)='ns/ipc\x00')
r3 = getpid()
perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, r3, 0xe, 0xffffffffffffffff, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000240)='blkio.bfq.sectors\x00', 0x0, 0x0)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFINDEX(r5, 0x400454da, &(0x7f00000011c0))
ioctl$TUNSETDEBUG(r5, 0x400454c9, &(0x7f0000000140)=0x3)
r6 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r6, 0xffffffffffffffff, 0x24}, 0x10)
write$cgroup_pid(r6, &(0x7f0000000180)=r3, 0x12)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r4, 0xffffffffffffffff, 0x24}, 0x10)
bpf$LINK_GET_FD_BY_ID(0x1e, &(0x7f0000000280), 0x4)
perf_event_open(&(0x7f00000000c0)={0x5, 0x80, 0xd, 0x2, 0x3f, 0xfe, 0x0, 0xc4c0000000000000, 0x60e30, 0x4, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x5, 0x0, @perf_config_ext={0x40, 0xc48}, 0x4000, 0xc39, 0xa201, 0x8, 0x2, 0x9, 0x8000, 0x0, 0x8, 0x0, 0x1}, r3, 0x7, r4, 0x2)

10:52:44 executing program 0:
mkdir(&(0x7f0000000000)='./file0\x00', 0xa1) (async)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0) (async)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000080)={&(0x7f0000000040)='./file1\x00'}, 0x10) (async)
bpf$OBJ_GET_MAP(0x7, &(0x7f00000001c0)={&(0x7f0000000180)='./file1\x00', 0x0, 0x10}, 0x10) (async)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000140)={&(0x7f0000000100)='./file1\x00', 0x1}, 0x10)

10:52:44 executing program 4:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f00000000c0)='./file1\x00', 0xa1ffffff)

10:52:44 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x91000000)

10:52:44 executing program 0:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000080)={&(0x7f0000000000)='./file1\x00'}, 0x10)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0)

10:52:44 executing program 1:
r0 = bpf$ITER_CREATE(0x21, &(0x7f0000000000), 0x8)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000040)={0xffffffffffffffff, r0, 0x11}, 0x10) (async)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$tipc(r1, &(0x7f00000017c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001740)='8', 0x1}, 0x0) (async)
r2 = syz_clone(0x4c020000, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='objagg_obj_parent_unassign\x00', r0}, 0x10) (async)
syz_open_procfs$namespace(r2, &(0x7f0000000080)='ns/ipc\x00') (async)
r3 = getpid()
perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, r3, 0xe, 0xffffffffffffffff, 0x0) (async)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000240)='blkio.bfq.sectors\x00', 0x0, 0x0) (async)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFINDEX(r5, 0x400454da, &(0x7f00000011c0)) (async)
ioctl$TUNSETDEBUG(r5, 0x400454c9, &(0x7f0000000140)=0x3) (async)
r6 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r6, 0xffffffffffffffff, 0x24}, 0x10)
write$cgroup_pid(r6, &(0x7f0000000180)=r3, 0x12) (async)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r4, 0xffffffffffffffff, 0x24}, 0x10) (async)
bpf$LINK_GET_FD_BY_ID(0x1e, &(0x7f0000000280), 0x4)
perf_event_open(&(0x7f00000000c0)={0x5, 0x80, 0xd, 0x2, 0x3f, 0xfe, 0x0, 0xc4c0000000000000, 0x60e30, 0x4, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x5, 0x0, @perf_config_ext={0x40, 0xc48}, 0x4000, 0xc39, 0xa201, 0x8, 0x2, 0x9, 0x8000, 0x0, 0x8, 0x0, 0x1}, r3, 0x7, r4, 0x2)

10:52:44 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)

10:52:44 executing program 4:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x8cffffff)

10:52:44 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x40000800)

10:52:44 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x81020000)

10:52:44 executing program 0:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000080)={&(0x7f0000000000)='./file1\x00'}, 0x10) (async)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0)

10:52:44 executing program 4:
r0 = syz_clone(0x4c020000, 0x0, 0xfffffffffffffe7a, 0x0, 0x0, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000200)={r0, 0xffffffffffffffff, 0x0, 0x3, &(0x7f00000001c0)='&,\x00'}, 0x30)
syz_clone(0xfc06a67057d6981b, &(0x7f0000000000)="377a7dc1faeebb5366f91fe408ae35303ea570ceda85fe200814cbfbd0e1f775779b4ea907c3c00a9042c4c1cd1936d87cfeb730d9ec4a1921f883d0263b698ac9181aa0f5be4e080e", 0x49, &(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000100)="0fbbc5e86cadc30085103557c330ee81b5ea1141c5efea6e89e4ade2a87ce0baf925b79927cd878ee965739c5af69bda4a10475550f05ad3ea2e7ab5c77d1fcfe27a657dd0b20d42a272e162ec558b17b1d049317dfda417d05db8a9a6704f94e51c928f1d7980d10e7b68ccc2085b9e47a2f70270886270f938ec807bb20b5f4a0fbb456ab6844136624ccc2359e5eb")

10:52:44 executing program 0:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000080)={&(0x7f0000000000)='./file1\x00'}, 0x10) (async)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0)

10:52:44 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
unlink(&(0x7f00000000c0)='./file0\x00') (fail_nth: 1)

10:52:44 executing program 1:
r0 = bpf$ITER_CREATE(0x21, &(0x7f0000000000), 0x8)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000040)={0xffffffffffffffff, r0, 0x11}, 0x10) (async, rerun: 32)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff}) (rerun: 32)
sendmsg$tipc(r1, &(0x7f00000017c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001740)='8', 0x1}, 0x0) (async)
r2 = syz_clone(0x4c020000, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='objagg_obj_parent_unassign\x00', r0}, 0x10) (async, rerun: 64)
syz_open_procfs$namespace(r2, &(0x7f0000000080)='ns/ipc\x00') (async, rerun: 64)
r3 = getpid()
perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, r3, 0xe, 0xffffffffffffffff, 0x0) (async)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000240)='blkio.bfq.sectors\x00', 0x0, 0x0) (async)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFINDEX(r5, 0x400454da, &(0x7f00000011c0)) (async, rerun: 32)
ioctl$TUNSETDEBUG(r5, 0x400454c9, &(0x7f0000000140)=0x3) (async, rerun: 32)
r6 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r6, 0xffffffffffffffff, 0x24}, 0x10) (async, rerun: 32)
write$cgroup_pid(r6, &(0x7f0000000180)=r3, 0x12) (async, rerun: 32)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r4, 0xffffffffffffffff, 0x24}, 0x10) (async)
bpf$LINK_GET_FD_BY_ID(0x1e, &(0x7f0000000280), 0x4) (async)
perf_event_open(&(0x7f00000000c0)={0x5, 0x80, 0xd, 0x2, 0x3f, 0xfe, 0x0, 0xc4c0000000000000, 0x60e30, 0x4, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x5, 0x0, @perf_config_ext={0x40, 0xc48}, 0x4000, 0xc39, 0xa201, 0x8, 0x2, 0x9, 0x8000, 0x0, 0x8, 0x0, 0x1}, r3, 0x7, r4, 0x2)

10:52:44 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0) (fail_nth: 1)

10:52:44 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)

10:52:44 executing program 0:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000080)={&(0x7f0000000000)='./file0\x00', 0x1}, 0x10)

[ 2602.699461][T24916] FAULT_INJECTION: forcing a failure.
[ 2602.699461][T24916] name failslab, interval 1, probability 0, space 0, times 0
[ 2602.716365][T24915] FAULT_INJECTION: forcing a failure.
[ 2602.716365][T24915] name failslab, interval 1, probability 0, space 0, times 0
[ 2602.735885][T24915] CPU: 0 PID: 24915 Comm: syz-executor.3 Not tainted 5.15.91-syzkaller-02991-g7e0097918ff8 #0
[ 2602.745942][T24915] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 2602.755839][T24915] Call Trace:
[ 2602.758960][T24915]  <TASK>
[ 2602.761740][T24915]  dump_stack_lvl+0x151/0x1b7
[ 2602.766255][T24915]  ? io_uring_drop_tctx_refs+0x19a/0x19a
[ 2602.771721][T24915]  ? mutex_unlock+0xaa/0x1e0
[ 2602.776147][T24915]  ? __mutex_lock_slowpath+0x10/0x10
[ 2602.781267][T24915]  dump_stack+0x15/0x17
[ 2602.785259][T24915]  should_fail+0x3c0/0x510
[ 2602.789515][T24915]  __should_failslab+0x9f/0xe0
[ 2602.794110][T24915]  should_failslab+0x9/0x20
[ 2602.798454][T24915]  kmem_cache_alloc+0x4f/0x2f0
[ 2602.803051][T24915]  ? __ia32_sys_read+0x90/0x90
[ 2602.807652][T24915]  ? getname_flags+0xba/0x510
[ 2602.812164][T24915]  getname_flags+0xba/0x510
[ 2602.816503][T24915]  __x64_sys_unlink+0x3c/0x50
[ 2602.821018][T24915]  do_syscall_64+0x44/0xd0
[ 2602.825272][T24915]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2602.830998][T24915] RIP: 0033:0x7fdb8fe6b0c9
[ 2602.835251][T24915] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2602.854697][T24915] RSP: 002b:00007fdb8ebde168 EFLAGS: 00000246 ORIG_RAX: 0000000000000057
[ 2602.862940][T24915] RAX: ffffffffffffffda RBX: 00007fdb8ff8af80 RCX: 00007fdb8fe6b0c9
[ 2602.870751][T24915] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000200000c0
[ 2602.878561][T24915] RBP: 00007fdb8ebde1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2602.886369][T24915] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
10:52:44 executing program 4:
r0 = syz_clone(0x4c020000, 0x0, 0xfffffffffffffe7a, 0x0, 0x0, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000200)={r0, 0xffffffffffffffff, 0x0, 0x3, &(0x7f00000001c0)='&,\x00'}, 0x30)
syz_clone(0xfc06a67057d6981b, &(0x7f0000000000)="377a7dc1faeebb5366f91fe408ae35303ea570ceda85fe200814cbfbd0e1f775779b4ea907c3c00a9042c4c1cd1936d87cfeb730d9ec4a1921f883d0263b698ac9181aa0f5be4e080e", 0x49, &(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000100)="0fbbc5e86cadc30085103557c330ee81b5ea1141c5efea6e89e4ade2a87ce0baf925b79927cd878ee965739c5af69bda4a10475550f05ad3ea2e7ab5c77d1fcfe27a657dd0b20d42a272e162ec558b17b1d049317dfda417d05db8a9a6704f94e51c928f1d7980d10e7b68ccc2085b9e47a2f70270886270f938ec807bb20b5f4a0fbb456ab6844136624ccc2359e5eb")

10:52:44 executing program 0:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) (async)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000080)={&(0x7f0000000000)='./file0\x00', 0x1}, 0x10)

10:52:44 executing program 0:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) (async)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000080)={&(0x7f0000000000)='./file0\x00', 0x1}, 0x10)

10:52:44 executing program 0:
mkdir(&(0x7f0000000000)='./file1\x00', 0x764cd8c286015ab8)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0)
socketpair(0x1f, 0xe027a3d184cb93a3, 0x2, &(0x7f0000000100)={<r0=>0xffffffffffffffff})
recvmsg$unix(r0, &(0x7f0000000940)={&(0x7f0000000140), 0x6e, &(0x7f0000000780)=[{&(0x7f00000001c0)=""/180, 0xb4}, {&(0x7f0000000280)=""/184, 0xb8}, {&(0x7f0000000340)=""/169, 0xa9}, {&(0x7f0000000400)=""/122, 0x7a}, {&(0x7f0000000480)=""/240, 0xf0}, {&(0x7f0000000580)=""/167, 0xa7}, {&(0x7f0000000640)=""/51, 0x33}, {&(0x7f0000000680)=""/248, 0xf8}], 0x8, &(0x7f0000000800)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x120}, 0x40000042)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000080)={&(0x7f0000000040)='./file1\x00'}, 0x10)

[ 2602.894180][T24915] R13: 00007ffe635c636f R14: 00007fdb8ebde300 R15: 0000000000022000
[ 2602.902000][T24915]  </TASK>
[ 2602.904856][T24916] CPU: 1 PID: 24916 Comm: syz-executor.2 Not tainted 5.15.91-syzkaller-02991-g7e0097918ff8 #0
[ 2602.914928][T24916] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 2602.924822][T24916] Call Trace:
[ 2602.927946][T24916]  <TASK>
[ 2602.930723][T24916]  dump_stack_lvl+0x151/0x1b7
[ 2602.935238][T24916]  ? io_uring_drop_tctx_refs+0x19a/0x19a
[ 2602.940706][T24916]  ? __kasan_check_write+0x14/0x20
[ 2602.945651][T24916]  ? mutex_unlock+0xaa/0x1e0
10:52:44 executing program 0:
mkdir(&(0x7f0000000000)='./file1\x00', 0x764cd8c286015ab8) (async)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0) (async)
socketpair(0x1f, 0xe027a3d184cb93a3, 0x2, &(0x7f0000000100)={<r0=>0xffffffffffffffff})
recvmsg$unix(r0, &(0x7f0000000940)={&(0x7f0000000140), 0x6e, &(0x7f0000000780)=[{&(0x7f00000001c0)=""/180, 0xb4}, {&(0x7f0000000280)=""/184, 0xb8}, {&(0x7f0000000340)=""/169, 0xa9}, {&(0x7f0000000400)=""/122, 0x7a}, {&(0x7f0000000480)=""/240, 0xf0}, {&(0x7f0000000580)=""/167, 0xa7}, {&(0x7f0000000640)=""/51, 0x33}, {&(0x7f0000000680)=""/248, 0xf8}], 0x8, &(0x7f0000000800)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x120}, 0x40000042)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000080)={&(0x7f0000000040)='./file1\x00'}, 0x10)

10:52:44 executing program 0:
mkdir(&(0x7f0000000000)='./file1\x00', 0x764cd8c286015ab8)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0)
socketpair(0x1f, 0xe027a3d184cb93a3, 0x2, &(0x7f0000000100)={<r0=>0xffffffffffffffff})
recvmsg$unix(r0, &(0x7f0000000940)={&(0x7f0000000140), 0x6e, &(0x7f0000000780)=[{&(0x7f00000001c0)=""/180, 0xb4}, {&(0x7f0000000280)=""/184, 0xb8}, {&(0x7f0000000340)=""/169, 0xa9}, {&(0x7f0000000400)=""/122, 0x7a}, {&(0x7f0000000480)=""/240, 0xf0}, {&(0x7f0000000580)=""/167, 0xa7}, {&(0x7f0000000640)=""/51, 0x33}, {&(0x7f0000000680)=""/248, 0xf8}], 0x8, &(0x7f0000000800)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x120}, 0x40000042)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000080)={&(0x7f0000000040)='./file1\x00'}, 0x10)
mkdir(&(0x7f0000000000)='./file1\x00', 0x764cd8c286015ab8) (async)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0) (async)
socketpair(0x1f, 0xe027a3d184cb93a3, 0x2, &(0x7f0000000100)) (async)
recvmsg$unix(r0, &(0x7f0000000940)={&(0x7f0000000140), 0x6e, &(0x7f0000000780)=[{&(0x7f00000001c0)=""/180, 0xb4}, {&(0x7f0000000280)=""/184, 0xb8}, {&(0x7f0000000340)=""/169, 0xa9}, {&(0x7f0000000400)=""/122, 0x7a}, {&(0x7f0000000480)=""/240, 0xf0}, {&(0x7f0000000580)=""/167, 0xa7}, {&(0x7f0000000640)=""/51, 0x33}, {&(0x7f0000000680)=""/248, 0xf8}], 0x8, &(0x7f0000000800)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x120}, 0x40000042) (async)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000080)={&(0x7f0000000040)='./file1\x00'}, 0x10) (async)

10:52:44 executing program 0:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001600)={<r0=>0xffffffffffffffff})
recvmsg$unix(r0, &(0x7f0000001c40)={&(0x7f0000001640), 0x6e, &(0x7f0000001ac0)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9, &(0x7f0000001b80)}, 0x40)
recvmsg$unix(r0, &(0x7f0000000340)={&(0x7f0000000100)=@abs, 0x6e, &(0x7f00000002c0)=[{&(0x7f0000000080)=""/30, 0x1e}, {&(0x7f0000000180)=""/13, 0xd}, {&(0x7f00000001c0)=""/233, 0xe9}], 0x3, &(0x7f0000000300)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}, 0x2003)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x90)

[ 2602.950080][T24916]  ? __mutex_lock_slowpath+0x10/0x10
[ 2602.955201][T24916]  dump_stack+0x15/0x17
[ 2602.959190][T24916]  should_fail+0x3c0/0x510
[ 2602.963451][T24916]  __should_failslab+0x9f/0xe0
[ 2602.968045][T24916]  should_failslab+0x9/0x20
[ 2602.972383][T24916]  kmem_cache_alloc+0x4f/0x2f0
[ 2602.976987][T24916]  ? getname_flags+0xba/0x510
[ 2602.981500][T24916]  ? __ia32_sys_read+0x90/0x90
[ 2602.986104][T24916]  getname_flags+0xba/0x510
[ 2602.990438][T24916]  __x64_sys_mkdir+0x5f/0x80
[ 2602.994860][T24916]  do_syscall_64+0x44/0xd0
[ 2602.999112][T24916]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2603.004839][T24916] RIP: 0033:0x7fe9864a30c9
[ 2603.009099][T24916] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2603.028536][T24916] RSP: 002b:00007fe985216168 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
[ 2603.036778][T24916] RAX: ffffffffffffffda RBX: 00007fe9865c2f80 RCX: 00007fe9864a30c9
10:52:44 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
unlink(&(0x7f00000000c0)='./file0\x00') (fail_nth: 2)

10:52:44 executing program 0:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001600)={<r0=>0xffffffffffffffff})
recvmsg$unix(r0, &(0x7f0000001c40)={&(0x7f0000001640), 0x6e, &(0x7f0000001ac0)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9, &(0x7f0000001b80)}, 0x40) (async)
recvmsg$unix(r0, &(0x7f0000000340)={&(0x7f0000000100)=@abs, 0x6e, &(0x7f00000002c0)=[{&(0x7f0000000080)=""/30, 0x1e}, {&(0x7f0000000180)=""/13, 0xd}, {&(0x7f00000001c0)=""/233, 0xe9}], 0x3, &(0x7f0000000300)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}, 0x2003)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0) (async)
mkdir(&(0x7f0000000000)='./file1\x00', 0x90)

10:52:44 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0) (fail_nth: 2)

[ 2603.044597][T24916] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000100
[ 2603.052402][T24916] RBP: 00007fe9852161d0 R08: 0000000000000000 R09: 0000000000000000
[ 2603.060212][T24916] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2603.068024][T24916] R13: 00007ffd3e6cda7f R14: 00007fe985216300 R15: 0000000000022000
[ 2603.075837][T24916]  </TASK>
10:52:44 executing program 0:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001600)={<r0=>0xffffffffffffffff})
recvmsg$unix(r0, &(0x7f0000001c40)={&(0x7f0000001640), 0x6e, &(0x7f0000001ac0)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9, &(0x7f0000001b80)}, 0x40) (async)
recvmsg$unix(r0, &(0x7f0000000340)={&(0x7f0000000100)=@abs, 0x6e, &(0x7f00000002c0)=[{&(0x7f0000000080)=""/30, 0x1e}, {&(0x7f0000000180)=""/13, 0xd}, {&(0x7f00000001c0)=""/233, 0xe9}], 0x3, &(0x7f0000000300)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}, 0x2003)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0) (async)
mkdir(&(0x7f0000000000)='./file1\x00', 0x90)

10:52:44 executing program 1:
syz_clone(0x4c020000, 0x0, 0x0, 0x0, 0x0, 0x0)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000080), 0x12)
syz_clone(0x100, &(0x7f0000000240)="00b4669971be662e80f8a9760729a8fdbe6ad23d6adc9cd8c0c95bacd5f0166672969881320af2933ed409ba31bbf43f8403fe7b60cad4cc3f9edc4f1ef532bcc58f5219c7dd591a7397b1427be4dc53b3dde9215923b39e2419f6b6016e990506ccdef5a5a340104ac07351c221719c057a4350f5fd7e3b2a12bc45279044a08e51c5265c3f3d182a8b2f7f6e59dba09c10c55b1ad328975aff4bc9992467a65cd4a1d171501f09b79df051884d52f9fc014b4aa1db2b7cfbaed659c6e49760378fa7729e356d31bbfd40e10fd3ac8524bb560f9e74e9fed6d8e2c49b03ce03ce6e3f21331a864f5a5cd43ace7f7acc272063e0f84a668ddd8bc13999709b6c639edfd231c2b15a6591c4795f714cb725f15347db949cd674d3a1c6bac189b6bf1c6b2ad4a07dde8e3b6194adbff559b4160672a4909c6e07e5bf910b935ee1206908873196ab61df6b7b9455cbaaa44c00649a516a0fd05bafedf2c84451f90f5b9ee250012ec98338052eb74c96a5b77ab3be43894abe955d69ea763ecca008067cb80eda8b8906225e1157e15af9bed7e5c2e73e479c27df04f96d75686ad9151031b1548aabacb2c5909929777b1436618ae1836ccb0c1d6067c5b64d82565f21315b6d96acc10644ed8c12c6fd21e1efaa529c167adbe1f7da19f60ebe9a92563d641c488bc58fb9f42f5e13e2c541d4c7d42c695d1a91631d3d8b70ac43ce5db0976a51cf0410a04ee3c5352072b34d7dbd49e119b1311dad4e7f9498cf9028f8abed8ecafa3ff2630a9d7a1d191d901746e7ee62c17f13622d2ea7f7b7a25e1c2a9ef1882e74ed829a97a55d0a29411f7aaa563bb50894b12f9045ab59b39ad658b79990c80425f51c71421064e19908beecd9ef92dfe5db1fcdb2093c4ffce6c9351c89929e179ba66b7d51a30782dd83e3a6ca28e3717d068a9e208810f1ada04159ba34d92180de49c91c48c336695464f3afc4a369c7ff322f7d48f32c072d2194b68c7f6e2389375352fd99af162fdaa8c1be7e4b6b7ed1b2554fe7074be990b440050a616534f597aacf5fee70108cb3a28a10595319960470b667124618f43521fb0ae3ec6a8f846dad8e18ff8bc2e74d7dda6966327a266daf1925ebb32b7b9c17f2132c81fb04b85426a0c76d94eb64a3dc038d67d8a1488b583ec431cd3648be96b9e2e1a8fbcf171b825666902bce14efae86f2360409fceafc72e12b05bbcc7a82f3227c486b9cacfa756af58d0d6469cae0b6a528012ccf0b6da93bcb682bf474929a1426671f42c2a17765a4246e5230222e044d9dbaab8fb3742e448536a377c748b12eea21edaa4217b012b46a21cceac43042d877e6a5876b832e76e7cad1201395d8e6f7fbb16f9078e02913f569e46156d75c597a52bef1ba63aee41d8fa34dd9cb712c35a9ef89302cdc1f0904cedb9c5f71bfdf919fc59b37605550a1f37c901119a618f1f4ca84c0413e5b72a9a2b811dacccebf746c226ea853c1c8f679f978474f9fc47788c9a5567e0ecc2d238fb99f4baa6304e3b51fb1f45cd132ec7aba668a602013f09b2b50da22b4f66d51543e9e74cb1ac1b85f30deb43e914c285677bc4a67b9bcc245b6ede928d073b71417fcc5a4a663f8c0874d56cdd57e31c2411ebde75254979e8de73e56a1c0420bdd097d5eec3f68edd2985cd5cabad46257c7fccb095dca6afa8eca55a7578e5c889dbbc303f9b141dab89017e85b0741a7ba10ef63744473c156cda5f1edc69e1536f4e17ba5ad0173c82b910f4fdfa77b63db57d5a197848c92569a952eebfa54821de24a31e2eb60b5408ae217a5b8a734f649e504b84bfb04be17a126ac0d5a0cd3201f165e3b4cc0ac7ffce0f60a0e747be5ee4e15e42d269f2d47c82c4fc82e57eaae073d09aa61df740022bb3989ff391b74909758aac24eafeac9f0ea71cd9da7380726bc265bbd0e1e86f2be02cdb77357dca805dd0b481b700b72960691e1351ae5385f5ca90016aacc786f693d9c8d123a4f5d636450e435ad207a4e9a5d81181f8be05d23a021374abc1223f98cd4c57d6b3601c246e2c700bedd5f41c46eac356285377510be77239ff9f93498312ef987bfa5448371ce8e84086e77c57e989f3fac9eb5ca5f4005132dbe58f89559e049d16fc5f94ebf149d7d6227f28fcc04e61dbb2f091de2465dd61c412c5ffafa43975682812a4f135a7d2f8dd97eb469332f32c5d6de2b36fe930555be42b197f6884f422a91e052b7526488c639d6a8b2c4c94ab6427a21939d7bfdd84673df341929b465ae509d812df96990d9e010c7f8adfb63412c7adb09918abf9171bdc868fa82ce66b1d697cd8ad08d2ce07a4b51599fd33e946a84bae5a55559bee48a8fdd6b752d3a398617ba13a1a071c85a0052c03582d0af688604afba7072b44adcba80d7978e899ffbb097c4a6957edd9b15b600d72ef057369aa9a97e2b6f7a1973209de1312e38b7f6bfd93e9427b90f0cfc1258efff51c5272b5e18d3303ecc94dd0c6c208211f1373bb7e5d4c1ce1b6acc9ac3089376f4445ef2fced966ee0ab8584b17571a3e574d7053059ab3b1e4fe6996a8656540238407c3df2f9dcf485006bc7cbf1d513c9f93739e85e9969517ad33ae1bffa32b63fe09bdb6e2d3e561fe54b71661be71f99df227856ca95cf693e47c6f5552861f0b276de985bc3fc6c130567d888351664aadea8cff81528a701ca46a8e1a64105b67c7bf55f7977f8cc1b06c1b94ce83c8f0361fbed34f0bddf764ff6730f16f42f1631082004c2a06f1f4cc19ada54a156f37898707038778ff61d8147a1c8680b1c833e84baa65dd170e3a0865dc77bdfc46363cfd6c2733747ada99ea2f4934ceb79e4841c735ce14706107aa06084ac77375e109bf035fe43b7dc9434eac3107c623ff7d0ddb0ae62c4c771d53509cd9f31501ca555bc44fcd4156b9d190c093329e16ae162d35768f90a5ec279febe15dc32a67baa505fabcddf1f936bc28e90193130092f4ac9934e7e3c5c59a9ceaca0c18be86d5f3cc792ce3c38294cf9d91dbbed211751948d5b217385b63b6e66df11c88e88d24a3e3b666c8d8bd4a75c769f5848585338e11dfefb452f083f8c252dba28c32e3a463c995f3549c18303e2951416e9556b3013d0236d78a7ce0f26f901ce0026e29c9a28cb2c641433c8b040006bf206de40cdb54fd2725594ec96ce8fdd597a9c66da685b6c031cd49da8edf2ac4138a1728133c159b59633beb3d3e4d7dca9dfb2f76f977f4f1af51e2b813bca1bc8cd8dcd56d745ccaf6aa6fa40db0d86dd88dd521cfd0b7ede87f90fac698fc6f39d762b0dcc615cf34b9d5ae2f077de742b46684ad086edd81692451afe3a58b6bd7f2dded156cf22a86351e84d9ad5c90ed127c47281bb4ba5bb430ea2376ef211b13936b4b00f2e7d528459d93d07b1bb1ae3af23abc632786160bb064d8ef3991630117a3687c30d8fbb0f09a9c32b8d19a11730b18510a41afb526c1047a87aacad58817fce28e3fb5aad2ae480289d312569f9845e2b1daca882bcfd3a132b4a75225de1910ff3dc98a9562912f4d125e9af5c90d828d10fe1f64807d52695a22794b443a9932035989622e36921aff168f543d84ee4ac65c6d4d8a7784cc92c739249eb21a60d6db79cf27342abbfeb0f14f7a0add7ccede47efa816b574e6c7ed979c5875da2eb5cde832c03fe3b4b20c9afc1f4a9dec481dfff64d3bfbc3257e2ea300a9a4f4df155b6ef6f57fa745cc212bc1ae09f0aa349b82a4b832bd399989aa88a89ebd70b5fb4f7f3b2eee6c7a4d3cebd1962a633ef3a3c105e19b42442729da9844755930636b19eed9e66f64fa5e6f8165327c1eb1838f38cbfdb97de748a5a54bd44dc863bda7084700d7ae990aacbc80201b748ce423514b5f85299eeafc0cd91fdbe701044cf855267b0e1b0e9b5396c697bf0f1ae7c4ad6ef23e4f58c9817b5f63d9b1e0c35106dd23c86c9fe052c9703cbadad0c38d551c3c28b63bb801cf4d35ec8a2d8ce5ae964543fbeaeff556ebeaeb707e57a21ec8da05ee769f542c363bc735c54fc07bd29d4d9467de25cfb4bd84f8bc565a570bd7fe12265572867929866b7dc0eb372b3a1ee613a4a00b97acf2c20d2b83de4c7ca3308df6c84869a4a7e573e08d3607eef97a418861282fa8375ef7aeb912819f3930630c108b6bc89246718b13ca582fff5c86075c0178d6f92418f675b6dcc45c8a67508a179a50f0e86ed02015ee6a0095f2fd6001000527ebdaacc8136aa432e9aa0d8491b875a9186d5f4f12e99a87645b5e2382ef1b9c4be9f38699c82792a1738acc3c927798499b5da0a63770654967b9c3d32b049a9ac65b5afbc1a2bbe059827e928f1b0f6922d34d506772cbb0fc1e69ec99d551ac5ddecfaa45e86b2204fbef231066704e01ad94b46d53dfdeebf92c751a559047a317a92aae5bd881def10029294e1fb33f4e61496d8b3c2ba704a048d2e66700e2f29d7dfe545ead983e1586e7017c19f637d7728f3dcc2d4b6b738716a194500c296563fdf58695c2b7629fddfd906a2f27926dc49e3a355fad9a0cd389c88893ad86d6efc64ea25d3fac40d08e32681b0e662cfca8f5884c055a8ab1defc739d1712ed4f77f3ab1eab9c1d71b600776b15dbb67fd4e17fc57b93aef4f7694cd96340ea653db1a13ee3a298dc1f8f0755c8dd7d093d21e10104e00eb8a1391bd8d4199e6fb557bdef0cf5a810e3785831cea26bc3703bc68d16029eae03a7e39c742eace59101b6bcf8e789b870d665f95633e625540379bd6882a5cacf759b25d64b03a6ab9328987d747bd8f417710af41e764e76c8787221ca7055d418e076bca38d85863167e3a8d3fd8ecf60949dc89123b33250499d9d850161c271ea619846904c952c42bc9f87a9b2ddd759afdca538014b89fe63f877175d62f64cb0797e9e45b2a0609ad234032659f536597ee4a210feac62570d3b43fdc3404f839edcb2a9afe9737f044db43f69c460642a5d2adc48e235338fc3bbc5a914f82614286d55b915547be6070f77873ddad7ed3d990a549a47a88ae51b7fd53397fddb8fba4165b799319b1c8a6fb999a7fbf8e9f7f8605b5abb4f1df5ad48df52f509e20d000659d5c411b7bb04471c0542eb8718376cf55d04d08bd6a544ccc0697ff00c1db7f586f489a5152d531900f8c67c82741be4fae26c409f70738edddc55ffe0190a5721fae0b4599b654d3bc3b41d1b0041473d765d856dc2e06bce735d72e71c2e6455357cc09577e2108388065cb3e41c64083bd904a20f53258a7148f74393d9dd58ef742190556d16259b21c2ec1971ee47754b1b16e98d5ad828e6fcd3066fac44906c94124569ed36775b116bf065cd24dee29b6455c3c9c099c99e4b1052deb4ec962fa1a95613342fb881fcfb8fee64f205e2da99401fc1886ec41d5f58f6e77754dbc599a24d5ea664087c5336edf39e9c25de595c3d26bf1ed6397fec1b69f6475c8fbbbdb03a68d0b051d1e1762f5167c0acb27d93f56883c5ec45f90e3440a77967e6344c229936ecf9393fa9068bd4886dc6567ee1d50264dc37dbc9c407d8046182e8cbc0ac7eb1b35054c0d4480d7f525d3358d9bfe250f2ac11f7f4366de73deea9465514b733983b2f9811cdc8129b54ed8d4669d30a035f87450c85b054ed9626c4307e9fcf45ba5c524f7ab9e487747e5d8cd23eaf58725ad9c1f0493899d64a21f8a0ca1aa01556b939d2156df5e4c7544edecdfb6df11ca889b4669", 0x1000, &(0x7f0000000000), &(0x7f00000000c0), &(0x7f0000001240)="9ad3f019f86aa5142bd63bd7d04af92c3bdae46c7bfabe08937361909348e8679407d10d51c0bbb4df4b298c998d9e1c0fd8326a22c3cba6d07ec4055481dcc91410c39a28262114ef9c9f31238d0a5d65e813e161ae745e21558774833e0587be2a62cd040e030b6bf35b2e94d29cc49fe18f12e5ef0c8da91a85ef8175ffe7adacf0a5d4c8336750325ddb1aa623bc0ca8e8bc1b9ba3a84f5ffc873a979389bb546fa985fa17f0cd4c2348c82bb69bfd504b3414020a69c9b72ed3fee6dfe761cd6658e1f34822768d65fd5511504a0966e7fe8400")
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000140)={0x1, &(0x7f0000000040)="074803bcf13176a73d4cb67106697732148ca92cc584054fae9dea181f6856cc8be9d420234c176b37a56312fa2d23ca1ec243e2b99362", &(0x7f0000000180)=""/178, 0x4}, 0x20)

10:52:44 executing program 4:
r0 = syz_clone(0x4c020000, 0x0, 0xfffffffffffffe7a, 0x0, 0x0, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000200)={r0, 0xffffffffffffffff, 0x0, 0x3, &(0x7f00000001c0)='&,\x00'}, 0x30)
syz_clone(0xfc06a67057d6981b, &(0x7f0000000000)="377a7dc1faeebb5366f91fe408ae35303ea570ceda85fe200814cbfbd0e1f775779b4ea907c3c00a9042c4c1cd1936d87cfeb730d9ec4a1921f883d0263b698ac9181aa0f5be4e080e", 0x49, &(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000100)="0fbbc5e86cadc30085103557c330ee81b5ea1141c5efea6e89e4ade2a87ce0baf925b79927cd878ee965739c5af69bda4a10475550f05ad3ea2e7ab5c77d1fcfe27a657dd0b20d42a272e162ec558b17b1d049317dfda417d05db8a9a6704f94e51c928f1d7980d10e7b68ccc2085b9e47a2f70270886270f938ec807bb20b5f4a0fbb456ab6844136624ccc2359e5eb")

[ 2603.107774][T24961] FAULT_INJECTION: forcing a failure.
[ 2603.107774][T24961] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2603.118469][T24959] FAULT_INJECTION: forcing a failure.
[ 2603.118469][T24959] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2603.123009][T24961] CPU: 1 PID: 24961 Comm: syz-executor.2 Not tainted 5.15.91-syzkaller-02991-g7e0097918ff8 #0
[ 2603.143549][T24961] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 2603.153416][T24961] Call Trace:
[ 2603.156539][T24961]  <TASK>
[ 2603.159315][T24961]  dump_stack_lvl+0x151/0x1b7
[ 2603.163832][T24961]  ? io_uring_drop_tctx_refs+0x19a/0x19a
[ 2603.169298][T24961]  dump_stack+0x15/0x17
[ 2603.173289][T24961]  should_fail+0x3c0/0x510
[ 2603.177543][T24961]  should_fail_usercopy+0x1a/0x20
[ 2603.182403][T24961]  strncpy_from_user+0x24/0x2b0
[ 2603.187089][T24961]  getname_flags+0xf2/0x510
[ 2603.191431][T24961]  __x64_sys_mkdir+0x5f/0x80
[ 2603.195859][T24961]  do_syscall_64+0x44/0xd0
[ 2603.200111][T24961]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2603.205834][T24961] RIP: 0033:0x7fe9864a30c9
[ 2603.210096][T24961] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2603.229532][T24961] RSP: 002b:00007fe985216168 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
[ 2603.237775][T24961] RAX: ffffffffffffffda RBX: 00007fe9865c2f80 RCX: 00007fe9864a30c9
[ 2603.245587][T24961] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000100
[ 2603.253407][T24961] RBP: 00007fe9852161d0 R08: 0000000000000000 R09: 0000000000000000
[ 2603.261210][T24961] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2603.269019][T24961] R13: 00007ffd3e6cda7f R14: 00007fe985216300 R15: 0000000000022000
[ 2603.276834][T24961]  </TASK>
[ 2603.279702][T24959] CPU: 0 PID: 24959 Comm: syz-executor.3 Not tainted 5.15.91-syzkaller-02991-g7e0097918ff8 #0
[ 2603.289767][T24959] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 2603.299660][T24959] Call Trace:
[ 2603.302783][T24959]  <TASK>
[ 2603.303418][T24972] FAULT_INJECTION: forcing a failure.
[ 2603.303418][T24972] name failslab, interval 1, probability 0, space 0, times 0
[ 2603.305558][T24959]  dump_stack_lvl+0x151/0x1b7
[ 2603.305584][T24959]  ? io_uring_drop_tctx_refs+0x19a/0x19a
[ 2603.327954][T24959]  dump_stack+0x15/0x17
[ 2603.331948][T24959]  should_fail+0x3c0/0x510
[ 2603.336199][T24959]  should_fail_usercopy+0x1a/0x20
[ 2603.341064][T24959]  strncpy_from_user+0x24/0x2b0
[ 2603.345748][T24959]  getname_flags+0xf2/0x510
[ 2603.350084][T24959]  __x64_sys_unlink+0x3c/0x50
[ 2603.354597][T24959]  do_syscall_64+0x44/0xd0
[ 2603.358852][T24959]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2603.364579][T24959] RIP: 0033:0x7fdb8fe6b0c9
[ 2603.368832][T24959] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2603.388271][T24959] RSP: 002b:00007fdb8ebde168 EFLAGS: 00000246 ORIG_RAX: 0000000000000057
[ 2603.396518][T24959] RAX: ffffffffffffffda RBX: 00007fdb8ff8af80 RCX: 00007fdb8fe6b0c9
10:52:44 executing program 5:
mkdir(&(0x7f0000000000)='./file1\x00', 0x764cd8c286015ab8)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0)
socketpair(0x1f, 0xe027a3d184cb93a3, 0x2, &(0x7f0000000100)={<r0=>0xffffffffffffffff})
recvmsg$unix(r0, &(0x7f0000000940)={&(0x7f0000000140), 0x6e, &(0x7f0000000780)=[{&(0x7f00000001c0)=""/180, 0xb4}, {&(0x7f0000000280)=""/184, 0xb8}, {&(0x7f0000000340)=""/169, 0xa9}, {&(0x7f0000000400)=""/122, 0x7a}, {&(0x7f0000000480)=""/240, 0xf0}, {&(0x7f0000000580)=""/167, 0xa7}, {&(0x7f0000000640)=""/51, 0x33}, {&(0x7f0000000680)=""/248, 0xf8}], 0x8, &(0x7f0000000800)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x120}, 0x40000042)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000080)={&(0x7f0000000040)='./file1\x00'}, 0x10)

10:52:44 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0) (fail_nth: 3)

[ 2603.404331][T24959] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000200000c0
[ 2603.412139][T24959] RBP: 00007fdb8ebde1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2603.419953][T24959] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2603.427764][T24959] R13: 00007ffe635c636f R14: 00007fdb8ebde300 R15: 0000000000022000
[ 2603.435578][T24959]  </TASK>
[ 2603.438441][T24972] CPU: 1 PID: 24972 Comm: syz-executor.2 Not tainted 5.15.91-syzkaller-02991-g7e0097918ff8 #0
[ 2603.448510][T24972] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
10:52:44 executing program 0:
mkdir(&(0x7f0000000040)='./file1\x00', 0xa8)
mkdir(&(0x7f0000000000)='./file1\x00', 0x67)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000180)={&(0x7f0000000140)='./file0\x00'}, 0x10)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000100)={&(0x7f00000000c0)='./file0\x00', 0x0, 0x8}, 0x10)
unlink(&(0x7f0000000080)='./file0\x00')

10:52:44 executing program 4:
syz_clone(0x4c020000, 0x0, 0xfffffffffffffe7a, 0x0, 0x0, 0x0)
syz_clone(0xfc06a67057d6981b, &(0x7f0000000000)="377a7dc1faeebb5366f91fe408ae35303ea570ceda85fe200814cbfbd0e1f775779b4ea907c3c00a9042c4c1cd1936d87cfeb730d9ec4a1921f883d0263b698ac9181aa0f5be4e080e", 0x49, &(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000100)="0fbbc5e86cadc30085103557c330ee81b5ea1141c5efea6e89e4ade2a87ce0baf925b79927cd878ee965739c5af69bda4a10475550f05ad3ea2e7ab5c77d1fcfe27a657dd0b20d42a272e162ec558b17b1d049317dfda417d05db8a9a6704f94e51c928f1d7980d10e7b68ccc2085b9e47a2f70270886270f938ec807bb20b5f4a0fbb456ab6844136624ccc2359e5eb")

[ 2603.458404][T24972] Call Trace:
[ 2603.461526][T24972]  <TASK>
[ 2603.464305][T24972]  dump_stack_lvl+0x151/0x1b7
[ 2603.468816][T24972]  ? io_uring_drop_tctx_refs+0x19a/0x19a
[ 2603.474288][T24972]  ? filename_parentat+0x324/0x6b0
[ 2603.479235][T24972]  dump_stack+0x15/0x17
[ 2603.483225][T24972]  should_fail+0x3c0/0x510
[ 2603.487477][T24972]  __should_failslab+0x9f/0xe0
[ 2603.492077][T24972]  should_failslab+0x9/0x20
[ 2603.496417][T24972]  kmem_cache_alloc+0x4f/0x2f0
[ 2603.501017][T24972]  ? __d_alloc+0x2d/0x6b0
[ 2603.505183][T24972]  __d_alloc+0x2d/0x6b0
[ 2603.509174][T24972]  d_alloc+0x4b/0x1d0
[ 2603.512993][T24972]  __lookup_hash+0xe5/0x290
[ 2603.517335][T24972]  filename_create+0x276/0x4f0
[ 2603.521933][T24972]  ? kern_path_create+0x1b0/0x1b0
[ 2603.526797][T24972]  do_mkdirat+0xc2/0x420
[ 2603.530880][T24972]  ? vfs_mkdir+0x580/0x580
[ 2603.535124][T24972]  ? getname_flags+0x1fb/0x510
[ 2603.539725][T24972]  __x64_sys_mkdir+0x6e/0x80
[ 2603.544156][T24972]  do_syscall_64+0x44/0xd0
[ 2603.548406][T24972]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2603.554134][T24972] RIP: 0033:0x7fe9864a30c9
10:52:45 executing program 0:
mkdir(&(0x7f0000000040)='./file1\x00', 0xa8)
mkdir(&(0x7f0000000000)='./file1\x00', 0x67)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000180)={&(0x7f0000000140)='./file0\x00'}, 0x10) (async)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000100)={&(0x7f00000000c0)='./file0\x00', 0x0, 0x8}, 0x10) (async)
unlink(&(0x7f0000000080)='./file0\x00')

10:52:45 executing program 0:
mkdir(&(0x7f0000000040)='./file1\x00', 0xa8) (async)
mkdir(&(0x7f0000000000)='./file1\x00', 0x67)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000180)={&(0x7f0000000140)='./file0\x00'}, 0x10) (async)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000100)={&(0x7f00000000c0)='./file0\x00', 0x0, 0x8}, 0x10) (async)
unlink(&(0x7f0000000080)='./file0\x00')

[ 2603.558389][T24972] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2603.577830][T24972] RSP: 002b:00007fe985216168 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
[ 2603.586071][T24972] RAX: ffffffffffffffda RBX: 00007fe9865c2f80 RCX: 00007fe9864a30c9
[ 2603.593882][T24972] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000100
[ 2603.601691][T24972] RBP: 00007fe9852161d0 R08: 0000000000000000 R09: 0000000000000000
10:52:45 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
unlink(&(0x7f00000000c0)='./file0\x00') (fail_nth: 3)

10:52:45 executing program 0:
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000013c0)='blkio.bfq.io_service_bytes_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r1, 0xffffffffffffffff, 0x24}, 0x10)
ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x40082406, &(0x7f0000000240)=')#&]({-+A\x00')
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x2400, 0x9)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000001440)={&(0x7f0000001400)='./file1\x00', r0}, 0x10)
recvmsg(0xffffffffffffffff, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000100)=""/110, 0x6e}, {&(0x7f0000000180)=""/157, 0x9d}, {&(0x7f0000001480)=""/4103, 0x1007}, {&(0x7f0000001240)=""/206, 0xce}], 0x4, &(0x7f0000001340)=""/44, 0x2c}, 0x40)

10:52:45 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335) (fail_nth: 1)

10:52:45 executing program 4:
syz_clone(0xfc06a67057d6981b, &(0x7f0000000000)="377a7dc1faeebb5366f91fe408ae35303ea570ceda85fe200814cbfbd0e1f775779b4ea907c3c00a9042c4c1cd1936d87cfeb730d9ec4a1921f883d0263b698ac9181aa0f5be4e080e", 0x49, &(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000100)="0fbbc5e86cadc30085103557c330ee81b5ea1141c5efea6e89e4ade2a87ce0baf925b79927cd878ee965739c5af69bda4a10475550f05ad3ea2e7ab5c77d1fcfe27a657dd0b20d42a272e162ec558b17b1d049317dfda417d05db8a9a6704f94e51c928f1d7980d10e7b68ccc2085b9e47a2f70270886270f938ec807bb20b5f4a0fbb456ab6844136624ccc2359e5eb")

10:52:45 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0) (fail_nth: 4)

10:52:45 executing program 1:
syz_clone(0x4c020000, 0x0, 0x0, 0x0, 0x0, 0x0)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000080), 0x12)
syz_clone(0x100, &(0x7f0000000240)="00b4669971be662e80f8a9760729a8fdbe6ad23d6adc9cd8c0c95bacd5f0166672969881320af2933ed409ba31bbf43f8403fe7b60cad4cc3f9edc4f1ef532bcc58f5219c7dd591a7397b1427be4dc53b3dde9215923b39e2419f6b6016e990506ccdef5a5a340104ac07351c221719c057a4350f5fd7e3b2a12bc45279044a08e51c5265c3f3d182a8b2f7f6e59dba09c10c55b1ad328975aff4bc9992467a65cd4a1d171501f09b79df051884d52f9fc014b4aa1db2b7cfbaed659c6e49760378fa7729e356d31bbfd40e10fd3ac8524bb560f9e74e9fed6d8e2c49b03ce03ce6e3f21331a864f5a5cd43ace7f7acc272063e0f84a668ddd8bc13999709b6c639edfd231c2b15a6591c4795f714cb725f15347db949cd674d3a1c6bac189b6bf1c6b2ad4a07dde8e3b6194adbff559b4160672a4909c6e07e5bf910b935ee1206908873196ab61df6b7b9455cbaaa44c00649a516a0fd05bafedf2c84451f90f5b9ee250012ec98338052eb74c96a5b77ab3be43894abe955d69ea763ecca008067cb80eda8b8906225e1157e15af9bed7e5c2e73e479c27df04f96d75686ad9151031b1548aabacb2c5909929777b1436618ae1836ccb0c1d6067c5b64d82565f21315b6d96acc10644ed8c12c6fd21e1efaa529c167adbe1f7da19f60ebe9a92563d641c488bc58fb9f42f5e13e2c541d4c7d42c695d1a91631d3d8b70ac43ce5db0976a51cf0410a04ee3c5352072b34d7dbd49e119b1311dad4e7f9498cf9028f8abed8ecafa3ff2630a9d7a1d191d901746e7ee62c17f13622d2ea7f7b7a25e1c2a9ef1882e74ed829a97a55d0a29411f7aaa563bb50894b12f9045ab59b39ad658b79990c80425f51c71421064e19908beecd9ef92dfe5db1fcdb2093c4ffce6c9351c89929e179ba66b7d51a30782dd83e3a6ca28e3717d068a9e208810f1ada04159ba34d92180de49c91c48c336695464f3afc4a369c7ff322f7d48f32c072d2194b68c7f6e2389375352fd99af162fdaa8c1be7e4b6b7ed1b2554fe7074be990b440050a616534f597aacf5fee70108cb3a28a10595319960470b667124618f43521fb0ae3ec6a8f846dad8e18ff8bc2e74d7dda6966327a266daf1925ebb32b7b9c17f2132c81fb04b85426a0c76d94eb64a3dc038d67d8a1488b583ec431cd3648be96b9e2e1a8fbcf171b825666902bce14efae86f2360409fceafc72e12b05bbcc7a82f3227c486b9cacfa756af58d0d6469cae0b6a528012ccf0b6da93bcb682bf474929a1426671f42c2a17765a4246e5230222e044d9dbaab8fb3742e448536a377c748b12eea21edaa4217b012b46a21cceac43042d877e6a5876b832e76e7cad1201395d8e6f7fbb16f9078e02913f569e46156d75c597a52bef1ba63aee41d8fa34dd9cb712c35a9ef89302cdc1f0904cedb9c5f71bfdf919fc59b37605550a1f37c901119a618f1f4ca84c0413e5b72a9a2b811dacccebf746c226ea853c1c8f679f978474f9fc47788c9a5567e0ecc2d238fb99f4baa6304e3b51fb1f45cd132ec7aba668a602013f09b2b50da22b4f66d51543e9e74cb1ac1b85f30deb43e914c285677bc4a67b9bcc245b6ede928d073b71417fcc5a4a663f8c0874d56cdd57e31c2411ebde75254979e8de73e56a1c0420bdd097d5eec3f68edd2985cd5cabad46257c7fccb095dca6afa8eca55a7578e5c889dbbc303f9b141dab89017e85b0741a7ba10ef63744473c156cda5f1edc69e1536f4e17ba5ad0173c82b910f4fdfa77b63db57d5a197848c92569a952eebfa54821de24a31e2eb60b5408ae217a5b8a734f649e504b84bfb04be17a126ac0d5a0cd3201f165e3b4cc0ac7ffce0f60a0e747be5ee4e15e42d269f2d47c82c4fc82e57eaae073d09aa61df740022bb3989ff391b74909758aac24eafeac9f0ea71cd9da7380726bc265bbd0e1e86f2be02cdb77357dca805dd0b481b700b72960691e1351ae5385f5ca90016aacc786f693d9c8d123a4f5d636450e435ad207a4e9a5d81181f8be05d23a021374abc1223f98cd4c57d6b3601c246e2c700bedd5f41c46eac356285377510be77239ff9f93498312ef987bfa5448371ce8e84086e77c57e989f3fac9eb5ca5f4005132dbe58f89559e049d16fc5f94ebf149d7d6227f28fcc04e61dbb2f091de2465dd61c412c5ffafa43975682812a4f135a7d2f8dd97eb469332f32c5d6de2b36fe930555be42b197f6884f422a91e052b7526488c639d6a8b2c4c94ab6427a21939d7bfdd84673df341929b465ae509d812df96990d9e010c7f8adfb63412c7adb09918abf9171bdc868fa82ce66b1d697cd8ad08d2ce07a4b51599fd33e946a84bae5a55559bee48a8fdd6b752d3a398617ba13a1a071c85a0052c03582d0af688604afba7072b44adcba80d7978e899ffbb097c4a6957edd9b15b600d72ef057369aa9a97e2b6f7a1973209de1312e38b7f6bfd93e9427b90f0cfc1258efff51c5272b5e18d3303ecc94dd0c6c208211f1373bb7e5d4c1ce1b6acc9ac3089376f4445ef2fced966ee0ab8584b17571a3e574d7053059ab3b1e4fe6996a8656540238407c3df2f9dcf485006bc7cbf1d513c9f93739e85e9969517ad33ae1bffa32b63fe09bdb6e2d3e561fe54b71661be71f99df227856ca95cf693e47c6f5552861f0b276de985bc3fc6c130567d888351664aadea8cff81528a701ca46a8e1a64105b67c7bf55f7977f8cc1b06c1b94ce83c8f0361fbed34f0bddf764ff6730f16f42f1631082004c2a06f1f4cc19ada54a156f37898707038778ff61d8147a1c8680b1c833e84baa65dd170e3a0865dc77bdfc46363cfd6c2733747ada99ea2f4934ceb79e4841c735ce14706107aa06084ac77375e109bf035fe43b7dc9434eac3107c623ff7d0ddb0ae62c4c771d53509cd9f31501ca555bc44fcd4156b9d190c093329e16ae162d35768f90a5ec279febe15dc32a67baa505fabcddf1f936bc28e90193130092f4ac9934e7e3c5c59a9ceaca0c18be86d5f3cc792ce3c38294cf9d91dbbed211751948d5b217385b63b6e66df11c88e88d24a3e3b666c8d8bd4a75c769f5848585338e11dfefb452f083f8c252dba28c32e3a463c995f3549c18303e2951416e9556b3013d0236d78a7ce0f26f901ce0026e29c9a28cb2c641433c8b040006bf206de40cdb54fd2725594ec96ce8fdd597a9c66da685b6c031cd49da8edf2ac4138a1728133c159b59633beb3d3e4d7dca9dfb2f76f977f4f1af51e2b813bca1bc8cd8dcd56d745ccaf6aa6fa40db0d86dd88dd521cfd0b7ede87f90fac698fc6f39d762b0dcc615cf34b9d5ae2f077de742b46684ad086edd81692451afe3a58b6bd7f2dded156cf22a86351e84d9ad5c90ed127c47281bb4ba5bb430ea2376ef211b13936b4b00f2e7d528459d93d07b1bb1ae3af23abc632786160bb064d8ef3991630117a3687c30d8fbb0f09a9c32b8d19a11730b18510a41afb526c1047a87aacad58817fce28e3fb5aad2ae480289d312569f9845e2b1daca882bcfd3a132b4a75225de1910ff3dc98a9562912f4d125e9af5c90d828d10fe1f64807d52695a22794b443a9932035989622e36921aff168f543d84ee4ac65c6d4d8a7784cc92c739249eb21a60d6db79cf27342abbfeb0f14f7a0add7ccede47efa816b574e6c7ed979c5875da2eb5cde832c03fe3b4b20c9afc1f4a9dec481dfff64d3bfbc3257e2ea300a9a4f4df155b6ef6f57fa745cc212bc1ae09f0aa349b82a4b832bd399989aa88a89ebd70b5fb4f7f3b2eee6c7a4d3cebd1962a633ef3a3c105e19b42442729da9844755930636b19eed9e66f64fa5e6f8165327c1eb1838f38cbfdb97de748a5a54bd44dc863bda7084700d7ae990aacbc80201b748ce423514b5f85299eeafc0cd91fdbe701044cf855267b0e1b0e9b5396c697bf0f1ae7c4ad6ef23e4f58c9817b5f63d9b1e0c35106dd23c86c9fe052c9703cbadad0c38d551c3c28b63bb801cf4d35ec8a2d8ce5ae964543fbeaeff556ebeaeb707e57a21ec8da05ee769f542c363bc735c54fc07bd29d4d9467de25cfb4bd84f8bc565a570bd7fe12265572867929866b7dc0eb372b3a1ee613a4a00b97acf2c20d2b83de4c7ca3308df6c84869a4a7e573e08d3607eef97a418861282fa8375ef7aeb912819f3930630c108b6bc89246718b13ca582fff5c86075c0178d6f92418f675b6dcc45c8a67508a179a50f0e86ed02015ee6a0095f2fd6001000527ebdaacc8136aa432e9aa0d8491b875a9186d5f4f12e99a87645b5e2382ef1b9c4be9f38699c82792a1738acc3c927798499b5da0a63770654967b9c3d32b049a9ac65b5afbc1a2bbe059827e928f1b0f6922d34d506772cbb0fc1e69ec99d551ac5ddecfaa45e86b2204fbef231066704e01ad94b46d53dfdeebf92c751a559047a317a92aae5bd881def10029294e1fb33f4e61496d8b3c2ba704a048d2e66700e2f29d7dfe545ead983e1586e7017c19f637d7728f3dcc2d4b6b738716a194500c296563fdf58695c2b7629fddfd906a2f27926dc49e3a355fad9a0cd389c88893ad86d6efc64ea25d3fac40d08e32681b0e662cfca8f5884c055a8ab1defc739d1712ed4f77f3ab1eab9c1d71b600776b15dbb67fd4e17fc57b93aef4f7694cd96340ea653db1a13ee3a298dc1f8f0755c8dd7d093d21e10104e00eb8a1391bd8d4199e6fb557bdef0cf5a810e3785831cea26bc3703bc68d16029eae03a7e39c742eace59101b6bcf8e789b870d665f95633e625540379bd6882a5cacf759b25d64b03a6ab9328987d747bd8f417710af41e764e76c8787221ca7055d418e076bca38d85863167e3a8d3fd8ecf60949dc89123b33250499d9d850161c271ea619846904c952c42bc9f87a9b2ddd759afdca538014b89fe63f877175d62f64cb0797e9e45b2a0609ad234032659f536597ee4a210feac62570d3b43fdc3404f839edcb2a9afe9737f044db43f69c460642a5d2adc48e235338fc3bbc5a914f82614286d55b915547be6070f77873ddad7ed3d990a549a47a88ae51b7fd53397fddb8fba4165b799319b1c8a6fb999a7fbf8e9f7f8605b5abb4f1df5ad48df52f509e20d000659d5c411b7bb04471c0542eb8718376cf55d04d08bd6a544ccc0697ff00c1db7f586f489a5152d531900f8c67c82741be4fae26c409f70738edddc55ffe0190a5721fae0b4599b654d3bc3b41d1b0041473d765d856dc2e06bce735d72e71c2e6455357cc09577e2108388065cb3e41c64083bd904a20f53258a7148f74393d9dd58ef742190556d16259b21c2ec1971ee47754b1b16e98d5ad828e6fcd3066fac44906c94124569ed36775b116bf065cd24dee29b6455c3c9c099c99e4b1052deb4ec962fa1a95613342fb881fcfb8fee64f205e2da99401fc1886ec41d5f58f6e77754dbc599a24d5ea664087c5336edf39e9c25de595c3d26bf1ed6397fec1b69f6475c8fbbbdb03a68d0b051d1e1762f5167c0acb27d93f56883c5ec45f90e3440a77967e6344c229936ecf9393fa9068bd4886dc6567ee1d50264dc37dbc9c407d8046182e8cbc0ac7eb1b35054c0d4480d7f525d3358d9bfe250f2ac11f7f4366de73deea9465514b733983b2f9811cdc8129b54ed8d4669d30a035f87450c85b054ed9626c4307e9fcf45ba5c524f7ab9e487747e5d8cd23eaf58725ad9c1f0493899d64a21f8a0ca1aa01556b939d2156df5e4c7544edecdfb6df11ca889b4669", 0x1000, &(0x7f0000000000), &(0x7f00000000c0), &(0x7f0000001240)="9ad3f019f86aa5142bd63bd7d04af92c3bdae46c7bfabe08937361909348e8679407d10d51c0bbb4df4b298c998d9e1c0fd8326a22c3cba6d07ec4055481dcc91410c39a28262114ef9c9f31238d0a5d65e813e161ae745e21558774833e0587be2a62cd040e030b6bf35b2e94d29cc49fe18f12e5ef0c8da91a85ef8175ffe7adacf0a5d4c8336750325ddb1aa623bc0ca8e8bc1b9ba3a84f5ffc873a979389bb546fa985fa17f0cd4c2348c82bb69bfd504b3414020a69c9b72ed3fee6dfe761cd6658e1f34822768d65fd5511504a0966e7fe8400") (async)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000140)={0x1, &(0x7f0000000040)="074803bcf13176a73d4cb67106697732148ca92cc584054fae9dea181f6856cc8be9d420234c176b37a56312fa2d23ca1ec243e2b99362", &(0x7f0000000180)=""/178, 0x4}, 0x20)

[ 2603.609502][T24972] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2603.617313][T24972] R13: 00007ffd3e6cda7f R14: 00007fe985216300 R15: 0000000000022000
[ 2603.625128][T24972]  </TASK>
[ 2603.639006][T24994] FAULT_INJECTION: forcing a failure.
[ 2603.639006][T24994] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2603.664006][T24993] FAULT_INJECTION: forcing a failure.
[ 2603.664006][T24993] name failslab, interval 1, probability 0, space 0, times 0
[ 2603.674364][T24994] CPU: 0 PID: 24994 Comm: syz-executor.3 Not tainted 5.15.91-syzkaller-02991-g7e0097918ff8 #0
[ 2603.686474][T24994] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 2603.696363][T24994] Call Trace:
[ 2603.699488][T24994]  <TASK>
[ 2603.702265][T24994]  dump_stack_lvl+0x151/0x1b7
[ 2603.706782][T24994]  ? io_uring_drop_tctx_refs+0x19a/0x19a
[ 2603.712246][T24994]  ? kasan_set_free_info+0x23/0x40
[ 2603.717197][T24994]  ? __kasan_slab_free+0x11/0x20
[ 2603.721968][T24994]  ? slab_free_freelist_hook+0xc9/0x1a0
[ 2603.727354][T24994]  ? kmem_cache_free+0x11a/0x2e0
[ 2603.732123][T24994]  dump_stack+0x15/0x17
[ 2603.735441][T25003] FAULT_INJECTION: forcing a failure.
[ 2603.735441][T25003] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2603.736112][T24994]  should_fail+0x3c0/0x510
[ 2603.753214][T24994]  should_fail_usercopy+0x1a/0x20
[ 2603.758072][T24994]  _copy_to_user+0x20/0x90
[ 2603.762328][T24994]  simple_read_from_buffer+0xdd/0x160
[ 2603.767532][T24994]  proc_fail_nth_read+0x1af/0x220
[ 2603.772393][T24994]  ? proc_fault_inject_write+0x3a0/0x3a0
[ 2603.777861][T24994]  ? security_file_permission+0x497/0x5f0
[ 2603.783419][T24994]  ? proc_fault_inject_write+0x3a0/0x3a0
[ 2603.788886][T24994]  vfs_read+0x299/0xd80
[ 2603.792875][T24994]  ? ____kasan_slab_free+0x131/0x160
[ 2603.798001][T24994]  ? __kasan_slab_free+0x11/0x20
[ 2603.802774][T24994]  ? kernel_read+0x1f0/0x1f0
[ 2603.807199][T24994]  ? __kasan_check_write+0x14/0x20
[ 2603.812146][T24994]  ? mutex_lock+0xb7/0x1e0
[ 2603.816395][T24994]  ? wait_for_completion_killable_timeout+0x10/0x10
[ 2603.822819][T24994]  ? __fdget_pos+0x26d/0x310
[ 2603.827243][T24994]  ? ksys_read+0x77/0x2c0
[ 2603.831410][T24994]  ksys_read+0x198/0x2c0
[ 2603.835491][T24994]  ? try_break_deleg+0x120/0x120
[ 2603.840264][T24994]  ? vfs_write+0x1160/0x1160
[ 2603.844689][T24994]  ? strncpy_from_user+0x179/0x2b0
[ 2603.849637][T24994]  ? debug_smp_processor_id+0x17/0x20
[ 2603.854847][T24994]  __x64_sys_read+0x7b/0x90
[ 2603.859188][T24994]  do_syscall_64+0x44/0xd0
[ 2603.863439][T24994]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2603.869165][T24994] RIP: 0033:0x7fdb8fe1ceec
[ 2603.873421][T24994] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48
[ 2603.892861][T24994] RSP: 002b:00007fdb8ebde160 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 2603.901103][T24994] RAX: ffffffffffffffda RBX: 00007fdb8ff8af80 RCX: 00007fdb8fe1ceec
10:52:45 executing program 0:
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000013c0)='blkio.bfq.io_service_bytes_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x0) (async)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r1, 0xffffffffffffffff, 0x24}, 0x10) (async)
ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x40082406, &(0x7f0000000240)=')#&]({-+A\x00')
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x2400, 0x9) (async)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0) (async)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000001440)={&(0x7f0000001400)='./file1\x00', r0}, 0x10) (async)
recvmsg(0xffffffffffffffff, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000100)=""/110, 0x6e}, {&(0x7f0000000180)=""/157, 0x9d}, {&(0x7f0000001480)=""/4103, 0x1007}, {&(0x7f0000001240)=""/206, 0xce}], 0x4, &(0x7f0000001340)=""/44, 0x2c}, 0x40)

10:52:45 executing program 4:
syz_clone(0x0, &(0x7f0000000000)="377a7dc1faeebb5366f91fe408ae35303ea570ceda85fe200814cbfbd0e1f775779b4ea907c3c00a9042c4c1cd1936d87cfeb730d9ec4a1921f883d0263b698ac9181aa0f5be4e080e", 0x49, &(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000100)="0fbbc5e86cadc30085103557c330ee81b5ea1141c5efea6e89e4ade2a87ce0baf925b79927cd878ee965739c5af69bda4a10475550f05ad3ea2e7ab5c77d1fcfe27a657dd0b20d42a272e162ec558b17b1d049317dfda417d05db8a9a6704f94e51c928f1d7980d10e7b68ccc2085b9e47a2f70270886270f938ec807bb20b5f4a0fbb456ab6844136624ccc2359e5eb")

10:52:45 executing program 0:
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000013c0)='blkio.bfq.io_service_bytes_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x0) (async)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0) (async)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r1, 0xffffffffffffffff, 0x24}, 0x10) (async)
ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x40082406, &(0x7f0000000240)=')#&]({-+A\x00')
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x2400, 0x9) (async)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0) (async)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000001440)={&(0x7f0000001400)='./file1\x00', r0}, 0x10) (async)
recvmsg(0xffffffffffffffff, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000100)=""/110, 0x6e}, {&(0x7f0000000180)=""/157, 0x9d}, {&(0x7f0000001480)=""/4103, 0x1007}, {&(0x7f0000001240)=""/206, 0xce}], 0x4, &(0x7f0000001340)=""/44, 0x2c}, 0x40)

[ 2603.908915][T24994] RDX: 000000000000000f RSI: 00007fdb8ebde1e0 RDI: 0000000000000003
[ 2603.916730][T24994] RBP: 00007fdb8ebde1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2603.924540][T24994] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2603.932349][T24994] R13: 00007ffe635c636f R14: 00007fdb8ebde300 R15: 0000000000022000
[ 2603.940164][T24994]  </TASK>
[ 2603.943026][T24993] CPU: 1 PID: 24993 Comm: syz-executor.5 Not tainted 5.15.91-syzkaller-02991-g7e0097918ff8 #0
[ 2603.953097][T24993] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
10:52:45 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
unlink(&(0x7f00000000c0)='./file0\x00')

10:52:45 executing program 0:
mkdir(&(0x7f0000000040)='./file1\x00', 0x4)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x2ea)

[ 2603.962990][T24993] Call Trace:
[ 2603.966116][T24993]  <TASK>
[ 2603.968892][T24993]  dump_stack_lvl+0x151/0x1b7
[ 2603.973407][T24993]  ? io_uring_drop_tctx_refs+0x19a/0x19a
[ 2603.978873][T24993]  dump_stack+0x15/0x17
[ 2603.982867][T24993]  should_fail+0x3c0/0x510
[ 2603.987121][T24993]  __should_failslab+0x9f/0xe0
[ 2603.991719][T24993]  should_failslab+0x9/0x20
[ 2603.996059][T24993]  kmem_cache_alloc+0x4f/0x2f0
[ 2604.000658][T24993]  ? __alloc_skb+0xbc/0x550
[ 2604.004995][T24993]  __alloc_skb+0xbc/0x550
[ 2604.009161][T24993]  rtmsg_ifinfo_build_skb+0x7f/0x180
[ 2604.014281][T24993]  rtnetlink_event+0xef/0x1b0
[ 2604.018795][T24993]  raw_notifier_call_chain+0x9e/0x110
[ 2604.024000][T24993]  call_netdevice_notifiers+0x14e/0x1d0
[ 2604.029380][T24993]  ? netdev_adjacent_rename_links+0x480/0x480
[ 2604.035285][T24993]  __tun_chr_ioctl+0x1a11/0x23e0
[ 2604.040058][T24993]  ? __kasan_check_write+0x14/0x20
[ 2604.045004][T24993]  ? tun_flow_create+0x320/0x320
[ 2604.049777][T24993]  ? __kasan_check_write+0x14/0x20
[ 2604.054724][T24993]  ? __fget_files+0x310/0x370
[ 2604.059238][T24993]  tun_chr_ioctl+0x2a/0x40
[ 2604.063491][T24993]  ? tun_chr_poll+0x6b0/0x6b0
[ 2604.068003][T24993]  __se_sys_ioctl+0x115/0x190
[ 2604.072522][T24993]  __x64_sys_ioctl+0x7b/0x90
[ 2604.076943][T24993]  do_syscall_64+0x44/0xd0
[ 2604.081197][T24993]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2604.086925][T24993] RIP: 0033:0x7f65558570c9
[ 2604.091179][T24993] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2604.110619][T24993] RSP: 002b:00007f65545ca168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2604.118865][T24993] RAX: ffffffffffffffda RBX: 00007f6555976f80 RCX: 00007f65558570c9
[ 2604.126675][T24993] RDX: 0000000000000335 RSI: 00000000400454cd RDI: 0000000000000003
[ 2604.134492][T24993] RBP: 00007f65545ca1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2604.142298][T24993] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2604.150108][T24993] R13: 00007ffc80f2881f R14: 00007f65545ca300 R15: 0000000000022000
[ 2604.157925][T24993]  </TASK>
[ 2604.168121][T25003] CPU: 1 PID: 25003 Comm: syz-executor.2 Not tainted 5.15.91-syzkaller-02991-g7e0097918ff8 #0
[ 2604.178180][T25003] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 2604.188075][T25003] Call Trace:
[ 2604.191201][T25003]  <TASK>
[ 2604.193973][T25003]  dump_stack_lvl+0x151/0x1b7
[ 2604.198489][T25003]  ? io_uring_drop_tctx_refs+0x19a/0x19a
[ 2604.203958][T25003]  dump_stack+0x15/0x17
[ 2604.207950][T25003]  should_fail+0x3c0/0x510
[ 2604.212204][T25003]  should_fail_usercopy+0x1a/0x20
[ 2604.217061][T25003]  _copy_to_user+0x20/0x90
[ 2604.221316][T25003]  simple_read_from_buffer+0xdd/0x160
[ 2604.226529][T25003]  proc_fail_nth_read+0x1af/0x220
[ 2604.231384][T25003]  ? proc_fault_inject_write+0x3a0/0x3a0
[ 2604.236849][T25003]  ? security_file_permission+0x497/0x5f0
[ 2604.242407][T25003]  ? proc_fault_inject_write+0x3a0/0x3a0
[ 2604.247873][T25003]  vfs_read+0x299/0xd80
[ 2604.251865][T25003]  ? kernel_read+0x1f0/0x1f0
[ 2604.256292][T25003]  ? __kasan_check_write+0x14/0x20
[ 2604.261237][T25003]  ? mutex_lock+0xb7/0x1e0
10:52:45 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
unlink(&(0x7f00000000c0)='./file0\x00')
bpf$LINK_GET_FD_BY_ID(0x1e, &(0x7f0000000000)=0xffffffffffffffff, 0x4)
r0 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000140)={&(0x7f0000000100)='./file0\x00', 0x0, 0x8}, 0x10)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000180)={&(0x7f0000000080)='./file0/file0\x00', r0}, 0x10)

[ 2604.265490][T25003]  ? wait_for_completion_killable_timeout+0x10/0x10
[ 2604.271914][T25003]  ? __fdget_pos+0x26d/0x310
[ 2604.276339][T25003]  ? ksys_read+0x77/0x2c0
[ 2604.280510][T25003]  ksys_read+0x198/0x2c0
[ 2604.284588][T25003]  ? vfs_write+0x1160/0x1160
[ 2604.289011][T25003]  ? debug_smp_processor_id+0x17/0x20
[ 2604.294221][T25003]  __x64_sys_read+0x7b/0x90
[ 2604.298578][T25003]  do_syscall_64+0x44/0xd0
[ 2604.302813][T25003]  ? irqentry_exit+0x12/0x40
[ 2604.307239][T25003]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2604.312967][T25003] RIP: 0033:0x7fe986454eec
10:52:45 executing program 1:
syz_clone(0x4c020000, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000080), 0x12)
syz_clone(0x100, &(0x7f0000000240)="00b4669971be662e80f8a9760729a8fdbe6ad23d6adc9cd8c0c95bacd5f0166672969881320af2933ed409ba31bbf43f8403fe7b60cad4cc3f9edc4f1ef532bcc58f5219c7dd591a7397b1427be4dc53b3dde9215923b39e2419f6b6016e990506ccdef5a5a340104ac07351c221719c057a4350f5fd7e3b2a12bc45279044a08e51c5265c3f3d182a8b2f7f6e59dba09c10c55b1ad328975aff4bc9992467a65cd4a1d171501f09b79df051884d52f9fc014b4aa1db2b7cfbaed659c6e49760378fa7729e356d31bbfd40e10fd3ac8524bb560f9e74e9fed6d8e2c49b03ce03ce6e3f21331a864f5a5cd43ace7f7acc272063e0f84a668ddd8bc13999709b6c639edfd231c2b15a6591c4795f714cb725f15347db949cd674d3a1c6bac189b6bf1c6b2ad4a07dde8e3b6194adbff559b4160672a4909c6e07e5bf910b935ee1206908873196ab61df6b7b9455cbaaa44c00649a516a0fd05bafedf2c84451f90f5b9ee250012ec98338052eb74c96a5b77ab3be43894abe955d69ea763ecca008067cb80eda8b8906225e1157e15af9bed7e5c2e73e479c27df04f96d75686ad9151031b1548aabacb2c5909929777b1436618ae1836ccb0c1d6067c5b64d82565f21315b6d96acc10644ed8c12c6fd21e1efaa529c167adbe1f7da19f60ebe9a92563d641c488bc58fb9f42f5e13e2c541d4c7d42c695d1a91631d3d8b70ac43ce5db0976a51cf0410a04ee3c5352072b34d7dbd49e119b1311dad4e7f9498cf9028f8abed8ecafa3ff2630a9d7a1d191d901746e7ee62c17f13622d2ea7f7b7a25e1c2a9ef1882e74ed829a97a55d0a29411f7aaa563bb50894b12f9045ab59b39ad658b79990c80425f51c71421064e19908beecd9ef92dfe5db1fcdb2093c4ffce6c9351c89929e179ba66b7d51a30782dd83e3a6ca28e3717d068a9e208810f1ada04159ba34d92180de49c91c48c336695464f3afc4a369c7ff322f7d48f32c072d2194b68c7f6e2389375352fd99af162fdaa8c1be7e4b6b7ed1b2554fe7074be990b440050a616534f597aacf5fee70108cb3a28a10595319960470b667124618f43521fb0ae3ec6a8f846dad8e18ff8bc2e74d7dda6966327a266daf1925ebb32b7b9c17f2132c81fb04b85426a0c76d94eb64a3dc038d67d8a1488b583ec431cd3648be96b9e2e1a8fbcf171b825666902bce14efae86f2360409fceafc72e12b05bbcc7a82f3227c486b9cacfa756af58d0d6469cae0b6a528012ccf0b6da93bcb682bf474929a1426671f42c2a17765a4246e5230222e044d9dbaab8fb3742e448536a377c748b12eea21edaa4217b012b46a21cceac43042d877e6a5876b832e76e7cad1201395d8e6f7fbb16f9078e02913f569e46156d75c597a52bef1ba63aee41d8fa34dd9cb712c35a9ef89302cdc1f0904cedb9c5f71bfdf919fc59b37605550a1f37c901119a618f1f4ca84c0413e5b72a9a2b811dacccebf746c226ea853c1c8f679f978474f9fc47788c9a5567e0ecc2d238fb99f4baa6304e3b51fb1f45cd132ec7aba668a602013f09b2b50da22b4f66d51543e9e74cb1ac1b85f30deb43e914c285677bc4a67b9bcc245b6ede928d073b71417fcc5a4a663f8c0874d56cdd57e31c2411ebde75254979e8de73e56a1c0420bdd097d5eec3f68edd2985cd5cabad46257c7fccb095dca6afa8eca55a7578e5c889dbbc303f9b141dab89017e85b0741a7ba10ef63744473c156cda5f1edc69e1536f4e17ba5ad0173c82b910f4fdfa77b63db57d5a197848c92569a952eebfa54821de24a31e2eb60b5408ae217a5b8a734f649e504b84bfb04be17a126ac0d5a0cd3201f165e3b4cc0ac7ffce0f60a0e747be5ee4e15e42d269f2d47c82c4fc82e57eaae073d09aa61df740022bb3989ff391b74909758aac24eafeac9f0ea71cd9da7380726bc265bbd0e1e86f2be02cdb77357dca805dd0b481b700b72960691e1351ae5385f5ca90016aacc786f693d9c8d123a4f5d636450e435ad207a4e9a5d81181f8be05d23a021374abc1223f98cd4c57d6b3601c246e2c700bedd5f41c46eac356285377510be77239ff9f93498312ef987bfa5448371ce8e84086e77c57e989f3fac9eb5ca5f4005132dbe58f89559e049d16fc5f94ebf149d7d6227f28fcc04e61dbb2f091de2465dd61c412c5ffafa43975682812a4f135a7d2f8dd97eb469332f32c5d6de2b36fe930555be42b197f6884f422a91e052b7526488c639d6a8b2c4c94ab6427a21939d7bfdd84673df341929b465ae509d812df96990d9e010c7f8adfb63412c7adb09918abf9171bdc868fa82ce66b1d697cd8ad08d2ce07a4b51599fd33e946a84bae5a55559bee48a8fdd6b752d3a398617ba13a1a071c85a0052c03582d0af688604afba7072b44adcba80d7978e899ffbb097c4a6957edd9b15b600d72ef057369aa9a97e2b6f7a1973209de1312e38b7f6bfd93e9427b90f0cfc1258efff51c5272b5e18d3303ecc94dd0c6c208211f1373bb7e5d4c1ce1b6acc9ac3089376f4445ef2fced966ee0ab8584b17571a3e574d7053059ab3b1e4fe6996a8656540238407c3df2f9dcf485006bc7cbf1d513c9f93739e85e9969517ad33ae1bffa32b63fe09bdb6e2d3e561fe54b71661be71f99df227856ca95cf693e47c6f5552861f0b276de985bc3fc6c130567d888351664aadea8cff81528a701ca46a8e1a64105b67c7bf55f7977f8cc1b06c1b94ce83c8f0361fbed34f0bddf764ff6730f16f42f1631082004c2a06f1f4cc19ada54a156f37898707038778ff61d8147a1c8680b1c833e84baa65dd170e3a0865dc77bdfc46363cfd6c2733747ada99ea2f4934ceb79e4841c735ce14706107aa06084ac77375e109bf035fe43b7dc9434eac3107c623ff7d0ddb0ae62c4c771d53509cd9f31501ca555bc44fcd4156b9d190c093329e16ae162d35768f90a5ec279febe15dc32a67baa505fabcddf1f936bc28e90193130092f4ac9934e7e3c5c59a9ceaca0c18be86d5f3cc792ce3c38294cf9d91dbbed211751948d5b217385b63b6e66df11c88e88d24a3e3b666c8d8bd4a75c769f5848585338e11dfefb452f083f8c252dba28c32e3a463c995f3549c18303e2951416e9556b3013d0236d78a7ce0f26f901ce0026e29c9a28cb2c641433c8b040006bf206de40cdb54fd2725594ec96ce8fdd597a9c66da685b6c031cd49da8edf2ac4138a1728133c159b59633beb3d3e4d7dca9dfb2f76f977f4f1af51e2b813bca1bc8cd8dcd56d745ccaf6aa6fa40db0d86dd88dd521cfd0b7ede87f90fac698fc6f39d762b0dcc615cf34b9d5ae2f077de742b46684ad086edd81692451afe3a58b6bd7f2dded156cf22a86351e84d9ad5c90ed127c47281bb4ba5bb430ea2376ef211b13936b4b00f2e7d528459d93d07b1bb1ae3af23abc632786160bb064d8ef3991630117a3687c30d8fbb0f09a9c32b8d19a11730b18510a41afb526c1047a87aacad58817fce28e3fb5aad2ae480289d312569f9845e2b1daca882bcfd3a132b4a75225de1910ff3dc98a9562912f4d125e9af5c90d828d10fe1f64807d52695a22794b443a9932035989622e36921aff168f543d84ee4ac65c6d4d8a7784cc92c739249eb21a60d6db79cf27342abbfeb0f14f7a0add7ccede47efa816b574e6c7ed979c5875da2eb5cde832c03fe3b4b20c9afc1f4a9dec481dfff64d3bfbc3257e2ea300a9a4f4df155b6ef6f57fa745cc212bc1ae09f0aa349b82a4b832bd399989aa88a89ebd70b5fb4f7f3b2eee6c7a4d3cebd1962a633ef3a3c105e19b42442729da9844755930636b19eed9e66f64fa5e6f8165327c1eb1838f38cbfdb97de748a5a54bd44dc863bda7084700d7ae990aacbc80201b748ce423514b5f85299eeafc0cd91fdbe701044cf855267b0e1b0e9b5396c697bf0f1ae7c4ad6ef23e4f58c9817b5f63d9b1e0c35106dd23c86c9fe052c9703cbadad0c38d551c3c28b63bb801cf4d35ec8a2d8ce5ae964543fbeaeff556ebeaeb707e57a21ec8da05ee769f542c363bc735c54fc07bd29d4d9467de25cfb4bd84f8bc565a570bd7fe12265572867929866b7dc0eb372b3a1ee613a4a00b97acf2c20d2b83de4c7ca3308df6c84869a4a7e573e08d3607eef97a418861282fa8375ef7aeb912819f3930630c108b6bc89246718b13ca582fff5c86075c0178d6f92418f675b6dcc45c8a67508a179a50f0e86ed02015ee6a0095f2fd6001000527ebdaacc8136aa432e9aa0d8491b875a9186d5f4f12e99a87645b5e2382ef1b9c4be9f38699c82792a1738acc3c927798499b5da0a63770654967b9c3d32b049a9ac65b5afbc1a2bbe059827e928f1b0f6922d34d506772cbb0fc1e69ec99d551ac5ddecfaa45e86b2204fbef231066704e01ad94b46d53dfdeebf92c751a559047a317a92aae5bd881def10029294e1fb33f4e61496d8b3c2ba704a048d2e66700e2f29d7dfe545ead983e1586e7017c19f637d7728f3dcc2d4b6b738716a194500c296563fdf58695c2b7629fddfd906a2f27926dc49e3a355fad9a0cd389c88893ad86d6efc64ea25d3fac40d08e32681b0e662cfca8f5884c055a8ab1defc739d1712ed4f77f3ab1eab9c1d71b600776b15dbb67fd4e17fc57b93aef4f7694cd96340ea653db1a13ee3a298dc1f8f0755c8dd7d093d21e10104e00eb8a1391bd8d4199e6fb557bdef0cf5a810e3785831cea26bc3703bc68d16029eae03a7e39c742eace59101b6bcf8e789b870d665f95633e625540379bd6882a5cacf759b25d64b03a6ab9328987d747bd8f417710af41e764e76c8787221ca7055d418e076bca38d85863167e3a8d3fd8ecf60949dc89123b33250499d9d850161c271ea619846904c952c42bc9f87a9b2ddd759afdca538014b89fe63f877175d62f64cb0797e9e45b2a0609ad234032659f536597ee4a210feac62570d3b43fdc3404f839edcb2a9afe9737f044db43f69c460642a5d2adc48e235338fc3bbc5a914f82614286d55b915547be6070f77873ddad7ed3d990a549a47a88ae51b7fd53397fddb8fba4165b799319b1c8a6fb999a7fbf8e9f7f8605b5abb4f1df5ad48df52f509e20d000659d5c411b7bb04471c0542eb8718376cf55d04d08bd6a544ccc0697ff00c1db7f586f489a5152d531900f8c67c82741be4fae26c409f70738edddc55ffe0190a5721fae0b4599b654d3bc3b41d1b0041473d765d856dc2e06bce735d72e71c2e6455357cc09577e2108388065cb3e41c64083bd904a20f53258a7148f74393d9dd58ef742190556d16259b21c2ec1971ee47754b1b16e98d5ad828e6fcd3066fac44906c94124569ed36775b116bf065cd24dee29b6455c3c9c099c99e4b1052deb4ec962fa1a95613342fb881fcfb8fee64f205e2da99401fc1886ec41d5f58f6e77754dbc599a24d5ea664087c5336edf39e9c25de595c3d26bf1ed6397fec1b69f6475c8fbbbdb03a68d0b051d1e1762f5167c0acb27d93f56883c5ec45f90e3440a77967e6344c229936ecf9393fa9068bd4886dc6567ee1d50264dc37dbc9c407d8046182e8cbc0ac7eb1b35054c0d4480d7f525d3358d9bfe250f2ac11f7f4366de73deea9465514b733983b2f9811cdc8129b54ed8d4669d30a035f87450c85b054ed9626c4307e9fcf45ba5c524f7ab9e487747e5d8cd23eaf58725ad9c1f0493899d64a21f8a0ca1aa01556b939d2156df5e4c7544edecdfb6df11ca889b4669", 0x1000, &(0x7f0000000000), &(0x7f00000000c0), &(0x7f0000001240)="9ad3f019f86aa5142bd63bd7d04af92c3bdae46c7bfabe08937361909348e8679407d10d51c0bbb4df4b298c998d9e1c0fd8326a22c3cba6d07ec4055481dcc91410c39a28262114ef9c9f31238d0a5d65e813e161ae745e21558774833e0587be2a62cd040e030b6bf35b2e94d29cc49fe18f12e5ef0c8da91a85ef8175ffe7adacf0a5d4c8336750325ddb1aa623bc0ca8e8bc1b9ba3a84f5ffc873a979389bb546fa985fa17f0cd4c2348c82bb69bfd504b3414020a69c9b72ed3fee6dfe761cd6658e1f34822768d65fd5511504a0966e7fe8400")
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000140)={0x1, &(0x7f0000000040)="074803bcf13176a73d4cb67106697732148ca92cc584054fae9dea181f6856cc8be9d420234c176b37a56312fa2d23ca1ec243e2b99362", &(0x7f0000000180)=""/178, 0x4}, 0x20)

10:52:45 executing program 4:
syz_clone(0x0, &(0x7f0000000000)="377a7dc1faeebb5366f91fe408ae35303ea570ceda85fe200814cbfbd0e1f775779b4ea907c3c00a9042c4c1cd1936d87cfeb730d9ec4a1921f883d0263b698ac9181aa0f5be4e080e", 0x49, &(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000100)="0fbbc5e86cadc30085103557c330ee81b5ea1141c5efea6e89e4ade2a87ce0baf925b79927cd878ee965739c5af69bda4a10475550f05ad3ea2e7ab5c77d1fcfe27a657dd0b20d42a272e162ec558b17b1d049317dfda417d05db8a9a6704f94e51c928f1d7980d10e7b68ccc2085b9e47a2f70270886270f938ec807bb20b5f4a0fbb456ab6844136624ccc2359e5eb")

[ 2604.317225][T25003] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48
[ 2604.336661][T25003] RSP: 002b:00007fe9851f5160 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 2604.344906][T25003] RAX: ffffffffffffffda RBX: 00007fe9865c3050 RCX: 00007fe986454eec
[ 2604.352717][T25003] RDX: 000000000000000f RSI: 00007fe9851f51e0 RDI: 0000000000000003
[ 2604.360526][T25003] RBP: 00007fe9851f51d0 R08: 0000000000000000 R09: 0000000000000000
[ 2604.368339][T25003] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2604.376150][T25003] R13: 00007ffd3e6cda7f R14: 00007fe9851f5300 R15: 0000000000022000
[ 2604.383964][T25003]  </TASK>
10:52:45 executing program 4:
syz_clone(0x0, &(0x7f0000000000)="377a7dc1faeebb5366f91fe408ae35303ea570ceda85fe200814cbfbd0e1f775779b4ea907c3c00a9042c4c1cd1936d87cfeb730d9ec4a1921f883d0263b698ac9181aa0f5be4e080e", 0x49, &(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000100)="0fbbc5e86cadc30085103557c330ee81b5ea1141c5efea6e89e4ade2a87ce0baf925b79927cd878ee965739c5af69bda4a10475550f05ad3ea2e7ab5c77d1fcfe27a657dd0b20d42a272e162ec558b17b1d049317dfda417d05db8a9a6704f94e51c928f1d7980d10e7b68ccc2085b9e47a2f70270886270f938ec807bb20b5f4a0fbb456ab6844136624ccc2359e5eb")

10:52:45 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0)

10:52:45 executing program 0:
mkdir(&(0x7f0000000040)='./file1\x00', 0x4) (async, rerun: 64)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x2ea) (rerun: 64)

10:52:45 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
unlink(&(0x7f00000000c0)='./file0\x00') (async)
bpf$LINK_GET_FD_BY_ID(0x1e, &(0x7f0000000000)=0xffffffffffffffff, 0x4) (async)
r0 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000140)={&(0x7f0000000100)='./file0\x00', 0x0, 0x8}, 0x10)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000180)={&(0x7f0000000080)='./file0/file0\x00', r0}, 0x10)

10:52:45 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335) (fail_nth: 2)

10:52:45 executing program 1:
syz_clone(0x4c020000, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(0xffffffffffffffff, 0x40042409, 0x0)

10:52:45 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
unlink(&(0x7f00000000c0)='./file0\x00') (async)
bpf$LINK_GET_FD_BY_ID(0x1e, &(0x7f0000000000)=0xffffffffffffffff, 0x4) (async)
r0 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000140)={&(0x7f0000000100)='./file0\x00', 0x0, 0x8}, 0x10)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000180)={&(0x7f0000000080)='./file0/file0\x00', r0}, 0x10)

10:52:45 executing program 0:
mkdir(&(0x7f0000000040)='./file1\x00', 0x4)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x2ea)

10:52:46 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x2)

10:52:46 executing program 0:
mkdir(&(0x7f0000000040)='./file0\x00', 0x104)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r0, 0xffffffffffffffff, 0x24}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0x11, 0x2, 0x2, 0xc7, 0x2, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x2, 0x5}, 0x48)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000080)={&(0x7f0000000000)='./file1\x00'}, 0x10)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0)
recvmsg$unix(r0, &(0x7f00000003c0)={&(0x7f00000001c0)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000240)=""/36, 0x24}, {&(0x7f0000000280)=""/95, 0x5f}], 0x2, &(0x7f0000000340)=[@cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}], 0x80}, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000100)={@map, 0xffffffffffffffff, 0x13}, 0x10)

10:52:46 executing program 1:
syz_clone(0x4c020000, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(0xffffffffffffffff, 0x40042409, 0x0)
syz_clone(0x4c020000, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(0xffffffffffffffff, 0x40042409, 0x0) (async)

10:52:46 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x4)

10:52:46 executing program 4:
syz_clone(0xfc06a67057d6981b, 0x0, 0x0, &(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000100)="0fbbc5e86cadc30085103557c330ee81b5ea1141c5efea6e89e4ade2a87ce0baf925b79927cd878ee965739c5af69bda4a10475550f05ad3ea2e7ab5c77d1fcfe27a657dd0b20d42a272e162ec558b17b1d049317dfda417d05db8a9a6704f94e51c928f1d7980d10e7b68ccc2085b9e47a2f70270886270f938ec807bb20b5f4a0fbb456ab6844136624ccc2359e5eb")

[ 2604.479536][T25054] FAULT_INJECTION: forcing a failure.
[ 2604.479536][T25054] name failslab, interval 1, probability 0, space 0, times 0
[ 2604.526728][T25054] CPU: 0 PID: 25054 Comm: syz-executor.5 Not tainted 5.15.91-syzkaller-02991-g7e0097918ff8 #0
[ 2604.536794][T25054] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 2604.546688][T25054] Call Trace:
[ 2604.549813][T25054]  <TASK>
[ 2604.552590][T25054]  dump_stack_lvl+0x151/0x1b7
[ 2604.557108][T25054]  ? io_uring_drop_tctx_refs+0x19a/0x19a
[ 2604.562579][T25054]  dump_stack+0x15/0x17
[ 2604.566564][T25054]  should_fail+0x3c0/0x510
[ 2604.570817][T25054]  ? rtmsg_ifinfo_build_skb+0x7f/0x180
[ 2604.576110][T25054]  __should_failslab+0x9f/0xe0
[ 2604.580710][T25054]  should_failslab+0x9/0x20
[ 2604.585050][T25054]  __kmalloc_track_caller+0x6c/0x350
[ 2604.590173][T25054]  ? kmem_cache_alloc+0x1c1/0x2f0
[ 2604.595030][T25054]  ? __alloc_skb+0xbc/0x550
[ 2604.599372][T25054]  ? rtmsg_ifinfo_build_skb+0x7f/0x180
[ 2604.604667][T25054]  __alloc_skb+0x10e/0x550
[ 2604.608919][T25054]  rtmsg_ifinfo_build_skb+0x7f/0x180
[ 2604.614038][T25054]  rtnetlink_event+0xef/0x1b0
[ 2604.618551][T25054]  raw_notifier_call_chain+0x9e/0x110
[ 2604.623761][T25054]  call_netdevice_notifiers+0x14e/0x1d0
[ 2604.629141][T25054]  ? netdev_adjacent_rename_links+0x480/0x480
[ 2604.635044][T25054]  __tun_chr_ioctl+0x1a11/0x23e0
[ 2604.639817][T25054]  ? __kasan_check_write+0x14/0x20
[ 2604.644769][T25054]  ? tun_flow_create+0x320/0x320
[ 2604.649562][T25054]  ? __kasan_check_write+0x14/0x20
[ 2604.654484][T25054]  ? __fget_files+0x310/0x370
[ 2604.658998][T25054]  tun_chr_ioctl+0x2a/0x40
[ 2604.663248][T25054]  ? tun_chr_poll+0x6b0/0x6b0
[ 2604.667762][T25054]  __se_sys_ioctl+0x115/0x190
[ 2604.672277][T25054]  __x64_sys_ioctl+0x7b/0x90
[ 2604.676703][T25054]  do_syscall_64+0x44/0xd0
[ 2604.680959][T25054]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2604.686695][T25054] RIP: 0033:0x7f65558570c9
[ 2604.690937][T25054] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2604.710376][T25054] RSP: 002b:00007f65545ca168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2604.718622][T25054] RAX: ffffffffffffffda RBX: 00007f6555976f80 RCX: 00007f65558570c9
[ 2604.726430][T25054] RDX: 0000000000000335 RSI: 00000000400454cd RDI: 0000000000000003
[ 2604.734243][T25054] RBP: 00007f65545ca1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2604.742053][T25054] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2604.749870][T25054] R13: 00007ffc80f2881f R14: 00007f65545ca300 R15: 0000000000022000
[ 2604.757680][T25054]  </TASK>
10:52:46 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335) (fail_nth: 3)

10:52:46 executing program 3:
mkdir(&(0x7f0000000000)='./file0/file0/file0\x00', 0x150)
r0 = bpf$ITER_CREATE(0x21, &(0x7f0000000080), 0x8)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000100)={&(0x7f0000000040)='./file0\x00', r0}, 0x10)
unlink(&(0x7f00000000c0)='./file0\x00')

10:52:46 executing program 4:
syz_clone(0xfc06a67057d6981b, 0x0, 0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000100)="0fbbc5e86cadc30085103557c330ee81b5ea1141c5efea6e89e4ade2a87ce0baf925b79927cd878ee965739c5af69bda4a10475550f05ad3ea2e7ab5c77d1fcfe27a657dd0b20d42a272e162ec558b17b1d049317dfda417d05db8a9a6704f94e51c928f1d7980d10e7b68ccc2085b9e47a2f70270886270f938ec807bb20b5f4a0fbb456ab6844136624ccc2359e5eb")

10:52:46 executing program 0:
mkdir(&(0x7f0000000040)='./file0\x00', 0x104)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r0, 0xffffffffffffffff, 0x24}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0x11, 0x2, 0x2, 0xc7, 0x2, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x2, 0x5}, 0x48)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000080)={&(0x7f0000000000)='./file1\x00'}, 0x10)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0)
recvmsg$unix(r0, &(0x7f00000003c0)={&(0x7f00000001c0)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000240)=""/36, 0x24}, {&(0x7f0000000280)=""/95, 0x5f}], 0x2, &(0x7f0000000340)=[@cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}], 0x80}, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000100)={@map, 0xffffffffffffffff, 0x13}, 0x10)
mkdir(&(0x7f0000000040)='./file0\x00', 0x104) (async)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0) (async)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r0, 0xffffffffffffffff, 0x24}, 0x10) (async)
bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0x11, 0x2, 0x2, 0xc7, 0x2, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x2, 0x5}, 0x48) (async)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000080)={&(0x7f0000000000)='./file1\x00'}, 0x10) (async)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0) (async)
recvmsg$unix(r0, &(0x7f00000003c0)={&(0x7f00000001c0)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000240)=""/36, 0x24}, {&(0x7f0000000280)=""/95, 0x5f}], 0x2, &(0x7f0000000340)=[@cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}], 0x80}, 0x0) (async)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000100)={@map, 0xffffffffffffffff, 0x13}, 0x10) (async)

10:52:46 executing program 1:
syz_clone(0x4c020000, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(0xffffffffffffffff, 0x40042409, 0x0)

10:52:46 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x5)

10:52:46 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x6)

10:52:46 executing program 1:
syz_clone(0x4c020000, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_clone(0x40008000, &(0x7f00000001c0)="462c908aba167b79eb29472957953f340b6def412ea1ac52de5808a60399de365c4524cf2969f66bf503d501744c8404bba88c4ee337610692c0eef1717e951995fa340a61901ee666adf575a055", 0xa2, &(0x7f0000000080), &(0x7f00000000c0), &(0x7f00000004c0)="bac684c14d58edb0b5c8b8a7862bdf69544654cf46776b786b8544486bd89a1087a4957fd2cbc6fa5896f5a9ca4918ae05db33fe98bfcb69c7ae13d7ea12f8b2340816dd5bfa44e2a2ac0deddf2f6b20dfc80e927326123d0a3966d5fc37871b2ad69e9089a0f7d37d2be2cd5a12f4821c03d00e5b65000100060058b6a09abdc56769b89b6c93e0fc3654bb4cf5f3ed166df51ba94b7a69ec27598362e71da3ce1cba37dfaab56689137a7a75c94d8fccb135fe3aefcfc234cb88807797aed757dfdf22261188eb9b587b4ff27177cd033c06305ffebf172d3467b8b956c7eedf45693d46192a6604bfb1fc273d5a83dd5868290be610167971eccf25dfb8bef87e485bc6aa45494367d4b75f5d4a8b1711fa9fc43b70ccec610e5d7b9b3538aec6a96f6e6bf81ee5a1530eb35df90fb44f921feeb19eb7a6795eba623133ae9fbd140a10e2a41a7209e8290f29336510e807c31ffdafc0cfd0336fc93f92c7dc1db589b24ed5e15e8f6ca90e48d07ae4b4379a49e5a2a3e6018c3bd0e2b431a4b58e896a64472a653637f5965f87665555dde2b2aa1bbff39eca8c51c0e66bf10641a2ab8f6f72558a4c5def89792ea9ad52e201801e831e7975aa365b5808b11290552fe45ed3fae02c0a7c83030453f92880a46d66784d4ebb09ac2b8f99f845d25d0b47bea3a7eeacfcbb40926f4a13119e7177497241d1a84081ac884abf87a202ff0b3c2f1ccffc6d2a12c55a9d1b13a806188702c8a3261db9b0d18572dbd2a7b65669e4cd1ae9f2b2008cd1b63f38292429e0478589d00cbd45ebbaf7ce042d0bb1d54052ef1773e3ffc5bd5343f746add478f89cd8553ca5dc247371e730637c8c74b3489784576c66e972b241673634e7ede88a5b56c8a789c0604642221760d0b9d470c829a57d70708228ab31bd1dbfac53369599a5dc68713497d85875a0872d1039ffa44f3a3e56591f609ce46c822b8759a3beb00f52bac9b43e1fe40408f0d47981d1380bea9ea9158c3e9481fcf460d8ef1a52f710dd8a8e59107306c4c401cad25fef1af7fd7da1eb6b2a7e54a315e9573e1debd7734af2ae88f03b5f11f787f83fa406921b4e4d47494ea303d32e5ab7b62ad6543de04f18d205e910251f")
r0 = getpid()
r1 = syz_clone(0x21600, &(0x7f0000000240)="f69003639e2f0ee0229d1cf0b15a5a2ecca61b5476f5c3f724c8ed5758607dd3712ab33864fcb0e74ba8982040c581479c199f2fe535433caae1db2eaba6e55b61653d61b8d8a521372b53709dd46c72228b6a8c7e5cca29d418342ed1150ebad75aa26f5142ca4ead5d66c9e9c8828b6df848d42306c1a89198d3efbb368a2c6155bcd535572c9babbfacaaa2f0e9f19a6f916aacb57378cd4b8a0f74cd4a41c7fe6d303b74bd115df3ba7654e9d1f9bb70992964c0a72b897db10fbbf93bc9d5b05297b0ef1249932398a23734803f7ad1fd346f4241c77de6f09bf6bd7d56fa9fd188c869ca0586df2c", 0xeb, &(0x7f0000000100), &(0x7f0000000140), &(0x7f0000000800)="e86ea1572c2d92eaa545aeb60658cd5a5af2543e38b9e8c0d167eb81c7634e144fd85064f80f800d3854b1cc4f8c227ab48280d5d62150f06ac894cf088cecac2d8fe74122ab07d34a1e30ccf1fd782b4bf6c7cec181eeab5ddffb2892664a41a5d78eed81c8d5742e2a8eb1b4acc3c2d9ad3e5c27ff6f8c330976cad3e0d81cc7bbb15e428fd779cf84ffad657b0464428017cd8a891e82fe5e3eb6f3b9121f95e1d84d590a0267c8f5ae575f0bd7555c9432e6f760c0a7024067597283725d831e4a38b34fa0c51ae1717a823950d504c5938cd41508b47e6f63deae3aed8fb373291a000950ad4756bea150db556088dd3cdcd66242f711b74dc3c2ebbb6520d63edf1591b66640c6b34c90cbe8087a01e6f0a10c46196479629b2adfaca28cd9351909ba2cd335f275903e9c99a928ffcbe4b86fbaa2c40d6f6e6e718efa912a71ef3f30422c258abcca9478583ce2b2b55ac711c95fedf5ee43f5e7731fbe43385ec2a25001c906bd73482696982f91cd1ff0e46604820f4c2bcda55d1e1d087ae5787c7665502b2d3eb82a3938999a2cdb127af4d32ab7cfa84585bcc9e6891c306cba6f54c63a0820912164b905f1423d8abac2db0cea2cdaaacfa8acc2cfb7be5184de1d722c147f8da054886b3ef6a5da22a1e28f698fcfe04b22185890338bd4a9390e752701fcb29df52319e0d47fd6d53ea7dae3027d4dfb7d464a7977ac6e400ef76b8a85984ed25f88b0619d3c4c45cd2b245223a7070620d1d973bc578aca7006c18f02e04d3a9ba5dd55afe66ca06b1be57e869829e0d4ce2a67799ce2eddefce38c8b565f09684c78e72511c1c7f9acf62a109bf6737641aa8309e2875afc6fa49cabf59cc242cd1113827117aa632168b48785d6973ae6707ff5c62f71f29e5834db9bb8f01f12a19ddd5106c96ce12de4fa35caa5d666c881db4f871a4e3ff15a84c1a6beb108c0ae57deb25a66cc34c1639b86db630a9093dec405602ff1059b9be0866d92825a002cdfbdc1111226e8f7e76066bd1c431c9d3934b29c71668f17f44be4b06498705dbd14f32b376cb4ddf5b5c5bd8b05f12d2e89d83d069d883a61892450dada7d606f0c2fe81138d2e3f71bc12fe3a7fa99518bec0ae80c96cca5e057dc24976c00916d927fef76256eb11a3bc94f19076fb0efbd4eb372a420d6737f415cab66444fff24e4efb431504e411b6f8822b6c63ba3772e3a72a976a167de7bf1429174aaeece7360e80738d5d44865cfa7472c8b2c437d9814dd45c521704062e53c64ae35e913b7acc8a3490d47eab03c138d1d8249f5926be9ae8fae23e1b9187ddba36050793c34e09e79a919dd704bf90c1981035c2fd2f135acc11d74929b5db3cfa86b64b20051c76985e38caf8bd5e5a45b3426613e5327af129a9f56b670f8afb32985c62836375d7a07ae96eeb5a0ca778348f27275d56f171a7ec27c482eb8e84bb34af1c962e43132d113aa913cb1f3eb4c5b3d4d52709770499b229ea074732dcf9a519c65acf1036f35b4caf7d43aa6a1f4167821204f105fe22fed8646862d65289774216dd1f1c58bd52212b2900d1c4f7a39c99f20a1a41feac0f2138170a3538c95507da887af5565fee9ff745fd435f0ebe8860f6fee4324562d992c975f63179b766fa6f53e6bca5fd8469b14e6f744381e03537593629762244ee47bf5ebbd7b85a40225648c3d225f63fd5cbf1ed8dfd53a3cebe6ef84cd6a23c3e525c4e45a760b43fc04e5129124e2409b0abde7dced7f59a5f52d4d6826ec6ec81553453889f254e90167d892bf80c902687720acf7dd1b2c106f4445945325dd507cb4d6105c4a7a240e565b0c3318183db9e58caae952c3b42b13d770f97204fd72433435b3d7548c8cb8bfd7d526109e35296990b091a26808a511880cc866de0ea9f36dd7e50c9b65d45c1c0f1fc33402b1d1d5ab9222cc9f0936911fe1791e54225d30e56050844b1a83117e008b58b0e9583b31d484ab46c165905692f34e4b5a5e9c03c1d9be074a94061c567a4bd1073771eaeee852ead10eafd76a7f049a2894875f1ec2feb6185e9dc7c613b56795331dec827e16a61eb1cc4e3171bda82611b5a983a2ba8e36b0599667417e39a22a20987c845ee921773f59cc5353b6868a25fac644553240da86a835635b803df3c8371535a21ae5b43620d0433e9c57bf26a0f7f89c5b68515f1656810d236ee982d17abf0dc06c0a2ab59f7dca3d0aadf530ccde734000f97bcc2e99653cc66be3474e76ab43fdb06f8afeacd6c66b60c60bb8403856be45dcff90115850837f6285f264cf18ad0215045bd30e25cb14b606dd6335773145e7840a2ed45ba275cec855aaeba6e9baf885abcf25aa4c4f052c3444b96011b93acafd33e865c37b7feb1321bbeef5d0db8c4abba2e24629a543dcb374280ce4c040e587ce7ed4f133a800c3e2e8760a711e38696742fde6b1c57332d37ca507b140ae06a6ad930f97c51971e5dfe46349852ec7a496d51899c78ebbef2949fabdda6eb24b97efa48e78705aa7ed9565286b242a4f18fcc297ca5c7ac2df3c4417337c9062177c2cf9638cdde72029d27523fb7b45f27ee4f5c6cd7ea4205190ec6b50a93bb119f72c4fd5c20cc0a927e5e99543edaa744f5d38304fdd84d6bc31398d6623f773623ee137c9af7d9c529901dde18d0c2694dcad0016732674ba362d1c988cf4b275fd08ca928f494ea23f5a8908a11890d728a51de237a366c1901f9549044f13dd0097ce9c4c5e7299c60331db419259315365f8af868f4b11e0fa507fbd53b31bd43865a8537d5e9e04a2b903dcf1db05d694f8850efc6c888871aa911a509a381786491f7994e2355e4334fd52010c2f12599ed8792f74eb80a0ff7999abce470288afe0a5c137f9d22859724d732b7603ac3b6e10bf4b322cef7ed992e44c19ae1a487321e091089349a53a38892832d67c05476c1ed18369dc647ab5e71c9e7d714a2c68c69790eab9bfa360c13b3ff1f3932bf54c9a2fcf1b4df1c32a9d3d87736dd36ac2380cdc017dcb037bb69a0335dad42517cefb69f082eb05fcf6a965566d0dd6df319f6fd6aae7d696a1a8a5cae73dd28f43ca6f6df3ee446883741e771bc9253454d64b8ecb6c1070b0dae8b8d707f30aa44e995614892cc511bbb745c9c8c8349260163bcd5fa588686a22b29c9b2085c346230fd18d5f7e66a9cd2c3ee42cf8b7650e3440d03c67a0a0654bca037f8b4e1d005b761c62157d8b1b257b5ac66e004f78ca5ba25bdfd4738ade3b2408b2a5f839b7b028f021655f1e046f1d5787cabc516558e51c8fcafdde224d1bf0c6e8424941504ce7cb98bff8f0eeea2751811b0897a409108a00b6660b2c3a55b1c0556a596b0a3b4f65cab8624d3a188ab1c39af3459c09c0ec3507e4ed30b2a60750405992dfe380a8b0fd8f13c2f54eea431e656bc8dd83e1eb6f33d4112e27701d0ac07fe698ef8ecdf77a8cf3fd7bb729b405b0e099b9b8e1ac4fc7f84dfbf0850fd9f5ef6484d3eebc1f8286848f5d3e4f7738a2965359ed69b75c3cee3ceec98d33d3595357fd6573ed442be56f2802a0ac1872a5f0558e4eeb0e768792ba4884a37e451f5044a03734e81762f12414203137b8aebb47d0f113d501ea1280e049c94918f60ffba9acf0878fa16750aa9af3bb8c19cb263cf417897e1ac30f532efbf67336b6c7e2842842c7b0d2fc46867d3ea24df4fbaa1996c967199b3c01bb08103db4ded1023e15ecd1fb8dab927ec4cbb97d66c56977f3d05efa64bddeb218cdd78155da9b4f50580e1143af9a9ae593ca690bb37e2d02d67fe0c6d1532082df21b0f9225e5dba603cd8c5b75bd6c964dfa7d42f80c18ba5824098ab864402f6740a36f73f541a2231bb8607cd878da4f96a1b1ed62496f4a79e538ac72ed2623d9e8dfcbf44d6c5321c1fdc5e9f381aa9f0f5ffa32f5a2a17bb283a9770949b5dda2964740669b434aadc6906d650108eb5d02a2c590e3bdc220740be6b35bb637dc077ff16badb9d367c72961b1728eea05e791e5b488ca81465ad74b96c801b0a7f74f46833fbb577d2281e886ecc33dad6572c2e4f2cc252fff0fca1fd99a1b8cb7f16d094f190d619ebb5cc16ab6c1d89525ce1793af484a185e54a2eedbbdbe3c6e46de71127e5c5210e430bfee9674c53b8bd9d6c48d5f986f8dcea327b9601cbab6f1becfdd061e2daeac58befabb0b0886a89f4b6ee981b22b442d39f2f0c9ee7e20ec6be0cf15b457a899e0035f76bfe23424ad5d8c2d74826196d877a12cb1b663758e9f58897a92c999b40c080786cf318e8f35a8d3de61e1f1eb2997ec3f71dbc4e28937251ee9d21753416920a10c3cd62022f9b6278dfcc3f741389bee64cdb95c06b80459035a3d852b7d7aee0b672f7cada254600c9ef707c469ec3ec0ba07471173d684d21d1de260b600ec3df77a98348311aadc106b3ec831f768e6117668eb47613102ed9b5485c009c7129a596dba256fa357f152fa17b1832fe4c6909dc5cd54b20d805ba0787021fbbfbf7652cebf5194f0a3a7e35a02e2ed7e100641d1bd13f0c751b8c806f91abe441388306990d639de3fb0240cd7db3ee9e565bef449a2b99e780fc5106f47515dab26cc122c9d00e5e486120560f92bb4f7b505b18875d712dbae3d6932d91f81d3cb739afc7dbb72c0bbb4b3ae2ded5265455c1b912e914b083ffc687c9fe8483c33e8fc03ef995f094957f6b0dd25f2ae6fe1d893768e90583c6aa903160e37d40823313f647736398e177dfb496f2b77ca514e9b683e538e49961714541f34735b82f9951d4d8e2bc2eb9506fd4142d94ab545fb137f1fdd29569bcae4ccf9d9cf38996f4347f46ea3d3308d4ffb22b0543cc5814ed154ca804d000f5368e46d8111e410949048c5920c586fcf688eef6adddfe1413a2bdd76d590cf75b5c270dc2b61c0bcee10a0fbc444befa77c7933c9592084c32fb48e671fca1fd99467d84bdf90c97f75c7d43bd735cdd9e3fcecda518744d8131a5d32c96ca9c85059bbc426549f80395c603579d75ed801140a3a889a92a2c57cb8fa67fbea6a485f1b0a445ad4359e5784232ed325b0e09249824a801c83741f8f94cb77d70cf6a174bbd7e0607f8f02720b40bd5b4dc61bd52978bbab9f730dfed8a1f757208a0ba06f00a2279da204579733df353d5faf965d4ca2eb4072f957f1454b5b7f98e28f96dbefc12a17be3c47a8f37b9498ab325c5f09db846a221e3cf40ab7b5b62523cf1ef29f14b705bd244a6fc4e1422fba4a285ba9576bd66b802b2595bfd6ff9779f50f19c1d5a871c3f1788386bc738e9c762d301cfdbabf581944e760d1220f0f6bb01aba4245e430e338fd1d26fe71b4a7b5dcea577a82dbc2d95488d4da6218c547a193e24e9992d3f79b81a950bdd9e0f894acf655e9e0a40b83431a3a9710d495fe2f85c17ff8c8e4afd8099ebb0a4ede856e1c1e53d62923483a8b93ff0ba514502be2bc81b0eada0a925c71f2d0d45f3dd2ad49e6499e6e4e546a03d20ed93f9762cb7ec8491284d52d47de616129128b3b4e25041e1efcdeb9c022ee251e8a9b8131068fd75c531dbaaa7ee0ad1f1358ab309a84e6d7da535e12d92d667056514ee80203951ba9a1aa6c32ca38b8d475844d9b9e1e9690b0b72977e7eae47a308239270424d09bfaaaec6aabecd9a7470bbea73ddb7f9fc45323596717326a62af62e7f8f260ed449a8cd665dc677f9d3006ea49b430d86f8b64ff0f8ff5b0fe")
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000180)=r1, 0x12)
perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, r0, 0xe, 0xffffffffffffffff, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={r0, 0xffffffffffffffff, 0x0, 0x4, &(0x7f0000000000)='+o\'\x00'}, 0x30)

10:52:46 executing program 0:
mkdir(&(0x7f0000000040)='./file0\x00', 0x104)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r0, 0xffffffffffffffff, 0x24}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0x11, 0x2, 0x2, 0xc7, 0x2, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x2, 0x5}, 0x48)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000080)={&(0x7f0000000000)='./file1\x00'}, 0x10)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0)
recvmsg$unix(r0, &(0x7f00000003c0)={&(0x7f00000001c0)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000240)=""/36, 0x24}, {&(0x7f0000000280)=""/95, 0x5f}], 0x2, &(0x7f0000000340)=[@cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}], 0x80}, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000100)={@map, 0xffffffffffffffff, 0x13}, 0x10)
mkdir(&(0x7f0000000040)='./file0\x00', 0x104) (async)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0) (async)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r0, 0xffffffffffffffff, 0x24}, 0x10) (async)
bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0x11, 0x2, 0x2, 0xc7, 0x2, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x2, 0x5}, 0x48) (async)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000080)={&(0x7f0000000000)='./file1\x00'}, 0x10) (async)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0) (async)
recvmsg$unix(r0, &(0x7f00000003c0)={&(0x7f00000001c0)=@abs, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000240)=""/36, 0x24}, {&(0x7f0000000280)=""/95, 0x5f}], 0x2, &(0x7f0000000340)=[@cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}], 0x80}, 0x0) (async)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000100)={@map, 0xffffffffffffffff, 0x13}, 0x10) (async)

10:52:46 executing program 3:
mkdir(&(0x7f0000000000)='./file0/file0/file0\x00', 0x150)
r0 = bpf$ITER_CREATE(0x21, &(0x7f0000000080), 0x8)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000100)={&(0x7f0000000040)='./file0\x00', r0}, 0x10) (async, rerun: 32)
unlink(&(0x7f00000000c0)='./file0\x00') (rerun: 32)

10:52:46 executing program 4:
syz_clone(0xfc06a67057d6981b, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)="0fbbc5e86cadc30085103557c330ee81b5ea1141c5efea6e89e4ade2a87ce0baf925b79927cd878ee965739c5af69bda4a10475550f05ad3ea2e7ab5c77d1fcfe27a657dd0b20d42a272e162ec558b17b1d049317dfda417d05db8a9a6704f94e51c928f1d7980d10e7b68ccc2085b9e47a2f70270886270f938ec807bb20b5f4a0fbb456ab6844136624ccc2359e5eb")

10:52:46 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x7)

[ 2604.895615][T25094] FAULT_INJECTION: forcing a failure.
[ 2604.895615][T25094] name failslab, interval 1, probability 0, space 0, times 0
[ 2604.918158][T25094] CPU: 0 PID: 25094 Comm: syz-executor.5 Not tainted 5.15.91-syzkaller-02991-g7e0097918ff8 #0
[ 2604.928219][T25094] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 2604.938110][T25094] Call Trace:
[ 2604.941236][T25094]  <TASK>
[ 2604.944013][T25094]  dump_stack_lvl+0x151/0x1b7
[ 2604.948530][T25094]  ? io_uring_drop_tctx_refs+0x19a/0x19a
[ 2604.953993][T25094]  ? memcpy+0x56/0x70
[ 2604.957816][T25094]  dump_stack+0x15/0x17
[ 2604.961806][T25094]  should_fail+0x3c0/0x510
[ 2604.966057][T25094]  ? netlink_trim+0x197/0x230
[ 2604.970571][T25094]  __should_failslab+0x9f/0xe0
[ 2604.975174][T25094]  should_failslab+0x9/0x20
[ 2604.979509][T25094]  __kmalloc_track_caller+0x6c/0x350
[ 2604.984633][T25094]  ? netlink_trim+0x197/0x230
[ 2604.989145][T25094]  pskb_expand_head+0x123/0x11f0
[ 2604.993920][T25094]  netlink_trim+0x197/0x230
[ 2604.998259][T25094]  netlink_broadcast_filtered+0x76/0x11b0
[ 2605.003814][T25094]  ? rtmsg_ifinfo_build_skb+0xd4/0x180
[ 2605.009109][T25094]  nlmsg_notify+0x100/0x1d0
[ 2605.013450][T25094]  rtnetlink_event+0x156/0x1b0
[ 2605.018045][T25094]  raw_notifier_call_chain+0x9e/0x110
[ 2605.023261][T25094]  call_netdevice_notifiers+0x14e/0x1d0
[ 2605.028642][T25094]  ? netdev_adjacent_rename_links+0x480/0x480
[ 2605.034539][T25094]  __tun_chr_ioctl+0x1a11/0x23e0
[ 2605.039312][T25094]  ? __kasan_check_write+0x14/0x20
[ 2605.044260][T25094]  ? tun_flow_create+0x320/0x320
[ 2605.049029][T25094]  ? __kasan_check_write+0x14/0x20
[ 2605.053979][T25094]  ? __fget_files+0x310/0x370
[ 2605.058492][T25094]  tun_chr_ioctl+0x2a/0x40
[ 2605.062745][T25094]  ? tun_chr_poll+0x6b0/0x6b0
[ 2605.067261][T25094]  __se_sys_ioctl+0x115/0x190
[ 2605.071772][T25094]  __x64_sys_ioctl+0x7b/0x90
[ 2605.076197][T25094]  do_syscall_64+0x44/0xd0
[ 2605.080450][T25094]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2605.086179][T25094] RIP: 0033:0x7f65558570c9
[ 2605.090433][T25094] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2605.109872][T25094] RSP: 002b:00007f65545ca168 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2605.118115][T25094] RAX: ffffffffffffffda RBX: 00007f6555976f80 RCX: 00007f65558570c9
[ 2605.125926][T25094] RDX: 0000000000000335 RSI: 00000000400454cd RDI: 0000000000000003
[ 2605.133736][T25094] RBP: 00007f65545ca1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2605.141547][T25094] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2605.149357][T25094] R13: 00007ffc80f2881f R14: 00007f65545ca300 R15: 0000000000022000
[ 2605.157171][T25094]  </TASK>
10:52:46 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335) (fail_nth: 4)

10:52:46 executing program 4:
syz_clone(0xfc06a67057d6981b, 0x0, 0x0, 0x0, 0x0, 0x0)

10:52:46 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x8)

10:52:46 executing program 0:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0xa)
recvmsg(0xffffffffffffffff, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000140)=""/65, 0x41}, {&(0x7f00000001c0)=""/82, 0x52}, {&(0x7f0000000240)=""/137, 0x89}], 0x3, &(0x7f0000000340)=""/4096, 0x1000}, 0x2001)
bpf$OBJ_GET_PROG(0x7, &(0x7f00000013c0)={&(0x7f0000001380)='./file0\x00', 0x0, 0x10}, 0x10)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000100)={&(0x7f0000000080)='./file2\x00'}, 0x10)

10:52:46 executing program 3:
mkdir(&(0x7f0000000000)='./file0/file0/file0\x00', 0x150) (async)
r0 = bpf$ITER_CREATE(0x21, &(0x7f0000000080), 0x8)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000100)={&(0x7f0000000040)='./file0\x00', r0}, 0x10)
unlink(&(0x7f00000000c0)='./file0\x00')

10:52:46 executing program 1:
syz_clone(0x4c020000, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
syz_clone(0x40008000, &(0x7f00000001c0)="462c908aba167b79eb29472957953f340b6def412ea1ac52de5808a60399de365c4524cf2969f66bf503d501744c8404bba88c4ee337610692c0eef1717e951995fa340a61901ee666adf575a055", 0xa2, &(0x7f0000000080), &(0x7f00000000c0), &(0x7f00000004c0)="bac684c14d58edb0b5c8b8a7862bdf69544654cf46776b786b8544486bd89a1087a4957fd2cbc6fa5896f5a9ca4918ae05db33fe98bfcb69c7ae13d7ea12f8b2340816dd5bfa44e2a2ac0deddf2f6b20dfc80e927326123d0a3966d5fc37871b2ad69e9089a0f7d37d2be2cd5a12f4821c03d00e5b65000100060058b6a09abdc56769b89b6c93e0fc3654bb4cf5f3ed166df51ba94b7a69ec27598362e71da3ce1cba37dfaab56689137a7a75c94d8fccb135fe3aefcfc234cb88807797aed757dfdf22261188eb9b587b4ff27177cd033c06305ffebf172d3467b8b956c7eedf45693d46192a6604bfb1fc273d5a83dd5868290be610167971eccf25dfb8bef87e485bc6aa45494367d4b75f5d4a8b1711fa9fc43b70ccec610e5d7b9b3538aec6a96f6e6bf81ee5a1530eb35df90fb44f921feeb19eb7a6795eba623133ae9fbd140a10e2a41a7209e8290f29336510e807c31ffdafc0cfd0336fc93f92c7dc1db589b24ed5e15e8f6ca90e48d07ae4b4379a49e5a2a3e6018c3bd0e2b431a4b58e896a64472a653637f5965f87665555dde2b2aa1bbff39eca8c51c0e66bf10641a2ab8f6f72558a4c5def89792ea9ad52e201801e831e7975aa365b5808b11290552fe45ed3fae02c0a7c83030453f92880a46d66784d4ebb09ac2b8f99f845d25d0b47bea3a7eeacfcbb40926f4a13119e7177497241d1a84081ac884abf87a202ff0b3c2f1ccffc6d2a12c55a9d1b13a806188702c8a3261db9b0d18572dbd2a7b65669e4cd1ae9f2b2008cd1b63f38292429e0478589d00cbd45ebbaf7ce042d0bb1d54052ef1773e3ffc5bd5343f746add478f89cd8553ca5dc247371e730637c8c74b3489784576c66e972b241673634e7ede88a5b56c8a789c0604642221760d0b9d470c829a57d70708228ab31bd1dbfac53369599a5dc68713497d85875a0872d1039ffa44f3a3e56591f609ce46c822b8759a3beb00f52bac9b43e1fe40408f0d47981d1380bea9ea9158c3e9481fcf460d8ef1a52f710dd8a8e59107306c4c401cad25fef1af7fd7da1eb6b2a7e54a315e9573e1debd7734af2ae88f03b5f11f787f83fa406921b4e4d47494ea303d32e5ab7b62ad6543de04f18d205e910251f") (async)
r0 = getpid() (async)
r1 = syz_clone(0x21600, &(0x7f0000000240)="f69003639e2f0ee0229d1cf0b15a5a2ecca61b5476f5c3f724c8ed5758607dd3712ab33864fcb0e74ba8982040c581479c199f2fe535433caae1db2eaba6e55b61653d61b8d8a521372b53709dd46c72228b6a8c7e5cca29d418342ed1150ebad75aa26f5142ca4ead5d66c9e9c8828b6df848d42306c1a89198d3efbb368a2c6155bcd535572c9babbfacaaa2f0e9f19a6f916aacb57378cd4b8a0f74cd4a41c7fe6d303b74bd115df3ba7654e9d1f9bb70992964c0a72b897db10fbbf93bc9d5b05297b0ef1249932398a23734803f7ad1fd346f4241c77de6f09bf6bd7d56fa9fd188c869ca0586df2c", 0xeb, &(0x7f0000000100), &(0x7f0000000140), &(0x7f0000000800)="e86ea1572c2d92eaa545aeb60658cd5a5af2543e38b9e8c0d167eb81c7634e144fd85064f80f800d3854b1cc4f8c227ab48280d5d62150f06ac894cf088cecac2d8fe74122ab07d34a1e30ccf1fd782b4bf6c7cec181eeab5ddffb2892664a41a5d78eed81c8d5742e2a8eb1b4acc3c2d9ad3e5c27ff6f8c330976cad3e0d81cc7bbb15e428fd779cf84ffad657b0464428017cd8a891e82fe5e3eb6f3b9121f95e1d84d590a0267c8f5ae575f0bd7555c9432e6f760c0a7024067597283725d831e4a38b34fa0c51ae1717a823950d504c5938cd41508b47e6f63deae3aed8fb373291a000950ad4756bea150db556088dd3cdcd66242f711b74dc3c2ebbb6520d63edf1591b66640c6b34c90cbe8087a01e6f0a10c46196479629b2adfaca28cd9351909ba2cd335f275903e9c99a928ffcbe4b86fbaa2c40d6f6e6e718efa912a71ef3f30422c258abcca9478583ce2b2b55ac711c95fedf5ee43f5e7731fbe43385ec2a25001c906bd73482696982f91cd1ff0e46604820f4c2bcda55d1e1d087ae5787c7665502b2d3eb82a3938999a2cdb127af4d32ab7cfa84585bcc9e6891c306cba6f54c63a0820912164b905f1423d8abac2db0cea2cdaaacfa8acc2cfb7be5184de1d722c147f8da054886b3ef6a5da22a1e28f698fcfe04b22185890338bd4a9390e752701fcb29df52319e0d47fd6d53ea7dae3027d4dfb7d464a7977ac6e400ef76b8a85984ed25f88b0619d3c4c45cd2b245223a7070620d1d973bc578aca7006c18f02e04d3a9ba5dd55afe66ca06b1be57e869829e0d4ce2a67799ce2eddefce38c8b565f09684c78e72511c1c7f9acf62a109bf6737641aa8309e2875afc6fa49cabf59cc242cd1113827117aa632168b48785d6973ae6707ff5c62f71f29e5834db9bb8f01f12a19ddd5106c96ce12de4fa35caa5d666c881db4f871a4e3ff15a84c1a6beb108c0ae57deb25a66cc34c1639b86db630a9093dec405602ff1059b9be0866d92825a002cdfbdc1111226e8f7e76066bd1c431c9d3934b29c71668f17f44be4b06498705dbd14f32b376cb4ddf5b5c5bd8b05f12d2e89d83d069d883a61892450dada7d606f0c2fe81138d2e3f71bc12fe3a7fa99518bec0ae80c96cca5e057dc24976c00916d927fef76256eb11a3bc94f19076fb0efbd4eb372a420d6737f415cab66444fff24e4efb431504e411b6f8822b6c63ba3772e3a72a976a167de7bf1429174aaeece7360e80738d5d44865cfa7472c8b2c437d9814dd45c521704062e53c64ae35e913b7acc8a3490d47eab03c138d1d8249f5926be9ae8fae23e1b9187ddba36050793c34e09e79a919dd704bf90c1981035c2fd2f135acc11d74929b5db3cfa86b64b20051c76985e38caf8bd5e5a45b3426613e5327af129a9f56b670f8afb32985c62836375d7a07ae96eeb5a0ca778348f27275d56f171a7ec27c482eb8e84bb34af1c962e43132d113aa913cb1f3eb4c5b3d4d52709770499b229ea074732dcf9a519c65acf1036f35b4caf7d43aa6a1f4167821204f105fe22fed8646862d65289774216dd1f1c58bd52212b2900d1c4f7a39c99f20a1a41feac0f2138170a3538c95507da887af5565fee9ff745fd435f0ebe8860f6fee4324562d992c975f63179b766fa6f53e6bca5fd8469b14e6f744381e03537593629762244ee47bf5ebbd7b85a40225648c3d225f63fd5cbf1ed8dfd53a3cebe6ef84cd6a23c3e525c4e45a760b43fc04e5129124e2409b0abde7dced7f59a5f52d4d6826ec6ec81553453889f254e90167d892bf80c902687720acf7dd1b2c106f4445945325dd507cb4d6105c4a7a240e565b0c3318183db9e58caae952c3b42b13d770f97204fd72433435b3d7548c8cb8bfd7d526109e35296990b091a26808a511880cc866de0ea9f36dd7e50c9b65d45c1c0f1fc33402b1d1d5ab9222cc9f0936911fe1791e54225d30e56050844b1a83117e008b58b0e9583b31d484ab46c165905692f34e4b5a5e9c03c1d9be074a94061c567a4bd1073771eaeee852ead10eafd76a7f049a2894875f1ec2feb6185e9dc7c613b56795331dec827e16a61eb1cc4e3171bda82611b5a983a2ba8e36b0599667417e39a22a20987c845ee921773f59cc5353b6868a25fac644553240da86a835635b803df3c8371535a21ae5b43620d0433e9c57bf26a0f7f89c5b68515f1656810d236ee982d17abf0dc06c0a2ab59f7dca3d0aadf530ccde734000f97bcc2e99653cc66be3474e76ab43fdb06f8afeacd6c66b60c60bb8403856be45dcff90115850837f6285f264cf18ad0215045bd30e25cb14b606dd6335773145e7840a2ed45ba275cec855aaeba6e9baf885abcf25aa4c4f052c3444b96011b93acafd33e865c37b7feb1321bbeef5d0db8c4abba2e24629a543dcb374280ce4c040e587ce7ed4f133a800c3e2e8760a711e38696742fde6b1c57332d37ca507b140ae06a6ad930f97c51971e5dfe46349852ec7a496d51899c78ebbef2949fabdda6eb24b97efa48e78705aa7ed9565286b242a4f18fcc297ca5c7ac2df3c4417337c9062177c2cf9638cdde72029d27523fb7b45f27ee4f5c6cd7ea4205190ec6b50a93bb119f72c4fd5c20cc0a927e5e99543edaa744f5d38304fdd84d6bc31398d6623f773623ee137c9af7d9c529901dde18d0c2694dcad0016732674ba362d1c988cf4b275fd08ca928f494ea23f5a8908a11890d728a51de237a366c1901f9549044f13dd0097ce9c4c5e7299c60331db419259315365f8af868f4b11e0fa507fbd53b31bd43865a8537d5e9e04a2b903dcf1db05d694f8850efc6c888871aa911a509a381786491f7994e2355e4334fd52010c2f12599ed8792f74eb80a0ff7999abce470288afe0a5c137f9d22859724d732b7603ac3b6e10bf4b322cef7ed992e44c19ae1a487321e091089349a53a38892832d67c05476c1ed18369dc647ab5e71c9e7d714a2c68c69790eab9bfa360c13b3ff1f3932bf54c9a2fcf1b4df1c32a9d3d87736dd36ac2380cdc017dcb037bb69a0335dad42517cefb69f082eb05fcf6a965566d0dd6df319f6fd6aae7d696a1a8a5cae73dd28f43ca6f6df3ee446883741e771bc9253454d64b8ecb6c1070b0dae8b8d707f30aa44e995614892cc511bbb745c9c8c8349260163bcd5fa588686a22b29c9b2085c346230fd18d5f7e66a9cd2c3ee42cf8b7650e3440d03c67a0a0654bca037f8b4e1d005b761c62157d8b1b257b5ac66e004f78ca5ba25bdfd4738ade3b2408b2a5f839b7b028f021655f1e046f1d5787cabc516558e51c8fcafdde224d1bf0c6e8424941504ce7cb98bff8f0eeea2751811b0897a409108a00b6660b2c3a55b1c0556a596b0a3b4f65cab8624d3a188ab1c39af3459c09c0ec3507e4ed30b2a60750405992dfe380a8b0fd8f13c2f54eea431e656bc8dd83e1eb6f33d4112e27701d0ac07fe698ef8ecdf77a8cf3fd7bb729b405b0e099b9b8e1ac4fc7f84dfbf0850fd9f5ef6484d3eebc1f8286848f5d3e4f7738a2965359ed69b75c3cee3ceec98d33d3595357fd6573ed442be56f2802a0ac1872a5f0558e4eeb0e768792ba4884a37e451f5044a03734e81762f12414203137b8aebb47d0f113d501ea1280e049c94918f60ffba9acf0878fa16750aa9af3bb8c19cb263cf417897e1ac30f532efbf67336b6c7e2842842c7b0d2fc46867d3ea24df4fbaa1996c967199b3c01bb08103db4ded1023e15ecd1fb8dab927ec4cbb97d66c56977f3d05efa64bddeb218cdd78155da9b4f50580e1143af9a9ae593ca690bb37e2d02d67fe0c6d1532082df21b0f9225e5dba603cd8c5b75bd6c964dfa7d42f80c18ba5824098ab864402f6740a36f73f541a2231bb8607cd878da4f96a1b1ed62496f4a79e538ac72ed2623d9e8dfcbf44d6c5321c1fdc5e9f381aa9f0f5ffa32f5a2a17bb283a9770949b5dda2964740669b434aadc6906d650108eb5d02a2c590e3bdc220740be6b35bb637dc077ff16badb9d367c72961b1728eea05e791e5b488ca81465ad74b96c801b0a7f74f46833fbb577d2281e886ecc33dad6572c2e4f2cc252fff0fca1fd99a1b8cb7f16d094f190d619ebb5cc16ab6c1d89525ce1793af484a185e54a2eedbbdbe3c6e46de71127e5c5210e430bfee9674c53b8bd9d6c48d5f986f8dcea327b9601cbab6f1becfdd061e2daeac58befabb0b0886a89f4b6ee981b22b442d39f2f0c9ee7e20ec6be0cf15b457a899e0035f76bfe23424ad5d8c2d74826196d877a12cb1b663758e9f58897a92c999b40c080786cf318e8f35a8d3de61e1f1eb2997ec3f71dbc4e28937251ee9d21753416920a10c3cd62022f9b6278dfcc3f741389bee64cdb95c06b80459035a3d852b7d7aee0b672f7cada254600c9ef707c469ec3ec0ba07471173d684d21d1de260b600ec3df77a98348311aadc106b3ec831f768e6117668eb47613102ed9b5485c009c7129a596dba256fa357f152fa17b1832fe4c6909dc5cd54b20d805ba0787021fbbfbf7652cebf5194f0a3a7e35a02e2ed7e100641d1bd13f0c751b8c806f91abe441388306990d639de3fb0240cd7db3ee9e565bef449a2b99e780fc5106f47515dab26cc122c9d00e5e486120560f92bb4f7b505b18875d712dbae3d6932d91f81d3cb739afc7dbb72c0bbb4b3ae2ded5265455c1b912e914b083ffc687c9fe8483c33e8fc03ef995f094957f6b0dd25f2ae6fe1d893768e90583c6aa903160e37d40823313f647736398e177dfb496f2b77ca514e9b683e538e49961714541f34735b82f9951d4d8e2bc2eb9506fd4142d94ab545fb137f1fdd29569bcae4ccf9d9cf38996f4347f46ea3d3308d4ffb22b0543cc5814ed154ca804d000f5368e46d8111e410949048c5920c586fcf688eef6adddfe1413a2bdd76d590cf75b5c270dc2b61c0bcee10a0fbc444befa77c7933c9592084c32fb48e671fca1fd99467d84bdf90c97f75c7d43bd735cdd9e3fcecda518744d8131a5d32c96ca9c85059bbc426549f80395c603579d75ed801140a3a889a92a2c57cb8fa67fbea6a485f1b0a445ad4359e5784232ed325b0e09249824a801c83741f8f94cb77d70cf6a174bbd7e0607f8f02720b40bd5b4dc61bd52978bbab9f730dfed8a1f757208a0ba06f00a2279da204579733df353d5faf965d4ca2eb4072f957f1454b5b7f98e28f96dbefc12a17be3c47a8f37b9498ab325c5f09db846a221e3cf40ab7b5b62523cf1ef29f14b705bd244a6fc4e1422fba4a285ba9576bd66b802b2595bfd6ff9779f50f19c1d5a871c3f1788386bc738e9c762d301cfdbabf581944e760d1220f0f6bb01aba4245e430e338fd1d26fe71b4a7b5dcea577a82dbc2d95488d4da6218c547a193e24e9992d3f79b81a950bdd9e0f894acf655e9e0a40b83431a3a9710d495fe2f85c17ff8c8e4afd8099ebb0a4ede856e1c1e53d62923483a8b93ff0ba514502be2bc81b0eada0a925c71f2d0d45f3dd2ad49e6499e6e4e546a03d20ed93f9762cb7ec8491284d52d47de616129128b3b4e25041e1efcdeb9c022ee251e8a9b8131068fd75c531dbaaa7ee0ad1f1358ab309a84e6d7da535e12d92d667056514ee80203951ba9a1aa6c32ca38b8d475844d9b9e1e9690b0b72977e7eae47a308239270424d09bfaaaec6aabecd9a7470bbea73ddb7f9fc45323596717326a62af62e7f8f260ed449a8cd665dc677f9d3006ea49b430d86f8b64ff0f8ff5b0fe")
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000180)=r1, 0x12) (async, rerun: 64)
perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, r0, 0xe, 0xffffffffffffffff, 0x0) (async, rerun: 64)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={r0, 0xffffffffffffffff, 0x0, 0x4, &(0x7f0000000000)='+o\'\x00'}, 0x30)

10:52:46 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x142)
unlink(&(0x7f00000001c0)='./file0\x00')
mkdir(&(0x7f0000000000)='./file0\x00', 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='rxrpc_connect_call\x00'}, 0x10)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000180)={&(0x7f0000000140)='./file0\x00'}, 0x10)

10:52:46 executing program 4:
syz_clone(0x4c020000, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_clone(0x40008000, &(0x7f00000001c0)="462c908aba167b79eb29472957953f340b6def412ea1ac52de5808a60399de365c4524cf2969f66bf503d501744c8404bba88c4ee337610692c0eef1717e951995fa340a61901ee666adf575a055", 0xa2, &(0x7f0000000080), &(0x7f00000000c0), &(0x7f00000004c0)="bac684c14d58edb0b5c8b8a7862bdf69544654cf46776b786b8544486bd89a1087a4957fd2cbc6fa5896f5a9ca4918ae05db33fe98bfcb69c7ae13d7ea12f8b2340816dd5bfa44e2a2ac0deddf2f6b20dfc80e927326123d0a3966d5fc37871b2ad69e9089a0f7d37d2be2cd5a12f4821c03d00e5b65000100060058b6a09abdc56769b89b6c93e0fc3654bb4cf5f3ed166df51ba94b7a69ec27598362e71da3ce1cba37dfaab56689137a7a75c94d8fccb135fe3aefcfc234cb88807797aed757dfdf22261188eb9b587b4ff27177cd033c06305ffebf172d3467b8b956c7eedf45693d46192a6604bfb1fc273d5a83dd5868290be610167971eccf25dfb8bef87e485bc6aa45494367d4b75f5d4a8b1711fa9fc43b70ccec610e5d7b9b3538aec6a96f6e6bf81ee5a1530eb35df90fb44f921feeb19eb7a6795eba623133ae9fbd140a10e2a41a7209e8290f29336510e807c31ffdafc0cfd0336fc93f92c7dc1db589b24ed5e15e8f6ca90e48d07ae4b4379a49e5a2a3e6018c3bd0e2b431a4b58e896a64472a653637f5965f87665555dde2b2aa1bbff39eca8c51c0e66bf10641a2ab8f6f72558a4c5def89792ea9ad52e201801e831e7975aa365b5808b11290552fe45ed3fae02c0a7c83030453f92880a46d66784d4ebb09ac2b8f99f845d25d0b47bea3a7eeacfcbb40926f4a13119e7177497241d1a84081ac884abf87a202ff0b3c2f1ccffc6d2a12c55a9d1b13a806188702c8a3261db9b0d18572dbd2a7b65669e4cd1ae9f2b2008cd1b63f38292429e0478589d00cbd45ebbaf7ce042d0bb1d54052ef1773e3ffc5bd5343f746add478f89cd8553ca5dc247371e730637c8c74b3489784576c66e972b241673634e7ede88a5b56c8a789c0604642221760d0b9d470c829a57d70708228ab31bd1dbfac53369599a5dc68713497d85875a0872d1039ffa44f3a3e56591f609ce46c822b8759a3beb00f52bac9b43e1fe40408f0d47981d1380bea9ea9158c3e9481fcf460d8ef1a52f710dd8a8e59107306c4c401cad25fef1af7fd7da1eb6b2a7e54a315e9573e1debd7734af2ae88f03b5f11f787f83fa406921b4e4d47494ea303d32e5ab7b62ad6543de04f18d205e910251f")
r0 = getpid()
r1 = syz_clone(0x21600, &(0x7f0000000240)="f69003639e2f0ee0229d1cf0b15a5a2ecca61b5476f5c3f724c8ed5758607dd3712ab33864fcb0e74ba8982040c581479c199f2fe535433caae1db2eaba6e55b61653d61b8d8a521372b53709dd46c72228b6a8c7e5cca29d418342ed1150ebad75aa26f5142ca4ead5d66c9e9c8828b6df848d42306c1a89198d3efbb368a2c6155bcd535572c9babbfacaaa2f0e9f19a6f916aacb57378cd4b8a0f74cd4a41c7fe6d303b74bd115df3ba7654e9d1f9bb70992964c0a72b897db10fbbf93bc9d5b05297b0ef1249932398a23734803f7ad1fd346f4241c77de6f09bf6bd7d56fa9fd188c869ca0586df2c", 0xeb, &(0x7f0000000100), &(0x7f0000000140), &(0x7f0000000800)="e86ea1572c2d92eaa545aeb60658cd5a5af2543e38b9e8c0d167eb81c7634e144fd85064f80f800d3854b1cc4f8c227ab48280d5d62150f06ac894cf088cecac2d8fe74122ab07d34a1e30ccf1fd782b4bf6c7cec181eeab5ddffb2892664a41a5d78eed81c8d5742e2a8eb1b4acc3c2d9ad3e5c27ff6f8c330976cad3e0d81cc7bbb15e428fd779cf84ffad657b0464428017cd8a891e82fe5e3eb6f3b9121f95e1d84d590a0267c8f5ae575f0bd7555c9432e6f760c0a7024067597283725d831e4a38b34fa0c51ae1717a823950d504c5938cd41508b47e6f63deae3aed8fb373291a000950ad4756bea150db556088dd3cdcd66242f711b74dc3c2ebbb6520d63edf1591b66640c6b34c90cbe8087a01e6f0a10c46196479629b2adfaca28cd9351909ba2cd335f275903e9c99a928ffcbe4b86fbaa2c40d6f6e6e718efa912a71ef3f30422c258abcca9478583ce2b2b55ac711c95fedf5ee43f5e7731fbe43385ec2a25001c906bd73482696982f91cd1ff0e46604820f4c2bcda55d1e1d087ae5787c7665502b2d3eb82a3938999a2cdb127af4d32ab7cfa84585bcc9e6891c306cba6f54c63a0820912164b905f1423d8abac2db0cea2cdaaacfa8acc2cfb7be5184de1d722c147f8da054886b3ef6a5da22a1e28f698fcfe04b22185890338bd4a9390e752701fcb29df52319e0d47fd6d53ea7dae3027d4dfb7d464a7977ac6e400ef76b8a85984ed25f88b0619d3c4c45cd2b245223a7070620d1d973bc578aca7006c18f02e04d3a9ba5dd55afe66ca06b1be57e869829e0d4ce2a67799ce2eddefce38c8b565f09684c78e72511c1c7f9acf62a109bf6737641aa8309e2875afc6fa49cabf59cc242cd1113827117aa632168b48785d6973ae6707ff5c62f71f29e5834db9bb8f01f12a19ddd5106c96ce12de4fa35caa5d666c881db4f871a4e3ff15a84c1a6beb108c0ae57deb25a66cc34c1639b86db630a9093dec405602ff1059b9be0866d92825a002cdfbdc1111226e8f7e76066bd1c431c9d3934b29c71668f17f44be4b06498705dbd14f32b376cb4ddf5b5c5bd8b05f12d2e89d83d069d883a61892450dada7d606f0c2fe81138d2e3f71bc12fe3a7fa99518bec0ae80c96cca5e057dc24976c00916d927fef76256eb11a3bc94f19076fb0efbd4eb372a420d6737f415cab66444fff24e4efb431504e411b6f8822b6c63ba3772e3a72a976a167de7bf1429174aaeece7360e80738d5d44865cfa7472c8b2c437d9814dd45c521704062e53c64ae35e913b7acc8a3490d47eab03c138d1d8249f5926be9ae8fae23e1b9187ddba36050793c34e09e79a919dd704bf90c1981035c2fd2f135acc11d74929b5db3cfa86b64b20051c76985e38caf8bd5e5a45b3426613e5327af129a9f56b670f8afb32985c62836375d7a07ae96eeb5a0ca778348f27275d56f171a7ec27c482eb8e84bb34af1c962e43132d113aa913cb1f3eb4c5b3d4d52709770499b229ea074732dcf9a519c65acf1036f35b4caf7d43aa6a1f4167821204f105fe22fed8646862d65289774216dd1f1c58bd52212b2900d1c4f7a39c99f20a1a41feac0f2138170a3538c95507da887af5565fee9ff745fd435f0ebe8860f6fee4324562d992c975f63179b766fa6f53e6bca5fd8469b14e6f744381e03537593629762244ee47bf5ebbd7b85a40225648c3d225f63fd5cbf1ed8dfd53a3cebe6ef84cd6a23c3e525c4e45a760b43fc04e5129124e2409b0abde7dced7f59a5f52d4d6826ec6ec81553453889f254e90167d892bf80c902687720acf7dd1b2c106f4445945325dd507cb4d6105c4a7a240e565b0c3318183db9e58caae952c3b42b13d770f97204fd72433435b3d7548c8cb8bfd7d526109e35296990b091a26808a511880cc866de0ea9f36dd7e50c9b65d45c1c0f1fc33402b1d1d5ab9222cc9f0936911fe1791e54225d30e56050844b1a83117e008b58b0e9583b31d484ab46c165905692f34e4b5a5e9c03c1d9be074a94061c567a4bd1073771eaeee852ead10eafd76a7f049a2894875f1ec2feb6185e9dc7c613b56795331dec827e16a61eb1cc4e3171bda82611b5a983a2ba8e36b0599667417e39a22a20987c845ee921773f59cc5353b6868a25fac644553240da86a835635b803df3c8371535a21ae5b43620d0433e9c57bf26a0f7f89c5b68515f1656810d236ee982d17abf0dc06c0a2ab59f7dca3d0aadf530ccde734000f97bcc2e99653cc66be3474e76ab43fdb06f8afeacd6c66b60c60bb8403856be45dcff90115850837f6285f264cf18ad0215045bd30e25cb14b606dd6335773145e7840a2ed45ba275cec855aaeba6e9baf885abcf25aa4c4f052c3444b96011b93acafd33e865c37b7feb1321bbeef5d0db8c4abba2e24629a543dcb374280ce4c040e587ce7ed4f133a800c3e2e8760a711e38696742fde6b1c57332d37ca507b140ae06a6ad930f97c51971e5dfe46349852ec7a496d51899c78ebbef2949fabdda6eb24b97efa48e78705aa7ed9565286b242a4f18fcc297ca5c7ac2df3c4417337c9062177c2cf9638cdde72029d27523fb7b45f27ee4f5c6cd7ea4205190ec6b50a93bb119f72c4fd5c20cc0a927e5e99543edaa744f5d38304fdd84d6bc31398d6623f773623ee137c9af7d9c529901dde18d0c2694dcad0016732674ba362d1c988cf4b275fd08ca928f494ea23f5a8908a11890d728a51de237a366c1901f9549044f13dd0097ce9c4c5e7299c60331db419259315365f8af868f4b11e0fa507fbd53b31bd43865a8537d5e9e04a2b903dcf1db05d694f8850efc6c888871aa911a509a381786491f7994e2355e4334fd52010c2f12599ed8792f74eb80a0ff7999abce470288afe0a5c137f9d22859724d732b7603ac3b6e10bf4b322cef7ed992e44c19ae1a487321e091089349a53a38892832d67c05476c1ed18369dc647ab5e71c9e7d714a2c68c69790eab9bfa360c13b3ff1f3932bf54c9a2fcf1b4df1c32a9d3d87736dd36ac2380cdc017dcb037bb69a0335dad42517cefb69f082eb05fcf6a965566d0dd6df319f6fd6aae7d696a1a8a5cae73dd28f43ca6f6df3ee446883741e771bc9253454d64b8ecb6c1070b0dae8b8d707f30aa44e995614892cc511bbb745c9c8c8349260163bcd5fa588686a22b29c9b2085c346230fd18d5f7e66a9cd2c3ee42cf8b7650e3440d03c67a0a0654bca037f8b4e1d005b761c62157d8b1b257b5ac66e004f78ca5ba25bdfd4738ade3b2408b2a5f839b7b028f021655f1e046f1d5787cabc516558e51c8fcafdde224d1bf0c6e8424941504ce7cb98bff8f0eeea2751811b0897a409108a00b6660b2c3a55b1c0556a596b0a3b4f65cab8624d3a188ab1c39af3459c09c0ec3507e4ed30b2a60750405992dfe380a8b0fd8f13c2f54eea431e656bc8dd83e1eb6f33d4112e27701d0ac07fe698ef8ecdf77a8cf3fd7bb729b405b0e099b9b8e1ac4fc7f84dfbf0850fd9f5ef6484d3eebc1f8286848f5d3e4f7738a2965359ed69b75c3cee3ceec98d33d3595357fd6573ed442be56f2802a0ac1872a5f0558e4eeb0e768792ba4884a37e451f5044a03734e81762f12414203137b8aebb47d0f113d501ea1280e049c94918f60ffba9acf0878fa16750aa9af3bb8c19cb263cf417897e1ac30f532efbf67336b6c7e2842842c7b0d2fc46867d3ea24df4fbaa1996c967199b3c01bb08103db4ded1023e15ecd1fb8dab927ec4cbb97d66c56977f3d05efa64bddeb218cdd78155da9b4f50580e1143af9a9ae593ca690bb37e2d02d67fe0c6d1532082df21b0f9225e5dba603cd8c5b75bd6c964dfa7d42f80c18ba5824098ab864402f6740a36f73f541a2231bb8607cd878da4f96a1b1ed62496f4a79e538ac72ed2623d9e8dfcbf44d6c5321c1fdc5e9f381aa9f0f5ffa32f5a2a17bb283a9770949b5dda2964740669b434aadc6906d650108eb5d02a2c590e3bdc220740be6b35bb637dc077ff16badb9d367c72961b1728eea05e791e5b488ca81465ad74b96c801b0a7f74f46833fbb577d2281e886ecc33dad6572c2e4f2cc252fff0fca1fd99a1b8cb7f16d094f190d619ebb5cc16ab6c1d89525ce1793af484a185e54a2eedbbdbe3c6e46de71127e5c5210e430bfee9674c53b8bd9d6c48d5f986f8dcea327b9601cbab6f1becfdd061e2daeac58befabb0b0886a89f4b6ee981b22b442d39f2f0c9ee7e20ec6be0cf15b457a899e0035f76bfe23424ad5d8c2d74826196d877a12cb1b663758e9f58897a92c999b40c080786cf318e8f35a8d3de61e1f1eb2997ec3f71dbc4e28937251ee9d21753416920a10c3cd62022f9b6278dfcc3f741389bee64cdb95c06b80459035a3d852b7d7aee0b672f7cada254600c9ef707c469ec3ec0ba07471173d684d21d1de260b600ec3df77a98348311aadc106b3ec831f768e6117668eb47613102ed9b5485c009c7129a596dba256fa357f152fa17b1832fe4c6909dc5cd54b20d805ba0787021fbbfbf7652cebf5194f0a3a7e35a02e2ed7e100641d1bd13f0c751b8c806f91abe441388306990d639de3fb0240cd7db3ee9e565bef449a2b99e780fc5106f47515dab26cc122c9d00e5e486120560f92bb4f7b505b18875d712dbae3d6932d91f81d3cb739afc7dbb72c0bbb4b3ae2ded5265455c1b912e914b083ffc687c9fe8483c33e8fc03ef995f094957f6b0dd25f2ae6fe1d893768e90583c6aa903160e37d40823313f647736398e177dfb496f2b77ca514e9b683e538e49961714541f34735b82f9951d4d8e2bc2eb9506fd4142d94ab545fb137f1fdd29569bcae4ccf9d9cf38996f4347f46ea3d3308d4ffb22b0543cc5814ed154ca804d000f5368e46d8111e410949048c5920c586fcf688eef6adddfe1413a2bdd76d590cf75b5c270dc2b61c0bcee10a0fbc444befa77c7933c9592084c32fb48e671fca1fd99467d84bdf90c97f75c7d43bd735cdd9e3fcecda518744d8131a5d32c96ca9c85059bbc426549f80395c603579d75ed801140a3a889a92a2c57cb8fa67fbea6a485f1b0a445ad4359e5784232ed325b0e09249824a801c83741f8f94cb77d70cf6a174bbd7e0607f8f02720b40bd5b4dc61bd52978bbab9f730dfed8a1f757208a0ba06f00a2279da204579733df353d5faf965d4ca2eb4072f957f1454b5b7f98e28f96dbefc12a17be3c47a8f37b9498ab325c5f09db846a221e3cf40ab7b5b62523cf1ef29f14b705bd244a6fc4e1422fba4a285ba9576bd66b802b2595bfd6ff9779f50f19c1d5a871c3f1788386bc738e9c762d301cfdbabf581944e760d1220f0f6bb01aba4245e430e338fd1d26fe71b4a7b5dcea577a82dbc2d95488d4da6218c547a193e24e9992d3f79b81a950bdd9e0f894acf655e9e0a40b83431a3a9710d495fe2f85c17ff8c8e4afd8099ebb0a4ede856e1c1e53d62923483a8b93ff0ba514502be2bc81b0eada0a925c71f2d0d45f3dd2ad49e6499e6e4e546a03d20ed93f9762cb7ec8491284d52d47de616129128b3b4e25041e1efcdeb9c022ee251e8a9b8131068fd75c531dbaaa7ee0ad1f1358ab309a84e6d7da535e12d92d667056514ee80203951ba9a1aa6c32ca38b8d475844d9b9e1e9690b0b72977e7eae47a308239270424d09bfaaaec6aabecd9a7470bbea73ddb7f9fc45323596717326a62af62e7f8f260ed449a8cd665dc677f9d3006ea49b430d86f8b64ff0f8ff5b0fe")
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000180)=r1, 0x12)
perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, r0, 0xe, 0xffffffffffffffff, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={r0, 0xffffffffffffffff, 0x0, 0x4, &(0x7f0000000000)='+o\'\x00'}, 0x30)

10:52:46 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0xc)

10:52:46 executing program 0:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
mkdir(&(0x7f0000000000)='./file0\x00', 0xa) (async)
recvmsg(0xffffffffffffffff, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000140)=""/65, 0x41}, {&(0x7f00000001c0)=""/82, 0x52}, {&(0x7f0000000240)=""/137, 0x89}], 0x3, &(0x7f0000000340)=""/4096, 0x1000}, 0x2001)
bpf$OBJ_GET_PROG(0x7, &(0x7f00000013c0)={&(0x7f0000001380)='./file0\x00', 0x0, 0x10}, 0x10)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0) (async)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000100)={&(0x7f0000000080)='./file2\x00'}, 0x10)

10:52:46 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x142)
unlink(&(0x7f00000001c0)='./file0\x00')
mkdir(&(0x7f0000000000)='./file0\x00', 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='rxrpc_connect_call\x00'}, 0x10)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000180)={&(0x7f0000000140)='./file0\x00'}, 0x10)
mkdir(&(0x7f0000000040)='./file0\x00', 0x142) (async)
unlink(&(0x7f00000001c0)='./file0\x00') (async)
mkdir(&(0x7f0000000000)='./file0\x00', 0x8) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='rxrpc_connect_call\x00'}, 0x10) (async)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000180)={&(0x7f0000000140)='./file0\x00'}, 0x10) (async)

10:52:46 executing program 1:
syz_clone(0x4c020000, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
syz_clone(0x40008000, &(0x7f00000001c0)="462c908aba167b79eb29472957953f340b6def412ea1ac52de5808a60399de365c4524cf2969f66bf503d501744c8404bba88c4ee337610692c0eef1717e951995fa340a61901ee666adf575a055", 0xa2, &(0x7f0000000080), &(0x7f00000000c0), &(0x7f00000004c0)="bac684c14d58edb0b5c8b8a7862bdf69544654cf46776b786b8544486bd89a1087a4957fd2cbc6fa5896f5a9ca4918ae05db33fe98bfcb69c7ae13d7ea12f8b2340816dd5bfa44e2a2ac0deddf2f6b20dfc80e927326123d0a3966d5fc37871b2ad69e9089a0f7d37d2be2cd5a12f4821c03d00e5b65000100060058b6a09abdc56769b89b6c93e0fc3654bb4cf5f3ed166df51ba94b7a69ec27598362e71da3ce1cba37dfaab56689137a7a75c94d8fccb135fe3aefcfc234cb88807797aed757dfdf22261188eb9b587b4ff27177cd033c06305ffebf172d3467b8b956c7eedf45693d46192a6604bfb1fc273d5a83dd5868290be610167971eccf25dfb8bef87e485bc6aa45494367d4b75f5d4a8b1711fa9fc43b70ccec610e5d7b9b3538aec6a96f6e6bf81ee5a1530eb35df90fb44f921feeb19eb7a6795eba623133ae9fbd140a10e2a41a7209e8290f29336510e807c31ffdafc0cfd0336fc93f92c7dc1db589b24ed5e15e8f6ca90e48d07ae4b4379a49e5a2a3e6018c3bd0e2b431a4b58e896a64472a653637f5965f87665555dde2b2aa1bbff39eca8c51c0e66bf10641a2ab8f6f72558a4c5def89792ea9ad52e201801e831e7975aa365b5808b11290552fe45ed3fae02c0a7c83030453f92880a46d66784d4ebb09ac2b8f99f845d25d0b47bea3a7eeacfcbb40926f4a13119e7177497241d1a84081ac884abf87a202ff0b3c2f1ccffc6d2a12c55a9d1b13a806188702c8a3261db9b0d18572dbd2a7b65669e4cd1ae9f2b2008cd1b63f38292429e0478589d00cbd45ebbaf7ce042d0bb1d54052ef1773e3ffc5bd5343f746add478f89cd8553ca5dc247371e730637c8c74b3489784576c66e972b241673634e7ede88a5b56c8a789c0604642221760d0b9d470c829a57d70708228ab31bd1dbfac53369599a5dc68713497d85875a0872d1039ffa44f3a3e56591f609ce46c822b8759a3beb00f52bac9b43e1fe40408f0d47981d1380bea9ea9158c3e9481fcf460d8ef1a52f710dd8a8e59107306c4c401cad25fef1af7fd7da1eb6b2a7e54a315e9573e1debd7734af2ae88f03b5f11f787f83fa406921b4e4d47494ea303d32e5ab7b62ad6543de04f18d205e910251f") (async)
r0 = getpid()
r1 = syz_clone(0x21600, &(0x7f0000000240)="f69003639e2f0ee0229d1cf0b15a5a2ecca61b5476f5c3f724c8ed5758607dd3712ab33864fcb0e74ba8982040c581479c199f2fe535433caae1db2eaba6e55b61653d61b8d8a521372b53709dd46c72228b6a8c7e5cca29d418342ed1150ebad75aa26f5142ca4ead5d66c9e9c8828b6df848d42306c1a89198d3efbb368a2c6155bcd535572c9babbfacaaa2f0e9f19a6f916aacb57378cd4b8a0f74cd4a41c7fe6d303b74bd115df3ba7654e9d1f9bb70992964c0a72b897db10fbbf93bc9d5b05297b0ef1249932398a23734803f7ad1fd346f4241c77de6f09bf6bd7d56fa9fd188c869ca0586df2c", 0xeb, &(0x7f0000000100), &(0x7f0000000140), &(0x7f0000000800)="e86ea1572c2d92eaa545aeb60658cd5a5af2543e38b9e8c0d167eb81c7634e144fd85064f80f800d3854b1cc4f8c227ab48280d5d62150f06ac894cf088cecac2d8fe74122ab07d34a1e30ccf1fd782b4bf6c7cec181eeab5ddffb2892664a41a5d78eed81c8d5742e2a8eb1b4acc3c2d9ad3e5c27ff6f8c330976cad3e0d81cc7bbb15e428fd779cf84ffad657b0464428017cd8a891e82fe5e3eb6f3b9121f95e1d84d590a0267c8f5ae575f0bd7555c9432e6f760c0a7024067597283725d831e4a38b34fa0c51ae1717a823950d504c5938cd41508b47e6f63deae3aed8fb373291a000950ad4756bea150db556088dd3cdcd66242f711b74dc3c2ebbb6520d63edf1591b66640c6b34c90cbe8087a01e6f0a10c46196479629b2adfaca28cd9351909ba2cd335f275903e9c99a928ffcbe4b86fbaa2c40d6f6e6e718efa912a71ef3f30422c258abcca9478583ce2b2b55ac711c95fedf5ee43f5e7731fbe43385ec2a25001c906bd73482696982f91cd1ff0e46604820f4c2bcda55d1e1d087ae5787c7665502b2d3eb82a3938999a2cdb127af4d32ab7cfa84585bcc9e6891c306cba6f54c63a0820912164b905f1423d8abac2db0cea2cdaaacfa8acc2cfb7be5184de1d722c147f8da054886b3ef6a5da22a1e28f698fcfe04b22185890338bd4a9390e752701fcb29df52319e0d47fd6d53ea7dae3027d4dfb7d464a7977ac6e400ef76b8a85984ed25f88b0619d3c4c45cd2b245223a7070620d1d973bc578aca7006c18f02e04d3a9ba5dd55afe66ca06b1be57e869829e0d4ce2a67799ce2eddefce38c8b565f09684c78e72511c1c7f9acf62a109bf6737641aa8309e2875afc6fa49cabf59cc242cd1113827117aa632168b48785d6973ae6707ff5c62f71f29e5834db9bb8f01f12a19ddd5106c96ce12de4fa35caa5d666c881db4f871a4e3ff15a84c1a6beb108c0ae57deb25a66cc34c1639b86db630a9093dec405602ff1059b9be0866d92825a002cdfbdc1111226e8f7e76066bd1c431c9d3934b29c71668f17f44be4b06498705dbd14f32b376cb4ddf5b5c5bd8b05f12d2e89d83d069d883a61892450dada7d606f0c2fe81138d2e3f71bc12fe3a7fa99518bec0ae80c96cca5e057dc24976c00916d927fef76256eb11a3bc94f19076fb0efbd4eb372a420d6737f415cab66444fff24e4efb431504e411b6f8822b6c63ba3772e3a72a976a167de7bf1429174aaeece7360e80738d5d44865cfa7472c8b2c437d9814dd45c521704062e53c64ae35e913b7acc8a3490d47eab03c138d1d8249f5926be9ae8fae23e1b9187ddba36050793c34e09e79a919dd704bf90c1981035c2fd2f135acc11d74929b5db3cfa86b64b20051c76985e38caf8bd5e5a45b3426613e5327af129a9f56b670f8afb32985c62836375d7a07ae96eeb5a0ca778348f27275d56f171a7ec27c482eb8e84bb34af1c962e43132d113aa913cb1f3eb4c5b3d4d52709770499b229ea074732dcf9a519c65acf1036f35b4caf7d43aa6a1f4167821204f105fe22fed8646862d65289774216dd1f1c58bd52212b2900d1c4f7a39c99f20a1a41feac0f2138170a3538c95507da887af5565fee9ff745fd435f0ebe8860f6fee4324562d992c975f63179b766fa6f53e6bca5fd8469b14e6f744381e03537593629762244ee47bf5ebbd7b85a40225648c3d225f63fd5cbf1ed8dfd53a3cebe6ef84cd6a23c3e525c4e45a760b43fc04e5129124e2409b0abde7dced7f59a5f52d4d6826ec6ec81553453889f254e90167d892bf80c902687720acf7dd1b2c106f4445945325dd507cb4d6105c4a7a240e565b0c3318183db9e58caae952c3b42b13d770f97204fd72433435b3d7548c8cb8bfd7d526109e35296990b091a26808a511880cc866de0ea9f36dd7e50c9b65d45c1c0f1fc33402b1d1d5ab9222cc9f0936911fe1791e54225d30e56050844b1a83117e008b58b0e9583b31d484ab46c165905692f34e4b5a5e9c03c1d9be074a94061c567a4bd1073771eaeee852ead10eafd76a7f049a2894875f1ec2feb6185e9dc7c613b56795331dec827e16a61eb1cc4e3171bda82611b5a983a2ba8e36b0599667417e39a22a20987c845ee921773f59cc5353b6868a25fac644553240da86a835635b803df3c8371535a21ae5b43620d0433e9c57bf26a0f7f89c5b68515f1656810d236ee982d17abf0dc06c0a2ab59f7dca3d0aadf530ccde734000f97bcc2e99653cc66be3474e76ab43fdb06f8afeacd6c66b60c60bb8403856be45dcff90115850837f6285f264cf18ad0215045bd30e25cb14b606dd6335773145e7840a2ed45ba275cec855aaeba6e9baf885abcf25aa4c4f052c3444b96011b93acafd33e865c37b7feb1321bbeef5d0db8c4abba2e24629a543dcb374280ce4c040e587ce7ed4f133a800c3e2e8760a711e38696742fde6b1c57332d37ca507b140ae06a6ad930f97c51971e5dfe46349852ec7a496d51899c78ebbef2949fabdda6eb24b97efa48e78705aa7ed9565286b242a4f18fcc297ca5c7ac2df3c4417337c9062177c2cf9638cdde72029d27523fb7b45f27ee4f5c6cd7ea4205190ec6b50a93bb119f72c4fd5c20cc0a927e5e99543edaa744f5d38304fdd84d6bc31398d6623f773623ee137c9af7d9c529901dde18d0c2694dcad0016732674ba362d1c988cf4b275fd08ca928f494ea23f5a8908a11890d728a51de237a366c1901f9549044f13dd0097ce9c4c5e7299c60331db419259315365f8af868f4b11e0fa507fbd53b31bd43865a8537d5e9e04a2b903dcf1db05d694f8850efc6c888871aa911a509a381786491f7994e2355e4334fd52010c2f12599ed8792f74eb80a0ff7999abce470288afe0a5c137f9d22859724d732b7603ac3b6e10bf4b322cef7ed992e44c19ae1a487321e091089349a53a38892832d67c05476c1ed18369dc647ab5e71c9e7d714a2c68c69790eab9bfa360c13b3ff1f3932bf54c9a2fcf1b4df1c32a9d3d87736dd36ac2380cdc017dcb037bb69a0335dad42517cefb69f082eb05fcf6a965566d0dd6df319f6fd6aae7d696a1a8a5cae73dd28f43ca6f6df3ee446883741e771bc9253454d64b8ecb6c1070b0dae8b8d707f30aa44e995614892cc511bbb745c9c8c8349260163bcd5fa588686a22b29c9b2085c346230fd18d5f7e66a9cd2c3ee42cf8b7650e3440d03c67a0a0654bca037f8b4e1d005b761c62157d8b1b257b5ac66e004f78ca5ba25bdfd4738ade3b2408b2a5f839b7b028f021655f1e046f1d5787cabc516558e51c8fcafdde224d1bf0c6e8424941504ce7cb98bff8f0eeea2751811b0897a409108a00b6660b2c3a55b1c0556a596b0a3b4f65cab8624d3a188ab1c39af3459c09c0ec3507e4ed30b2a60750405992dfe380a8b0fd8f13c2f54eea431e656bc8dd83e1eb6f33d4112e27701d0ac07fe698ef8ecdf77a8cf3fd7bb729b405b0e099b9b8e1ac4fc7f84dfbf0850fd9f5ef6484d3eebc1f8286848f5d3e4f7738a2965359ed69b75c3cee3ceec98d33d3595357fd6573ed442be56f2802a0ac1872a5f0558e4eeb0e768792ba4884a37e451f5044a03734e81762f12414203137b8aebb47d0f113d501ea1280e049c94918f60ffba9acf0878fa16750aa9af3bb8c19cb263cf417897e1ac30f532efbf67336b6c7e2842842c7b0d2fc46867d3ea24df4fbaa1996c967199b3c01bb08103db4ded1023e15ecd1fb8dab927ec4cbb97d66c56977f3d05efa64bddeb218cdd78155da9b4f50580e1143af9a9ae593ca690bb37e2d02d67fe0c6d1532082df21b0f9225e5dba603cd8c5b75bd6c964dfa7d42f80c18ba5824098ab864402f6740a36f73f541a2231bb8607cd878da4f96a1b1ed62496f4a79e538ac72ed2623d9e8dfcbf44d6c5321c1fdc5e9f381aa9f0f5ffa32f5a2a17bb283a9770949b5dda2964740669b434aadc6906d650108eb5d02a2c590e3bdc220740be6b35bb637dc077ff16badb9d367c72961b1728eea05e791e5b488ca81465ad74b96c801b0a7f74f46833fbb577d2281e886ecc33dad6572c2e4f2cc252fff0fca1fd99a1b8cb7f16d094f190d619ebb5cc16ab6c1d89525ce1793af484a185e54a2eedbbdbe3c6e46de71127e5c5210e430bfee9674c53b8bd9d6c48d5f986f8dcea327b9601cbab6f1becfdd061e2daeac58befabb0b0886a89f4b6ee981b22b442d39f2f0c9ee7e20ec6be0cf15b457a899e0035f76bfe23424ad5d8c2d74826196d877a12cb1b663758e9f58897a92c999b40c080786cf318e8f35a8d3de61e1f1eb2997ec3f71dbc4e28937251ee9d21753416920a10c3cd62022f9b6278dfcc3f741389bee64cdb95c06b80459035a3d852b7d7aee0b672f7cada254600c9ef707c469ec3ec0ba07471173d684d21d1de260b600ec3df77a98348311aadc106b3ec831f768e6117668eb47613102ed9b5485c009c7129a596dba256fa357f152fa17b1832fe4c6909dc5cd54b20d805ba0787021fbbfbf7652cebf5194f0a3a7e35a02e2ed7e100641d1bd13f0c751b8c806f91abe441388306990d639de3fb0240cd7db3ee9e565bef449a2b99e780fc5106f47515dab26cc122c9d00e5e486120560f92bb4f7b505b18875d712dbae3d6932d91f81d3cb739afc7dbb72c0bbb4b3ae2ded5265455c1b912e914b083ffc687c9fe8483c33e8fc03ef995f094957f6b0dd25f2ae6fe1d893768e90583c6aa903160e37d40823313f647736398e177dfb496f2b77ca514e9b683e538e49961714541f34735b82f9951d4d8e2bc2eb9506fd4142d94ab545fb137f1fdd29569bcae4ccf9d9cf38996f4347f46ea3d3308d4ffb22b0543cc5814ed154ca804d000f5368e46d8111e410949048c5920c586fcf688eef6adddfe1413a2bdd76d590cf75b5c270dc2b61c0bcee10a0fbc444befa77c7933c9592084c32fb48e671fca1fd99467d84bdf90c97f75c7d43bd735cdd9e3fcecda518744d8131a5d32c96ca9c85059bbc426549f80395c603579d75ed801140a3a889a92a2c57cb8fa67fbea6a485f1b0a445ad4359e5784232ed325b0e09249824a801c83741f8f94cb77d70cf6a174bbd7e0607f8f02720b40bd5b4dc61bd52978bbab9f730dfed8a1f757208a0ba06f00a2279da204579733df353d5faf965d4ca2eb4072f957f1454b5b7f98e28f96dbefc12a17be3c47a8f37b9498ab325c5f09db846a221e3cf40ab7b5b62523cf1ef29f14b705bd244a6fc4e1422fba4a285ba9576bd66b802b2595bfd6ff9779f50f19c1d5a871c3f1788386bc738e9c762d301cfdbabf581944e760d1220f0f6bb01aba4245e430e338fd1d26fe71b4a7b5dcea577a82dbc2d95488d4da6218c547a193e24e9992d3f79b81a950bdd9e0f894acf655e9e0a40b83431a3a9710d495fe2f85c17ff8c8e4afd8099ebb0a4ede856e1c1e53d62923483a8b93ff0ba514502be2bc81b0eada0a925c71f2d0d45f3dd2ad49e6499e6e4e546a03d20ed93f9762cb7ec8491284d52d47de616129128b3b4e25041e1efcdeb9c022ee251e8a9b8131068fd75c531dbaaa7ee0ad1f1358ab309a84e6d7da535e12d92d667056514ee80203951ba9a1aa6c32ca38b8d475844d9b9e1e9690b0b72977e7eae47a308239270424d09bfaaaec6aabecd9a7470bbea73ddb7f9fc45323596717326a62af62e7f8f260ed449a8cd665dc677f9d3006ea49b430d86f8b64ff0f8ff5b0fe")
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000180)=r1, 0x12) (async)
perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, r0, 0xe, 0xffffffffffffffff, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={r0, 0xffffffffffffffff, 0x0, 0x4, &(0x7f0000000000)='+o\'\x00'}, 0x30)

[ 2605.271737][T25126] FAULT_INJECTION: forcing a failure.
[ 2605.271737][T25126] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2605.310896][T25126] CPU: 1 PID: 25126 Comm: syz-executor.5 Not tainted 5.15.91-syzkaller-02991-g7e0097918ff8 #0
[ 2605.320961][T25126] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 2605.330854][T25126] Call Trace:
[ 2605.333980][T25126]  <TASK>
[ 2605.336754][T25126]  dump_stack_lvl+0x151/0x1b7
[ 2605.341271][T25126]  ? io_uring_drop_tctx_refs+0x19a/0x19a
[ 2605.346740][T25126]  ? memset+0x35/0x40
[ 2605.350560][T25126]  dump_stack+0x15/0x17
[ 2605.354548][T25126]  should_fail+0x3c0/0x510
[ 2605.358801][T25126]  should_fail_usercopy+0x1a/0x20
[ 2605.363663][T25126]  _copy_to_user+0x20/0x90
[ 2605.367916][T25126]  simple_read_from_buffer+0xdd/0x160
[ 2605.373122][T25126]  proc_fail_nth_read+0x1af/0x220
[ 2605.377981][T25126]  ? proc_fault_inject_write+0x3a0/0x3a0
[ 2605.383449][T25126]  ? security_file_permission+0x497/0x5f0
[ 2605.389004][T25126]  ? proc_fault_inject_write+0x3a0/0x3a0
[ 2605.394475][T25126]  vfs_read+0x299/0xd80
[ 2605.398467][T25126]  ? kernel_read+0x1f0/0x1f0
[ 2605.402894][T25126]  ? __kasan_check_write+0x14/0x20
[ 2605.407840][T25126]  ? mutex_lock+0xb7/0x1e0
[ 2605.412093][T25126]  ? wait_for_completion_killable_timeout+0x10/0x10
[ 2605.418514][T25126]  ? __fdget_pos+0x26d/0x310
[ 2605.422939][T25126]  ? ksys_read+0x77/0x2c0
[ 2605.427109][T25126]  ksys_read+0x198/0x2c0
[ 2605.431185][T25126]  ? __kasan_check_write+0x14/0x20
[ 2605.436133][T25126]  ? vfs_write+0x1160/0x1160
[ 2605.440562][T25126]  __x64_sys_read+0x7b/0x90
[ 2605.444898][T25126]  do_syscall_64+0x44/0xd0
[ 2605.449151][T25126]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2605.454878][T25126] RIP: 0033:0x7f6555808eec
[ 2605.459133][T25126] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48
[ 2605.478575][T25126] RSP: 002b:00007f65545ca160 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 2605.486818][T25126] RAX: ffffffffffffffda RBX: 00007f6555976f80 RCX: 00007f6555808eec
[ 2605.494628][T25126] RDX: 000000000000000f RSI: 00007f65545ca1e0 RDI: 0000000000000004
[ 2605.502441][T25126] RBP: 00007f65545ca1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2605.510254][T25126] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2605.518065][T25126] R13: 00007ffc80f2881f R14: 00007f65545ca300 R15: 0000000000022000
[ 2605.525880][T25126]  </TASK>
10:52:47 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335)

10:52:47 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x142)
unlink(&(0x7f00000001c0)='./file0\x00')
mkdir(&(0x7f0000000000)='./file0\x00', 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='rxrpc_connect_call\x00'}, 0x10)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000180)={&(0x7f0000000140)='./file0\x00'}, 0x10)
mkdir(&(0x7f0000000040)='./file0\x00', 0x142) (async)
unlink(&(0x7f00000001c0)='./file0\x00') (async)
mkdir(&(0x7f0000000000)='./file0\x00', 0x8) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='rxrpc_connect_call\x00'}, 0x10) (async)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000180)={&(0x7f0000000140)='./file0\x00'}, 0x10) (async)

10:52:47 executing program 0:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0xa)
recvmsg(0xffffffffffffffff, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000140)=""/65, 0x41}, {&(0x7f00000001c0)=""/82, 0x52}, {&(0x7f0000000240)=""/137, 0x89}], 0x3, &(0x7f0000000340)=""/4096, 0x1000}, 0x2001) (async)
bpf$OBJ_GET_PROG(0x7, &(0x7f00000013c0)={&(0x7f0000001380)='./file0\x00', 0x0, 0x10}, 0x10)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000100)={&(0x7f0000000080)='./file2\x00'}, 0x10)

10:52:47 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0xd)

10:52:47 executing program 4:
mkdir(&(0x7f0000000000)='./file0/file0/file0\x00', 0x150)
r0 = bpf$ITER_CREATE(0x21, &(0x7f0000000080), 0x8)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000100)={&(0x7f0000000040)='./file0\x00', r0}, 0x10)
unlink(&(0x7f00000000c0)='./file0\x00')

10:52:47 executing program 1:
syz_clone(0x7c0ad580, 0x0, 0x0, 0x0, 0x0, 0x0)

10:52:47 executing program 0:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
unlink(&(0x7f0000000100)='./file0\x00')
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r0, 0xffffffffffffffff, 0x24}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN_UNNAMED(0x11, &(0x7f0000000000)={0x0, r0}, 0x10)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r1, 0xffffffffffffffff, 0x24}, 0x10)
openat$cgroup_netprio_ifpriomap(r1, &(0x7f0000000080), 0x2, 0x0)

10:52:47 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x10)

10:52:47 executing program 3:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
unlink(&(0x7f00000000c0)='./file0\x00')

10:52:47 executing program 4:
syz_clone(0x4c020000, 0x0, 0x0, 0x0, 0x0, 0x0)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000080), 0x12)
syz_clone(0x100, &(0x7f0000000240)="00b4669971be662e80f8a9760729a8fdbe6ad23d6adc9cd8c0c95bacd5f0166672969881320af2933ed409ba31bbf43f8403fe7b60cad4cc3f9edc4f1ef532bcc58f5219c7dd591a7397b1427be4dc53b3dde9215923b39e2419f6b6016e990506ccdef5a5a340104ac07351c221719c057a4350f5fd7e3b2a12bc45279044a08e51c5265c3f3d182a8b2f7f6e59dba09c10c55b1ad328975aff4bc9992467a65cd4a1d171501f09b79df051884d52f9fc014b4aa1db2b7cfbaed659c6e49760378fa7729e356d31bbfd40e10fd3ac8524bb560f9e74e9fed6d8e2c49b03ce03ce6e3f21331a864f5a5cd43ace7f7acc272063e0f84a668ddd8bc13999709b6c639edfd231c2b15a6591c4795f714cb725f15347db949cd674d3a1c6bac189b6bf1c6b2ad4a07dde8e3b6194adbff559b4160672a4909c6e07e5bf910b935ee1206908873196ab61df6b7b9455cbaaa44c00649a516a0fd05bafedf2c84451f90f5b9ee250012ec98338052eb74c96a5b77ab3be43894abe955d69ea763ecca008067cb80eda8b8906225e1157e15af9bed7e5c2e73e479c27df04f96d75686ad9151031b1548aabacb2c5909929777b1436618ae1836ccb0c1d6067c5b64d82565f21315b6d96acc10644ed8c12c6fd21e1efaa529c167adbe1f7da19f60ebe9a92563d641c488bc58fb9f42f5e13e2c541d4c7d42c695d1a91631d3d8b70ac43ce5db0976a51cf0410a04ee3c5352072b34d7dbd49e119b1311dad4e7f9498cf9028f8abed8ecafa3ff2630a9d7a1d191d901746e7ee62c17f13622d2ea7f7b7a25e1c2a9ef1882e74ed829a97a55d0a29411f7aaa563bb50894b12f9045ab59b39ad658b79990c80425f51c71421064e19908beecd9ef92dfe5db1fcdb2093c4ffce6c9351c89929e179ba66b7d51a30782dd83e3a6ca28e3717d068a9e208810f1ada04159ba34d92180de49c91c48c336695464f3afc4a369c7ff322f7d48f32c072d2194b68c7f6e2389375352fd99af162fdaa8c1be7e4b6b7ed1b2554fe7074be990b440050a616534f597aacf5fee70108cb3a28a10595319960470b667124618f43521fb0ae3ec6a8f846dad8e18ff8bc2e74d7dda6966327a266daf1925ebb32b7b9c17f2132c81fb04b85426a0c76d94eb64a3dc038d67d8a1488b583ec431cd3648be96b9e2e1a8fbcf171b825666902bce14efae86f2360409fceafc72e12b05bbcc7a82f3227c486b9cacfa756af58d0d6469cae0b6a528012ccf0b6da93bcb682bf474929a1426671f42c2a17765a4246e5230222e044d9dbaab8fb3742e448536a377c748b12eea21edaa4217b012b46a21cceac43042d877e6a5876b832e76e7cad1201395d8e6f7fbb16f9078e02913f569e46156d75c597a52bef1ba63aee41d8fa34dd9cb712c35a9ef89302cdc1f0904cedb9c5f71bfdf919fc59b37605550a1f37c901119a618f1f4ca84c0413e5b72a9a2b811dacccebf746c226ea853c1c8f679f978474f9fc47788c9a5567e0ecc2d238fb99f4baa6304e3b51fb1f45cd132ec7aba668a602013f09b2b50da22b4f66d51543e9e74cb1ac1b85f30deb43e914c285677bc4a67b9bcc245b6ede928d073b71417fcc5a4a663f8c0874d56cdd57e31c2411ebde75254979e8de73e56a1c0420bdd097d5eec3f68edd2985cd5cabad46257c7fccb095dca6afa8eca55a7578e5c889dbbc303f9b141dab89017e85b0741a7ba10ef63744473c156cda5f1edc69e1536f4e17ba5ad0173c82b910f4fdfa77b63db57d5a197848c92569a952eebfa54821de24a31e2eb60b5408ae217a5b8a734f649e504b84bfb04be17a126ac0d5a0cd3201f165e3b4cc0ac7ffce0f60a0e747be5ee4e15e42d269f2d47c82c4fc82e57eaae073d09aa61df740022bb3989ff391b74909758aac24eafeac9f0ea71cd9da7380726bc265bbd0e1e86f2be02cdb77357dca805dd0b481b700b72960691e1351ae5385f5ca90016aacc786f693d9c8d123a4f5d636450e435ad207a4e9a5d81181f8be05d23a021374abc1223f98cd4c57d6b3601c246e2c700bedd5f41c46eac356285377510be77239ff9f93498312ef987bfa5448371ce8e84086e77c57e989f3fac9eb5ca5f4005132dbe58f89559e049d16fc5f94ebf149d7d6227f28fcc04e61dbb2f091de2465dd61c412c5ffafa43975682812a4f135a7d2f8dd97eb469332f32c5d6de2b36fe930555be42b197f6884f422a91e052b7526488c639d6a8b2c4c94ab6427a21939d7bfdd84673df341929b465ae509d812df96990d9e010c7f8adfb63412c7adb09918abf9171bdc868fa82ce66b1d697cd8ad08d2ce07a4b51599fd33e946a84bae5a55559bee48a8fdd6b752d3a398617ba13a1a071c85a0052c03582d0af688604afba7072b44adcba80d7978e899ffbb097c4a6957edd9b15b600d72ef057369aa9a97e2b6f7a1973209de1312e38b7f6bfd93e9427b90f0cfc1258efff51c5272b5e18d3303ecc94dd0c6c208211f1373bb7e5d4c1ce1b6acc9ac3089376f4445ef2fced966ee0ab8584b17571a3e574d7053059ab3b1e4fe6996a8656540238407c3df2f9dcf485006bc7cbf1d513c9f93739e85e9969517ad33ae1bffa32b63fe09bdb6e2d3e561fe54b71661be71f99df227856ca95cf693e47c6f5552861f0b276de985bc3fc6c130567d888351664aadea8cff81528a701ca46a8e1a64105b67c7bf55f7977f8cc1b06c1b94ce83c8f0361fbed34f0bddf764ff6730f16f42f1631082004c2a06f1f4cc19ada54a156f37898707038778ff61d8147a1c8680b1c833e84baa65dd170e3a0865dc77bdfc46363cfd6c2733747ada99ea2f4934ceb79e4841c735ce14706107aa06084ac77375e109bf035fe43b7dc9434eac3107c623ff7d0ddb0ae62c4c771d53509cd9f31501ca555bc44fcd4156b9d190c093329e16ae162d35768f90a5ec279febe15dc32a67baa505fabcddf1f936bc28e90193130092f4ac9934e7e3c5c59a9ceaca0c18be86d5f3cc792ce3c38294cf9d91dbbed211751948d5b217385b63b6e66df11c88e88d24a3e3b666c8d8bd4a75c769f5848585338e11dfefb452f083f8c252dba28c32e3a463c995f3549c18303e2951416e9556b3013d0236d78a7ce0f26f901ce0026e29c9a28cb2c641433c8b040006bf206de40cdb54fd2725594ec96ce8fdd597a9c66da685b6c031cd49da8edf2ac4138a1728133c159b59633beb3d3e4d7dca9dfb2f76f977f4f1af51e2b813bca1bc8cd8dcd56d745ccaf6aa6fa40db0d86dd88dd521cfd0b7ede87f90fac698fc6f39d762b0dcc615cf34b9d5ae2f077de742b46684ad086edd81692451afe3a58b6bd7f2dded156cf22a86351e84d9ad5c90ed127c47281bb4ba5bb430ea2376ef211b13936b4b00f2e7d528459d93d07b1bb1ae3af23abc632786160bb064d8ef3991630117a3687c30d8fbb0f09a9c32b8d19a11730b18510a41afb526c1047a87aacad58817fce28e3fb5aad2ae480289d312569f9845e2b1daca882bcfd3a132b4a75225de1910ff3dc98a9562912f4d125e9af5c90d828d10fe1f64807d52695a22794b443a9932035989622e36921aff168f543d84ee4ac65c6d4d8a7784cc92c739249eb21a60d6db79cf27342abbfeb0f14f7a0add7ccede47efa816b574e6c7ed979c5875da2eb5cde832c03fe3b4b20c9afc1f4a9dec481dfff64d3bfbc3257e2ea300a9a4f4df155b6ef6f57fa745cc212bc1ae09f0aa349b82a4b832bd399989aa88a89ebd70b5fb4f7f3b2eee6c7a4d3cebd1962a633ef3a3c105e19b42442729da9844755930636b19eed9e66f64fa5e6f8165327c1eb1838f38cbfdb97de748a5a54bd44dc863bda7084700d7ae990aacbc80201b748ce423514b5f85299eeafc0cd91fdbe701044cf855267b0e1b0e9b5396c697bf0f1ae7c4ad6ef23e4f58c9817b5f63d9b1e0c35106dd23c86c9fe052c9703cbadad0c38d551c3c28b63bb801cf4d35ec8a2d8ce5ae964543fbeaeff556ebeaeb707e57a21ec8da05ee769f542c363bc735c54fc07bd29d4d9467de25cfb4bd84f8bc565a570bd7fe12265572867929866b7dc0eb372b3a1ee613a4a00b97acf2c20d2b83de4c7ca3308df6c84869a4a7e573e08d3607eef97a418861282fa8375ef7aeb912819f3930630c108b6bc89246718b13ca582fff5c86075c0178d6f92418f675b6dcc45c8a67508a179a50f0e86ed02015ee6a0095f2fd6001000527ebdaacc8136aa432e9aa0d8491b875a9186d5f4f12e99a87645b5e2382ef1b9c4be9f38699c82792a1738acc3c927798499b5da0a63770654967b9c3d32b049a9ac65b5afbc1a2bbe059827e928f1b0f6922d34d506772cbb0fc1e69ec99d551ac5ddecfaa45e86b2204fbef231066704e01ad94b46d53dfdeebf92c751a559047a317a92aae5bd881def10029294e1fb33f4e61496d8b3c2ba704a048d2e66700e2f29d7dfe545ead983e1586e7017c19f637d7728f3dcc2d4b6b738716a194500c296563fdf58695c2b7629fddfd906a2f27926dc49e3a355fad9a0cd389c88893ad86d6efc64ea25d3fac40d08e32681b0e662cfca8f5884c055a8ab1defc739d1712ed4f77f3ab1eab9c1d71b600776b15dbb67fd4e17fc57b93aef4f7694cd96340ea653db1a13ee3a298dc1f8f0755c8dd7d093d21e10104e00eb8a1391bd8d4199e6fb557bdef0cf5a810e3785831cea26bc3703bc68d16029eae03a7e39c742eace59101b6bcf8e789b870d665f95633e625540379bd6882a5cacf759b25d64b03a6ab9328987d747bd8f417710af41e764e76c8787221ca7055d418e076bca38d85863167e3a8d3fd8ecf60949dc89123b33250499d9d850161c271ea619846904c952c42bc9f87a9b2ddd759afdca538014b89fe63f877175d62f64cb0797e9e45b2a0609ad234032659f536597ee4a210feac62570d3b43fdc3404f839edcb2a9afe9737f044db43f69c460642a5d2adc48e235338fc3bbc5a914f82614286d55b915547be6070f77873ddad7ed3d990a549a47a88ae51b7fd53397fddb8fba4165b799319b1c8a6fb999a7fbf8e9f7f8605b5abb4f1df5ad48df52f509e20d000659d5c411b7bb04471c0542eb8718376cf55d04d08bd6a544ccc0697ff00c1db7f586f489a5152d531900f8c67c82741be4fae26c409f70738edddc55ffe0190a5721fae0b4599b654d3bc3b41d1b0041473d765d856dc2e06bce735d72e71c2e6455357cc09577e2108388065cb3e41c64083bd904a20f53258a7148f74393d9dd58ef742190556d16259b21c2ec1971ee47754b1b16e98d5ad828e6fcd3066fac44906c94124569ed36775b116bf065cd24dee29b6455c3c9c099c99e4b1052deb4ec962fa1a95613342fb881fcfb8fee64f205e2da99401fc1886ec41d5f58f6e77754dbc599a24d5ea664087c5336edf39e9c25de595c3d26bf1ed6397fec1b69f6475c8fbbbdb03a68d0b051d1e1762f5167c0acb27d93f56883c5ec45f90e3440a77967e6344c229936ecf9393fa9068bd4886dc6567ee1d50264dc37dbc9c407d8046182e8cbc0ac7eb1b35054c0d4480d7f525d3358d9bfe250f2ac11f7f4366de73deea9465514b733983b2f9811cdc8129b54ed8d4669d30a035f87450c85b054ed9626c4307e9fcf45ba5c524f7ab9e487747e5d8cd23eaf58725ad9c1f0493899d64a21f8a0ca1aa01556b939d2156df5e4c7544edecdfb6df11ca889b4669", 0x1000, &(0x7f0000000000), &(0x7f00000000c0), &(0x7f0000001240)="9ad3f019f86aa5142bd63bd7d04af92c3bdae46c7bfabe08937361909348e8679407d10d51c0bbb4df4b298c998d9e1c0fd8326a22c3cba6d07ec4055481dcc91410c39a28262114ef9c9f31238d0a5d65e813e161ae745e21558774833e0587be2a62cd040e030b6bf35b2e94d29cc49fe18f12e5ef0c8da91a85ef8175ffe7adacf0a5d4c8336750325ddb1aa623bc0ca8e8bc1b9ba3a84f5ffc873a979389bb546fa985fa17f0cd4c2348c82bb69bfd504b3414020a69c9b72ed3fee6dfe761cd6658e1f34822768d65fd5511504a0966e7fe8400")
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000140)={0x1, &(0x7f0000000040)="074803bcf13176a73d4cb67106697732148ca92cc584054fae9dea181f6856cc8be9d420234c176b37a56312fa2d23ca1ec243e2b99362", &(0x7f0000000180)=""/178, 0x4}, 0x20)

10:52:47 executing program 0:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async, rerun: 64)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0) (async, rerun: 64)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0) (async)
unlink(&(0x7f0000000100)='./file0\x00')
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r0, 0xffffffffffffffff, 0x24}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN_UNNAMED(0x11, &(0x7f0000000000)={0x0, r0}, 0x10) (async)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r1, 0xffffffffffffffff, 0x24}, 0x10)
openat$cgroup_netprio_ifpriomap(r1, &(0x7f0000000080), 0x2, 0x0)

10:52:47 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x1c)

10:52:47 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x2, 0x335)

10:52:47 executing program 3:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
unlink(&(0x7f00000000c0)='./file0\x00')

10:52:47 executing program 0:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0) (async, rerun: 32)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0) (rerun: 32)
unlink(&(0x7f0000000100)='./file0\x00') (async)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r0, 0xffffffffffffffff, 0x24}, 0x10) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN_UNNAMED(0x11, &(0x7f0000000000)={0x0, r0}, 0x10)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r1, 0xffffffffffffffff, 0x24}, 0x10)
openat$cgroup_netprio_ifpriomap(r1, &(0x7f0000000080), 0x2, 0x0)

10:52:47 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x2e)

10:52:47 executing program 1:
syz_clone(0x7c0ad580, 0x0, 0x0, 0x0, 0x0, 0x0)

10:52:47 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x89)

10:52:47 executing program 0:
mkdir(&(0x7f0000000040)='./file0\x00', 0xb8)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0)
r0 = bpf$ITER_CREATE(0x21, &(0x7f0000000080), 0x8)
unlink(&(0x7f0000000100)='./file1\x00')
ioctl$TUNGETDEVNETNS(r0, 0x54e3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@bloom_filter={0x1e, 0x4, 0x8001, 0x0, 0x800, r0, 0x7f, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x4, 0x5, 0xa}, 0x48)

10:52:47 executing program 3:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
unlink(&(0x7f00000000c0)='./file0\x00')
mkdir(&(0x7f0000000000)='./file0\x00', 0x0) (async)
unlink(&(0x7f00000000c0)='./file0\x00') (async)

10:52:47 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
unlink(0xfffffffffffffffd)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='blkio.bfq.dequeue\x00', 0x0, 0x0)
bpf$OBJ_GET_PROG(0x7, &(0x7f00000001c0)={&(0x7f0000000180)='./file0\x00', 0x0, 0x10}, 0x10)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r1, 0xffffffffffffffff, 0x24}, 0x10)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000140)={&(0x7f0000000100)='./file0\x00', r1}, 0x10)
openat$cgroup_netprio_ifpriomap(r0, &(0x7f00000000c0), 0x2, 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0x106)

10:52:47 executing program 4:
syz_clone(0x7c0ad580, 0x0, 0x0, 0x0, 0x0, 0x0)

10:52:47 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x91)

10:52:47 executing program 0:
mkdir(&(0x7f0000000040)='./file0\x00', 0xb8) (async)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0) (async)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0) (async)
r0 = bpf$ITER_CREATE(0x21, &(0x7f0000000080), 0x8)
unlink(&(0x7f0000000100)='./file1\x00') (async)
ioctl$TUNGETDEVNETNS(r0, 0x54e3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@bloom_filter={0x1e, 0x4, 0x8001, 0x0, 0x800, r0, 0x7f, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x4, 0x5, 0xa}, 0x48)

10:52:47 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x4b47, 0x335)

10:52:47 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
unlink(0xfffffffffffffffd) (async)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='blkio.bfq.dequeue\x00', 0x0, 0x0)
bpf$OBJ_GET_PROG(0x7, &(0x7f00000001c0)={&(0x7f0000000180)='./file0\x00', 0x0, 0x10}, 0x10)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r1, 0xffffffffffffffff, 0x24}, 0x10) (async)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000140)={&(0x7f0000000100)='./file0\x00', r1}, 0x10) (async)
openat$cgroup_netprio_ifpriomap(r0, &(0x7f00000000c0), 0x2, 0x0) (async)
mkdir(&(0x7f0000000000)='./file0\x00', 0x106)

10:52:47 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0xa1)

10:52:47 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0xc0)

10:52:47 executing program 1:
syz_clone(0x7c0ad580, 0x0, 0x0, 0x0, 0x0, 0x0)

10:52:47 executing program 0:
mkdir(&(0x7f0000000040)='./file0\x00', 0xb8) (async)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0) (async)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0) (async)
r0 = bpf$ITER_CREATE(0x21, &(0x7f0000000080), 0x8)
unlink(&(0x7f0000000100)='./file1\x00')
ioctl$TUNGETDEVNETNS(r0, 0x54e3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@bloom_filter={0x1e, 0x4, 0x8001, 0x0, 0x800, r0, 0x7f, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x4, 0x5, 0xa}, 0x48)

10:52:47 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
unlink(0xfffffffffffffffd)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='blkio.bfq.dequeue\x00', 0x0, 0x0)
bpf$OBJ_GET_PROG(0x7, &(0x7f00000001c0)={&(0x7f0000000180)='./file0\x00', 0x0, 0x10}, 0x10)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r1, 0xffffffffffffffff, 0x24}, 0x10)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000140)={&(0x7f0000000100)='./file0\x00', r1}, 0x10)
openat$cgroup_netprio_ifpriomap(r0, &(0x7f00000000c0), 0x2, 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0x106)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
unlink(0xfffffffffffffffd) (async)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='blkio.bfq.dequeue\x00', 0x0, 0x0) (async)
bpf$OBJ_GET_PROG(0x7, &(0x7f00000001c0)={&(0x7f0000000180)='./file0\x00', 0x0, 0x10}, 0x10) (async)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0) (async)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r1, 0xffffffffffffffff, 0x24}, 0x10) (async)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000140)={&(0x7f0000000100)='./file0\x00', r1}, 0x10) (async)
openat$cgroup_netprio_ifpriomap(r0, &(0x7f00000000c0), 0x2, 0x0) (async)
mkdir(&(0x7f0000000000)='./file0\x00', 0x106) (async)

10:52:47 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0xec)

10:52:47 executing program 0:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
recvmsg(0xffffffffffffffff, &(0x7f0000000500)={&(0x7f0000000180)=@rc, 0x80, &(0x7f0000000440)=[{&(0x7f0000000200)=""/249, 0xf9}, {&(0x7f0000000300)=""/8, 0x8}, {&(0x7f0000000340)=""/205, 0xcd}], 0x3, &(0x7f0000000480)=""/81, 0x51}, 0x12001)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0)
recvmsg(0xffffffffffffffff, &(0x7f0000001800)={0x0, 0x0, &(0x7f0000001780)=[{&(0x7f0000000640)=""/4096, 0x1000}, {&(0x7f0000001640)=""/250, 0xfa}, {&(0x7f0000001740)=""/39, 0x27}], 0x3, &(0x7f00000017c0)=""/15, 0xf}, 0x40010042)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@bloom_filter={0x1e, 0x7f, 0x9, 0x8b9, 0x1, 0x1, 0x3e000, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x1, 0x4, 0x7}, 0x48)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000080)={&(0x7f0000000000)='./file0\x00', r0}, 0x10)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000600)={&(0x7f00000005c0)='./file0\x00', 0x0, 0x4}, 0x10)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000580)={&(0x7f0000000540)='./file2\x00', 0x0, 0x18}, 0x10)

10:52:47 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
unlink(&(0x7f00000000c0)='./file0\x00')
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000340)={&(0x7f0000000300)='./file0\x00', 0x0, 0x10}, 0x10)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f00000003c0)='./cgroup/syz0\x00', 0x1ff)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001600)={<r0=>0xffffffffffffffff})
mkdir(&(0x7f0000000380)='./file0\x00', 0x32)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0xf, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r1 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000440)={0xffffffffffffffff, 0x4, 0x10}, 0xc)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000480)={&(0x7f0000000400)='./file0\x00', r1}, 0x10)
recvmsg$unix(r0, &(0x7f0000001c40)={&(0x7f0000001640), 0x6e, &(0x7f0000001ac0)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9, &(0x7f0000001b80)}, 0x40)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFINDEX(r2, 0x400454da, &(0x7f00000011c0))
close(r2)
recvmsg$unix(r0, &(0x7f00000002c0)={&(0x7f0000000100)=@abs, 0x6e, &(0x7f0000000000)=[{&(0x7f0000000180)=""/127, 0x7f}, {&(0x7f0000000200)=""/188, 0xbc}], 0x2, &(0x7f0000000080)=[@cred={{0x1c}}], 0x20}, 0x10020)

10:52:47 executing program 4:
syz_clone(0x7c0ad580, 0x0, 0x0, 0x0, 0x0, 0x0)

10:52:47 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x4b49, 0x335)

10:52:47 executing program 0:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
recvmsg(0xffffffffffffffff, &(0x7f0000000500)={&(0x7f0000000180)=@rc, 0x80, &(0x7f0000000440)=[{&(0x7f0000000200)=""/249, 0xf9}, {&(0x7f0000000300)=""/8, 0x8}, {&(0x7f0000000340)=""/205, 0xcd}], 0x3, &(0x7f0000000480)=""/81, 0x51}, 0x12001) (async)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0) (async)
recvmsg(0xffffffffffffffff, &(0x7f0000001800)={0x0, 0x0, &(0x7f0000001780)=[{&(0x7f0000000640)=""/4096, 0x1000}, {&(0x7f0000001640)=""/250, 0xfa}, {&(0x7f0000001740)=""/39, 0x27}], 0x3, &(0x7f00000017c0)=""/15, 0xf}, 0x40010042) (async)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@bloom_filter={0x1e, 0x7f, 0x9, 0x8b9, 0x1, 0x1, 0x3e000, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x1, 0x4, 0x7}, 0x48)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000080)={&(0x7f0000000000)='./file0\x00', r0}, 0x10)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000600)={&(0x7f00000005c0)='./file0\x00', 0x0, 0x4}, 0x10)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000580)={&(0x7f0000000540)='./file2\x00', 0x0, 0x18}, 0x10)

10:52:47 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x281)

10:52:47 executing program 0:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
recvmsg(0xffffffffffffffff, &(0x7f0000000500)={&(0x7f0000000180)=@rc, 0x80, &(0x7f0000000440)=[{&(0x7f0000000200)=""/249, 0xf9}, {&(0x7f0000000300)=""/8, 0x8}, {&(0x7f0000000340)=""/205, 0xcd}], 0x3, &(0x7f0000000480)=""/81, 0x51}, 0x12001) (async)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0) (async)
recvmsg(0xffffffffffffffff, &(0x7f0000001800)={0x0, 0x0, &(0x7f0000001780)=[{&(0x7f0000000640)=""/4096, 0x1000}, {&(0x7f0000001640)=""/250, 0xfa}, {&(0x7f0000001740)=""/39, 0x27}], 0x3, &(0x7f00000017c0)=""/15, 0xf}, 0x40010042) (async)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@bloom_filter={0x1e, 0x7f, 0x9, 0x8b9, 0x1, 0x1, 0x3e000, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x1, 0x4, 0x7}, 0x48)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000080)={&(0x7f0000000000)='./file0\x00', r0}, 0x10) (async)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000600)={&(0x7f00000005c0)='./file0\x00', 0x0, 0x4}, 0x10) (async)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000580)={&(0x7f0000000540)='./file2\x00', 0x0, 0x18}, 0x10)

10:52:47 executing program 1:
syz_clone(0x2d033080, 0x0, 0x0, 0x0, 0x0, 0x0)

10:52:47 executing program 0:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000300), 0x4)
recvmsg(r0, &(0x7f0000000480)={&(0x7f0000000100)=@xdp, 0x80, &(0x7f0000000080)=[{&(0x7f0000000000)=""/20, 0x14}, {&(0x7f0000000180)=""/224, 0xe0}, {&(0x7f0000000280)=""/104, 0x68}, {&(0x7f0000000300)=""/155, 0x9b}], 0x4, &(0x7f00000003c0)=""/140, 0x8c}, 0x100)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000800)={&(0x7f00000004c0)=@abs, 0x6e, &(0x7f0000000780)=[{&(0x7f0000000540)=""/239, 0xef}, {&(0x7f0000000640)=""/118, 0x76}, {&(0x7f00000006c0)=""/152, 0x98}], 0x3, &(0x7f00000007c0)=[@cred={{0x1c}}], 0x20}, 0x1)

10:52:47 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x500)

10:52:47 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x600)

10:52:47 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x700)

10:52:47 executing program 1:
syz_clone(0x2d033080, 0x0, 0x0, 0x0, 0x0, 0x0)

10:52:48 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0xc00)

10:52:48 executing program 4:
syz_clone(0x7c0ad580, 0x0, 0x0, 0x0, 0x0, 0x0)

10:52:48 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x541b, 0x335)

10:52:48 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async, rerun: 32)
unlink(&(0x7f00000000c0)='./file0\x00') (async, rerun: 32)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000340)={&(0x7f0000000300)='./file0\x00', 0x0, 0x10}, 0x10)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f00000003c0)='./cgroup/syz0\x00', 0x1ff) (async, rerun: 32)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001600)={<r0=>0xffffffffffffffff}) (async, rerun: 32)
mkdir(&(0x7f0000000380)='./file0\x00', 0x32)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0xf, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) (async)
r1 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000440)={0xffffffffffffffff, 0x4, 0x10}, 0xc)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000480)={&(0x7f0000000400)='./file0\x00', r1}, 0x10) (async)
recvmsg$unix(r0, &(0x7f0000001c40)={&(0x7f0000001640), 0x6e, &(0x7f0000001ac0)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9, &(0x7f0000001b80)}, 0x40)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFINDEX(r2, 0x400454da, &(0x7f00000011c0)) (async)
close(r2) (async)
recvmsg$unix(r0, &(0x7f00000002c0)={&(0x7f0000000100)=@abs, 0x6e, &(0x7f0000000000)=[{&(0x7f0000000180)=""/127, 0x7f}, {&(0x7f0000000200)=""/188, 0xbc}], 0x2, &(0x7f0000000080)=[@cred={{0x1c}}], 0x20}, 0x10020)

10:52:48 executing program 1:
syz_clone(0x2d033080, 0x0, 0x0, 0x0, 0x0, 0x0)

10:52:48 executing program 1:
r0 = syz_clone(0x4c020000, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_open_procfs$namespace(r0, &(0x7f0000000000)='ns/mnt\x00')
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
r2 = openat$cgroup(r1, &(0x7f0000000100)='syz1\x00', 0x200002, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000140)={@cgroup=r2, r1, 0x1a}, 0x10)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000080)={&(0x7f0000000040)='./file0\x00', r1}, 0x10)

10:52:48 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0xd00)

10:52:48 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
unlink(&(0x7f00000000c0)='./file0\x00')
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000340)={&(0x7f0000000300)='./file0\x00', 0x0, 0x10}, 0x10)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f00000003c0)='./cgroup/syz0\x00', 0x1ff)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001600)={<r0=>0xffffffffffffffff})
mkdir(&(0x7f0000000380)='./file0\x00', 0x32)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0xf, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r1 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000440)={0xffffffffffffffff, 0x4, 0x10}, 0xc)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000480)={&(0x7f0000000400)='./file0\x00', r1}, 0x10)
recvmsg$unix(r0, &(0x7f0000001c40)={&(0x7f0000001640), 0x6e, &(0x7f0000001ac0)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9, &(0x7f0000001b80)}, 0x40)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFINDEX(r2, 0x400454da, &(0x7f00000011c0))
close(r2)
recvmsg$unix(r0, &(0x7f00000002c0)={&(0x7f0000000100)=@abs, 0x6e, &(0x7f0000000000)=[{&(0x7f0000000180)=""/127, 0x7f}, {&(0x7f0000000200)=""/188, 0xbc}], 0x2, &(0x7f0000000080)=[@cred={{0x1c}}], 0x20}, 0x10020)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
unlink(&(0x7f00000000c0)='./file0\x00') (async)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000340)={&(0x7f0000000300)='./file0\x00', 0x0, 0x10}, 0x10) (async)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f00000003c0)='./cgroup/syz0\x00', 0x1ff) (async)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001600)) (async)
mkdir(&(0x7f0000000380)='./file0\x00', 0x32) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0xf, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) (async)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000440)={0xffffffffffffffff, 0x4, 0x10}, 0xc) (async)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000480)={&(0x7f0000000400)='./file0\x00', r1}, 0x10) (async)
recvmsg$unix(r0, &(0x7f0000001c40)={&(0x7f0000001640), 0x6e, &(0x7f0000001ac0)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9, &(0x7f0000001b80)}, 0x40) (async)
openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0) (async)
ioctl$TUNSETIFINDEX(r2, 0x400454da, &(0x7f00000011c0)) (async)
close(r2) (async)
recvmsg$unix(r0, &(0x7f00000002c0)={&(0x7f0000000100)=@abs, 0x6e, &(0x7f0000000000)=[{&(0x7f0000000180)=""/127, 0x7f}, {&(0x7f0000000200)=""/188, 0xbc}], 0x2, &(0x7f0000000080)=[@cred={{0x1c}}], 0x20}, 0x10020) (async)

10:52:48 executing program 0:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000300), 0x4)
recvmsg(r0, &(0x7f0000000480)={&(0x7f0000000100)=@xdp, 0x80, &(0x7f0000000080)=[{&(0x7f0000000000)=""/20, 0x14}, {&(0x7f0000000180)=""/224, 0xe0}, {&(0x7f0000000280)=""/104, 0x68}, {&(0x7f0000000300)=""/155, 0x9b}], 0x4, &(0x7f00000003c0)=""/140, 0x8c}, 0x100)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000800)={&(0x7f00000004c0)=@abs, 0x6e, &(0x7f0000000780)=[{&(0x7f0000000540)=""/239, 0xef}, {&(0x7f0000000640)=""/118, 0x76}, {&(0x7f00000006c0)=""/152, 0x98}], 0x3, &(0x7f00000007c0)=[@cred={{0x1c}}], 0x20}, 0x1)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)) (async)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000300), 0x4) (async)
recvmsg(r0, &(0x7f0000000480)={&(0x7f0000000100)=@xdp, 0x80, &(0x7f0000000080)=[{&(0x7f0000000000)=""/20, 0x14}, {&(0x7f0000000180)=""/224, 0xe0}, {&(0x7f0000000280)=""/104, 0x68}, {&(0x7f0000000300)=""/155, 0x9b}], 0x4, &(0x7f00000003c0)=""/140, 0x8c}, 0x100) (async)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0) (async)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000800)={&(0x7f00000004c0)=@abs, 0x6e, &(0x7f0000000780)=[{&(0x7f0000000540)=""/239, 0xef}, {&(0x7f0000000640)=""/118, 0x76}, {&(0x7f00000006c0)=""/152, 0x98}], 0x3, &(0x7f00000007c0)=[@cred={{0x1c}}], 0x20}, 0x1) (async)

10:52:48 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x1795)

10:52:48 executing program 1:
r0 = syz_clone(0x4c020000, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_open_procfs$namespace(r0, &(0x7f0000000000)='ns/mnt\x00')
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
r2 = openat$cgroup(r1, &(0x7f0000000100)='syz1\x00', 0x200002, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000140)={@cgroup=r2, r1, 0x1a}, 0x10)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000080)={&(0x7f0000000040)='./file0\x00', r1}, 0x10)
syz_clone(0x4c020000, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
syz_open_procfs$namespace(r0, &(0x7f0000000000)='ns/mnt\x00') (async)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0) (async)
openat$cgroup(r1, &(0x7f0000000100)='syz1\x00', 0x200002, 0x0) (async)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000140)={@cgroup=r2, r1, 0x1a}, 0x10) (async)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000080)={&(0x7f0000000040)='./file0\x00', r1}, 0x10) (async)

10:52:48 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x5421, 0x335)

10:52:48 executing program 4:
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)

10:52:48 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x1796)

10:52:48 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x1c00)

10:52:48 executing program 4:
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)

10:52:48 executing program 1:
r0 = syz_clone(0x4c020000, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_open_procfs$namespace(r0, &(0x7f0000000000)='ns/mnt\x00')
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
r2 = openat$cgroup(r1, &(0x7f0000000100)='syz1\x00', 0x200002, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000140)={@cgroup=r2, r1, 0x1a}, 0x10)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000080)={&(0x7f0000000040)='./file0\x00', r1}, 0x10)
syz_clone(0x4c020000, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
syz_open_procfs$namespace(r0, &(0x7f0000000000)='ns/mnt\x00') (async)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0) (async)
openat$cgroup(r1, &(0x7f0000000100)='syz1\x00', 0x200002, 0x0) (async)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000140)={@cgroup=r2, r1, 0x1a}, 0x10) (async)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000080)={&(0x7f0000000040)='./file0\x00', r1}, 0x10) (async)

10:52:48 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x2000)

10:52:48 executing program 0:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000300), 0x4)
recvmsg(r0, &(0x7f0000000480)={&(0x7f0000000100)=@xdp, 0x80, &(0x7f0000000080)=[{&(0x7f0000000000)=""/20, 0x14}, {&(0x7f0000000180)=""/224, 0xe0}, {&(0x7f0000000280)=""/104, 0x68}, {&(0x7f0000000300)=""/155, 0x9b}], 0x4, &(0x7f00000003c0)=""/140, 0x8c}, 0x100)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000800)={&(0x7f00000004c0)=@abs, 0x6e, &(0x7f0000000780)=[{&(0x7f0000000540)=""/239, 0xef}, {&(0x7f0000000640)=""/118, 0x76}, {&(0x7f00000006c0)=""/152, 0x98}], 0x3, &(0x7f00000007c0)=[@cred={{0x1c}}], 0x20}, 0x1)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)) (async)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000300), 0x4) (async)
recvmsg(r0, &(0x7f0000000480)={&(0x7f0000000100)=@xdp, 0x80, &(0x7f0000000080)=[{&(0x7f0000000000)=""/20, 0x14}, {&(0x7f0000000180)=""/224, 0xe0}, {&(0x7f0000000280)=""/104, 0x68}, {&(0x7f0000000300)=""/155, 0x9b}], 0x4, &(0x7f00000003c0)=""/140, 0x8c}, 0x100) (async)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0) (async)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000800)={&(0x7f00000004c0)=@abs, 0x6e, &(0x7f0000000780)=[{&(0x7f0000000540)=""/239, 0xef}, {&(0x7f0000000640)=""/118, 0x76}, {&(0x7f00000006c0)=""/152, 0x98}], 0x3, &(0x7f00000007c0)=[@cred={{0x1c}}], 0x20}, 0x1) (async)

10:52:48 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000080)={&(0x7f0000000000)='./file0\x00'}, 0x10)
unlink(&(0x7f00000000c0)='./file0\x00')

10:52:48 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x5450, 0x335)

10:52:48 executing program 4:
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)

10:52:48 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x2e00)

10:52:48 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000080)={&(0x7f0000000000)='./file0\x00'}, 0x10)
unlink(&(0x7f00000000c0)='./file0\x00')

10:52:48 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x3f00)

10:52:48 executing program 1:
perf_event_open$cgroup(&(0x7f0000000040)={0x0, 0x80, 0xfe, 0x3, 0x7f, 0x3, 0x0, 0x3, 0x8, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x821, 0xfff, 0x6000000, 0x2, 0xfff, 0xffff, 0x8, 0x0, 0xfffffff9, 0x0, 0x5}, 0xffffffffffffffff, 0x7, 0xffffffffffffffff, 0x4)
syz_clone(0x4c020000, 0x0, 0x0, 0x0, 0x0, 0x0)

10:52:48 executing program 4:
r0 = syz_clone(0x4c020000, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_open_procfs$namespace(r0, &(0x7f0000000000)='ns/mnt\x00')
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
r2 = openat$cgroup(r1, &(0x7f0000000100)='syz1\x00', 0x200002, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000140)={@cgroup=r2, r1, 0x1a}, 0x10)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000080)={&(0x7f0000000040)='./file0\x00', r1}, 0x10)

10:52:48 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x4000)

10:52:48 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000080)={&(0x7f0000000000)='./file0\x00'}, 0x10)
unlink(&(0x7f00000000c0)='./file0\x00')
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000080)={&(0x7f0000000000)='./file0\x00'}, 0x10) (async)
unlink(&(0x7f00000000c0)='./file0\x00') (async)

10:52:48 executing program 0:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000200)={&(0x7f0000000180)='./file1\x00', 0x0, 0x18}, 0x10)
mkdir(0xfffffffffffffffc, 0x1e2)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000080)={&(0x7f0000000000)='./file0\x00'}, 0x10)
recvmsg$unix(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000100), 0x6e, &(0x7f0000000180)}, 0x40000003)

10:52:48 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x8100)

10:52:48 executing program 1:
perf_event_open$cgroup(&(0x7f0000000040)={0x0, 0x80, 0xfe, 0x3, 0x7f, 0x3, 0x0, 0x3, 0x8, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x821, 0xfff, 0x6000000, 0x2, 0xfff, 0xffff, 0x8, 0x0, 0xfffffff9, 0x0, 0x5}, 0xffffffffffffffff, 0x7, 0xffffffffffffffff, 0x4)
syz_clone(0x4c020000, 0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open$cgroup(&(0x7f0000000040)={0x0, 0x80, 0xfe, 0x3, 0x7f, 0x3, 0x0, 0x3, 0x8, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x821, 0xfff, 0x6000000, 0x2, 0xfff, 0xffff, 0x8, 0x0, 0xfffffff9, 0x0, 0x5}, 0xffffffffffffffff, 0x7, 0xffffffffffffffff, 0x4) (async)
syz_clone(0x4c020000, 0x0, 0x0, 0x0, 0x0, 0x0) (async)

10:52:48 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x5451, 0x335)

10:52:48 executing program 0:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000200)={&(0x7f0000000180)='./file1\x00', 0x0, 0x18}, 0x10) (async, rerun: 32)
mkdir(0xfffffffffffffffc, 0x1e2) (async, rerun: 32)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000080)={&(0x7f0000000000)='./file0\x00'}, 0x10) (async, rerun: 32)
recvmsg$unix(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000100), 0x6e, &(0x7f0000000180)}, 0x40000003) (rerun: 32)

10:52:48 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000080)='./file0\x00', 0x6)
unlink(&(0x7f0000000000)='./file0\x00')

10:52:48 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x8102)

10:52:48 executing program 4:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0xc00)

10:52:48 executing program 0:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000200)={&(0x7f0000000180)='./file1\x00', 0x0, 0x18}, 0x10) (async)
mkdir(0xfffffffffffffffc, 0x1e2) (async)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000080)={&(0x7f0000000000)='./file0\x00'}, 0x10) (async)
recvmsg$unix(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000100), 0x6e, &(0x7f0000000180)}, 0x40000003)

10:52:48 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000080)='./file0\x00', 0x6)
unlink(&(0x7f0000000000)='./file0\x00')
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
mkdir(&(0x7f0000000080)='./file0\x00', 0x6) (async)
unlink(&(0x7f0000000000)='./file0\x00') (async)

10:52:48 executing program 1:
perf_event_open$cgroup(&(0x7f0000000040)={0x0, 0x80, 0xfe, 0x3, 0x7f, 0x3, 0x0, 0x3, 0x8, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x821, 0xfff, 0x6000000, 0x2, 0xfff, 0xffff, 0x8, 0x0, 0xfffffff9, 0x0, 0x5}, 0xffffffffffffffff, 0x7, 0xffffffffffffffff, 0x4)
syz_clone(0x4c020000, 0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open$cgroup(&(0x7f0000000040)={0x0, 0x80, 0xfe, 0x3, 0x7f, 0x3, 0x0, 0x3, 0x8, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x821, 0xfff, 0x6000000, 0x2, 0xfff, 0xffff, 0x8, 0x0, 0xfffffff9, 0x0, 0x5}, 0xffffffffffffffff, 0x7, 0xffffffffffffffff, 0x4) (async)
syz_clone(0x4c020000, 0x0, 0x0, 0x0, 0x0, 0x0) (async)

10:52:48 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x8900)

10:52:48 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
mkdir(&(0x7f0000000080)='./file0\x00', 0x6) (async)
unlink(&(0x7f0000000000)='./file0\x00')

10:52:48 executing program 0:
mkdir(&(0x7f0000000080)='./file0\x00', 0x2)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0)

10:52:48 executing program 3:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
unlink(&(0x7f00000000c0)='./file0\x00')
unlink(&(0x7f0000000000)='./file0\x00')
socketpair(0x1a, 0x3, 0x101, &(0x7f0000000040)={<r0=>0xffffffffffffffff})
recvmsg$unix(r0, &(0x7f0000000280)={&(0x7f0000000100)=@abs, 0x6e, &(0x7f0000000240)=[{&(0x7f0000000180)=""/114, 0x72}, {&(0x7f0000000200)=""/11, 0xb}], 0x2}, 0x30100)
unlink(&(0x7f00000002c0)='./file0\x00')

10:52:48 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x5452, 0x335)

10:52:48 executing program 4:
syz_clone(0x4c020000, 0x0, 0x0, 0x0, 0x0, 0x0)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000080), 0x12)
syz_clone(0x100, &(0x7f0000000240)="00b4669971be662e80f8a9760729a8fdbe6ad23d6adc9cd8c0c95bacd5f0166672969881320af2933ed409ba31bbf43f8403fe7b60cad4cc3f9edc4f1ef532bcc58f5219c7dd591a7397b1427be4dc53b3dde9215923b39e2419f6b6016e990506ccdef5a5a340104ac07351c221719c057a4350f5fd7e3b2a12bc45279044a08e51c5265c3f3d182a8b2f7f6e59dba09c10c55b1ad328975aff4bc9992467a65cd4a1d171501f09b79df051884d52f9fc014b4aa1db2b7cfbaed659c6e49760378fa7729e356d31bbfd40e10fd3ac8524bb560f9e74e9fed6d8e2c49b03ce03ce6e3f21331a864f5a5cd43ace7f7acc272063e0f84a668ddd8bc13999709b6c639edfd231c2b15a6591c4795f714cb725f15347db949cd674d3a1c6bac189b6bf1c6b2ad4a07dde8e3b6194adbff559b4160672a4909c6e07e5bf910b935ee1206908873196ab61df6b7b9455cbaaa44c00649a516a0fd05bafedf2c84451f90f5b9ee250012ec98338052eb74c96a5b77ab3be43894abe955d69ea763ecca008067cb80eda8b8906225e1157e15af9bed7e5c2e73e479c27df04f96d75686ad9151031b1548aabacb2c5909929777b1436618ae1836ccb0c1d6067c5b64d82565f21315b6d96acc10644ed8c12c6fd21e1efaa529c167adbe1f7da19f60ebe9a92563d641c488bc58fb9f42f5e13e2c541d4c7d42c695d1a91631d3d8b70ac43ce5db0976a51cf0410a04ee3c5352072b34d7dbd49e119b1311dad4e7f9498cf9028f8abed8ecafa3ff2630a9d7a1d191d901746e7ee62c17f13622d2ea7f7b7a25e1c2a9ef1882e74ed829a97a55d0a29411f7aaa563bb50894b12f9045ab59b39ad658b79990c80425f51c71421064e19908beecd9ef92dfe5db1fcdb2093c4ffce6c9351c89929e179ba66b7d51a30782dd83e3a6ca28e3717d068a9e208810f1ada04159ba34d92180de49c91c48c336695464f3afc4a369c7ff322f7d48f32c072d2194b68c7f6e2389375352fd99af162fdaa8c1be7e4b6b7ed1b2554fe7074be990b440050a616534f597aacf5fee70108cb3a28a10595319960470b667124618f43521fb0ae3ec6a8f846dad8e18ff8bc2e74d7dda6966327a266daf1925ebb32b7b9c17f2132c81fb04b85426a0c76d94eb64a3dc038d67d8a1488b583ec431cd3648be96b9e2e1a8fbcf171b825666902bce14efae86f2360409fceafc72e12b05bbcc7a82f3227c486b9cacfa756af58d0d6469cae0b6a528012ccf0b6da93bcb682bf474929a1426671f42c2a17765a4246e5230222e044d9dbaab8fb3742e448536a377c748b12eea21edaa4217b012b46a21cceac43042d877e6a5876b832e76e7cad1201395d8e6f7fbb16f9078e02913f569e46156d75c597a52bef1ba63aee41d8fa34dd9cb712c35a9ef89302cdc1f0904cedb9c5f71bfdf919fc59b37605550a1f37c901119a618f1f4ca84c0413e5b72a9a2b811dacccebf746c226ea853c1c8f679f978474f9fc47788c9a5567e0ecc2d238fb99f4baa6304e3b51fb1f45cd132ec7aba668a602013f09b2b50da22b4f66d51543e9e74cb1ac1b85f30deb43e914c285677bc4a67b9bcc245b6ede928d073b71417fcc5a4a663f8c0874d56cdd57e31c2411ebde75254979e8de73e56a1c0420bdd097d5eec3f68edd2985cd5cabad46257c7fccb095dca6afa8eca55a7578e5c889dbbc303f9b141dab89017e85b0741a7ba10ef63744473c156cda5f1edc69e1536f4e17ba5ad0173c82b910f4fdfa77b63db57d5a197848c92569a952eebfa54821de24a31e2eb60b5408ae217a5b8a734f649e504b84bfb04be17a126ac0d5a0cd3201f165e3b4cc0ac7ffce0f60a0e747be5ee4e15e42d269f2d47c82c4fc82e57eaae073d09aa61df740022bb3989ff391b74909758aac24eafeac9f0ea71cd9da7380726bc265bbd0e1e86f2be02cdb77357dca805dd0b481b700b72960691e1351ae5385f5ca90016aacc786f693d9c8d123a4f5d636450e435ad207a4e9a5d81181f8be05d23a021374abc1223f98cd4c57d6b3601c246e2c700bedd5f41c46eac356285377510be77239ff9f93498312ef987bfa5448371ce8e84086e77c57e989f3fac9eb5ca5f4005132dbe58f89559e049d16fc5f94ebf149d7d6227f28fcc04e61dbb2f091de2465dd61c412c5ffafa43975682812a4f135a7d2f8dd97eb469332f32c5d6de2b36fe930555be42b197f6884f422a91e052b7526488c639d6a8b2c4c94ab6427a21939d7bfdd84673df341929b465ae509d812df96990d9e010c7f8adfb63412c7adb09918abf9171bdc868fa82ce66b1d697cd8ad08d2ce07a4b51599fd33e946a84bae5a55559bee48a8fdd6b752d3a398617ba13a1a071c85a0052c03582d0af688604afba7072b44adcba80d7978e899ffbb097c4a6957edd9b15b600d72ef057369aa9a97e2b6f7a1973209de1312e38b7f6bfd93e9427b90f0cfc1258efff51c5272b5e18d3303ecc94dd0c6c208211f1373bb7e5d4c1ce1b6acc9ac3089376f4445ef2fced966ee0ab8584b17571a3e574d7053059ab3b1e4fe6996a8656540238407c3df2f9dcf485006bc7cbf1d513c9f93739e85e9969517ad33ae1bffa32b63fe09bdb6e2d3e561fe54b71661be71f99df227856ca95cf693e47c6f5552861f0b276de985bc3fc6c130567d888351664aadea8cff81528a701ca46a8e1a64105b67c7bf55f7977f8cc1b06c1b94ce83c8f0361fbed34f0bddf764ff6730f16f42f1631082004c2a06f1f4cc19ada54a156f37898707038778ff61d8147a1c8680b1c833e84baa65dd170e3a0865dc77bdfc46363cfd6c2733747ada99ea2f4934ceb79e4841c735ce14706107aa06084ac77375e109bf035fe43b7dc9434eac3107c623ff7d0ddb0ae62c4c771d53509cd9f31501ca555bc44fcd4156b9d190c093329e16ae162d35768f90a5ec279febe15dc32a67baa505fabcddf1f936bc28e90193130092f4ac9934e7e3c5c59a9ceaca0c18be86d5f3cc792ce3c38294cf9d91dbbed211751948d5b217385b63b6e66df11c88e88d24a3e3b666c8d8bd4a75c769f5848585338e11dfefb452f083f8c252dba28c32e3a463c995f3549c18303e2951416e9556b3013d0236d78a7ce0f26f901ce0026e29c9a28cb2c641433c8b040006bf206de40cdb54fd2725594ec96ce8fdd597a9c66da685b6c031cd49da8edf2ac4138a1728133c159b59633beb3d3e4d7dca9dfb2f76f977f4f1af51e2b813bca1bc8cd8dcd56d745ccaf6aa6fa40db0d86dd88dd521cfd0b7ede87f90fac698fc6f39d762b0dcc615cf34b9d5ae2f077de742b46684ad086edd81692451afe3a58b6bd7f2dded156cf22a86351e84d9ad5c90ed127c47281bb4ba5bb430ea2376ef211b13936b4b00f2e7d528459d93d07b1bb1ae3af23abc632786160bb064d8ef3991630117a3687c30d8fbb0f09a9c32b8d19a11730b18510a41afb526c1047a87aacad58817fce28e3fb5aad2ae480289d312569f9845e2b1daca882bcfd3a132b4a75225de1910ff3dc98a9562912f4d125e9af5c90d828d10fe1f64807d52695a22794b443a9932035989622e36921aff168f543d84ee4ac65c6d4d8a7784cc92c739249eb21a60d6db79cf27342abbfeb0f14f7a0add7ccede47efa816b574e6c7ed979c5875da2eb5cde832c03fe3b4b20c9afc1f4a9dec481dfff64d3bfbc3257e2ea300a9a4f4df155b6ef6f57fa745cc212bc1ae09f0aa349b82a4b832bd399989aa88a89ebd70b5fb4f7f3b2eee6c7a4d3cebd1962a633ef3a3c105e19b42442729da9844755930636b19eed9e66f64fa5e6f8165327c1eb1838f38cbfdb97de748a5a54bd44dc863bda7084700d7ae990aacbc80201b748ce423514b5f85299eeafc0cd91fdbe701044cf855267b0e1b0e9b5396c697bf0f1ae7c4ad6ef23e4f58c9817b5f63d9b1e0c35106dd23c86c9fe052c9703cbadad0c38d551c3c28b63bb801cf4d35ec8a2d8ce5ae964543fbeaeff556ebeaeb707e57a21ec8da05ee769f542c363bc735c54fc07bd29d4d9467de25cfb4bd84f8bc565a570bd7fe12265572867929866b7dc0eb372b3a1ee613a4a00b97acf2c20d2b83de4c7ca3308df6c84869a4a7e573e08d3607eef97a418861282fa8375ef7aeb912819f3930630c108b6bc89246718b13ca582fff5c86075c0178d6f92418f675b6dcc45c8a67508a179a50f0e86ed02015ee6a0095f2fd6001000527ebdaacc8136aa432e9aa0d8491b875a9186d5f4f12e99a87645b5e2382ef1b9c4be9f38699c82792a1738acc3c927798499b5da0a63770654967b9c3d32b049a9ac65b5afbc1a2bbe059827e928f1b0f6922d34d506772cbb0fc1e69ec99d551ac5ddecfaa45e86b2204fbef231066704e01ad94b46d53dfdeebf92c751a559047a317a92aae5bd881def10029294e1fb33f4e61496d8b3c2ba704a048d2e66700e2f29d7dfe545ead983e1586e7017c19f637d7728f3dcc2d4b6b738716a194500c296563fdf58695c2b7629fddfd906a2f27926dc49e3a355fad9a0cd389c88893ad86d6efc64ea25d3fac40d08e32681b0e662cfca8f5884c055a8ab1defc739d1712ed4f77f3ab1eab9c1d71b600776b15dbb67fd4e17fc57b93aef4f7694cd96340ea653db1a13ee3a298dc1f8f0755c8dd7d093d21e10104e00eb8a1391bd8d4199e6fb557bdef0cf5a810e3785831cea26bc3703bc68d16029eae03a7e39c742eace59101b6bcf8e789b870d665f95633e625540379bd6882a5cacf759b25d64b03a6ab9328987d747bd8f417710af41e764e76c8787221ca7055d418e076bca38d85863167e3a8d3fd8ecf60949dc89123b33250499d9d850161c271ea619846904c952c42bc9f87a9b2ddd759afdca538014b89fe63f877175d62f64cb0797e9e45b2a0609ad234032659f536597ee4a210feac62570d3b43fdc3404f839edcb2a9afe9737f044db43f69c460642a5d2adc48e235338fc3bbc5a914f82614286d55b915547be6070f77873ddad7ed3d990a549a47a88ae51b7fd53397fddb8fba4165b799319b1c8a6fb999a7fbf8e9f7f8605b5abb4f1df5ad48df52f509e20d000659d5c411b7bb04471c0542eb8718376cf55d04d08bd6a544ccc0697ff00c1db7f586f489a5152d531900f8c67c82741be4fae26c409f70738edddc55ffe0190a5721fae0b4599b654d3bc3b41d1b0041473d765d856dc2e06bce735d72e71c2e6455357cc09577e2108388065cb3e41c64083bd904a20f53258a7148f74393d9dd58ef742190556d16259b21c2ec1971ee47754b1b16e98d5ad828e6fcd3066fac44906c94124569ed36775b116bf065cd24dee29b6455c3c9c099c99e4b1052deb4ec962fa1a95613342fb881fcfb8fee64f205e2da99401fc1886ec41d5f58f6e77754dbc599a24d5ea664087c5336edf39e9c25de595c3d26bf1ed6397fec1b69f6475c8fbbbdb03a68d0b051d1e1762f5167c0acb27d93f56883c5ec45f90e3440a77967e6344c229936ecf9393fa9068bd4886dc6567ee1d50264dc37dbc9c407d8046182e8cbc0ac7eb1b35054c0d4480d7f525d3358d9bfe250f2ac11f7f4366de73deea9465514b733983b2f9811cdc8129b54ed8d4669d30a035f87450c85b054ed9626c4307e9fcf45ba5c524f7ab9e487747e5d8cd23eaf58725ad9c1f0493899d64a21f8a0ca1aa01556b939d2156df5e4c7544edecdfb6df11ca889b4669", 0x1000, &(0x7f0000000000), &(0x7f00000000c0), &(0x7f0000001240)="9ad3f019f86aa5142bd63bd7d04af92c3bdae46c7bfabe08937361909348e8679407d10d51c0bbb4df4b298c998d9e1c0fd8326a22c3cba6d07ec4055481dcc91410c39a28262114ef9c9f31238d0a5d65e813e161ae745e21558774833e0587be2a62cd040e030b6bf35b2e94d29cc49fe18f12e5ef0c8da91a85ef8175ffe7adacf0a5d4c8336750325ddb1aa623bc0ca8e8bc1b9ba3a84f5ffc873a979389bb546fa985fa17f0cd4c2348c82bb69bfd504b3414020a69c9b72ed3fee6dfe761cd6658e1f34822768d65fd5511504a0966e7fe8400")
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000140)={0x1, &(0x7f0000000040)="074803bcf13176a73d4cb67106697732148ca92cc584054fae9dea181f6856cc8be9d420234c176b37a56312fa2d23ca1ec243e2b99362", &(0x7f0000000180)=""/178, 0x4}, 0x20)

10:52:48 executing program 1:
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000240)='cgroup.controllers\x00', 0x0, 0x0)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000300)={r0, &(0x7f0000000280)="7b3174b03005332242191628fc4d9f958b66e49ba7167da5a0734c8108f8bab20f381ea25da3e77394ae1317eaa7016796951579dcdaf9e192bdd75ee1b421aa6d8a4c6c2a4dacbe1fa37a439667d9370461294a2469a902477b5abda6f4d3edb0363ccbdfb25b39feb5249477744b85b98b2d"}, 0x20)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000200)={0xffffffffffffffff, 0x20, &(0x7f00000001c0)={&(0x7f0000000000)=""/197, 0xc5, 0x0, &(0x7f0000000100)=""/149, 0x95}}, 0x10)
syz_clone(0x6c420000, 0x0, 0x0, 0x0, 0x0, 0x0)

10:52:48 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x9100)

10:52:48 executing program 0:
mkdir(&(0x7f0000000080)='./file0\x00', 0x2)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0)
mkdir(&(0x7f0000000080)='./file0\x00', 0x2) (async)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0) (async)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0) (async)

10:52:48 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x9517)

10:52:48 executing program 3:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
unlink(&(0x7f00000000c0)='./file0\x00')
unlink(&(0x7f0000000000)='./file0\x00')
socketpair(0x1a, 0x3, 0x101, &(0x7f0000000040)={<r0=>0xffffffffffffffff})
recvmsg$unix(r0, &(0x7f0000000280)={&(0x7f0000000100)=@abs, 0x6e, &(0x7f0000000240)=[{&(0x7f0000000180)=""/114, 0x72}, {&(0x7f0000000200)=""/11, 0xb}], 0x2}, 0x30100)
unlink(&(0x7f00000002c0)='./file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0) (async)
unlink(&(0x7f00000000c0)='./file0\x00') (async)
unlink(&(0x7f0000000000)='./file0\x00') (async)
socketpair(0x1a, 0x3, 0x101, &(0x7f0000000040)) (async)
recvmsg$unix(r0, &(0x7f0000000280)={&(0x7f0000000100)=@abs, 0x6e, &(0x7f0000000240)=[{&(0x7f0000000180)=""/114, 0x72}, {&(0x7f0000000200)=""/11, 0xb}], 0x2}, 0x30100) (async)
unlink(&(0x7f00000002c0)='./file0\x00') (async)

10:52:48 executing program 0:
mkdir(&(0x7f0000000080)='./file0\x00', 0x2) (async)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0) (async)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0)

10:52:48 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x9617)

10:52:48 executing program 4:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
unlink(&(0x7f00000000c0)='./file0\x00')
unlink(&(0x7f0000000000)='./file0\x00')
socketpair(0x1a, 0x3, 0x101, &(0x7f0000000040)={<r0=>0xffffffffffffffff})
recvmsg$unix(r0, &(0x7f0000000280)={&(0x7f0000000100)=@abs, 0x6e, &(0x7f0000000240)=[{&(0x7f0000000180)=""/114, 0x72}, {&(0x7f0000000200)=""/11, 0xb}], 0x2}, 0x30100)
unlink(&(0x7f00000002c0)='./file0\x00')

10:52:48 executing program 3:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
unlink(&(0x7f00000000c0)='./file0\x00') (async)
unlink(&(0x7f0000000000)='./file0\x00') (async, rerun: 64)
socketpair(0x1a, 0x3, 0x101, &(0x7f0000000040)={<r0=>0xffffffffffffffff}) (rerun: 64)
recvmsg$unix(r0, &(0x7f0000000280)={&(0x7f0000000100)=@abs, 0x6e, &(0x7f0000000240)=[{&(0x7f0000000180)=""/114, 0x72}, {&(0x7f0000000200)=""/11, 0xb}], 0x2}, 0x30100)
unlink(&(0x7f00000002c0)='./file0\x00')

10:52:48 executing program 0:
mkdir(&(0x7f0000000040)='./file1\x00', 0xc0)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x80)

10:52:48 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x5460, 0x335)

10:52:48 executing program 1:
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000240)='cgroup.controllers\x00', 0x0, 0x0)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000300)={r0, &(0x7f0000000280)="7b3174b03005332242191628fc4d9f958b66e49ba7167da5a0734c8108f8bab20f381ea25da3e77394ae1317eaa7016796951579dcdaf9e192bdd75ee1b421aa6d8a4c6c2a4dacbe1fa37a439667d9370461294a2469a902477b5abda6f4d3edb0363ccbdfb25b39feb5249477744b85b98b2d"}, 0x20)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000200)={0xffffffffffffffff, 0x20, &(0x7f00000001c0)={&(0x7f0000000000)=""/197, 0xc5, 0x0, &(0x7f0000000100)=""/149, 0x95}}, 0x10)
syz_clone(0x6c420000, 0x0, 0x0, 0x0, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000240)='cgroup.controllers\x00', 0x0, 0x0) (async)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000300)={r0, &(0x7f0000000280)="7b3174b03005332242191628fc4d9f958b66e49ba7167da5a0734c8108f8bab20f381ea25da3e77394ae1317eaa7016796951579dcdaf9e192bdd75ee1b421aa6d8a4c6c2a4dacbe1fa37a439667d9370461294a2469a902477b5abda6f4d3edb0363ccbdfb25b39feb5249477744b85b98b2d"}, 0x20) (async)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000200)={0xffffffffffffffff, 0x20, &(0x7f00000001c0)={&(0x7f0000000000)=""/197, 0xc5, 0x0, &(0x7f0000000100)=""/149, 0x95}}, 0x10) (async)
syz_clone(0x6c420000, 0x0, 0x0, 0x0, 0x0, 0x0) (async)

10:52:48 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0xa1ff)

10:52:48 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
unlink(&(0x7f00000000c0)='./file0\x00')
ioctl$PERF_EVENT_IOC_SET_OUTPUT(0xffffffffffffffff, 0x2405, 0xffffffffffffffff)
unlink(&(0x7f0000000000)='./file0\x00')

10:52:48 executing program 0:
mkdir(&(0x7f0000000040)='./file1\x00', 0xc0)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x80)
mkdir(&(0x7f0000000040)='./file1\x00', 0xc0) (async)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0) (async)
mkdir(&(0x7f0000000000)='./file1\x00', 0x80) (async)

10:52:48 executing program 4:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x8900)

10:52:48 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
unlink(&(0x7f00000000c0)='./file0\x00') (async)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(0xffffffffffffffff, 0x2405, 0xffffffffffffffff) (async)
unlink(&(0x7f0000000000)='./file0\x00')

10:52:48 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0xc000)

10:52:48 executing program 0:
mkdir(&(0x7f0000000040)='./file1\x00', 0xc0)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x80)
mkdir(&(0x7f0000000040)='./file1\x00', 0xc0) (async)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0) (async)
mkdir(&(0x7f0000000000)='./file1\x00', 0x80) (async)

10:52:48 executing program 4:
syz_clone(0x4c020000, 0x0, 0xfffffffffffffe7a, 0x0, 0x0, 0x0)
syz_clone(0xfc06a67057d6981b, &(0x7f0000000000)="377a7dc1faeebb5366f91fe408ae35303ea570ceda85fe200814cbfbd0e1f775779b4ea907c3c00a9042c4c1cd1936d87cfeb730d9ec4a1921f883d0263b698ac9181aa0f5be4e080e", 0x49, &(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000100)="0fbbc5e86cadc30085103557c330ee81b5ea1141c5efea6e89e4ade2a87ce0baf925b79927cd878ee965739c5af69bda4a10475550f05ad3ea2e7ab5c77d1fcfe27a657dd0b20d42a272e162ec558b17b1d049317dfda417d05db8a9a6704f94e51c928f1d7980d10e7b68ccc2085b9e47a2f70270886270f938ec807bb20b5f4a0fbb456ab6844136624ccc2359e5eb")

10:52:48 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0xec00)

10:52:48 executing program 0:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0)
write$cgroup_freezer_state(0xffffffffffffffff, &(0x7f0000000140)='THAWED\x00', 0x7)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='hugetlb.1GB.usage_in_bytes\x00', 0x0, 0x0)
r1 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000180)={&(0x7f00000002c0)='./file1\x00', 0x0, 0x18}, 0x10)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000280)={r1, 0x58, &(0x7f0000000200)}, 0x10)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000100)={&(0x7f0000000000)='./file1\x00', r0}, 0x10)

10:52:48 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x54e3, 0x335)

10:52:48 executing program 1:
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000240)='cgroup.controllers\x00', 0x0, 0x0)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000300)={r0, &(0x7f0000000280)="7b3174b03005332242191628fc4d9f958b66e49ba7167da5a0734c8108f8bab20f381ea25da3e77394ae1317eaa7016796951579dcdaf9e192bdd75ee1b421aa6d8a4c6c2a4dacbe1fa37a439667d9370461294a2469a902477b5abda6f4d3edb0363ccbdfb25b39feb5249477744b85b98b2d"}, 0x20) (async)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000200)={0xffffffffffffffff, 0x20, &(0x7f00000001c0)={&(0x7f0000000000)=""/197, 0xc5, 0x0, &(0x7f0000000100)=""/149, 0x95}}, 0x10) (async)
syz_clone(0x6c420000, 0x0, 0x0, 0x0, 0x0, 0x0)

10:52:48 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
unlink(&(0x7f00000000c0)='./file0\x00')
ioctl$PERF_EVENT_IOC_SET_OUTPUT(0xffffffffffffffff, 0x2405, 0xffffffffffffffff)
unlink(&(0x7f0000000000)='./file0\x00')

10:52:48 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0xff01)

10:52:48 executing program 0:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0)
write$cgroup_freezer_state(0xffffffffffffffff, &(0x7f0000000140)='THAWED\x00', 0x7)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='hugetlb.1GB.usage_in_bytes\x00', 0x0, 0x0)
r1 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000180)={&(0x7f00000002c0)='./file1\x00', 0x0, 0x18}, 0x10)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000280)={r1, 0x58, &(0x7f0000000200)}, 0x10)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000100)={&(0x7f0000000000)='./file1\x00', r0}, 0x10)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0) (async)
write$cgroup_freezer_state(0xffffffffffffffff, &(0x7f0000000140)='THAWED\x00', 0x7) (async)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='hugetlb.1GB.usage_in_bytes\x00', 0x0, 0x0) (async)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000180)={&(0x7f00000002c0)='./file1\x00', 0x0, 0x18}, 0x10) (async)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000280)={r1, 0x58, &(0x7f0000000200)}, 0x10) (async)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000100)={&(0x7f0000000000)='./file1\x00', r0}, 0x10) (async)

10:52:48 executing program 4:
syz_clone(0x7c0ad580, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 1)

10:52:48 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0xffa1)

10:52:48 executing program 0:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0) (async, rerun: 32)
write$cgroup_freezer_state(0xffffffffffffffff, &(0x7f0000000140)='THAWED\x00', 0x7) (async, rerun: 32)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='hugetlb.1GB.usage_in_bytes\x00', 0x0, 0x0) (async)
r1 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000180)={&(0x7f00000002c0)='./file1\x00', 0x0, 0x18}, 0x10)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000280)={r1, 0x58, &(0x7f0000000200)}, 0x10) (async)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000100)={&(0x7f0000000000)='./file1\x00', r0}, 0x10)

10:52:48 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
unlink(&(0x7f00000000c0)='./file0\x00')
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000080)={&(0x7f0000000000)='./file0\x00', 0x0, 0x18}, 0x10)

10:52:48 executing program 1:
syz_clone(0x4c020000, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = getpid()
perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0x80, 0x0, 0x6, 0xc6, 0x0, 0x7, 0x2c004, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, @perf_config_ext={0x2000000000000000, 0x6}, 0x8, 0x8, 0x6, 0x6, 0x400, 0x2, 0x7, 0x0, 0x6, 0x0, 0x5}, r0, 0x9, 0xffffffffffffffff, 0xa)

[ 2607.189994][T25509] FAULT_INJECTION: forcing a failure.
[ 2607.189994][T25509] name failslab, interval 1, probability 0, space 0, times 0
[ 2607.214949][T25509] CPU: 0 PID: 25509 Comm: syz-executor.4 Not tainted 5.15.91-syzkaller-02991-g7e0097918ff8 #0
[ 2607.225009][T25509] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 2607.234904][T25509] Call Trace:
[ 2607.238027][T25509]  <TASK>
[ 2607.240805][T25509]  dump_stack_lvl+0x151/0x1b7
[ 2607.245317][T25509]  ? io_uring_drop_tctx_refs+0x19a/0x19a
[ 2607.250786][T25509]  dump_stack+0x15/0x17
[ 2607.254775][T25509]  should_fail+0x3c0/0x510
[ 2607.259030][T25509]  __should_failslab+0x9f/0xe0
[ 2607.263625][T25509]  should_failslab+0x9/0x20
[ 2607.267967][T25509]  kmem_cache_alloc+0x4f/0x2f0
[ 2607.272565][T25509]  ? dup_task_struct+0x53/0xa60
[ 2607.277254][T25509]  ? __kasan_check_write+0x14/0x20
[ 2607.282205][T25509]  dup_task_struct+0x53/0xa60
[ 2607.286714][T25509]  ? __kasan_check_write+0x14/0x20
[ 2607.291660][T25509]  copy_process+0x579/0x3250
[ 2607.296090][T25509]  ? __kasan_check_write+0x14/0x20
[ 2607.301034][T25509]  ? proc_fail_nth_write+0x213/0x290
[ 2607.306155][T25509]  ? proc_fail_nth_read+0x220/0x220
[ 2607.311188][T25509]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2607.316138][T25509]  ? vfs_write+0xa37/0x1160
[ 2607.320477][T25509]  ? numa_migrate_prep+0xe0/0xe0
[ 2607.325251][T25509]  kernel_clone+0x21d/0x9c0
[ 2607.329589][T25509]  ? file_end_write+0x1b0/0x1b0
[ 2607.334275][T25509]  ? __kasan_check_write+0x14/0x20
[ 2607.339223][T25509]  ? create_io_thread+0x1e0/0x1e0
[ 2607.344083][T25509]  ? __mutex_lock_slowpath+0x10/0x10
[ 2607.349206][T25509]  __x64_sys_clone+0x289/0x310
[ 2607.353804][T25509]  ? __do_sys_vfork+0x130/0x130
[ 2607.358492][T25509]  ? debug_smp_processor_id+0x17/0x20
[ 2607.363702][T25509]  do_syscall_64+0x44/0xd0
[ 2607.367950][T25509]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2607.373677][T25509] RIP: 0033:0x7fdb204c00c9
[ 2607.377935][T25509] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2607.397371][T25509] RSP: 002b:00007fdb1f233118 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 2607.405617][T25509] RAX: ffffffffffffffda RBX: 00007fdb205dff80 RCX: 00007fdb204c00c9
[ 2607.413428][T25509] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000007c0ad480
[ 2607.421239][T25509] RBP: 00007fdb1f2331d0 R08: 0000000000000000 R09: 0000000000000000
[ 2607.429050][T25509] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000001
10:52:48 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x40000)

10:52:48 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x80040)

[ 2607.436867][T25509] R13: 00007ffddc47e1af R14: 00007fdb1f233300 R15: 0000000000022000
[ 2607.444678][T25509]  </TASK>
10:52:49 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x8924, 0x335)

10:52:49 executing program 0:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000080)={&(0x7f0000000000)='./file1\x00'}, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000100)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x3c, 0x3c, 0xb, [@union={0x8, 0x1, 0x0, 0x5, 0x0, 0x9, [{0x4, 0x0, 0x200}]}, @ptr={0x0, 0x0, 0x0, 0x2, 0x3}, @fwd={0x4}, @fwd={0xe}]}, {0x0, [0x61, 0x5f, 0x2e, 0x5f, 0x5f, 0x5f, 0x41, 0x0, 0x0]}}, &(0x7f0000000180)=""/90, 0x5f, 0x5a}, 0x20)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0)

10:52:49 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
unlink(&(0x7f00000000c0)='./file0\x00')
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000080)={&(0x7f0000000000)='./file0\x00', 0x0, 0x18}, 0x10)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
unlink(&(0x7f00000000c0)='./file0\x00') (async)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000080)={&(0x7f0000000000)='./file0\x00', 0x0, 0x18}, 0x10) (async)

10:52:49 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x100000)

10:52:49 executing program 4:
syz_clone(0x7c0ad580, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 2)

10:52:49 executing program 1:
syz_clone(0x4c020000, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = getpid()
perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0x80, 0x0, 0x6, 0xc6, 0x0, 0x7, 0x2c004, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, @perf_config_ext={0x2000000000000000, 0x6}, 0x8, 0x8, 0x6, 0x6, 0x400, 0x2, 0x7, 0x0, 0x6, 0x0, 0x5}, r0, 0x9, 0xffffffffffffffff, 0xa)
syz_clone(0x4c020000, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
getpid() (async)
perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0x80, 0x0, 0x6, 0xc6, 0x0, 0x7, 0x2c004, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, @perf_config_ext={0x2000000000000000, 0x6}, 0x8, 0x8, 0x6, 0x6, 0x400, 0x2, 0x7, 0x0, 0x6, 0x0, 0x5}, r0, 0x9, 0xffffffffffffffff, 0xa) (async)

10:52:49 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x200000)

10:52:49 executing program 0:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000080)={&(0x7f0000000000)='./file1\x00'}, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000100)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x3c, 0x3c, 0xb, [@union={0x8, 0x1, 0x0, 0x5, 0x0, 0x9, [{0x4, 0x0, 0x200}]}, @ptr={0x0, 0x0, 0x0, 0x2, 0x3}, @fwd={0x4}, @fwd={0xe}]}, {0x0, [0x61, 0x5f, 0x2e, 0x5f, 0x5f, 0x5f, 0x41, 0x0, 0x0]}}, &(0x7f0000000180)=""/90, 0x5f, 0x5a}, 0x20)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000080)={&(0x7f0000000000)='./file1\x00'}, 0x10) (async)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000100)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x3c, 0x3c, 0xb, [@union={0x8, 0x1, 0x0, 0x5, 0x0, 0x9, [{0x4, 0x0, 0x200}]}, @ptr={0x0, 0x0, 0x0, 0x2, 0x3}, @fwd={0x4}, @fwd={0xe}]}, {0x0, [0x61, 0x5f, 0x2e, 0x5f, 0x5f, 0x5f, 0x41, 0x0, 0x0]}}, &(0x7f0000000180)=""/90, 0x5f, 0x5a}, 0x20) (async)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0) (async)

10:52:49 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
unlink(&(0x7f00000000c0)='./file0\x00') (async)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000080)={&(0x7f0000000000)='./file0\x00', 0x0, 0x18}, 0x10)

10:52:49 executing program 0:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000080)={&(0x7f0000000000)='./file1\x00'}, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000100)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x3c, 0x3c, 0xb, [@union={0x8, 0x1, 0x0, 0x5, 0x0, 0x9, [{0x4, 0x0, 0x200}]}, @ptr={0x0, 0x0, 0x0, 0x2, 0x3}, @fwd={0x4}, @fwd={0xe}]}, {0x0, [0x61, 0x5f, 0x2e, 0x5f, 0x5f, 0x5f, 0x41, 0x0, 0x0]}}, &(0x7f0000000180)=""/90, 0x5f, 0x5a}, 0x20) (async)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0)

10:52:49 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0xc00000)

10:52:49 executing program 0:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)

[ 2607.550414][T25538] FAULT_INJECTION: forcing a failure.
[ 2607.550414][T25538] name failslab, interval 1, probability 0, space 0, times 0
[ 2607.574907][T25538] CPU: 1 PID: 25538 Comm: syz-executor.4 Not tainted 5.15.91-syzkaller-02991-g7e0097918ff8 #0
[ 2607.584969][T25538] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 2607.594864][T25538] Call Trace:
[ 2607.597987][T25538]  <TASK>
[ 2607.600763][T25538]  dump_stack_lvl+0x151/0x1b7
[ 2607.605277][T25538]  ? io_uring_drop_tctx_refs+0x19a/0x19a
[ 2607.610747][T25538]  ? __this_cpu_preempt_check+0x13/0x20
[ 2607.616126][T25538]  dump_stack+0x15/0x17
[ 2607.620117][T25538]  should_fail+0x3c0/0x510
[ 2607.624368][T25538]  __should_failslab+0x9f/0xe0
[ 2607.628970][T25538]  should_failslab+0x9/0x20
[ 2607.633306][T25538]  kmem_cache_alloc+0x4f/0x2f0
[ 2607.637907][T25538]  ? __kasan_check_write+0x14/0x20
[ 2607.642854][T25538]  ? prepare_creds+0x30/0x690
[ 2607.647367][T25538]  ? _raw_spin_lock_irqsave+0xf8/0x210
[ 2607.652661][T25538]  prepare_creds+0x30/0x690
[ 2607.657007][T25538]  copy_creds+0xde/0x640
[ 2607.661082][T25538]  copy_process+0x775/0x3250
[ 2607.665508][T25538]  ? __kasan_check_write+0x14/0x20
[ 2607.670452][T25538]  ? proc_fail_nth_write+0x213/0x290
[ 2607.675578][T25538]  ? proc_fail_nth_read+0x220/0x220
[ 2607.680608][T25538]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2607.685555][T25538]  ? vfs_write+0xa37/0x1160
[ 2607.689894][T25538]  ? numa_migrate_prep+0xe0/0xe0
[ 2607.694671][T25538]  kernel_clone+0x21d/0x9c0
[ 2607.699007][T25538]  ? file_end_write+0x1b0/0x1b0
[ 2607.703694][T25538]  ? __kasan_check_write+0x14/0x20
[ 2607.708643][T25538]  ? create_io_thread+0x1e0/0x1e0
[ 2607.713504][T25538]  ? __mutex_lock_slowpath+0x10/0x10
[ 2607.718625][T25538]  __x64_sys_clone+0x289/0x310
[ 2607.723226][T25538]  ? __do_sys_vfork+0x130/0x130
[ 2607.727910][T25538]  ? debug_smp_processor_id+0x17/0x20
[ 2607.733117][T25538]  do_syscall_64+0x44/0xd0
[ 2607.737370][T25538]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2607.743101][T25538] RIP: 0033:0x7fdb204c00c9
[ 2607.747353][T25538] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2607.766792][T25538] RSP: 002b:00007fdb1f233118 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 2607.775044][T25538] RAX: ffffffffffffffda RBX: 00007fdb205dff80 RCX: 00007fdb204c00c9
[ 2607.782847][T25538] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000007c0ad480
[ 2607.790658][T25538] RBP: 00007fdb1f2331d0 R08: 0000000000000000 R09: 0000000000000000
10:52:49 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x8927, 0x335)

10:52:49 executing program 0:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) (async)

10:52:49 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x1000000)

10:52:49 executing program 1:
syz_clone(0x4c020000, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = getpid()
perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0x80, 0x0, 0x6, 0xc6, 0x0, 0x7, 0x2c004, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, @perf_config_ext={0x2000000000000000, 0x6}, 0x8, 0x8, 0x6, 0x6, 0x400, 0x2, 0x7, 0x0, 0x6, 0x0, 0x5}, r0, 0x9, 0xffffffffffffffff, 0xa)
syz_clone(0x4c020000, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
getpid() (async)
perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0x80, 0x0, 0x6, 0xc6, 0x0, 0x7, 0x2c004, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, @perf_config_ext={0x2000000000000000, 0x6}, 0x8, 0x8, 0x6, 0x6, 0x400, 0x2, 0x7, 0x0, 0x6, 0x0, 0x5}, r0, 0x9, 0xffffffffffffffff, 0xa) (async)

10:52:49 executing program 3:
ioctl$TUNGETFILTER(0xffffffffffffffff, 0x801054db, &(0x7f0000000040)=""/117)
r0 = bpf$ITER_CREATE(0x21, &(0x7f0000000100), 0x8)
ioctl$TUNSETIFINDEX(r0, 0x400454da, &(0x7f0000000140))
mkdir(&(0x7f0000000000)='./file1\x00', 0xec)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f00000011c0))
ioctl$TUNSETIFINDEX(r0, 0x400454da, &(0x7f0000000240))
ioctl$TUNGETVNETHDRSZ(r1, 0x800454d7, &(0x7f00000000c0))
unlink(&(0x7f0000000180)='./file1\x00')
ioctl$TUNGETFEATURES(r0, 0x800454cf, &(0x7f0000000200))
ioctl$TUNGETVNETLE(r0, 0x800454dd, &(0x7f00000001c0))

10:52:49 executing program 4:
syz_clone(0x7c0ad580, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 3)

[ 2607.798471][T25538] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000001
[ 2607.806283][T25538] R13: 00007ffddc47e1af R14: 00007fdb1f233300 R15: 0000000000022000
[ 2607.814098][T25538]  </TASK>
10:52:49 executing program 3:
ioctl$TUNGETFILTER(0xffffffffffffffff, 0x801054db, &(0x7f0000000040)=""/117)
r0 = bpf$ITER_CREATE(0x21, &(0x7f0000000100), 0x8)
ioctl$TUNSETIFINDEX(r0, 0x400454da, &(0x7f0000000140)) (async)
mkdir(&(0x7f0000000000)='./file1\x00', 0xec) (async)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f00000011c0))
ioctl$TUNSETIFINDEX(r0, 0x400454da, &(0x7f0000000240))
ioctl$TUNGETVNETHDRSZ(r1, 0x800454d7, &(0x7f00000000c0)) (async)
unlink(&(0x7f0000000180)='./file1\x00') (async)
ioctl$TUNGETFEATURES(r0, 0x800454cf, &(0x7f0000000200))
ioctl$TUNGETVNETLE(r0, 0x800454dd, &(0x7f00000001c0))

10:52:49 executing program 0:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)

10:52:49 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x2000000)

[ 2607.873963][T25575] FAULT_INJECTION: forcing a failure.
[ 2607.873963][T25575] name failslab, interval 1, probability 0, space 0, times 0
[ 2607.890331][T25575] CPU: 0 PID: 25575 Comm: syz-executor.4 Not tainted 5.15.91-syzkaller-02991-g7e0097918ff8 #0
[ 2607.900401][T25575] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 2607.910291][T25575] Call Trace:
[ 2607.913416][T25575]  <TASK>
[ 2607.916192][T25575]  dump_stack_lvl+0x151/0x1b7
[ 2607.920705][T25575]  ? io_uring_drop_tctx_refs+0x19a/0x19a
[ 2607.926176][T25575]  ? __get_vm_area_node+0x13a/0x380
[ 2607.931208][T25575]  ? ____kasan_kmalloc+0xee/0x110
[ 2607.936069][T25575]  ? ____kasan_kmalloc+0xdc/0x110
[ 2607.940928][T25575]  dump_stack+0x15/0x17
[ 2607.944921][T25575]  should_fail+0x3c0/0x510
[ 2607.949178][T25575]  __should_failslab+0x9f/0xe0
[ 2607.953773][T25575]  should_failslab+0x9/0x20
[ 2607.958111][T25575]  kmem_cache_alloc+0x4f/0x2f0
[ 2607.962718][T25575]  ? alloc_vmap_area+0x19a/0x1a90
[ 2607.967576][T25575]  alloc_vmap_area+0x19a/0x1a90
[ 2607.972266][T25575]  ? vm_map_ram+0xa80/0xa80
[ 2607.976598][T25575]  ? __kasan_kmalloc+0x9/0x10
[ 2607.981112][T25575]  ? __get_vm_area_node+0x13a/0x380
[ 2607.986160][T25575]  __get_vm_area_node+0x17b/0x380
[ 2607.991023][T25575]  __vmalloc_node_range+0xda/0x800
[ 2607.995953][T25575]  ? copy_process+0x579/0x3250
[ 2608.000553][T25575]  ? kmem_cache_alloc+0x1c1/0x2f0
[ 2608.005414][T25575]  ? dup_task_struct+0x53/0xa60
[ 2608.010102][T25575]  dup_task_struct+0x61f/0xa60
[ 2608.014700][T25575]  ? copy_process+0x579/0x3250
[ 2608.019300][T25575]  ? __kasan_check_write+0x14/0x20
[ 2608.024254][T25575]  copy_process+0x579/0x3250
[ 2608.028674][T25575]  ? __kasan_check_write+0x14/0x20
[ 2608.033969][T25575]  ? proc_fail_nth_write+0x213/0x290
[ 2608.039092][T25575]  ? proc_fail_nth_read+0x220/0x220
[ 2608.044154][T25575]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2608.049071][T25575]  ? vfs_write+0xa37/0x1160
[ 2608.053411][T25575]  ? numa_migrate_prep+0xe0/0xe0
[ 2608.058183][T25575]  kernel_clone+0x21d/0x9c0
[ 2608.062524][T25575]  ? file_end_write+0x1b0/0x1b0
[ 2608.067209][T25575]  ? __kasan_check_write+0x14/0x20
[ 2608.072156][T25575]  ? create_io_thread+0x1e0/0x1e0
[ 2608.077017][T25575]  ? __mutex_lock_slowpath+0x10/0x10
[ 2608.082142][T25575]  __x64_sys_clone+0x289/0x310
[ 2608.086739][T25575]  ? __do_sys_vfork+0x130/0x130
[ 2608.091427][T25575]  ? debug_smp_processor_id+0x17/0x20
[ 2608.096633][T25575]  do_syscall_64+0x44/0xd0
[ 2608.100884][T25575]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2608.106611][T25575] RIP: 0033:0x7fdb204c00c9
[ 2608.110865][T25575] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2608.130307][T25575] RSP: 002b:00007fdb1f233118 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 2608.138552][T25575] RAX: ffffffffffffffda RBX: 00007fdb205dff80 RCX: 00007fdb204c00c9
[ 2608.146364][T25575] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000007c0ad480
[ 2608.154173][T25575] RBP: 00007fdb1f2331d0 R08: 0000000000000000 R09: 0000000000000000
[ 2608.161985][T25575] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000001
10:52:49 executing program 3:
ioctl$TUNGETFILTER(0xffffffffffffffff, 0x801054db, &(0x7f0000000040)=""/117)
r0 = bpf$ITER_CREATE(0x21, &(0x7f0000000100), 0x8)
ioctl$TUNSETIFINDEX(r0, 0x400454da, &(0x7f0000000140))
mkdir(&(0x7f0000000000)='./file1\x00', 0xec)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f00000011c0))
ioctl$TUNSETIFINDEX(r0, 0x400454da, &(0x7f0000000240))
ioctl$TUNGETVNETHDRSZ(r1, 0x800454d7, &(0x7f00000000c0))
unlink(&(0x7f0000000180)='./file1\x00')
ioctl$TUNGETFEATURES(r0, 0x800454cf, &(0x7f0000000200))
ioctl$TUNGETVNETLE(r0, 0x800454dd, &(0x7f00000001c0))
ioctl$TUNGETFILTER(0xffffffffffffffff, 0x801054db, &(0x7f0000000040)=""/117) (async)
bpf$ITER_CREATE(0x21, &(0x7f0000000100), 0x8) (async)
ioctl$TUNSETIFINDEX(r0, 0x400454da, &(0x7f0000000140)) (async)
mkdir(&(0x7f0000000000)='./file1\x00', 0xec) (async)
openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0) (async)
ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f00000011c0)) (async)
ioctl$TUNSETIFINDEX(r0, 0x400454da, &(0x7f0000000240)) (async)
ioctl$TUNGETVNETHDRSZ(r1, 0x800454d7, &(0x7f00000000c0)) (async)
unlink(&(0x7f0000000180)='./file1\x00') (async)
ioctl$TUNGETFEATURES(r0, 0x800454cf, &(0x7f0000000200)) (async)
ioctl$TUNGETVNETLE(r0, 0x800454dd, &(0x7f00000001c0)) (async)

10:52:49 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x4000000)

10:52:49 executing program 0:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0)
ioctl$TUNSETVNETLE(0xffffffffffffffff, 0x400454dc, &(0x7f00000017c0)=0x1)
recvmsg(0xffffffffffffffff, &(0x7f0000001780)={0x0, 0x0, &(0x7f0000001640)=[{&(0x7f0000000000)=""/9, 0x9}, {&(0x7f0000000100)=""/188, 0xbc}, {&(0x7f00000001c0)=""/238, 0xee}, {&(0x7f00000002c0)=""/207, 0xcf}, {&(0x7f00000003c0)=""/4096, 0x1000}, {&(0x7f0000000080)=""/53, 0x35}, {&(0x7f00000013c0)=""/130, 0x82}, {&(0x7f0000001480)=""/4, 0x4}, {&(0x7f00000014c0)=""/98, 0x62}, {&(0x7f0000001540)=""/199, 0xc7}], 0xa, &(0x7f0000001700)=""/108, 0x6c}, 0x584947f570061eca)

10:52:49 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x894c, 0x335)

10:52:49 executing program 1:
syz_clone(0x4c020000, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001600)={<r0=>0xffffffffffffffff})
recvmsg$unix(r0, &(0x7f0000001c40)={&(0x7f0000001640), 0x6e, &(0x7f0000001ac0)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9, &(0x7f0000001b80)}, 0x40)
recvmsg$unix(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000), 0x0, &(0x7f0000000040)=[@cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xb0}, 0x40010001)

10:52:49 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
unlink(&(0x7f00000000c0)='./file0\x00')

[ 2608.169797][T25575] R13: 00007ffddc47e1af R14: 00007fdb1f233300 R15: 0000000000022000
[ 2608.177611][T25575]  </TASK>
10:52:49 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x5000000)

10:52:49 executing program 0:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0) (async)
ioctl$TUNSETVNETLE(0xffffffffffffffff, 0x400454dc, &(0x7f00000017c0)=0x1) (async)
recvmsg(0xffffffffffffffff, &(0x7f0000001780)={0x0, 0x0, &(0x7f0000001640)=[{&(0x7f0000000000)=""/9, 0x9}, {&(0x7f0000000100)=""/188, 0xbc}, {&(0x7f00000001c0)=""/238, 0xee}, {&(0x7f00000002c0)=""/207, 0xcf}, {&(0x7f00000003c0)=""/4096, 0x1000}, {&(0x7f0000000080)=""/53, 0x35}, {&(0x7f00000013c0)=""/130, 0x82}, {&(0x7f0000001480)=""/4, 0x4}, {&(0x7f00000014c0)=""/98, 0x62}, {&(0x7f0000001540)=""/199, 0xc7}], 0xa, &(0x7f0000001700)=""/108, 0x6c}, 0x584947f570061eca)

[ 2608.221930][T25575] syz-executor.4: vmalloc error: size 32768, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz4,mems_allowed=0
[ 2608.242492][T25575] CPU: 1 PID: 25575 Comm: syz-executor.4 Not tainted 5.15.91-syzkaller-02991-g7e0097918ff8 #0
[ 2608.252550][T25575] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 2608.262531][T25575] Call Trace:
[ 2608.265743][T25575]  <TASK>
[ 2608.268520][T25575]  dump_stack_lvl+0x151/0x1b7
[ 2608.273034][T25575]  ? io_uring_drop_tctx_refs+0x19a/0x19a
[ 2608.278502][T25575]  ? pr_cont_kernfs_name+0xe6/0x100
[ 2608.283536][T25575]  dump_stack+0x15/0x17
[ 2608.287528][T25575]  warn_alloc+0x242/0x3d0
[ 2608.291693][T25575]  ? zone_watermark_ok_safe+0x280/0x280
[ 2608.297075][T25575]  ? __get_vm_area_node+0x190/0x380
[ 2608.302110][T25575]  __vmalloc_node_range+0x2be/0x800
[ 2608.307145][T25575]  ? dup_task_struct+0x53/0xa60
[ 2608.311828][T25575]  dup_task_struct+0x61f/0xa60
[ 2608.316430][T25575]  ? copy_process+0x579/0x3250
[ 2608.321030][T25575]  ? __kasan_check_write+0x14/0x20
[ 2608.325975][T25575]  copy_process+0x579/0x3250
[ 2608.330403][T25575]  ? __kasan_check_write+0x14/0x20
[ 2608.335359][T25575]  ? proc_fail_nth_write+0x213/0x290
[ 2608.340470][T25575]  ? proc_fail_nth_read+0x220/0x220
[ 2608.345508][T25575]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2608.350451][T25575]  ? vfs_write+0xa37/0x1160
[ 2608.354790][T25575]  ? numa_migrate_prep+0xe0/0xe0
[ 2608.359566][T25575]  kernel_clone+0x21d/0x9c0
[ 2608.363905][T25575]  ? file_end_write+0x1b0/0x1b0
[ 2608.368591][T25575]  ? __kasan_check_write+0x14/0x20
[ 2608.373538][T25575]  ? create_io_thread+0x1e0/0x1e0
[ 2608.378428][T25575]  ? __mutex_lock_slowpath+0x10/0x10
[ 2608.383519][T25575]  __x64_sys_clone+0x289/0x310
[ 2608.388119][T25575]  ? __do_sys_vfork+0x130/0x130
[ 2608.392817][T25575]  ? debug_smp_processor_id+0x17/0x20
[ 2608.398112][T25575]  do_syscall_64+0x44/0xd0
[ 2608.402362][T25575]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2608.408091][T25575] RIP: 0033:0x7fdb204c00c9
[ 2608.412342][T25575] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2608.431787][T25575] RSP: 002b:00007fdb1f233118 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 2608.440202][T25575] RAX: ffffffffffffffda RBX: 00007fdb205dff80 RCX: 00007fdb204c00c9
[ 2608.448019][T25575] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000007c0ad480
[ 2608.455824][T25575] RBP: 00007fdb1f2331d0 R08: 0000000000000000 R09: 0000000000000000
[ 2608.463638][T25575] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000001
[ 2608.471450][T25575] R13: 00007ffddc47e1af R14: 00007fdb1f233300 R15: 0000000000022000
[ 2608.479261][T25575]  </TASK>
[ 2608.482236][T25575] Mem-Info:
[ 2608.486311][T25575] active_anon:15471 inactive_anon:28655 isolated_anon:0
[ 2608.486311][T25575]  active_file:7863 inactive_file:9186 isolated_file:0
[ 2608.486311][T25575]  unevictable:0 dirty:50 writeback:0
[ 2608.486311][T25575]  slab_reclaimable:20247 slab_unreclaimable:69013
[ 2608.486311][T25575]  mapped:28551 shmem:15529 pagetables:545 bounce:0
[ 2608.486311][T25575]  kernel_misc_reclaimable:0
[ 2608.486311][T25575]  free:1513929 free_pcp:26901 free_cma:0
[ 2608.528255][T25575] Node 0 active_anon:61884kB inactive_anon:114520kB active_file:31452kB inactive_file:36744kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:114204kB dirty:200kB writeback:0kB shmem:62116kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB kernel_stack:4484kB pagetables:2080kB all_unreclaimable? no
[ 2608.559346][T25575] DMA32 free:2976724kB min:62592kB low:78240kB high:93888kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:2982336kB mlocked:0kB bounce:0kB free_pcp:5612kB local_pcp:56kB free_cma:0kB
[ 2608.586888][T25575] lowmem_reserve[]: 0 3941 3941
[ 2608.591580][T25575] Normal free:3079200kB min:84860kB low:106072kB high:127284kB reserved_highatomic:0KB active_anon:61884kB inactive_anon:114520kB active_file:31452kB inactive_file:36744kB unevictable:0kB writepending:200kB present:5242880kB managed:4035848kB mlocked:0kB bounce:0kB free_pcp:101964kB local_pcp:48984kB free_cma:0kB
[ 2608.620909][T25575] lowmem_reserve[]: 0 0 0
[ 2608.625164][T25575] DMA32: 3*4kB (M) 1*8kB (M) 2*16kB (M) 3*32kB (M) 3*64kB (M) 3*128kB (M) 3*256kB (M) 3*512kB (M) 4*1024kB (UM) 4*2048kB (UM) 723*4096kB (M) = 2976724kB
[ 2608.640426][T25575] Normal: 6958*4kB (UME) 7453*8kB (UME) 5547*16kB (UME) 3682*32kB (UME) 2437*64kB (UME) 1559*128kB (UME) 517*256kB (UME) 85*512kB (UME) 23*1024kB (UME) 9*2048kB (UME) 540*4096kB (UM) = 3079248kB
[ 2608.659418][T25575] 32578 total pagecache pages
[ 2608.663922][T25575] 0 pages in swap cache
[ 2608.667872][T25575] Swap cache stats: add 0, delete 0, find 0/0
10:52:50 executing program 4:
syz_clone(0x7c0ad580, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 4)

10:52:50 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x6000000)

10:52:50 executing program 1:
syz_clone(0x4c020000, 0x0, 0x0, 0x0, 0x0, 0x0) (async, rerun: 64)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001600)={<r0=>0xffffffffffffffff}) (rerun: 64)
recvmsg$unix(r0, &(0x7f0000001c40)={&(0x7f0000001640), 0x6e, &(0x7f0000001ac0)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9, &(0x7f0000001b80)}, 0x40) (async)
recvmsg$unix(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000), 0x0, &(0x7f0000000040)=[@cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xb0}, 0x40010001)

10:52:50 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
unlink(&(0x7f00000000c0)='./file0\x00')
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
unlink(&(0x7f00000000c0)='./file0\x00') (async)

10:52:50 executing program 0:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0) (async)
ioctl$TUNSETVNETLE(0xffffffffffffffff, 0x400454dc, &(0x7f00000017c0)=0x1) (async)
recvmsg(0xffffffffffffffff, &(0x7f0000001780)={0x0, 0x0, &(0x7f0000001640)=[{&(0x7f0000000000)=""/9, 0x9}, {&(0x7f0000000100)=""/188, 0xbc}, {&(0x7f00000001c0)=""/238, 0xee}, {&(0x7f00000002c0)=""/207, 0xcf}, {&(0x7f00000003c0)=""/4096, 0x1000}, {&(0x7f0000000080)=""/53, 0x35}, {&(0x7f00000013c0)=""/130, 0x82}, {&(0x7f0000001480)=""/4, 0x4}, {&(0x7f00000014c0)=""/98, 0x62}, {&(0x7f0000001540)=""/199, 0xc7}], 0xa, &(0x7f0000001700)=""/108, 0x6c}, 0x584947f570061eca)

10:52:50 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454c8, 0x335)

10:52:50 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x7000000)

10:52:50 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
unlink(&(0x7f00000000c0)='./file0\x00')

10:52:50 executing program 0:
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0)

[ 2608.673794][T25575] Free swap  = 0kB
[ 2608.677332][T25575] Total swap = 0kB
[ 2608.680891][T25575] 2097051 pages RAM
[ 2608.684556][T25575] 0 pages HighMem/MovableOnly
[ 2608.689050][T25575] 342505 pages reserved
[ 2608.693063][T25575] 0 pages cma reserved
10:52:50 executing program 0:
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0) (async)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0) (async)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0) (async)

10:52:50 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x6f1e5983bfd129b2)
unlink(&(0x7f0000000000)='./file0\x00')
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x10002, 0x0)
ioctl$TUNSETSNDBUF(r0, 0x400454d4, &(0x7f0000000100)=0xffffffff)
ioctl$TUNSETQUEUE(r0, 0x400454d9, &(0x7f00000000c0)={'bond_slave_0\x00', 0x400})

10:52:50 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x8000000)

[ 2608.732995][T25631] FAULT_INJECTION: forcing a failure.
[ 2608.732995][T25631] name failslab, interval 1, probability 0, space 0, times 0
[ 2608.750335][T25631] CPU: 0 PID: 25631 Comm: syz-executor.4 Not tainted 5.15.91-syzkaller-02991-g7e0097918ff8 #0
[ 2608.760402][T25631] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 2608.770295][T25631] Call Trace:
[ 2608.773421][T25631]  <TASK>
[ 2608.776196][T25631]  dump_stack_lvl+0x151/0x1b7
[ 2608.780712][T25631]  ? io_uring_drop_tctx_refs+0x19a/0x19a
[ 2608.786180][T25631]  ? _raw_spin_lock+0xa3/0x1b0
[ 2608.790780][T25631]  ? mntput+0x5c/0xc0
[ 2608.794595][T25631]  dump_stack+0x15/0x17
[ 2608.798585][T25631]  should_fail+0x3c0/0x510
[ 2608.802844][T25631]  __should_failslab+0x9f/0xe0
[ 2608.807440][T25631]  should_failslab+0x9/0x20
[ 2608.811778][T25631]  kmem_cache_alloc+0x4f/0x2f0
[ 2608.816377][T25631]  ? create_user_ns+0x59f/0x19b0
[ 2608.821153][T25631]  create_user_ns+0x59f/0x19b0
[ 2608.825750][T25631]  ? utsns_owner+0x40/0x40
[ 2608.830005][T25631]  ? security_prepare_creds+0x149/0x160
[ 2608.835388][T25631]  ? prepare_creds+0x485/0x690
[ 2608.839991][T25631]  copy_creds+0x200/0x640
[ 2608.844157][T25631]  copy_process+0x775/0x3250
[ 2608.848688][T25631]  ? __kasan_check_write+0x14/0x20
[ 2608.853630][T25631]  ? proc_fail_nth_write+0x213/0x290
[ 2608.858750][T25631]  ? proc_fail_nth_read+0x220/0x220
[ 2608.863792][T25631]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2608.868733][T25631]  ? vfs_write+0xa37/0x1160
[ 2608.873071][T25631]  ? numa_migrate_prep+0xe0/0xe0
[ 2608.877845][T25631]  kernel_clone+0x21d/0x9c0
[ 2608.882185][T25631]  ? file_end_write+0x1b0/0x1b0
[ 2608.886871][T25631]  ? __kasan_check_write+0x14/0x20
[ 2608.891818][T25631]  ? create_io_thread+0x1e0/0x1e0
[ 2608.896679][T25631]  ? __mutex_lock_slowpath+0x10/0x10
[ 2608.901802][T25631]  __x64_sys_clone+0x289/0x310
[ 2608.906486][T25631]  ? __do_sys_vfork+0x130/0x130
[ 2608.911173][T25631]  ? debug_smp_processor_id+0x17/0x20
[ 2608.916381][T25631]  do_syscall_64+0x44/0xd0
[ 2608.920633][T25631]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2608.926362][T25631] RIP: 0033:0x7fdb204c00c9
[ 2608.930614][T25631] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2608.950056][T25631] RSP: 002b:00007fdb1f233118 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 2608.958299][T25631] RAX: ffffffffffffffda RBX: 00007fdb205dff80 RCX: 00007fdb204c00c9
[ 2608.966111][T25631] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000007c0ad480
[ 2608.973924][T25631] RBP: 00007fdb1f2331d0 R08: 0000000000000000 R09: 0000000000000000
10:52:50 executing program 4:
syz_clone(0x7c0ad580, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 5)

10:52:50 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x6f1e5983bfd129b2) (async)
unlink(&(0x7f0000000000)='./file0\x00') (async)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x10002, 0x0)
ioctl$TUNSETSNDBUF(r0, 0x400454d4, &(0x7f0000000100)=0xffffffff)
ioctl$TUNSETQUEUE(r0, 0x400454d9, &(0x7f00000000c0)={'bond_slave_0\x00', 0x400})

[ 2608.981737][T25631] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000001
[ 2608.989544][T25631] R13: 00007ffddc47e1af R14: 00007fdb1f233300 R15: 0000000000022000
[ 2608.997359][T25631]  </TASK>
[ 2609.016079][T25649] FAULT_INJECTION: forcing a failure.
[ 2609.016079][T25649] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2609.032241][T25649] CPU: 1 PID: 25649 Comm: syz-executor.4 Not tainted 5.15.91-syzkaller-02991-g7e0097918ff8 #0
[ 2609.042299][T25649] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 2609.052279][T25649] Call Trace:
[ 2609.055401][T25649]  <TASK>
[ 2609.058179][T25649]  dump_stack_lvl+0x151/0x1b7
[ 2609.062697][T25649]  ? io_uring_drop_tctx_refs+0x19a/0x19a
[ 2609.068160][T25649]  ? stack_trace_save+0x12d/0x1f0
[ 2609.073024][T25649]  ? is_bpf_text_address+0x1a2/0x1c0
[ 2609.078143][T25649]  dump_stack+0x15/0x17
[ 2609.082135][T25649]  should_fail+0x3c0/0x510
[ 2609.086389][T25649]  should_fail_alloc_page+0x58/0x70
[ 2609.091419][T25649]  __alloc_pages+0x1de/0x7c0
[ 2609.095846][T25649]  ? kmem_cache_alloc+0x189/0x2f0
[ 2609.100712][T25649]  ? __x64_sys_clone+0x289/0x310
[ 2609.105480][T25649]  ? __count_vm_events+0x30/0x30
[ 2609.110255][T25649]  __get_free_pages+0xe/0x30
[ 2609.114681][T25649]  kasan_populate_vmalloc_pte+0x39/0x130
[ 2609.120147][T25649]  ? __apply_to_page_range+0x8a5/0xb90
[ 2609.125442][T25649]  __apply_to_page_range+0x8b8/0xb90
[ 2609.130569][T25649]  ? kasan_populate_vmalloc+0x70/0x70
[ 2609.135772][T25649]  ? kasan_populate_vmalloc+0x70/0x70
[ 2609.140978][T25649]  apply_to_page_range+0x3b/0x50
[ 2609.145754][T25649]  kasan_populate_vmalloc+0x65/0x70
[ 2609.150808][T25649]  alloc_vmap_area+0x1946/0x1a90
[ 2609.155565][T25649]  ? vm_map_ram+0xa80/0xa80
[ 2609.159900][T25649]  ? __kasan_kmalloc+0x9/0x10
[ 2609.164413][T25649]  ? __get_vm_area_node+0x13a/0x380
[ 2609.169447][T25649]  __get_vm_area_node+0x17b/0x380
[ 2609.174308][T25649]  __vmalloc_node_range+0xda/0x800
[ 2609.179253][T25649]  ? copy_process+0x579/0x3250
[ 2609.183855][T25649]  ? kmem_cache_alloc+0x1c1/0x2f0
[ 2609.188716][T25649]  ? dup_task_struct+0x53/0xa60
[ 2609.193405][T25649]  dup_task_struct+0x61f/0xa60
[ 2609.198002][T25649]  ? copy_process+0x579/0x3250
[ 2609.202606][T25649]  ? __kasan_check_write+0x14/0x20
[ 2609.207560][T25649]  copy_process+0x579/0x3250
[ 2609.211977][T25649]  ? __kasan_check_write+0x14/0x20
[ 2609.216924][T25649]  ? proc_fail_nth_write+0x213/0x290
[ 2609.222042][T25649]  ? proc_fail_nth_read+0x220/0x220
[ 2609.227077][T25649]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2609.232023][T25649]  ? vfs_write+0xa37/0x1160
[ 2609.236365][T25649]  ? numa_migrate_prep+0xe0/0xe0
[ 2609.241136][T25649]  kernel_clone+0x21d/0x9c0
[ 2609.245476][T25649]  ? file_end_write+0x1b0/0x1b0
[ 2609.250167][T25649]  ? __kasan_check_write+0x14/0x20
[ 2609.255111][T25649]  ? create_io_thread+0x1e0/0x1e0
[ 2609.259972][T25649]  ? __mutex_lock_slowpath+0x10/0x10
[ 2609.265094][T25649]  __x64_sys_clone+0x289/0x310
[ 2609.269691][T25649]  ? __do_sys_vfork+0x130/0x130
[ 2609.274381][T25649]  ? debug_smp_processor_id+0x17/0x20
[ 2609.279587][T25649]  do_syscall_64+0x44/0xd0
[ 2609.283840][T25649]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2609.289591][T25649] RIP: 0033:0x7fdb204c00c9
[ 2609.293824][T25649] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2609.313261][T25649] RSP: 002b:00007fdb1f233118 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 2609.321508][T25649] RAX: ffffffffffffffda RBX: 00007fdb205dff80 RCX: 00007fdb204c00c9
[ 2609.329318][T25649] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000007c0ad480
[ 2609.337127][T25649] RBP: 00007fdb1f2331d0 R08: 0000000000000000 R09: 0000000000000000
[ 2609.344942][T25649] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000001
[ 2609.352758][T25649] R13: 00007ffddc47e1af R14: 00007fdb1f233300 R15: 0000000000022000
[ 2609.360563][T25649]  </TASK>
10:52:51 executing program 1:
syz_clone(0x4c020000, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001600)={<r0=>0xffffffffffffffff})
recvmsg$unix(r0, &(0x7f0000001c40)={&(0x7f0000001640), 0x6e, &(0x7f0000001ac0)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9, &(0x7f0000001b80)}, 0x40) (async)
recvmsg$unix(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000), 0x0, &(0x7f0000000040)=[@cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xb0}, 0x40010001)

10:52:51 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0xc000000)

10:52:51 executing program 0:
mkdir(&(0x7f0000000000)='./file1\x00', 0x0)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x0) (async)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0) (async)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0) (async)

10:52:51 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454c9, 0x335)

10:52:51 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x6f1e5983bfd129b2)
unlink(&(0x7f0000000000)='./file0\x00')
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x10002, 0x0)
ioctl$TUNSETSNDBUF(r0, 0x400454d4, &(0x7f0000000100)=0xffffffff)
ioctl$TUNSETQUEUE(r0, 0x400454d9, &(0x7f00000000c0)={'bond_slave_0\x00', 0x400})

10:52:51 executing program 4:
syz_clone(0x7c0ad580, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 6)

10:52:51 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
recvmsg(r0, &(0x7f0000000440)={&(0x7f0000000100)=@pptp={0x18, 0x2, {0x0, @loopback}}, 0x80, &(0x7f0000000340)=[{&(0x7f0000000080)=""/34, 0x22}, {&(0x7f0000000180)=""/73, 0x49}, {&(0x7f0000000200)=""/150, 0x96}, {&(0x7f00000002c0)=""/108, 0x6c}], 0x4, &(0x7f0000000380)=""/137, 0x89}, 0x40000001)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0)

10:52:51 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
unlink(&(0x7f00000000c0)='./file0\x00')
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r0, 0xffffffffffffffff, 0x24}, 0x10)
r1 = openat$cgroup_ro(r0, &(0x7f0000000140)='cpuacct.stat\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r1, 0xffffffffffffffff, 0x24}, 0x10)
r2 = openat$cgroup_ro(r1, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
mkdir(&(0x7f0000000180)='./file0\x00', 0x10)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup.net/syz1\x00', 0x200002, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r2, 0xffffffffffffffff, 0x24}, 0x10)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000080)={&(0x7f0000000000)='./file0\x00', r2}, 0x10)

10:52:51 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0xd000000)

10:52:51 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
unlink(&(0x7f00000000c0)='./file0\x00')
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r0, 0xffffffffffffffff, 0x24}, 0x10) (async)
r1 = openat$cgroup_ro(r0, &(0x7f0000000140)='cpuacct.stat\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r1, 0xffffffffffffffff, 0x24}, 0x10) (async, rerun: 32)
r2 = openat$cgroup_ro(r1, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0) (async, rerun: 32)
mkdir(&(0x7f0000000180)='./file0\x00', 0x10)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup.net/syz1\x00', 0x200002, 0x0) (async, rerun: 32)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r2, 0xffffffffffffffff, 0x24}, 0x10) (async, rerun: 32)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000080)={&(0x7f0000000000)='./file0\x00', r2}, 0x10)

[ 2609.533566][T25660] FAULT_INJECTION: forcing a failure.
[ 2609.533566][T25660] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2609.554671][T25660] CPU: 1 PID: 25660 Comm: syz-executor.4 Not tainted 5.15.91-syzkaller-02991-g7e0097918ff8 #0
[ 2609.564738][T25660] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 2609.574630][T25660] Call Trace:
[ 2609.577755][T25660]  <TASK>
10:52:51 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x10000000)

10:52:51 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x1c000000)

[ 2609.580534][T25660]  dump_stack_lvl+0x151/0x1b7
[ 2609.585050][T25660]  ? io_uring_drop_tctx_refs+0x19a/0x19a
[ 2609.590513][T25660]  ? post_alloc_hook+0x1ab/0x1b0
[ 2609.595292][T25660]  dump_stack+0x15/0x17
[ 2609.599282][T25660]  should_fail+0x3c0/0x510
[ 2609.603537][T25660]  should_fail_alloc_page+0x58/0x70
[ 2609.608568][T25660]  __alloc_pages+0x1de/0x7c0
[ 2609.612993][T25660]  ? __count_vm_events+0x30/0x30
[ 2609.617771][T25660]  ? _raw_spin_trylock_bh+0x1d0/0x1d0
[ 2609.622982][T25660]  __get_free_pages+0xe/0x30
[ 2609.627399][T25660]  kasan_populate_vmalloc_pte+0x39/0x130
[ 2609.632866][T25660]  ? __apply_to_page_range+0x8a5/0xb90
[ 2609.638165][T25660]  __apply_to_page_range+0x8b8/0xb90
[ 2609.643278][T25660]  ? kasan_populate_vmalloc+0x70/0x70
[ 2609.648487][T25660]  ? kasan_populate_vmalloc+0x70/0x70
[ 2609.653699][T25660]  apply_to_page_range+0x3b/0x50
[ 2609.658471][T25660]  kasan_populate_vmalloc+0x65/0x70
[ 2609.663512][T25660]  alloc_vmap_area+0x1946/0x1a90
[ 2609.668284][T25660]  ? vm_map_ram+0xa80/0xa80
[ 2609.672614][T25660]  ? __kasan_kmalloc+0x9/0x10
[ 2609.677130][T25660]  ? __get_vm_area_node+0x13a/0x380
[ 2609.682165][T25660]  __get_vm_area_node+0x17b/0x380
[ 2609.687023][T25660]  __vmalloc_node_range+0xda/0x800
[ 2609.691970][T25660]  ? copy_process+0x579/0x3250
[ 2609.696570][T25660]  ? kmem_cache_alloc+0x1c1/0x2f0
[ 2609.701429][T25660]  ? dup_task_struct+0x53/0xa60
[ 2609.706117][T25660]  dup_task_struct+0x61f/0xa60
[ 2609.710717][T25660]  ? copy_process+0x579/0x3250
[ 2609.715318][T25660]  ? __kasan_check_write+0x14/0x20
[ 2609.720265][T25660]  copy_process+0x579/0x3250
[ 2609.724689][T25660]  ? __kasan_check_write+0x14/0x20
[ 2609.729643][T25660]  ? proc_fail_nth_write+0x213/0x290
[ 2609.734784][T25660]  ? proc_fail_nth_read+0x220/0x220
[ 2609.739796][T25660]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2609.744754][T25660]  ? vfs_write+0xa37/0x1160
[ 2609.749110][T25660]  ? numa_migrate_prep+0xe0/0xe0
[ 2609.753856][T25660]  kernel_clone+0x21d/0x9c0
[ 2609.758193][T25660]  ? file_end_write+0x1b0/0x1b0
[ 2609.762882][T25660]  ? __kasan_check_write+0x14/0x20
[ 2609.767827][T25660]  ? create_io_thread+0x1e0/0x1e0
[ 2609.772691][T25660]  ? __mutex_lock_slowpath+0x10/0x10
[ 2609.777807][T25660]  __x64_sys_clone+0x289/0x310
[ 2609.782407][T25660]  ? __do_sys_vfork+0x130/0x130
[ 2609.787095][T25660]  ? debug_smp_processor_id+0x17/0x20
[ 2609.792303][T25660]  do_syscall_64+0x44/0xd0
[ 2609.796553][T25660]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2609.802282][T25660] RIP: 0033:0x7fdb204c00c9
[ 2609.806623][T25660] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2609.826064][T25660] RSP: 002b:00007fdb1f233118 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
10:52:51 executing program 1:
syz_clone(0xbc0a1000, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000000)='@\x00'}, 0x30)

10:52:51 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x20000000)

10:52:51 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
unlink(&(0x7f00000000c0)='./file0\x00') (async)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r0, 0xffffffffffffffff, 0x24}, 0x10) (async)
r1 = openat$cgroup_ro(r0, &(0x7f0000000140)='cpuacct.stat\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r1, 0xffffffffffffffff, 0x24}, 0x10) (async)
r2 = openat$cgroup_ro(r1, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0) (async)
mkdir(&(0x7f0000000180)='./file0\x00', 0x10)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup.net/syz1\x00', 0x200002, 0x0) (async)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r2, 0xffffffffffffffff, 0x24}, 0x10)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000080)={&(0x7f0000000000)='./file0\x00', r2}, 0x10)

10:52:51 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
recvmsg(r0, &(0x7f0000000440)={&(0x7f0000000100)=@pptp={0x18, 0x2, {0x0, @loopback}}, 0x80, &(0x7f0000000340)=[{&(0x7f0000000080)=""/34, 0x22}, {&(0x7f0000000180)=""/73, 0x49}, {&(0x7f0000000200)=""/150, 0x96}, {&(0x7f00000002c0)=""/108, 0x6c}], 0x4, &(0x7f0000000380)=""/137, 0x89}, 0x40000001) (async, rerun: 64)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async, rerun: 64)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0)

10:52:51 executing program 4:
syz_clone(0x7c0ad580, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 7)

10:52:51 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454ca, 0x335)

[ 2609.834310][T25660] RAX: ffffffffffffffda RBX: 00007fdb205dff80 RCX: 00007fdb204c00c9
[ 2609.842121][T25660] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000007c0ad480
[ 2609.849932][T25660] RBP: 00007fdb1f2331d0 R08: 0000000000000000 R09: 0000000000000000
[ 2609.857746][T25660] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000001
[ 2609.865555][T25660] R13: 00007ffddc47e1af R14: 00007fdb1f233300 R15: 0000000000022000
[ 2609.873367][T25660]  </TASK>
10:52:51 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x2e000000)

10:52:51 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
recvmsg(r0, &(0x7f0000000440)={&(0x7f0000000100)=@pptp={0x18, 0x2, {0x0, @loopback}}, 0x80, &(0x7f0000000340)=[{&(0x7f0000000080)=""/34, 0x22}, {&(0x7f0000000180)=""/73, 0x49}, {&(0x7f0000000200)=""/150, 0x96}, {&(0x7f00000002c0)=""/108, 0x6c}], 0x4, &(0x7f0000000380)=""/137, 0x89}, 0x40000001)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0)

10:52:51 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
unlink(&(0x7f00000000c0)='./file0\x00')
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000080)={&(0x7f0000000000)='./file0\x00'}, 0x10)

10:52:51 executing program 0:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
bpf$LINK_GET_NEXT_ID(0x1f, &(0x7f0000000000)={0x3}, 0x8)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x100)
mkdir(&(0x7f0000000080)='./file1\x00', 0x4a)

10:52:51 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
unlink(&(0x7f00000000c0)='./file0\x00')
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000080)={&(0x7f0000000000)='./file0\x00'}, 0x10)

[ 2609.902886][T25698] FAULT_INJECTION: forcing a failure.
[ 2609.902886][T25698] name failslab, interval 1, probability 0, space 0, times 0
[ 2609.915756][T25698] CPU: 1 PID: 25698 Comm: syz-executor.4 Not tainted 5.15.91-syzkaller-02991-g7e0097918ff8 #0
[ 2609.925824][T25698] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 2609.935707][T25698] Call Trace:
[ 2609.938833][T25698]  <TASK>
[ 2609.941608][T25698]  dump_stack_lvl+0x151/0x1b7
[ 2609.946122][T25698]  ? io_uring_drop_tctx_refs+0x19a/0x19a
10:52:51 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x3f000000)

[ 2609.951591][T25698]  dump_stack+0x15/0x17
[ 2609.955585][T25698]  should_fail+0x3c0/0x510
[ 2609.959835][T25698]  ? __vmalloc_node_range+0x2e3/0x800
[ 2609.965040][T25698]  __should_failslab+0x9f/0xe0
[ 2609.969641][T25698]  should_failslab+0x9/0x20
[ 2609.973981][T25698]  __kmalloc+0x6d/0x350
[ 2609.977975][T25698]  __vmalloc_node_range+0x2e3/0x800
[ 2609.983011][T25698]  dup_task_struct+0x61f/0xa60
[ 2609.987606][T25698]  ? copy_process+0x579/0x3250
[ 2609.992204][T25698]  ? __kasan_check_write+0x14/0x20
[ 2609.997153][T25698]  copy_process+0x579/0x3250
[ 2610.001579][T25698]  ? __kasan_check_write+0x14/0x20
[ 2610.006524][T25698]  ? proc_fail_nth_write+0x213/0x290
[ 2610.011645][T25698]  ? proc_fail_nth_read+0x220/0x220
[ 2610.016687][T25698]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2610.021625][T25698]  ? vfs_write+0xa37/0x1160
[ 2610.025967][T25698]  ? numa_migrate_prep+0xe0/0xe0
[ 2610.030738][T25698]  kernel_clone+0x21d/0x9c0
[ 2610.035079][T25698]  ? file_end_write+0x1b0/0x1b0
[ 2610.039765][T25698]  ? __kasan_check_write+0x14/0x20
[ 2610.044712][T25698]  ? create_io_thread+0x1e0/0x1e0
[ 2610.049573][T25698]  ? __mutex_lock_slowpath+0x10/0x10
[ 2610.054694][T25698]  __x64_sys_clone+0x289/0x310
[ 2610.059295][T25698]  ? __do_sys_vfork+0x130/0x130
[ 2610.063980][T25698]  ? debug_smp_processor_id+0x17/0x20
[ 2610.069189][T25698]  do_syscall_64+0x44/0xd0
[ 2610.073444][T25698]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2610.079169][T25698] RIP: 0033:0x7fdb204c00c9
[ 2610.083425][T25698] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
10:52:51 executing program 1:
syz_clone(0xbc0a1000, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000000)='@\x00'}, 0x30)
syz_clone(0xbc0a1000, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000000)='@\x00'}, 0x30) (async)

10:52:51 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
unlink(&(0x7f00000000c0)='./file0\x00')
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000080)={&(0x7f0000000000)='./file0\x00'}, 0x10)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
unlink(&(0x7f00000000c0)='./file0\x00') (async)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000080)={&(0x7f0000000000)='./file0\x00'}, 0x10) (async)

10:52:51 executing program 0:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
bpf$LINK_GET_NEXT_ID(0x1f, &(0x7f0000000000)={0x3}, 0x8)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x100)
mkdir(&(0x7f0000000080)='./file1\x00', 0x4a)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
bpf$LINK_GET_NEXT_ID(0x1f, &(0x7f0000000000)={0x3}, 0x8) (async)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x100) (async)
mkdir(&(0x7f0000000080)='./file1\x00', 0x4a) (async)

10:52:51 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x40000000)

10:52:51 executing program 4:
syz_clone(0x7c0ad580, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 8)

10:52:51 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cb, 0x335)

10:52:51 executing program 0:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
bpf$LINK_GET_NEXT_ID(0x1f, &(0x7f0000000000)={0x3}, 0x8) (async)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x100) (async, rerun: 32)
mkdir(&(0x7f0000000080)='./file1\x00', 0x4a) (rerun: 32)

[ 2610.102863][T25698] RSP: 002b:00007fdb1f233118 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 2610.111107][T25698] RAX: ffffffffffffffda RBX: 00007fdb205dff80 RCX: 00007fdb204c00c9
[ 2610.118926][T25698] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000007c0ad480
[ 2610.126735][T25698] RBP: 00007fdb1f2331d0 R08: 0000000000000000 R09: 0000000000000000
[ 2610.134541][T25698] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000001
[ 2610.142353][T25698] R13: 00007ffddc47e1af R14: 00007fdb1f233300 R15: 0000000000022000
[ 2610.150165][T25698]  </TASK>
10:52:51 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000000)={&(0x7f0000000180)='.\x00', 0x0, 0x10}, 0x10)
close(r0)
unlink(&(0x7f00000000c0)='./file0\x00')
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, &(0x7f0000000100)={0x5, 0x80, 0xff, 0x8, 0x41, 0x3f, 0x0, 0x3ff, 0xc0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x5b53, 0x2, @perf_bp={&(0x7f0000000080)}, 0x1000, 0x4, 0x2c1, 0xf, 0x8ed9, 0xfff, 0xa, 0x0, 0xadc2, 0x0, 0x3})

10:52:51 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x40000800)

10:52:51 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x81000000)

10:52:51 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x81020000)

[ 2610.179018][T25719] FAULT_INJECTION: forcing a failure.
[ 2610.179018][T25719] name failslab, interval 1, probability 0, space 0, times 0
[ 2610.194534][T25719] CPU: 1 PID: 25719 Comm: syz-executor.4 Not tainted 5.15.91-syzkaller-02991-g7e0097918ff8 #0
[ 2610.204596][T25719] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 2610.214493][T25719] Call Trace:
[ 2610.217613][T25719]  <TASK>
[ 2610.220393][T25719]  dump_stack_lvl+0x151/0x1b7
10:52:51 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x89000000)

[ 2610.224916][T25719]  ? io_uring_drop_tctx_refs+0x19a/0x19a
[ 2610.230373][T25719]  ? __register_sysctl_table+0x1264/0x1330
[ 2610.236016][T25719]  dump_stack+0x15/0x17
[ 2610.240007][T25719]  should_fail+0x3c0/0x510
[ 2610.244256][T25719]  ? alloc_ucounts+0x161/0x4e0
[ 2610.248862][T25719]  __should_failslab+0x9f/0xe0
[ 2610.253463][T25719]  should_failslab+0x9/0x20
[ 2610.257799][T25719]  kmem_cache_alloc_trace+0x4a/0x310
[ 2610.262922][T25719]  ? utsns_owner+0x40/0x40
[ 2610.267169][T25719]  alloc_ucounts+0x161/0x4e0
[ 2610.271597][T25719]  copy_creds+0x345/0x640
[ 2610.275761][T25719]  copy_process+0x775/0x3250
[ 2610.280189][T25719]  ? __update_load_avg_cfs_rq+0xb0/0x2f0
[ 2610.285656][T25719]  ? __switch_to+0x617/0x1170
[ 2610.290168][T25719]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2610.295118][T25719]  kernel_clone+0x21d/0x9c0
[ 2610.299456][T25719]  ? _raw_spin_unlock+0x4d/0x70
[ 2610.304142][T25719]  ? create_io_thread+0x1e0/0x1e0
[ 2610.309002][T25719]  ? __schedule+0xb08/0x1040
[ 2610.313430][T25719]  __x64_sys_clone+0x289/0x310
[ 2610.318029][T25719]  ? __do_sys_vfork+0x130/0x130
[ 2610.322733][T25719]  ? debug_smp_processor_id+0x17/0x20
[ 2610.327923][T25719]  ? fpregs_assert_state_consistent+0xb6/0xe0
[ 2610.333828][T25719]  ? arch_exit_to_user_mode_prepare+0x22/0x70
[ 2610.339727][T25719]  do_syscall_64+0x44/0xd0
[ 2610.343979][T25719]  ? irqentry_exit+0x12/0x40
[ 2610.348407][T25719]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2610.354135][T25719] RIP: 0033:0x7fdb204c00c9
[ 2610.358391][T25719] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
10:52:51 executing program 1:
syz_clone(0xbc0a1000, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000000)='@\x00'}, 0x30)

10:52:51 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x8cffffff)

10:52:51 executing program 0:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x7e)

10:52:51 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000000)={&(0x7f0000000180)='.\x00', 0x0, 0x10}, 0x10)
close(r0)
unlink(&(0x7f00000000c0)='./file0\x00')
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, &(0x7f0000000100)={0x5, 0x80, 0xff, 0x8, 0x41, 0x3f, 0x0, 0x3ff, 0xc0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x5b53, 0x2, @perf_bp={&(0x7f0000000080)}, 0x1000, 0x4, 0x2c1, 0xf, 0x8ed9, 0xfff, 0xa, 0x0, 0xadc2, 0x0, 0x3})
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000000)={&(0x7f0000000180)='.\x00', 0x0, 0x10}, 0x10) (async)
close(r0) (async)
unlink(&(0x7f00000000c0)='./file0\x00') (async)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, &(0x7f0000000100)={0x5, 0x80, 0xff, 0x8, 0x41, 0x3f, 0x0, 0x3ff, 0xc0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x5b53, 0x2, @perf_bp={&(0x7f0000000080)}, 0x1000, 0x4, 0x2c1, 0xf, 0x8ed9, 0xfff, 0xa, 0x0, 0xadc2, 0x0, 0x3}) (async)

10:52:51 executing program 4:
syz_clone(0x7c0ad580, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 9)

10:52:51 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cc, 0x335)

10:52:51 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x91000000)

10:52:51 executing program 0:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x7e)

[ 2610.377828][T25719] RSP: 002b:00007fdb1f233118 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 2610.386073][T25719] RAX: ffffffffffffffda RBX: 00007fdb205dff80 RCX: 00007fdb204c00c9
[ 2610.393884][T25719] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000007c0ad480
[ 2610.401699][T25719] RBP: 00007fdb1f2331d0 R08: 0000000000000000 R09: 0000000000000000
[ 2610.409508][T25719] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000001
[ 2610.417317][T25719] R13: 00007ffddc47e1af R14: 00007fdb1f233300 R15: 0000000000022000
[ 2610.425131][T25719]  </TASK>
10:52:51 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
r0 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000000)={&(0x7f0000000180)='.\x00', 0x0, 0x10}, 0x10)
close(r0) (async)
unlink(&(0x7f00000000c0)='./file0\x00') (async)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, &(0x7f0000000100)={0x5, 0x80, 0xff, 0x8, 0x41, 0x3f, 0x0, 0x3ff, 0xc0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x5b53, 0x2, @perf_bp={&(0x7f0000000080)}, 0x1000, 0x4, 0x2c1, 0xf, 0x8ed9, 0xfff, 0xa, 0x0, 0xadc2, 0x0, 0x3})

10:52:51 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454ce, 0x335)

10:52:52 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x95170000)

10:52:52 executing program 0:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x7e)

10:52:52 executing program 1:
syz_clone(0x4c020000, 0x0, 0x42, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001600)={<r0=>0xffffffffffffffff})
recvmsg$unix(r0, &(0x7f0000001c40)={&(0x7f0000001640), 0x6e, &(0x7f0000001ac0)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9, &(0x7f0000001b80)}, 0x40)
recvmsg$unix(r0, &(0x7f0000000400)={&(0x7f0000000000), 0x6e, &(0x7f0000000340)=[{&(0x7f0000000080)=""/233, 0xe9}, {&(0x7f0000000180)=""/161, 0xfffffffffffffef9}, {&(0x7f0000000240)=""/242, 0xf2}], 0x3, &(0x7f0000000380)=[@cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}], 0x60}, 0x4020)

10:52:52 executing program 3:
ioctl$TUNSETFILTEREBPF(0xffffffffffffffff, 0x800454e1, &(0x7f0000000000))
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
recvmsg(0xffffffffffffffff, &(0x7f00000017c0)={&(0x7f0000001480)=@vsock={0x28, 0x0, 0x0, @my}, 0x80, &(0x7f00000015c0)=[{&(0x7f0000001500)=""/138, 0x8a}, {&(0x7f0000001c80)=""/4096, 0x1000}], 0x2, &(0x7f00000016c0)=""/201, 0xc9}, 0x40000000)
unlink(&(0x7f00000000c0)='./file0/../file0\x00')
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001600)={<r0=>0xffffffffffffffff})
recvmsg(r0, &(0x7f0000001a80)={&(0x7f0000001800)=@ethernet={0x0, @local}, 0x80, &(0x7f0000001a40)=[{&(0x7f0000002c80)=""/4096, 0x1000}, {&(0x7f0000001880)=""/176, 0xb0}, {&(0x7f0000001940)=""/245, 0xf5}, {&(0x7f0000001b80)=""/171, 0xab}], 0x4, &(0x7f0000003c80)=""/173, 0xad}, 0x2)
recvmsg$unix(r0, &(0x7f0000001c40)={&(0x7f0000001640), 0x6e, &(0x7f0000001ac0)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9, &(0x7f0000001b80)}, 0x40)
ioctl$TUNSETSNDBUF(0xffffffffffffffff, 0x400454d4, &(0x7f0000003d40))
recvmsg$unix(r0, &(0x7f0000001440)={&(0x7f0000000100), 0x6e, &(0x7f0000000080)=[{&(0x7f0000000180)=""/161, 0xa1}, {&(0x7f0000000240)=""/184, 0xb8}, {&(0x7f0000000300)=""/4096, 0x1000}, {&(0x7f0000001300)=""/155, 0x9b}], 0x4, &(0x7f00000013c0)=[@cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0x68}, 0x2000)

10:52:52 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x96170000)

10:52:52 executing program 0:
write$cgroup_devices(0xffffffffffffffff, &(0x7f0000000080)=ANY=[@ANYBLOB="62202a3a307a067f47fa2a207200"], 0x8)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000018c0)={0x11, 0x1, &(0x7f00000016c0)=@raw=[@kfunc], &(0x7f0000001700)='GPL\x00', 0x6, 0xee, &(0x7f0000000200)=""/238, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000000100)=r0, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r2, 0xffffffffffffffff, 0x24}, 0x10)
r3 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000140), 0x4)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000180)='memory.current\x00', 0x0, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000001c0)={@cgroup=r2, r3, 0x11, 0x3, r4}, 0x14)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0)

[ 2610.466068][T25772] FAULT_INJECTION: forcing a failure.
[ 2610.466068][T25772] name failslab, interval 1, probability 0, space 0, times 0
[ 2610.511801][T25772] CPU: 0 PID: 25772 Comm: syz-executor.4 Not tainted 5.15.91-syzkaller-02991-g7e0097918ff8 #0
[ 2610.521870][T25772] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 2610.531776][T25772] Call Trace:
[ 2610.534887][T25772]  <TASK>
[ 2610.537665][T25772]  dump_stack_lvl+0x151/0x1b7
[ 2610.542176][T25772]  ? io_uring_drop_tctx_refs+0x19a/0x19a
[ 2610.547645][T25772]  dump_stack+0x15/0x17
[ 2610.551638][T25772]  should_fail+0x3c0/0x510
[ 2610.555896][T25772]  __should_failslab+0x9f/0xe0
[ 2610.560493][T25772]  should_failslab+0x9/0x20
[ 2610.564829][T25772]  kmem_cache_alloc+0x4f/0x2f0
[ 2610.569429][T25772]  ? copy_fs_struct+0x4e/0x230
[ 2610.574032][T25772]  copy_fs_struct+0x4e/0x230
[ 2610.578457][T25772]  copy_fs+0x72/0x140
[ 2610.582285][T25772]  copy_process+0x1214/0x3250
[ 2610.586791][T25772]  ? proc_fail_nth_write+0x213/0x290
[ 2610.591907][T25772]  ? proc_fail_nth_read+0x220/0x220
[ 2610.596942][T25772]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2610.601894][T25772]  ? vfs_write+0xa37/0x1160
[ 2610.606230][T25772]  ? numa_migrate_prep+0xe0/0xe0
[ 2610.611001][T25772]  kernel_clone+0x21d/0x9c0
[ 2610.615341][T25772]  ? file_end_write+0x1b0/0x1b0
[ 2610.620029][T25772]  ? __kasan_check_write+0x14/0x20
[ 2610.624975][T25772]  ? create_io_thread+0x1e0/0x1e0
[ 2610.629836][T25772]  ? __mutex_lock_slowpath+0x10/0x10
[ 2610.634956][T25772]  __x64_sys_clone+0x289/0x310
[ 2610.639556][T25772]  ? __do_sys_vfork+0x130/0x130
[ 2610.644245][T25772]  ? debug_smp_processor_id+0x17/0x20
[ 2610.649453][T25772]  do_syscall_64+0x44/0xd0
[ 2610.653704][T25772]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2610.659431][T25772] RIP: 0033:0x7fdb204c00c9
[ 2610.663692][T25772] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2610.683127][T25772] RSP: 002b:00007fdb1f233118 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 2610.691370][T25772] RAX: ffffffffffffffda RBX: 00007fdb205dff80 RCX: 00007fdb204c00c9
[ 2610.699182][T25772] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000007c0ad480
10:52:52 executing program 4:
syz_clone(0x7c0ad580, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 10)

10:52:52 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454d0, 0x335)

10:52:52 executing program 1:
syz_clone(0x4c020000, 0x0, 0x42, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001600)={<r0=>0xffffffffffffffff})
recvmsg$unix(r0, &(0x7f0000001c40)={&(0x7f0000001640), 0x6e, &(0x7f0000001ac0)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9, &(0x7f0000001b80)}, 0x40)
recvmsg$unix(r0, &(0x7f0000000400)={&(0x7f0000000000), 0x6e, &(0x7f0000000340)=[{&(0x7f0000000080)=""/233, 0xe9}, {&(0x7f0000000180)=""/161, 0xfffffffffffffef9}, {&(0x7f0000000240)=""/242, 0xf2}], 0x3, &(0x7f0000000380)=[@cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}], 0x60}, 0x4020)
syz_clone(0x4c020000, 0x0, 0x42, 0x0, 0x0, 0x0) (async)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001600)) (async)
recvmsg$unix(r0, &(0x7f0000001c40)={&(0x7f0000001640), 0x6e, &(0x7f0000001ac0)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9, &(0x7f0000001b80)}, 0x40) (async)
recvmsg$unix(r0, &(0x7f0000000400)={&(0x7f0000000000), 0x6e, &(0x7f0000000340)=[{&(0x7f0000000080)=""/233, 0xe9}, {&(0x7f0000000180)=""/161, 0xfffffffffffffef9}, {&(0x7f0000000240)=""/242, 0xf2}], 0x3, &(0x7f0000000380)=[@cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}], 0x60}, 0x4020) (async)

10:52:52 executing program 0:
write$cgroup_devices(0xffffffffffffffff, &(0x7f0000000080)=ANY=[@ANYBLOB="62202a3a307a067f47fa2a207200"], 0x8)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000018c0)={0x11, 0x1, &(0x7f00000016c0)=@raw=[@kfunc], &(0x7f0000001700)='GPL\x00', 0x6, 0xee, &(0x7f0000000200)=""/238, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000000100)=r0, 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r2, 0xffffffffffffffff, 0x24}, 0x10)
r3 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000140), 0x4)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000180)='memory.current\x00', 0x0, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000001c0)={@cgroup=r2, r3, 0x11, 0x3, r4}, 0x14)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0)
write$cgroup_devices(0xffffffffffffffff, &(0x7f0000000080)=ANY=[@ANYBLOB="62202a3a307a067f47fa2a207200"], 0x8) (async)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000018c0)={0x11, 0x1, &(0x7f00000016c0)=@raw=[@kfunc], &(0x7f0000001700)='GPL\x00', 0x6, 0xee, &(0x7f0000000200)=""/238, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) (async)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)) (async)
setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000000100)=r0, 0x4) (async)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0) (async)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r2, 0xffffffffffffffff, 0x24}, 0x10) (async)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000140), 0x4) (async)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000180)='memory.current\x00', 0x0, 0x0) (async)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000001c0)={@cgroup=r2, r3, 0x11, 0x3, r4}, 0x14) (async)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0) (async)

10:52:52 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0xa1ffffff)

10:52:52 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0xe4ffffff)

10:52:52 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454d1, 0x335)

[ 2610.706993][T25772] RBP: 00007fdb1f2331d0 R08: 0000000000000000 R09: 0000000000000000
[ 2610.714803][T25772] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000001
[ 2610.722789][T25772] R13: 00007ffddc47e1af R14: 00007fdb1f233300 R15: 0000000000022000
[ 2610.730691][T25772]  </TASK>
10:52:52 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0xec000000)

10:52:52 executing program 1:
syz_clone(0x4c020000, 0x0, 0x42, 0x0, 0x0, 0x0) (async)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001600)={<r0=>0xffffffffffffffff})
recvmsg$unix(r0, &(0x7f0000001c40)={&(0x7f0000001640), 0x6e, &(0x7f0000001ac0)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9, &(0x7f0000001b80)}, 0x40) (async)
recvmsg$unix(r0, &(0x7f0000000400)={&(0x7f0000000000), 0x6e, &(0x7f0000000340)=[{&(0x7f0000000080)=""/233, 0xe9}, {&(0x7f0000000180)=""/161, 0xfffffffffffffef9}, {&(0x7f0000000240)=""/242, 0xf2}], 0x3, &(0x7f0000000380)=[@cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}], 0x60}, 0x4020)

[ 2610.760288][T25812] FAULT_INJECTION: forcing a failure.
[ 2610.760288][T25812] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2610.780129][T25812] CPU: 1 PID: 25812 Comm: syz-executor.4 Not tainted 5.15.91-syzkaller-02991-g7e0097918ff8 #0
[ 2610.790191][T25812] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 2610.800089][T25812] Call Trace:
[ 2610.803217][T25812]  <TASK>
[ 2610.805990][T25812]  dump_stack_lvl+0x151/0x1b7
[ 2610.810500][T25812]  ? io_uring_drop_tctx_refs+0x19a/0x19a
[ 2610.815969][T25812]  ? post_alloc_hook+0x1ab/0x1b0
[ 2610.820746][T25812]  dump_stack+0x15/0x17
[ 2610.824745][T25812]  should_fail+0x3c0/0x510
[ 2610.828990][T25812]  should_fail_alloc_page+0x58/0x70
[ 2610.834147][T25812]  __alloc_pages+0x1de/0x7c0
[ 2610.838572][T25812]  ? __count_vm_events+0x30/0x30
[ 2610.843352][T25812]  ? __kasan_kmalloc+0x9/0x10
[ 2610.847859][T25812]  ? __kmalloc+0x203/0x350
[ 2610.852111][T25812]  ? __vmalloc_node_range+0x2e3/0x800
[ 2610.857318][T25812]  __vmalloc_node_range+0x48f/0x800
[ 2610.862354][T25812]  dup_task_struct+0x61f/0xa60
[ 2610.866956][T25812]  ? copy_process+0x579/0x3250
[ 2610.871555][T25812]  ? __kasan_check_write+0x14/0x20
[ 2610.876504][T25812]  copy_process+0x579/0x3250
[ 2610.881041][T25812]  ? __kasan_check_write+0x14/0x20
[ 2610.885976][T25812]  ? proc_fail_nth_write+0x213/0x290
[ 2610.891096][T25812]  ? proc_fail_nth_read+0x220/0x220
[ 2610.896132][T25812]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2610.901078][T25812]  ? vfs_write+0xa37/0x1160
[ 2610.905416][T25812]  ? numa_migrate_prep+0xe0/0xe0
[ 2610.910192][T25812]  kernel_clone+0x21d/0x9c0
[ 2610.914529][T25812]  ? file_end_write+0x1b0/0x1b0
[ 2610.919219][T25812]  ? __kasan_check_write+0x14/0x20
[ 2610.924164][T25812]  ? create_io_thread+0x1e0/0x1e0
[ 2610.929024][T25812]  ? __mutex_lock_slowpath+0x10/0x10
[ 2610.934150][T25812]  __x64_sys_clone+0x289/0x310
[ 2610.938745][T25812]  ? __do_sys_vfork+0x130/0x130
[ 2610.943442][T25812]  ? debug_smp_processor_id+0x17/0x20
[ 2610.948651][T25812]  do_syscall_64+0x44/0xd0
[ 2610.952895][T25812]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2610.958623][T25812] RIP: 0033:0x7fdb204c00c9
[ 2610.962873][T25812] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2610.982318][T25812] RSP: 002b:00007fdb1f233118 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 2610.990560][T25812] RAX: ffffffffffffffda RBX: 00007fdb205dff80 RCX: 00007fdb204c00c9
[ 2610.998372][T25812] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000007c0ad480
[ 2611.006182][T25812] RBP: 00007fdb1f2331d0 R08: 0000000000000000 R09: 0000000000000000
[ 2611.013992][T25812] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000002
[ 2611.021806][T25812] R13: 00007ffddc47e1af R14: 00007fdb1f233300 R15: 0000000000022000
[ 2611.029623][T25812]  </TASK>
10:52:52 executing program 0:
write$cgroup_devices(0xffffffffffffffff, &(0x7f0000000080)=ANY=[@ANYBLOB="62202a3a307a067f47fa2a207200"], 0x8) (async)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async, rerun: 64)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000018c0)={0x11, 0x1, &(0x7f00000016c0)=@raw=[@kfunc], &(0x7f0000001700)='GPL\x00', 0x6, 0xee, &(0x7f0000000200)=""/238, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) (async, rerun: 64)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000000100)=r0, 0x4) (async, rerun: 64)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0) (rerun: 64)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r2, 0xffffffffffffffff, 0x24}, 0x10)
r3 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000140), 0x4)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000180)='memory.current\x00', 0x0, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000001c0)={@cgroup=r2, r3, 0x11, 0x3, r4}, 0x14) (async, rerun: 64)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0) (rerun: 64)

10:52:52 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454d4, 0x335)

10:52:52 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0xf4ffffff)

10:52:52 executing program 4:
syz_clone(0x7c0ad580, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 11)

10:52:52 executing program 3:
ioctl$TUNSETFILTEREBPF(0xffffffffffffffff, 0x800454e1, &(0x7f0000000000))
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
recvmsg(0xffffffffffffffff, &(0x7f00000017c0)={&(0x7f0000001480)=@vsock={0x28, 0x0, 0x0, @my}, 0x80, &(0x7f00000015c0)=[{&(0x7f0000001500)=""/138, 0x8a}, {&(0x7f0000001c80)=""/4096, 0x1000}], 0x2, &(0x7f00000016c0)=""/201, 0xc9}, 0x40000000)
unlink(&(0x7f00000000c0)='./file0/../file0\x00')
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001600)={<r0=>0xffffffffffffffff})
recvmsg(r0, &(0x7f0000001a80)={&(0x7f0000001800)=@ethernet={0x0, @local}, 0x80, &(0x7f0000001a40)=[{&(0x7f0000002c80)=""/4096, 0x1000}, {&(0x7f0000001880)=""/176, 0xb0}, {&(0x7f0000001940)=""/245, 0xf5}, {&(0x7f0000001b80)=""/171, 0xab}], 0x4, &(0x7f0000003c80)=""/173, 0xad}, 0x2)
recvmsg$unix(r0, &(0x7f0000001c40)={&(0x7f0000001640), 0x6e, &(0x7f0000001ac0)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9, &(0x7f0000001b80)}, 0x40)
ioctl$TUNSETSNDBUF(0xffffffffffffffff, 0x400454d4, &(0x7f0000003d40))
recvmsg$unix(r0, &(0x7f0000001440)={&(0x7f0000000100), 0x6e, &(0x7f0000000080)=[{&(0x7f0000000180)=""/161, 0xa1}, {&(0x7f0000000240)=""/184, 0xb8}, {&(0x7f0000000300)=""/4096, 0x1000}, {&(0x7f0000001300)=""/155, 0x9b}], 0x4, &(0x7f00000013c0)=[@cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0x68}, 0x2000)
ioctl$TUNSETFILTEREBPF(0xffffffffffffffff, 0x800454e1, &(0x7f0000000000)) (async)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
recvmsg(0xffffffffffffffff, &(0x7f00000017c0)={&(0x7f0000001480)=@vsock={0x28, 0x0, 0x0, @my}, 0x80, &(0x7f00000015c0)=[{&(0x7f0000001500)=""/138, 0x8a}, {&(0x7f0000001c80)=""/4096, 0x1000}], 0x2, &(0x7f00000016c0)=""/201, 0xc9}, 0x40000000) (async)
unlink(&(0x7f00000000c0)='./file0/../file0\x00') (async)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001600)) (async)
recvmsg(r0, &(0x7f0000001a80)={&(0x7f0000001800)=@ethernet={0x0, @local}, 0x80, &(0x7f0000001a40)=[{&(0x7f0000002c80)=""/4096, 0x1000}, {&(0x7f0000001880)=""/176, 0xb0}, {&(0x7f0000001940)=""/245, 0xf5}, {&(0x7f0000001b80)=""/171, 0xab}], 0x4, &(0x7f0000003c80)=""/173, 0xad}, 0x2) (async)
recvmsg$unix(r0, &(0x7f0000001c40)={&(0x7f0000001640), 0x6e, &(0x7f0000001ac0)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9, &(0x7f0000001b80)}, 0x40) (async)
ioctl$TUNSETSNDBUF(0xffffffffffffffff, 0x400454d4, &(0x7f0000003d40)) (async)
recvmsg$unix(r0, &(0x7f0000001440)={&(0x7f0000000100), 0x6e, &(0x7f0000000080)=[{&(0x7f0000000180)=""/161, 0xa1}, {&(0x7f0000000240)=""/184, 0xb8}, {&(0x7f0000000300)=""/4096, 0x1000}, {&(0x7f0000001300)=""/155, 0x9b}], 0x4, &(0x7f00000013c0)=[@cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0x68}, 0x2000) (async)

10:52:52 executing program 1:
syz_clone(0x40002000, 0x0, 0xffffffffffffff38, 0x0, 0x0, 0x0)

10:52:52 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454d8, 0x335)

10:52:52 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0xf6ffffff)

10:52:52 executing program 0:
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000003440)={&(0x7f0000000100)=@abs, 0x6e, &(0x7f0000003340)=[{&(0x7f0000000180)=""/4096, 0x1000}, {&(0x7f0000001180)=""/117, 0x75}, {&(0x7f0000000000)=""/29, 0x1d}, {&(0x7f0000001200)=""/4096, 0x1000}, {&(0x7f0000002200)=""/4096, 0x1000}, {&(0x7f0000000080)=""/23, 0x17}, {&(0x7f0000003200)=""/249, 0xf9}, {&(0x7f0000003300)=""/57, 0x39}], 0x8, &(0x7f00000035c0)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRESDEC, @ANYBLOB="0000000005000000000000000100001002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYRESOCT, @ANYRES32, @ANYRESHEX, @ANYRES32, @ANYRES32], 0x60}, 0x41)

[ 2611.354331][T25839] FAULT_INJECTION: forcing a failure.
[ 2611.354331][T25839] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2611.369315][T25839] CPU: 1 PID: 25839 Comm: syz-executor.4 Not tainted 5.15.91-syzkaller-02991-g7e0097918ff8 #0
[ 2611.379462][T25839] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 2611.389359][T25839] Call Trace:
[ 2611.392482][T25839]  <TASK>
[ 2611.395258][T25839]  dump_stack_lvl+0x151/0x1b7
10:52:52 executing program 0:
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000003440)={&(0x7f0000000100)=@abs, 0x6e, &(0x7f0000003340)=[{&(0x7f0000000180)=""/4096, 0x1000}, {&(0x7f0000001180)=""/117, 0x75}, {&(0x7f0000000000)=""/29, 0x1d}, {&(0x7f0000001200)=""/4096, 0x1000}, {&(0x7f0000002200)=""/4096, 0x1000}, {&(0x7f0000000080)=""/23, 0x17}, {&(0x7f0000003200)=""/249, 0xf9}, {&(0x7f0000003300)=""/57, 0x39}], 0x8, &(0x7f00000035c0)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRESDEC, @ANYBLOB="0000000005000000000000000100001002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYRESOCT, @ANYRES32, @ANYRESHEX, @ANYRES32, @ANYRES32], 0x60}, 0x41)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0) (async)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000003440)={&(0x7f0000000100)=@abs, 0x6e, &(0x7f0000003340)=[{&(0x7f0000000180)=""/4096, 0x1000}, {&(0x7f0000001180)=""/117, 0x75}, {&(0x7f0000000000)=""/29, 0x1d}, {&(0x7f0000001200)=""/4096, 0x1000}, {&(0x7f0000002200)=""/4096, 0x1000}, {&(0x7f0000000080)=""/23, 0x17}, {&(0x7f0000003200)=""/249, 0xf9}, {&(0x7f0000003300)=""/57, 0x39}], 0x8, &(0x7f00000035c0)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRESDEC, @ANYBLOB="0000000005000000000000000100001002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYRESOCT, @ANYRES32, @ANYRESHEX, @ANYRES32, @ANYRES32], 0x60}, 0x41) (async)

10:52:52 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0xfbffffff)

10:52:52 executing program 0:
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0) (async)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000003440)={&(0x7f0000000100)=@abs, 0x6e, &(0x7f0000003340)=[{&(0x7f0000000180)=""/4096, 0x1000}, {&(0x7f0000001180)=""/117, 0x75}, {&(0x7f0000000000)=""/29, 0x1d}, {&(0x7f0000001200)=""/4096, 0x1000}, {&(0x7f0000002200)=""/4096, 0x1000}, {&(0x7f0000000080)=""/23, 0x17}, {&(0x7f0000003200)=""/249, 0xf9}, {&(0x7f0000003300)=""/57, 0x39}], 0x8, &(0x7f00000035c0)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRESDEC, @ANYBLOB="0000000005000000000000000100001002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYRESOCT, @ANYRES32, @ANYRESHEX, @ANYRES32, @ANYRES32], 0x60}, 0x41)

10:52:52 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0xfeffffff)

10:52:52 executing program 0:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000080)={&(0x7f0000000000)='./file0\x00'}, 0x10)

[ 2611.399774][T25839]  ? io_uring_drop_tctx_refs+0x19a/0x19a
[ 2611.405242][T25839]  ? post_alloc_hook+0x1ab/0x1b0
[ 2611.410016][T25839]  dump_stack+0x15/0x17
[ 2611.414004][T25839]  should_fail+0x3c0/0x510
[ 2611.418260][T25839]  should_fail_alloc_page+0x58/0x70
[ 2611.423292][T25839]  __alloc_pages+0x1de/0x7c0
[ 2611.427720][T25839]  ? __count_vm_events+0x30/0x30
[ 2611.432492][T25839]  ? __kasan_kmalloc+0x9/0x10
[ 2611.437005][T25839]  ? __kmalloc+0x203/0x350
[ 2611.441259][T25839]  ? __vmalloc_node_range+0x2e3/0x800
[ 2611.446474][T25839]  __vmalloc_node_range+0x48f/0x800
[ 2611.451505][T25839]  dup_task_struct+0x61f/0xa60
[ 2611.456099][T25839]  ? copy_process+0x579/0x3250
[ 2611.460701][T25839]  ? __kasan_check_write+0x14/0x20
[ 2611.465648][T25839]  copy_process+0x579/0x3250
[ 2611.470071][T25839]  ? __kasan_check_write+0x14/0x20
[ 2611.475017][T25839]  ? proc_fail_nth_write+0x213/0x290
[ 2611.480138][T25839]  ? proc_fail_nth_read+0x220/0x220
[ 2611.485170][T25839]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2611.490117][T25839]  ? vfs_write+0xa37/0x1160
[ 2611.494458][T25839]  ? numa_migrate_prep+0xe0/0xe0
[ 2611.499232][T25839]  kernel_clone+0x21d/0x9c0
[ 2611.503571][T25839]  ? file_end_write+0x1b0/0x1b0
[ 2611.508257][T25839]  ? __kasan_check_write+0x14/0x20
[ 2611.513204][T25839]  ? create_io_thread+0x1e0/0x1e0
[ 2611.518064][T25839]  ? __mutex_lock_slowpath+0x10/0x10
[ 2611.523189][T25839]  __x64_sys_clone+0x289/0x310
[ 2611.527786][T25839]  ? __do_sys_vfork+0x130/0x130
[ 2611.532475][T25839]  ? debug_smp_processor_id+0x17/0x20
[ 2611.537681][T25839]  do_syscall_64+0x44/0xd0
[ 2611.541933][T25839]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2611.547661][T25839] RIP: 0033:0x7fdb204c00c9
[ 2611.551914][T25839] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2611.571361][T25839] RSP: 002b:00007fdb1f233118 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 2611.579607][T25839] RAX: ffffffffffffffda RBX: 00007fdb205dff80 RCX: 00007fdb204c00c9
[ 2611.587410][T25839] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000007c0ad480
[ 2611.595223][T25839] RBP: 00007fdb1f2331d0 R08: 0000000000000000 R09: 0000000000000000
[ 2611.603034][T25839] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000002
[ 2611.610845][T25839] R13: 00007ffddc47e1af R14: 00007fdb1f233300 R15: 0000000000022000
[ 2611.618658][T25839]  </TASK>
10:52:53 executing program 3:
ioctl$TUNSETFILTEREBPF(0xffffffffffffffff, 0x800454e1, &(0x7f0000000000)) (async)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
recvmsg(0xffffffffffffffff, &(0x7f00000017c0)={&(0x7f0000001480)=@vsock={0x28, 0x0, 0x0, @my}, 0x80, &(0x7f00000015c0)=[{&(0x7f0000001500)=""/138, 0x8a}, {&(0x7f0000001c80)=""/4096, 0x1000}], 0x2, &(0x7f00000016c0)=""/201, 0xc9}, 0x40000000) (async)
unlink(&(0x7f00000000c0)='./file0/../file0\x00') (async)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001600)={<r0=>0xffffffffffffffff})
recvmsg(r0, &(0x7f0000001a80)={&(0x7f0000001800)=@ethernet={0x0, @local}, 0x80, &(0x7f0000001a40)=[{&(0x7f0000002c80)=""/4096, 0x1000}, {&(0x7f0000001880)=""/176, 0xb0}, {&(0x7f0000001940)=""/245, 0xf5}, {&(0x7f0000001b80)=""/171, 0xab}], 0x4, &(0x7f0000003c80)=""/173, 0xad}, 0x2) (async)
recvmsg$unix(r0, &(0x7f0000001c40)={&(0x7f0000001640), 0x6e, &(0x7f0000001ac0)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9, &(0x7f0000001b80)}, 0x40) (async)
ioctl$TUNSETSNDBUF(0xffffffffffffffff, 0x400454d4, &(0x7f0000003d40))
recvmsg$unix(r0, &(0x7f0000001440)={&(0x7f0000000100), 0x6e, &(0x7f0000000080)=[{&(0x7f0000000180)=""/161, 0xa1}, {&(0x7f0000000240)=""/184, 0xb8}, {&(0x7f0000000300)=""/4096, 0x1000}, {&(0x7f0000001300)=""/155, 0x9b}], 0x4, &(0x7f00000013c0)=[@cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0x68}, 0x2000)

10:52:53 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0xff010000)

10:52:53 executing program 0:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000080)={&(0x7f0000000000)='./file0\x00'}, 0x10)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0) (async)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000080)={&(0x7f0000000000)='./file0\x00'}, 0x10) (async)

10:52:53 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454d9, 0x335)

10:52:53 executing program 4:
syz_clone(0x7c0ad580, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 12)

10:52:53 executing program 1:
syz_clone(0x40002000, 0x0, 0xffffffffffffff38, 0x0, 0x0, 0x0)

10:52:53 executing program 0:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0) (async)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000080)={&(0x7f0000000000)='./file0\x00'}, 0x10)

10:52:53 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0xffffff7f)

10:52:53 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454da, 0x335)

10:52:53 executing program 0:
ioctl$TUNATTACHFILTER(0xffffffffffffffff, 0x401054d5, &(0x7f0000000a80)={0x7, &(0x7f0000000900)=[{0xc62, 0x1f, 0x45, 0x8000}, {0x3b, 0x4, 0x1, 0x2}, {0xf051, 0xd1, 0xf8, 0x800000}, {0xf766, 0x7, 0x1f, 0x8}, {0x4, 0x2, 0x3, 0x5}, {0x6, 0x6, 0xf2, 0x5}, {0x2, 0x5d, 0xff, 0x1000}]})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x20040, 0x0)
ioctl$TUNSETVNETLE(r0, 0x400454dc, &(0x7f0000000000)=0x3)
ioctl$TUNGETSNDBUF(r0, 0x800454d3, &(0x7f0000000100))
ioctl$TUNSETCARRIER(0xffffffffffffffff, 0x400454e2, &(0x7f0000000980))
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$PERF_EVENT_IOC_RESET(0xffffffffffffffff, 0x2403, 0xf26)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000940)={&(0x7f0000000140), 0x6e, &(0x7f0000000840)=[{&(0x7f00000001c0)=""/25, 0x19}, {&(0x7f0000000200)=""/72, 0x48}, {&(0x7f0000000280)=""/123, 0x7b}, {&(0x7f0000000300)=""/138, 0x8a}, {&(0x7f00000003c0)=""/113, 0x71}, {&(0x7f0000000440)=""/146, 0x92}, {&(0x7f0000000500)=""/142, 0x8e}, {&(0x7f00000005c0)=""/215, 0xd7}, {&(0x7f00000006c0)=""/79, 0x4f}, {&(0x7f0000000740)=""/223, 0xdf}], 0xa, &(0x7f00000009c0)=ANY=[@ANYBLOB="1800000001000100000000000100000081a99168bd7a160ab89c0064f969cd4e54d300fc6fd4c7134b40e22950ca2d7be10bde2e7da8a65983cedd74f3dd3483c354ad9b2dd28a147c907f04a1a25be78aa22fad3fc4472c849c19c7106ccfa488ca2b07539557325f0413558f8b47cd5cf7b45fd09922eb0067a2aa758d000000000000", @ANYRES32, @ANYRES32, @ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00'], 0x38}, 0x60)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0)

[ 2611.682946][T25870] FAULT_INJECTION: forcing a failure.
[ 2611.682946][T25870] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2611.707693][T25870] CPU: 1 PID: 25870 Comm: syz-executor.4 Not tainted 5.15.91-syzkaller-02991-g7e0097918ff8 #0
[ 2611.717756][T25870] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 2611.727648][T25870] Call Trace:
[ 2611.730775][T25870]  <TASK>
[ 2611.733549][T25870]  dump_stack_lvl+0x151/0x1b7
[ 2611.738059][T25870]  ? io_uring_drop_tctx_refs+0x19a/0x19a
[ 2611.743526][T25870]  ? post_alloc_hook+0x1ab/0x1b0
[ 2611.748306][T25870]  dump_stack+0x15/0x17
[ 2611.752291][T25870]  should_fail+0x3c0/0x510
[ 2611.756548][T25870]  should_fail_alloc_page+0x58/0x70
[ 2611.761578][T25870]  __alloc_pages+0x1de/0x7c0
[ 2611.766009][T25870]  ? __count_vm_events+0x30/0x30
[ 2611.770782][T25870]  ? __kasan_kmalloc+0x9/0x10
[ 2611.775294][T25870]  ? __kmalloc+0x203/0x350
[ 2611.779549][T25870]  ? __vmalloc_node_range+0x2e3/0x800
[ 2611.784784][T25870]  __vmalloc_node_range+0x48f/0x800
[ 2611.789789][T25870]  dup_task_struct+0x61f/0xa60
[ 2611.794387][T25870]  ? copy_process+0x579/0x3250
[ 2611.798988][T25870]  ? __kasan_check_write+0x14/0x20
[ 2611.803935][T25870]  copy_process+0x579/0x3250
[ 2611.808360][T25870]  ? __kasan_check_write+0x14/0x20
[ 2611.813308][T25870]  ? proc_fail_nth_write+0x213/0x290
[ 2611.818430][T25870]  ? proc_fail_nth_read+0x220/0x220
[ 2611.823464][T25870]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2611.828411][T25870]  ? vfs_write+0xa37/0x1160
[ 2611.832752][T25870]  ? numa_migrate_prep+0xe0/0xe0
[ 2611.837525][T25870]  kernel_clone+0x21d/0x9c0
[ 2611.841862][T25870]  ? file_end_write+0x1b0/0x1b0
[ 2611.846549][T25870]  ? __kasan_check_write+0x14/0x20
[ 2611.851526][T25870]  ? create_io_thread+0x1e0/0x1e0
[ 2611.856357][T25870]  ? __mutex_lock_slowpath+0x10/0x10
[ 2611.861477][T25870]  __x64_sys_clone+0x289/0x310
[ 2611.866078][T25870]  ? __do_sys_vfork+0x130/0x130
[ 2611.870766][T25870]  ? debug_smp_processor_id+0x17/0x20
[ 2611.875973][T25870]  do_syscall_64+0x44/0xd0
[ 2611.880223][T25870]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2611.885951][T25870] RIP: 0033:0x7fdb204c00c9
[ 2611.890205][T25870] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2611.909645][T25870] RSP: 002b:00007fdb1f233118 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 2611.917891][T25870] RAX: ffffffffffffffda RBX: 00007fdb205dff80 RCX: 00007fdb204c00c9
[ 2611.925710][T25870] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000007c0ad480
10:52:53 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454dc, 0x335)

10:52:53 executing program 4:
syz_clone(0x7c0ad580, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 13)

[ 2611.933601][T25870] RBP: 00007fdb1f2331d0 R08: 0000000000000000 R09: 0000000000000000
[ 2611.941411][T25870] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000002
[ 2611.949221][T25870] R13: 00007ffddc47e1af R14: 00007fdb1f233300 R15: 0000000000022000
[ 2611.957036][T25870]  </TASK>
[ 2612.038271][T25902] FAULT_INJECTION: forcing a failure.
[ 2612.038271][T25902] name failslab, interval 1, probability 0, space 0, times 0
[ 2612.050733][T25902] CPU: 0 PID: 25902 Comm: syz-executor.4 Not tainted 5.15.91-syzkaller-02991-g7e0097918ff8 #0
[ 2612.060854][T25902] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 2612.070745][T25902] Call Trace:
[ 2612.073871][T25902]  <TASK>
[ 2612.076646][T25902]  dump_stack_lvl+0x151/0x1b7
[ 2612.081160][T25902]  ? io_uring_drop_tctx_refs+0x19a/0x19a
[ 2612.086629][T25902]  dump_stack+0x15/0x17
[ 2612.090620][T25902]  should_fail+0x3c0/0x510
[ 2612.094875][T25902]  ? mm_init+0x392/0x960
[ 2612.098951][T25902]  __should_failslab+0x9f/0xe0
[ 2612.103551][T25902]  should_failslab+0x9/0x20
[ 2612.107888][T25902]  kmem_cache_alloc_trace+0x4a/0x310
[ 2612.113009][T25902]  mm_init+0x392/0x960
[ 2612.116916][T25902]  dup_mm+0x7e/0x2e0
[ 2612.120649][T25902]  copy_mm+0x108/0x1b0
[ 2612.124556][T25902]  copy_process+0x1295/0x3250
[ 2612.129073][T25902]  ? proc_fail_nth_write+0x213/0x290
[ 2612.134188][T25902]  ? proc_fail_nth_read+0x220/0x220
[ 2612.139221][T25902]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2612.144167][T25902]  ? vfs_write+0xa37/0x1160
[ 2612.148507][T25902]  ? numa_migrate_prep+0xe0/0xe0
[ 2612.153282][T25902]  kernel_clone+0x21d/0x9c0
[ 2612.157621][T25902]  ? file_end_write+0x1b0/0x1b0
[ 2612.162309][T25902]  ? __kasan_check_write+0x14/0x20
[ 2612.167254][T25902]  ? create_io_thread+0x1e0/0x1e0
[ 2612.172115][T25902]  ? __mutex_lock_slowpath+0x10/0x10
[ 2612.177238][T25902]  __x64_sys_clone+0x289/0x310
[ 2612.181839][T25902]  ? __do_sys_vfork+0x130/0x130
[ 2612.186527][T25902]  ? debug_smp_processor_id+0x17/0x20
[ 2612.191733][T25902]  do_syscall_64+0x44/0xd0
[ 2612.195984][T25902]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2612.201725][T25902] RIP: 0033:0x7fdb204c00c9
[ 2612.205973][T25902] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2612.225409][T25902] RSP: 002b:00007fdb1f233118 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 2612.233649][T25902] RAX: ffffffffffffffda RBX: 00007fdb205dff80 RCX: 00007fdb204c00c9
[ 2612.241463][T25902] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000007c0ad480
[ 2612.249272][T25902] RBP: 00007fdb1f2331d0 R08: 0000000000000000 R09: 0000000000000000
[ 2612.257082][T25902] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000002
[ 2612.264897][T25902] R13: 00007ffddc47e1af R14: 00007fdb1f233300 R15: 0000000000022000
[ 2612.272709][T25902]  </TASK>
10:52:54 executing program 3:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x400000, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@map=r1, 0xffffffffffffffff, 0x24}, 0x10)
openat$cgroup_devices(r1, &(0x7f0000000100)='devices.allow\x00', 0x2, 0x0)
r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000001c0)={0xffffffffffffffff}, 0x4)
ioctl$TUNSETSNDBUF(r0, 0x400454d4, &(0x7f0000000180)=0x401)
ioctl$TUNSETFILTEREBPF(r0, 0x800454e1, &(0x7f0000000140)=r2)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
unlink(&(0x7f00000000c0)='./file0\x00')
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000240)={0xffffffffffffffff, 0x13, 0x0, 0x5, &(0x7f0000000200)=[0x0, 0x0], 0x2}, 0x20)
mkdir(&(0x7f0000000000)='./file0/file0\x00', 0x1)

10:52:54 executing program 0:
ioctl$TUNATTACHFILTER(0xffffffffffffffff, 0x401054d5, &(0x7f0000000a80)={0x7, &(0x7f0000000900)=[{0xc62, 0x1f, 0x45, 0x8000}, {0x3b, 0x4, 0x1, 0x2}, {0xf051, 0xd1, 0xf8, 0x800000}, {0xf766, 0x7, 0x1f, 0x8}, {0x4, 0x2, 0x3, 0x5}, {0x6, 0x6, 0xf2, 0x5}, {0x2, 0x5d, 0xff, 0x1000}]})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x20040, 0x0)
ioctl$TUNSETVNETLE(r0, 0x400454dc, &(0x7f0000000000)=0x3)
ioctl$TUNGETSNDBUF(r0, 0x800454d3, &(0x7f0000000100))
ioctl$TUNSETCARRIER(0xffffffffffffffff, 0x400454e2, &(0x7f0000000980))
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$PERF_EVENT_IOC_RESET(0xffffffffffffffff, 0x2403, 0xf26)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000940)={&(0x7f0000000140), 0x6e, &(0x7f0000000840)=[{&(0x7f00000001c0)=""/25, 0x19}, {&(0x7f0000000200)=""/72, 0x48}, {&(0x7f0000000280)=""/123, 0x7b}, {&(0x7f0000000300)=""/138, 0x8a}, {&(0x7f00000003c0)=""/113, 0x71}, {&(0x7f0000000440)=""/146, 0x92}, {&(0x7f0000000500)=""/142, 0x8e}, {&(0x7f00000005c0)=""/215, 0xd7}, {&(0x7f00000006c0)=""/79, 0x4f}, {&(0x7f0000000740)=""/223, 0xdf}], 0xa, &(0x7f00000009c0)=ANY=[@ANYBLOB="1800000001000100000000000100000081a99168bd7a160ab89c0064f969cd4e54d300fc6fd4c7134b40e22950ca2d7be10bde2e7da8a65983cedd74f3dd3483c354ad9b2dd28a147c907f04a1a25be78aa22fad3fc4472c849c19c7106ccfa488ca2b07539557325f0413558f8b47cd5cf7b45fd09922eb0067a2aa758d000000000000", @ANYRES32, @ANYRES32, @ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00'], 0x38}, 0x60)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0)
ioctl$TUNATTACHFILTER(0xffffffffffffffff, 0x401054d5, &(0x7f0000000a80)={0x7, &(0x7f0000000900)=[{0xc62, 0x1f, 0x45, 0x8000}, {0x3b, 0x4, 0x1, 0x2}, {0xf051, 0xd1, 0xf8, 0x800000}, {0xf766, 0x7, 0x1f, 0x8}, {0x4, 0x2, 0x3, 0x5}, {0x6, 0x6, 0xf2, 0x5}, {0x2, 0x5d, 0xff, 0x1000}]}) (async)
openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x20040, 0x0) (async)
ioctl$TUNSETVNETLE(r0, 0x400454dc, &(0x7f0000000000)=0x3) (async)
ioctl$TUNGETSNDBUF(r0, 0x800454d3, &(0x7f0000000100)) (async)
ioctl$TUNSETCARRIER(0xffffffffffffffff, 0x400454e2, &(0x7f0000000980)) (async)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
ioctl$PERF_EVENT_IOC_RESET(0xffffffffffffffff, 0x2403, 0xf26) (async)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000940)={&(0x7f0000000140), 0x6e, &(0x7f0000000840)=[{&(0x7f00000001c0)=""/25, 0x19}, {&(0x7f0000000200)=""/72, 0x48}, {&(0x7f0000000280)=""/123, 0x7b}, {&(0x7f0000000300)=""/138, 0x8a}, {&(0x7f00000003c0)=""/113, 0x71}, {&(0x7f0000000440)=""/146, 0x92}, {&(0x7f0000000500)=""/142, 0x8e}, {&(0x7f00000005c0)=""/215, 0xd7}, {&(0x7f00000006c0)=""/79, 0x4f}, {&(0x7f0000000740)=""/223, 0xdf}], 0xa, &(0x7f00000009c0)=ANY=[@ANYBLOB="1800000001000100000000000100000081a99168bd7a160ab89c0064f969cd4e54d300fc6fd4c7134b40e22950ca2d7be10bde2e7da8a65983cedd74f3dd3483c354ad9b2dd28a147c907f04a1a25be78aa22fad3fc4472c849c19c7106ccfa488ca2b07539557325f0413558f8b47cd5cf7b45fd09922eb0067a2aa758d000000000000", @ANYRES32, @ANYRES32, @ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00'], 0x38}, 0x60) (async)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0) (async)

10:52:54 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454e2, 0x335)

10:52:54 executing program 1:
syz_clone(0x40002000, 0x0, 0xffffffffffffff38, 0x0, 0x0, 0x0)

10:52:54 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0xffffff8c)

10:52:54 executing program 4:
syz_clone(0x7c0ad580, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 14)

10:52:54 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0xffffffa1)

10:52:54 executing program 3:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x400000, 0x0) (async)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@map=r1, 0xffffffffffffffff, 0x24}, 0x10) (async)
openat$cgroup_devices(r1, &(0x7f0000000100)='devices.allow\x00', 0x2, 0x0)
r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000001c0)={0xffffffffffffffff}, 0x4) (async)
ioctl$TUNSETSNDBUF(r0, 0x400454d4, &(0x7f0000000180)=0x401)
ioctl$TUNSETFILTEREBPF(r0, 0x800454e1, &(0x7f0000000140)=r2) (async)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
unlink(&(0x7f00000000c0)='./file0\x00') (async)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000240)={0xffffffffffffffff, 0x13, 0x0, 0x5, &(0x7f0000000200)=[0x0, 0x0], 0x2}, 0x20)
mkdir(&(0x7f0000000000)='./file0/file0\x00', 0x1)

10:52:54 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x40049409, 0x335)

10:52:54 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNGETFEATURES(r0, 0x800454cf, &(0x7f0000000040))
syz_clone(0x4c020000, 0x0, 0x0, 0x0, 0x0, 0x0)

[ 2612.555518][T25912] FAULT_INJECTION: forcing a failure.
[ 2612.555518][T25912] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2612.572538][T25912] CPU: 1 PID: 25912 Comm: syz-executor.4 Not tainted 5.15.91-syzkaller-02991-g7e0097918ff8 #0
[ 2612.582604][T25912] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 2612.592498][T25912] Call Trace:
[ 2612.595621][T25912]  <TASK>
[ 2612.598400][T25912]  dump_stack_lvl+0x151/0x1b7
[ 2612.602913][T25912]  ? io_uring_drop_tctx_refs+0x19a/0x19a
[ 2612.608380][T25912]  ? pcpu_block_update_hint_alloc+0x972/0xd00
[ 2612.614284][T25912]  dump_stack+0x15/0x17
[ 2612.618275][T25912]  should_fail+0x3c0/0x510
[ 2612.622543][T25912]  should_fail_alloc_page+0x58/0x70
[ 2612.627560][T25912]  __alloc_pages+0x1de/0x7c0
[ 2612.631990][T25912]  ? __count_vm_events+0x30/0x30
[ 2612.636764][T25912]  __get_free_pages+0xe/0x30
[ 2612.641185][T25912]  pgd_alloc+0x22/0x2c0
[ 2612.645191][T25912]  mm_init+0x5bf/0x960
[ 2612.649087][T25912]  dup_mm+0x7e/0x2e0
[ 2612.652818][T25912]  copy_mm+0x108/0x1b0
[ 2612.656722][T25912]  copy_process+0x1295/0x3250
[ 2612.661237][T25912]  ? proc_fail_nth_write+0x213/0x290
[ 2612.666358][T25912]  ? proc_fail_nth_read+0x220/0x220
[ 2612.671390][T25912]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2612.676336][T25912]  ? vfs_write+0xa37/0x1160
[ 2612.680680][T25912]  ? numa_migrate_prep+0xe0/0xe0
[ 2612.685454][T25912]  kernel_clone+0x21d/0x9c0
[ 2612.689790][T25912]  ? file_end_write+0x1b0/0x1b0
[ 2612.694497][T25912]  ? __kasan_check_write+0x14/0x20
[ 2612.699422][T25912]  ? create_io_thread+0x1e0/0x1e0
[ 2612.704285][T25912]  ? __mutex_lock_slowpath+0x10/0x10
[ 2612.709407][T25912]  __x64_sys_clone+0x289/0x310
[ 2612.714005][T25912]  ? __do_sys_vfork+0x130/0x130
[ 2612.718693][T25912]  ? debug_smp_processor_id+0x17/0x20
[ 2612.723902][T25912]  do_syscall_64+0x44/0xd0
[ 2612.728153][T25912]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2612.733881][T25912] RIP: 0033:0x7fdb204c00c9
[ 2612.738133][T25912] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2612.757576][T25912] RSP: 002b:00007fdb1f233118 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 2612.765820][T25912] RAX: ffffffffffffffda RBX: 00007fdb205dff80 RCX: 00007fdb204c00c9
[ 2612.773631][T25912] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000007c0ad480
[ 2612.781442][T25912] RBP: 00007fdb1f2331d0 R08: 0000000000000000 R09: 0000000000000000
[ 2612.789251][T25912] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000002
[ 2612.797062][T25912] R13: 00007ffddc47e1af R14: 00007fdb1f233300 R15: 0000000000022000
10:52:54 executing program 0:
ioctl$TUNATTACHFILTER(0xffffffffffffffff, 0x401054d5, &(0x7f0000000a80)={0x7, &(0x7f0000000900)=[{0xc62, 0x1f, 0x45, 0x8000}, {0x3b, 0x4, 0x1, 0x2}, {0xf051, 0xd1, 0xf8, 0x800000}, {0xf766, 0x7, 0x1f, 0x8}, {0x4, 0x2, 0x3, 0x5}, {0x6, 0x6, 0xf2, 0x5}, {0x2, 0x5d, 0xff, 0x1000}]}) (async)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x20040, 0x0)
ioctl$TUNSETVNETLE(r0, 0x400454dc, &(0x7f0000000000)=0x3) (async)
ioctl$TUNGETSNDBUF(r0, 0x800454d3, &(0x7f0000000100))
ioctl$TUNSETCARRIER(0xffffffffffffffff, 0x400454e2, &(0x7f0000000980)) (async)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$PERF_EVENT_IOC_RESET(0xffffffffffffffff, 0x2403, 0xf26)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000940)={&(0x7f0000000140), 0x6e, &(0x7f0000000840)=[{&(0x7f00000001c0)=""/25, 0x19}, {&(0x7f0000000200)=""/72, 0x48}, {&(0x7f0000000280)=""/123, 0x7b}, {&(0x7f0000000300)=""/138, 0x8a}, {&(0x7f00000003c0)=""/113, 0x71}, {&(0x7f0000000440)=""/146, 0x92}, {&(0x7f0000000500)=""/142, 0x8e}, {&(0x7f00000005c0)=""/215, 0xd7}, {&(0x7f00000006c0)=""/79, 0x4f}, {&(0x7f0000000740)=""/223, 0xdf}], 0xa, &(0x7f00000009c0)=ANY=[@ANYBLOB="1800000001000100000000000100000081a99168bd7a160ab89c0064f969cd4e54d300fc6fd4c7134b40e22950ca2d7be10bde2e7da8a65983cedd74f3dd3483c354ad9b2dd28a147c907f04a1a25be78aa22fad3fc4472c849c19c7106ccfa488ca2b07539557325f0413558f8b47cd5cf7b45fd09922eb0067a2aa758d000000000000", @ANYRES32, @ANYRES32, @ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00'], 0x38}, 0x60) (async)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0)

10:52:54 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x40086602, 0x335)

10:52:54 executing program 3:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x400000, 0x0) (async)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@map=r1, 0xffffffffffffffff, 0x24}, 0x10)
openat$cgroup_devices(r1, &(0x7f0000000100)='devices.allow\x00', 0x2, 0x0) (async)
r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000001c0)={0xffffffffffffffff}, 0x4)
ioctl$TUNSETSNDBUF(r0, 0x400454d4, &(0x7f0000000180)=0x401) (async)
ioctl$TUNSETFILTEREBPF(r0, 0x800454e1, &(0x7f0000000140)=r2) (async)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
unlink(&(0x7f00000000c0)='./file0\x00') (async)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000240)={0xffffffffffffffff, 0x13, 0x0, 0x5, &(0x7f0000000200)=[0x0, 0x0], 0x2}, 0x20) (async)
mkdir(&(0x7f0000000000)='./file0/file0\x00', 0x1)

10:52:54 executing program 4:
syz_clone(0x7c0ad580, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 15)

10:52:54 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0xffffffe4)

10:52:54 executing program 0:
mkdir(&(0x7f0000000280)='./file0\x00', 0x0)
recvmsg(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000080)=@sco={0x1f, @none}, 0x80, &(0x7f0000000180)=[{&(0x7f0000000140)=""/44, 0x2c}, {&(0x7f0000000140)}], 0x2}, 0x40000040)
mkdir(&(0x7f0000000000)='./file2\x00', 0x108)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000240)={r0, 0x15, 0x1, 0x200, &(0x7f0000000200)=[0x0, 0x0, 0x0], 0x3}, 0x20)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r0, 0xffffffffffffffff, 0x24}, 0x10)
openat$cgroup_freezer_state(r0, &(0x7f0000000100), 0x2, 0x0)

[ 2612.804875][T25912]  </TASK>
10:52:54 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x40087602, 0x335)

10:52:54 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0xfffffff4)

10:52:54 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNGETFEATURES(r0, 0x800454cf, &(0x7f0000000040))
syz_clone(0x4c020000, 0x0, 0x0, 0x0, 0x0, 0x0)

10:52:54 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
unlink(&(0x7f00000000c0)='./file0\x00')
mkdir(&(0x7f0000000000)='./file0\x00', 0x80)

10:52:54 executing program 0:
mkdir(&(0x7f0000000280)='./file0\x00', 0x0) (async, rerun: 64)
recvmsg(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000080)=@sco={0x1f, @none}, 0x80, &(0x7f0000000180)=[{&(0x7f0000000140)=""/44, 0x2c}, {&(0x7f0000000140)}], 0x2}, 0x40000040) (async, rerun: 64)
mkdir(&(0x7f0000000000)='./file2\x00', 0x108) (async)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000240)={r0, 0x15, 0x1, 0x200, &(0x7f0000000200)=[0x0, 0x0, 0x0], 0x3}, 0x20) (async, rerun: 64)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r0, 0xffffffffffffffff, 0x24}, 0x10) (async, rerun: 64)
openat$cgroup_freezer_state(r0, &(0x7f0000000100), 0x2, 0x0)

10:52:54 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x401054d5, 0x335)

[ 2612.859048][T25954] FAULT_INJECTION: forcing a failure.
[ 2612.859048][T25954] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2612.886343][T25954] CPU: 0 PID: 25954 Comm: syz-executor.4 Not tainted 5.15.91-syzkaller-02991-g7e0097918ff8 #0
[ 2612.896408][T25954] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 2612.906300][T25954] Call Trace:
[ 2612.909428][T25954]  <TASK>
[ 2612.912205][T25954]  dump_stack_lvl+0x151/0x1b7
[ 2612.916719][T25954]  ? io_uring_drop_tctx_refs+0x19a/0x19a
[ 2612.922188][T25954]  ? post_alloc_hook+0x1ab/0x1b0
[ 2612.927047][T25954]  dump_stack+0x15/0x17
[ 2612.931038][T25954]  should_fail+0x3c0/0x510
[ 2612.935290][T25954]  should_fail_alloc_page+0x58/0x70
[ 2612.940327][T25954]  __alloc_pages+0x1de/0x7c0
[ 2612.944754][T25954]  ? __count_vm_events+0x30/0x30
[ 2612.949523][T25954]  ? __kasan_kmalloc+0x9/0x10
[ 2612.954037][T25954]  ? __kmalloc+0x203/0x350
[ 2612.958288][T25954]  ? __vmalloc_node_range+0x2e3/0x800
[ 2612.963500][T25954]  __vmalloc_node_range+0x48f/0x800
[ 2612.968533][T25954]  dup_task_struct+0x61f/0xa60
[ 2612.973132][T25954]  ? copy_process+0x579/0x3250
[ 2612.977734][T25954]  ? __kasan_check_write+0x14/0x20
[ 2612.982681][T25954]  copy_process+0x579/0x3250
[ 2612.987104][T25954]  ? __kasan_check_write+0x14/0x20
[ 2612.992049][T25954]  ? proc_fail_nth_write+0x213/0x290
[ 2612.997174][T25954]  ? proc_fail_nth_read+0x220/0x220
[ 2613.002207][T25954]  ? pidfd_show_fdinfo+0x2b0/0x2b0
10:52:54 executing program 0:
mkdir(&(0x7f0000000280)='./file0\x00', 0x0) (async)
recvmsg(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000080)=@sco={0x1f, @none}, 0x80, &(0x7f0000000180)=[{&(0x7f0000000140)=""/44, 0x2c}, {&(0x7f0000000140)}], 0x2}, 0x40000040) (async)
mkdir(&(0x7f0000000000)='./file2\x00', 0x108)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000240)={r0, 0x15, 0x1, 0x200, &(0x7f0000000200)=[0x0, 0x0, 0x0], 0x3}, 0x20) (async)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r0, 0xffffffffffffffff, 0x24}, 0x10)
openat$cgroup_freezer_state(r0, &(0x7f0000000100), 0x2, 0x0)

10:52:54 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0xfffffff6)

10:52:54 executing program 0:
mkdir(&(0x7f0000000040)='./file0\x00', 0x80)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0)

[ 2613.007153][T25954]  ? vfs_write+0xa37/0x1160
[ 2613.011494][T25954]  ? numa_migrate_prep+0xe0/0xe0
[ 2613.016268][T25954]  kernel_clone+0x21d/0x9c0
[ 2613.020607][T25954]  ? file_end_write+0x1b0/0x1b0
[ 2613.025291][T25954]  ? __kasan_check_write+0x14/0x20
[ 2613.030238][T25954]  ? create_io_thread+0x1e0/0x1e0
[ 2613.035099][T25954]  ? __mutex_lock_slowpath+0x10/0x10
[ 2613.040221][T25954]  __x64_sys_clone+0x289/0x310
[ 2613.044825][T25954]  ? __do_sys_vfork+0x130/0x130
[ 2613.049510][T25954]  ? debug_smp_processor_id+0x17/0x20
[ 2613.054716][T25954]  do_syscall_64+0x44/0xd0
[ 2613.058970][T25954]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2613.064696][T25954] RIP: 0033:0x7fdb204c00c9
[ 2613.068945][T25954] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2613.088386][T25954] RSP: 002b:00007fdb1f233118 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 2613.096629][T25954] RAX: ffffffffffffffda RBX: 00007fdb205dff80 RCX: 00007fdb204c00c9
10:52:54 executing program 4:
syz_clone(0x7c0ad580, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 16)

10:52:54 executing program 0:
mkdir(&(0x7f0000000040)='./file0\x00', 0x80)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x80) (async)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0) (async)

10:52:54 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0xfffffffb)

10:52:54 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
unlink(&(0x7f00000000c0)='./file0\x00')
mkdir(&(0x7f0000000000)='./file0\x00', 0x80)

10:52:54 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x401054d6, 0x335)

10:52:54 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNGETFEATURES(r0, 0x800454cf, &(0x7f0000000040))
syz_clone(0x4c020000, 0x0, 0x0, 0x0, 0x0, 0x0)

10:52:54 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x401c5820, 0x335)

10:52:54 executing program 0:
mkdir(&(0x7f0000000040)='./file0\x00', 0x80)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x80) (async)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0) (async)

10:52:54 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
unlink(&(0x7f00000000c0)='./file0\x00') (async, rerun: 64)
mkdir(&(0x7f0000000000)='./file0\x00', 0x80) (rerun: 64)

[ 2613.104441][T25954] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000007c0ad480
[ 2613.112253][T25954] RBP: 00007fdb1f2331d0 R08: 0000000000000000 R09: 0000000000000000
[ 2613.120064][T25954] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000002
[ 2613.127883][T25954] R13: 00007ffddc47e1af R14: 00007fdb1f233300 R15: 0000000000022000
[ 2613.135690][T25954]  </TASK>
10:52:54 executing program 1:
syz_clone(0x188a8400, 0x0, 0x0, 0x0, 0x0, 0x0)

10:52:54 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0xfffffffe)

[ 2613.176402][T25989] FAULT_INJECTION: forcing a failure.
[ 2613.176402][T25989] name failslab, interval 1, probability 0, space 0, times 0
[ 2613.197638][T25989] CPU: 1 PID: 25989 Comm: syz-executor.4 Not tainted 5.15.91-syzkaller-02991-g7e0097918ff8 #0
[ 2613.207700][T25989] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 2613.217595][T25989] Call Trace:
[ 2613.220717][T25989]  <TASK>
[ 2613.223496][T25989]  dump_stack_lvl+0x151/0x1b7
[ 2613.228009][T25989]  ? io_uring_drop_tctx_refs+0x19a/0x19a
[ 2613.233485][T25989]  ? __this_cpu_preempt_check+0x13/0x20
[ 2613.238860][T25989]  dump_stack+0x15/0x17
[ 2613.242850][T25989]  should_fail+0x3c0/0x510
[ 2613.247105][T25989]  __should_failslab+0x9f/0xe0
[ 2613.251703][T25989]  should_failslab+0x9/0x20
[ 2613.256042][T25989]  kmem_cache_alloc+0x4f/0x2f0
[ 2613.260642][T25989]  ? __kasan_check_write+0x14/0x20
[ 2613.265589][T25989]  ? prepare_creds+0x30/0x690
[ 2613.270101][T25989]  ? _raw_spin_lock_irqsave+0xf8/0x210
[ 2613.275399][T25989]  prepare_creds+0x30/0x690
[ 2613.279998][T25989]  copy_creds+0xde/0x640
[ 2613.284079][T25989]  copy_process+0x775/0x3250
[ 2613.288505][T25989]  ? __kasan_check_write+0x14/0x20
[ 2613.293449][T25989]  ? proc_fail_nth_write+0x213/0x290
[ 2613.298570][T25989]  ? proc_fail_nth_read+0x220/0x220
[ 2613.303609][T25989]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2613.308554][T25989]  ? vfs_write+0xa37/0x1160
[ 2613.312890][T25989]  ? numa_migrate_prep+0xe0/0xe0
[ 2613.317667][T25989]  kernel_clone+0x21d/0x9c0
[ 2613.322004][T25989]  ? file_end_write+0x1b0/0x1b0
[ 2613.326693][T25989]  ? __kasan_check_write+0x14/0x20
[ 2613.331638][T25989]  ? create_io_thread+0x1e0/0x1e0
[ 2613.336500][T25989]  ? __mutex_lock_slowpath+0x10/0x10
[ 2613.341621][T25989]  __x64_sys_clone+0x289/0x310
[ 2613.346219][T25989]  ? __do_sys_vfork+0x130/0x130
[ 2613.351170][T25989]  ? debug_smp_processor_id+0x17/0x20
[ 2613.356387][T25989]  do_syscall_64+0x44/0xd0
[ 2613.360626][T25989]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2613.366356][T25989] RIP: 0033:0x7fdb204c00c9
[ 2613.370611][T25989] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2613.390050][T25989] RSP: 002b:00007fdb1f233118 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 2613.398295][T25989] RAX: ffffffffffffffda RBX: 00007fdb205dff80 RCX: 00007fdb204c00c9
[ 2613.406106][T25989] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000007c0ad480
[ 2613.413915][T25989] RBP: 00007fdb1f2331d0 R08: 0000000000000000 R09: 0000000000000000
10:52:54 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x4020940d, 0x335)

10:52:54 executing program 4:
syz_clone(0x7c0ad580, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 17)

10:52:54 executing program 0:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000000)='./file1\x00', 0x28)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x110)

10:52:54 executing program 3:
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000080)={&(0x7f0000000000)='./file0\x00', 0x0, 0x18}, 0x10)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
unlink(&(0x7f00000000c0)='./file0\x00')

10:52:54 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x40000000000)

10:52:54 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x800454cf, 0x335)

[ 2613.421731][T25989] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000002
[ 2613.429538][T25989] R13: 00007ffddc47e1af R14: 00007fdb1f233300 R15: 0000000000022000
[ 2613.437355][T25989]  </TASK>
10:52:55 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x4000000000000)

10:52:55 executing program 0:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
mkdir(&(0x7f0000000000)='./file1\x00', 0x28)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x110)

10:52:55 executing program 1:
syz_clone(0x188a8400, 0x0, 0x0, 0x0, 0x0, 0x0)

10:52:55 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x800454d2, 0x335)

10:52:55 executing program 3:
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000080)={&(0x7f0000000000)='./file0\x00', 0x0, 0x18}, 0x10)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
unlink(&(0x7f00000000c0)='./file0\x00')
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000080)={&(0x7f0000000000)='./file0\x00', 0x0, 0x18}, 0x10) (async)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
unlink(&(0x7f00000000c0)='./file0\x00') (async)

10:52:55 executing program 0:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
mkdir(&(0x7f0000000000)='./file1\x00', 0x28) (async)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x110)

10:52:55 executing program 3:
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000080)={&(0x7f0000000000)='./file0\x00', 0x0, 0x18}, 0x10)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
unlink(&(0x7f00000000c0)='./file0\x00')

[ 2613.497323][T26019] FAULT_INJECTION: forcing a failure.
[ 2613.497323][T26019] name failslab, interval 1, probability 0, space 0, times 0
[ 2613.514024][T26019] CPU: 1 PID: 26019 Comm: syz-executor.4 Not tainted 5.15.91-syzkaller-02991-g7e0097918ff8 #0
[ 2613.524088][T26019] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 2613.533984][T26019] Call Trace:
[ 2613.537110][T26019]  <TASK>
[ 2613.539884][T26019]  dump_stack_lvl+0x151/0x1b7
[ 2613.544394][T26019]  ? io_uring_drop_tctx_refs+0x19a/0x19a
[ 2613.549864][T26019]  dump_stack+0x15/0x17
[ 2613.553854][T26019]  should_fail+0x3c0/0x510
[ 2613.558106][T26019]  ? security_prepare_creds+0x50/0x160
[ 2613.563400][T26019]  __should_failslab+0x9f/0xe0
[ 2613.568003][T26019]  should_failslab+0x9/0x20
[ 2613.572343][T26019]  __kmalloc+0x6d/0x350
[ 2613.576336][T26019]  security_prepare_creds+0x50/0x160
[ 2613.581457][T26019]  prepare_creds+0x471/0x690
[ 2613.585880][T26019]  copy_creds+0xde/0x640
[ 2613.589959][T26019]  copy_process+0x775/0x3250
[ 2613.594385][T26019]  ? __kasan_check_write+0x14/0x20
[ 2613.599335][T26019]  ? proc_fail_nth_write+0x213/0x290
[ 2613.604457][T26019]  ? proc_fail_nth_read+0x220/0x220
[ 2613.609490][T26019]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2613.614435][T26019]  ? vfs_write+0xa37/0x1160
[ 2613.618774][T26019]  ? numa_migrate_prep+0xe0/0xe0
[ 2613.623721][T26019]  kernel_clone+0x21d/0x9c0
[ 2613.628077][T26019]  ? file_end_write+0x1b0/0x1b0
[ 2613.632750][T26019]  ? __kasan_check_write+0x14/0x20
[ 2613.637699][T26019]  ? create_io_thread+0x1e0/0x1e0
[ 2613.642558][T26019]  ? __mutex_lock_slowpath+0x10/0x10
[ 2613.647676][T26019]  __x64_sys_clone+0x289/0x310
[ 2613.652276][T26019]  ? __do_sys_vfork+0x130/0x130
[ 2613.656966][T26019]  ? debug_smp_processor_id+0x17/0x20
[ 2613.662173][T26019]  do_syscall_64+0x44/0xd0
[ 2613.666424][T26019]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2613.672151][T26019] RIP: 0033:0x7fdb204c00c9
[ 2613.676405][T26019] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
10:52:55 executing program 4:
syz_clone(0x7c0ad580, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 18)

10:52:55 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x10000000000000)

10:52:55 executing program 0:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000001200)={&(0x7f0000000100)=@abs, 0x6e, &(0x7f0000000080)=[{&(0x7f0000000000)=""/27, 0x1b}, {&(0x7f0000000180)=""/4096, 0x1000}], 0x2, &(0x7f0000001180)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000180020000000", @ANYRES32, @ANYRES32, @ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00'], 0x58}, 0x10000)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0)

10:52:55 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
recvmsg(0xffffffffffffffff, &(0x7f00000013c0)={&(0x7f0000000100)=@ax25={{0x3, @null}, [@remote, @netrom, @null, @null, @null, @rose, @bcast, @netrom]}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4096, 0x1000}, {&(0x7f0000001180)=""/255, 0xff}, {&(0x7f0000000000)=""/17, 0x11}, {&(0x7f0000001280)=""/209, 0xd1}], 0x4, &(0x7f0000001380)=""/36, 0x24}, 0x40000020)
unlink(&(0x7f00000000c0)='./file0\x00')
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$OBJ_GET_PROG(0x7, &(0x7f00000014c0)={&(0x7f0000001480)='./file0/file0\x00', 0x0, 0x18}, 0x10)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r0, 0xffffffffffffffff, 0x24}, 0x10)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000001440)={&(0x7f0000001400)='./file0\x00', r0}, 0x10)

10:52:55 executing program 1:
syz_clone(0x188a8400, 0x0, 0x0, 0x0, 0x0, 0x0)

10:52:55 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x800454d3, 0x335)

10:52:55 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
recvmsg(0xffffffffffffffff, &(0x7f00000013c0)={&(0x7f0000000100)=@ax25={{0x3, @null}, [@remote, @netrom, @null, @null, @null, @rose, @bcast, @netrom]}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4096, 0x1000}, {&(0x7f0000001180)=""/255, 0xff}, {&(0x7f0000000000)=""/17, 0x11}, {&(0x7f0000001280)=""/209, 0xd1}], 0x4, &(0x7f0000001380)=""/36, 0x24}, 0x40000020)
unlink(&(0x7f00000000c0)='./file0\x00')
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$OBJ_GET_PROG(0x7, &(0x7f00000014c0)={&(0x7f0000001480)='./file0/file0\x00', 0x0, 0x18}, 0x10)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r0, 0xffffffffffffffff, 0x24}, 0x10)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000001440)={&(0x7f0000001400)='./file0\x00', r0}, 0x10)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
recvmsg(0xffffffffffffffff, &(0x7f00000013c0)={&(0x7f0000000100)=@ax25={{0x3, @null}, [@remote, @netrom, @null, @null, @null, @rose, @bcast, @netrom]}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4096, 0x1000}, {&(0x7f0000001180)=""/255, 0xff}, {&(0x7f0000000000)=""/17, 0x11}, {&(0x7f0000001280)=""/209, 0xd1}], 0x4, &(0x7f0000001380)=""/36, 0x24}, 0x40000020) (async)
unlink(&(0x7f00000000c0)='./file0\x00') (async)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0) (async)
bpf$OBJ_GET_PROG(0x7, &(0x7f00000014c0)={&(0x7f0000001480)='./file0/file0\x00', 0x0, 0x18}, 0x10) (async)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r0, 0xffffffffffffffff, 0x24}, 0x10) (async)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000001440)={&(0x7f0000001400)='./file0\x00', r0}, 0x10) (async)

10:52:55 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x20000000000000)

10:52:55 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x800454d7, 0x335)

[ 2613.695846][T26019] RSP: 002b:00007fdb1f233118 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 2613.704110][T26019] RAX: ffffffffffffffda RBX: 00007fdb205dff80 RCX: 00007fdb204c00c9
[ 2613.711902][T26019] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000007c0ad480
[ 2613.719713][T26019] RBP: 00007fdb1f2331d0 R08: 0000000000000000 R09: 0000000000000000
[ 2613.727533][T26019] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000002
[ 2613.735342][T26019] R13: 00007ffddc47e1af R14: 00007fdb1f233300 R15: 0000000000022000
[ 2613.743150][T26019]  </TASK>
10:52:55 executing program 0:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000001200)={&(0x7f0000000100)=@abs, 0x6e, &(0x7f0000000080)=[{&(0x7f0000000000)=""/27, 0x1b}, {&(0x7f0000000180)=""/4096, 0x1000}], 0x2, &(0x7f0000001180)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000180020000000", @ANYRES32, @ANYRES32, @ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00'], 0x58}, 0x10000) (async)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0)

10:52:55 executing program 1:
r0 = syz_clone(0x4c020000, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = perf_event_open$cgroup(&(0x7f0000000100)={0x0, 0x80, 0x7f, 0x80, 0x9, 0x5, 0x0, 0x7fffffff, 0x400, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f00000000c0), 0x1}, 0x208, 0x4, 0xd89a, 0x7, 0x7fffffffffffffff, 0x7fffffff, 0x3, 0x0, 0x6ecd, 0x0, 0x7}, 0xffffffffffffffff, 0x6, 0xffffffffffffffff, 0x0)
r2 = getpid()
perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x5, 0xfe, 0x20, 0x0, 0x0, 0x3, 0xc008, 0x2, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x8001, 0x4, @perf_bp={&(0x7f0000000180), 0x4}, 0x8c200, 0x2, 0xac, 0x6, 0x10000, 0x400, 0x2, 0x0, 0x101, 0x0, 0x1000}, r2, 0xd, r1, 0xa)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000000)=r0, 0x12)

10:52:55 executing program 0:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000001200)={&(0x7f0000000100)=@abs, 0x6e, &(0x7f0000000080)=[{&(0x7f0000000000)=""/27, 0x1b}, {&(0x7f0000000180)=""/4096, 0x1000}], 0x2, &(0x7f0000001180)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000180020000000", @ANYRES32, @ANYRES32, @ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00'], 0x58}, 0x10000) (async)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0)

[ 2613.796663][T26055] FAULT_INJECTION: forcing a failure.
[ 2613.796663][T26055] name failslab, interval 1, probability 0, space 0, times 0
[ 2613.818510][T26055] CPU: 1 PID: 26055 Comm: syz-executor.4 Not tainted 5.15.91-syzkaller-02991-g7e0097918ff8 #0
[ 2613.828578][T26055] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 2613.838469][T26055] Call Trace:
[ 2613.841593][T26055]  <TASK>
[ 2613.844376][T26055]  dump_stack_lvl+0x151/0x1b7
[ 2613.848883][T26055]  ? io_uring_drop_tctx_refs+0x19a/0x19a
[ 2613.854353][T26055]  dump_stack+0x15/0x17
[ 2613.858347][T26055]  should_fail+0x3c0/0x510
[ 2613.862597][T26055]  __should_failslab+0x9f/0xe0
[ 2613.867199][T26055]  should_failslab+0x9/0x20
[ 2613.871537][T26055]  kmem_cache_alloc+0x4f/0x2f0
[ 2613.876136][T26055]  ? vm_area_dup+0x26/0x220
[ 2613.880476][T26055]  vm_area_dup+0x26/0x220
[ 2613.884645][T26055]  dup_mmap+0x6c8/0xf10
[ 2613.888637][T26055]  ? __delayed_free_task+0x20/0x20
[ 2613.893582][T26055]  ? mm_init+0x807/0x960
[ 2613.897661][T26055]  dup_mm+0x8e/0x2e0
[ 2613.901396][T26055]  copy_mm+0x108/0x1b0
[ 2613.905299][T26055]  copy_process+0x1295/0x3250
[ 2613.909814][T26055]  ? proc_fail_nth_write+0x213/0x290
[ 2613.914932][T26055]  ? proc_fail_nth_read+0x220/0x220
[ 2613.919965][T26055]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2613.924913][T26055]  ? vfs_write+0xa37/0x1160
[ 2613.929252][T26055]  ? numa_migrate_prep+0xe0/0xe0
[ 2613.934028][T26055]  kernel_clone+0x21d/0x9c0
[ 2613.938368][T26055]  ? file_end_write+0x1b0/0x1b0
[ 2613.943053][T26055]  ? __kasan_check_write+0x14/0x20
[ 2613.948000][T26055]  ? create_io_thread+0x1e0/0x1e0
[ 2613.952859][T26055]  ? __mutex_lock_slowpath+0x10/0x10
[ 2613.957983][T26055]  __x64_sys_clone+0x289/0x310
[ 2613.962581][T26055]  ? __do_sys_vfork+0x130/0x130
[ 2613.967270][T26055]  ? debug_smp_processor_id+0x17/0x20
[ 2613.972475][T26055]  do_syscall_64+0x44/0xd0
[ 2613.976729][T26055]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2613.982457][T26055] RIP: 0033:0x7fdb204c00c9
[ 2613.986710][T26055] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2614.006150][T26055] RSP: 002b:00007fdb1f233118 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 2614.014394][T26055] RAX: ffffffffffffffda RBX: 00007fdb205dff80 RCX: 00007fdb204c00c9
[ 2614.022207][T26055] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000007c0ad480
[ 2614.030018][T26055] RBP: 00007fdb1f2331d0 R08: 0000000000000000 R09: 0000000000000000
[ 2614.037828][T26055] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000002
10:52:55 executing program 4:
syz_clone(0x7c0ad580, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 19)

10:52:55 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x800454dd, 0x335)

10:52:55 executing program 1:
r0 = syz_clone(0x4c020000, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
r1 = perf_event_open$cgroup(&(0x7f0000000100)={0x0, 0x80, 0x7f, 0x80, 0x9, 0x5, 0x0, 0x7fffffff, 0x400, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f00000000c0), 0x1}, 0x208, 0x4, 0xd89a, 0x7, 0x7fffffffffffffff, 0x7fffffff, 0x3, 0x0, 0x6ecd, 0x0, 0x7}, 0xffffffffffffffff, 0x6, 0xffffffffffffffff, 0x0) (async)
r2 = getpid()
perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x5, 0xfe, 0x20, 0x0, 0x0, 0x3, 0xc008, 0x2, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x8001, 0x4, @perf_bp={&(0x7f0000000180), 0x4}, 0x8c200, 0x2, 0xac, 0x6, 0x10000, 0x400, 0x2, 0x0, 0x101, 0x0, 0x1000}, r2, 0xd, r1, 0xa) (async)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000000)=r0, 0x12)

10:52:55 executing program 0:
perf_event_open(&(0x7f0000000100)={0x3, 0x80, 0x2, 0x79, 0x3f, 0x0, 0x0, 0x4, 0x21700, 0xa, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x9, 0x2, @perf_bp={&(0x7f0000000000), 0x9}, 0x18102, 0x9, 0x1, 0x0, 0x1, 0x10000, 0xff, 0x0, 0x312a, 0x0, 0x8}, 0xffffffffffffffff, 0x8, 0xffffffffffffffff, 0x1)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000180)={&(0x7f0000000080)='./file0\x00', 0x0, 0x28}, 0x10)

10:52:55 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0xc0000000000000)

10:52:55 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
recvmsg(0xffffffffffffffff, &(0x7f00000013c0)={&(0x7f0000000100)=@ax25={{0x3, @null}, [@remote, @netrom, @null, @null, @null, @rose, @bcast, @netrom]}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4096, 0x1000}, {&(0x7f0000001180)=""/255, 0xff}, {&(0x7f0000000000)=""/17, 0x11}, {&(0x7f0000001280)=""/209, 0xd1}], 0x4, &(0x7f0000001380)=""/36, 0x24}, 0x40000020) (async)
unlink(&(0x7f00000000c0)='./file0\x00') (async)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$OBJ_GET_PROG(0x7, &(0x7f00000014c0)={&(0x7f0000001480)='./file0/file0\x00', 0x0, 0x18}, 0x10) (async)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r0, 0xffffffffffffffff, 0x24}, 0x10)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000001440)={&(0x7f0000001400)='./file0\x00', r0}, 0x10)

10:52:55 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x800454e0, 0x335)

10:52:55 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x100000000000000)

[ 2614.045641][T26055] R13: 00007ffddc47e1af R14: 00007fdb1f233300 R15: 0000000000022000
[ 2614.053455][T26055]  </TASK>
[ 2614.087056][T26085] FAULT_INJECTION: forcing a failure.
10:52:55 executing program 1:
r0 = syz_clone(0x4c020000, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
r1 = perf_event_open$cgroup(&(0x7f0000000100)={0x0, 0x80, 0x7f, 0x80, 0x9, 0x5, 0x0, 0x7fffffff, 0x400, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f00000000c0), 0x1}, 0x208, 0x4, 0xd89a, 0x7, 0x7fffffffffffffff, 0x7fffffff, 0x3, 0x0, 0x6ecd, 0x0, 0x7}, 0xffffffffffffffff, 0x6, 0xffffffffffffffff, 0x0)
r2 = getpid()
perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x5, 0xfe, 0x20, 0x0, 0x0, 0x3, 0xc008, 0x2, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x8001, 0x4, @perf_bp={&(0x7f0000000180), 0x4}, 0x8c200, 0x2, 0xac, 0x6, 0x10000, 0x400, 0x2, 0x0, 0x101, 0x0, 0x1000}, r2, 0xd, r1, 0xa)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000000)=r0, 0x12)

10:52:55 executing program 3:
mkdir(&(0x7f0000000040)='./file1\x00', 0x40)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000140)={&(0x7f0000000100)='./file0\x00'}, 0x10)
bpf$BPF_MAP_GET_NEXT_ID(0xc, &(0x7f0000002700)={0x1}, 0x8)
mkdir(&(0x7f0000000000)='./file1\x00', 0x8)
unlink(&(0x7f00000000c0)='./file0\x00')
unlink(&(0x7f0000000080)='./file1\x00')
r0 = bpf$ITER_CREATE(0x21, &(0x7f00000001c0), 0x8)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000200)={&(0x7f0000000180)='./file0\x00', r0}, 0x10)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000000300), 0x4)
recvmsg(r1, &(0x7f00000026c0)={0x0, 0x0, &(0x7f0000002540)=[{&(0x7f0000000240)=""/4096, 0x1000}, {&(0x7f0000001240)=""/241, 0xf1}, {&(0x7f0000001340)=""/202, 0xca}, {&(0x7f0000001440)=""/4096, 0x1000}, {&(0x7f0000002440)=""/92, 0x5c}, {&(0x7f00000024c0)=""/72, 0x48}], 0x6, &(0x7f00000025c0)=""/237, 0xed}, 0x2103)

10:52:55 executing program 0:
perf_event_open(&(0x7f0000000100)={0x3, 0x80, 0x2, 0x79, 0x3f, 0x0, 0x0, 0x4, 0x21700, 0xa, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x9, 0x2, @perf_bp={&(0x7f0000000000), 0x9}, 0x18102, 0x9, 0x1, 0x0, 0x1, 0x10000, 0xff, 0x0, 0x312a, 0x0, 0x8}, 0xffffffffffffffff, 0x8, 0xffffffffffffffff, 0x1)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000180)={&(0x7f0000000080)='./file0\x00', 0x0, 0x28}, 0x10)
perf_event_open(&(0x7f0000000100)={0x3, 0x80, 0x2, 0x79, 0x3f, 0x0, 0x0, 0x4, 0x21700, 0xa, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x9, 0x2, @perf_bp={&(0x7f0000000000), 0x9}, 0x18102, 0x9, 0x1, 0x0, 0x1, 0x10000, 0xff, 0x0, 0x312a, 0x0, 0x8}, 0xffffffffffffffff, 0x8, 0xffffffffffffffff, 0x1) (async)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0) (async)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000180)={&(0x7f0000000080)='./file0\x00', 0x0, 0x28}, 0x10) (async)

10:52:55 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x800454e1, 0x335)

[ 2614.087056][T26085] name failslab, interval 1, probability 0, space 0, times 0
[ 2614.102855][T26085] CPU: 1 PID: 26085 Comm: syz-executor.4 Not tainted 5.15.91-syzkaller-02991-g7e0097918ff8 #0
[ 2614.112913][T26085] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 2614.122808][T26085] Call Trace:
[ 2614.126063][T26085]  <TASK>
[ 2614.128803][T26085]  dump_stack_lvl+0x151/0x1b7
[ 2614.133313][T26085]  ? io_uring_drop_tctx_refs+0x19a/0x19a
[ 2614.138780][T26085]  dump_stack+0x15/0x17
[ 2614.142768][T26085]  should_fail+0x3c0/0x510
[ 2614.147020][T26085]  __should_failslab+0x9f/0xe0
[ 2614.151619][T26085]  should_failslab+0x9/0x20
[ 2614.155960][T26085]  kmem_cache_alloc+0x4f/0x2f0
[ 2614.160557][T26085]  ? vm_area_dup+0x26/0x220
[ 2614.164901][T26085]  ? __kasan_check_read+0x11/0x20
[ 2614.169761][T26085]  vm_area_dup+0x26/0x220
[ 2614.173924][T26085]  dup_mmap+0x6c8/0xf10
[ 2614.177916][T26085]  ? __delayed_free_task+0x20/0x20
[ 2614.182862][T26085]  ? mm_init+0x807/0x960
[ 2614.186947][T26085]  dup_mm+0x8e/0x2e0
[ 2614.190675][T26085]  copy_mm+0x108/0x1b0
[ 2614.194581][T26085]  copy_process+0x1295/0x3250
[ 2614.199094][T26085]  ? proc_fail_nth_write+0x213/0x290
[ 2614.204215][T26085]  ? proc_fail_nth_read+0x220/0x220
[ 2614.209247][T26085]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2614.214285][T26085]  ? vfs_write+0xa37/0x1160
[ 2614.218627][T26085]  ? numa_migrate_prep+0xe0/0xe0
[ 2614.223396][T26085]  kernel_clone+0x21d/0x9c0
[ 2614.227735][T26085]  ? file_end_write+0x1b0/0x1b0
[ 2614.232422][T26085]  ? __kasan_check_write+0x14/0x20
[ 2614.237389][T26085]  ? create_io_thread+0x1e0/0x1e0
[ 2614.242228][T26085]  ? __mutex_lock_slowpath+0x10/0x10
[ 2614.247351][T26085]  __x64_sys_clone+0x289/0x310
[ 2614.251951][T26085]  ? __do_sys_vfork+0x130/0x130
[ 2614.256639][T26085]  ? debug_smp_processor_id+0x17/0x20
[ 2614.261845][T26085]  do_syscall_64+0x44/0xd0
[ 2614.266097][T26085]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2614.271824][T26085] RIP: 0033:0x7fdb204c00c9
[ 2614.276080][T26085] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
10:52:55 executing program 4:
syz_clone(0x7c0ad580, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 20)

10:52:55 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x200000000000000)

10:52:55 executing program 0:
perf_event_open(&(0x7f0000000100)={0x3, 0x80, 0x2, 0x79, 0x3f, 0x0, 0x0, 0x4, 0x21700, 0xa, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x9, 0x2, @perf_bp={&(0x7f0000000000), 0x9}, 0x18102, 0x9, 0x1, 0x0, 0x1, 0x10000, 0xff, 0x0, 0x312a, 0x0, 0x8}, 0xffffffffffffffff, 0x8, 0xffffffffffffffff, 0x1) (async)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0) (async, rerun: 64)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000180)={&(0x7f0000000080)='./file0\x00', 0x0, 0x28}, 0x10) (rerun: 64)

[ 2614.295522][T26085] RSP: 002b:00007fdb1f233118 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 2614.303764][T26085] RAX: ffffffffffffffda RBX: 00007fdb205dff80 RCX: 00007fdb204c00c9
[ 2614.311573][T26085] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000007c0ad480
[ 2614.319385][T26085] RBP: 00007fdb1f2331d0 R08: 0000000000000000 R09: 0000000000000000
[ 2614.327197][T26085] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000002
[ 2614.335012][T26085] R13: 00007ffddc47e1af R14: 00007fdb1f233300 R15: 0000000000022000
[ 2614.342824][T26085]  </TASK>
10:52:55 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x80086601, 0x335)

10:52:55 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x400000000000000)

10:52:55 executing program 1:
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$TUNGETSNDBUF(0xffffffffffffffff, 0x800454d3, &(0x7f0000000040))
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000080)='ns/mnt\x00')

10:52:55 executing program 0:
perf_event_open(&(0x7f0000000100)={0x3, 0x80, 0x2, 0x79, 0x3f, 0x0, 0x0, 0x4, 0x21700, 0xa, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x9, 0x2, @perf_bp={&(0x7f0000000000), 0x9}, 0x18102, 0x9, 0x1, 0x0, 0x1, 0x10000, 0xff, 0x0, 0x312a, 0x0, 0x8}, 0xffffffffffffffff, 0x8, 0xffffffffffffffff, 0x1)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000180)={&(0x7f0000000080)='./file0\x00', 0x0, 0x28}, 0x10)

10:52:55 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x80087601, 0x335)

10:52:55 executing program 1:
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (async, rerun: 32)
ioctl$TUNGETSNDBUF(0xffffffffffffffff, 0x800454d3, &(0x7f0000000040)) (rerun: 32)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000080)='ns/mnt\x00')

[ 2614.360124][T26106] FAULT_INJECTION: forcing a failure.
[ 2614.360124][T26106] name failslab, interval 1, probability 0, space 0, times 0
[ 2614.384946][T26106] CPU: 1 PID: 26106 Comm: syz-executor.4 Not tainted 5.15.91-syzkaller-02991-g7e0097918ff8 #0
[ 2614.395012][T26106] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 2614.404991][T26106] Call Trace:
[ 2614.408118][T26106]  <TASK>
[ 2614.410894][T26106]  dump_stack_lvl+0x151/0x1b7
[ 2614.415416][T26106]  ? io_uring_drop_tctx_refs+0x19a/0x19a
[ 2614.420885][T26106]  dump_stack+0x15/0x17
[ 2614.424869][T26106]  should_fail+0x3c0/0x510
[ 2614.429122][T26106]  ? __register_sysctl_table+0xa66/0x1330
[ 2614.434677][T26106]  __should_failslab+0x9f/0xe0
[ 2614.439275][T26106]  should_failslab+0x9/0x20
[ 2614.443616][T26106]  __kmalloc+0x6d/0x350
[ 2614.447606][T26106]  ? __register_sysctl_table+0xee/0x1330
[ 2614.453074][T26106]  __register_sysctl_table+0xa66/0x1330
[ 2614.458459][T26106]  ? memcpy+0x56/0x70
[ 2614.462275][T26106]  setup_userns_sysctls+0x2b1/0x340
[ 2614.467310][T26106]  create_user_ns+0x1227/0x19b0
[ 2614.471998][T26106]  ? utsns_owner+0x40/0x40
[ 2614.476252][T26106]  ? security_prepare_creds+0x149/0x160
[ 2614.481631][T26106]  ? prepare_creds+0x485/0x690
[ 2614.486228][T26106]  copy_creds+0x200/0x640
[ 2614.490399][T26106]  copy_process+0x775/0x3250
[ 2614.494823][T26106]  ? __kasan_check_write+0x14/0x20
[ 2614.499771][T26106]  ? proc_fail_nth_write+0x213/0x290
[ 2614.504890][T26106]  ? proc_fail_nth_read+0x220/0x220
[ 2614.509921][T26106]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2614.514867][T26106]  ? vfs_write+0xa37/0x1160
[ 2614.519204][T26106]  ? numa_migrate_prep+0xe0/0xe0
[ 2614.523980][T26106]  kernel_clone+0x21d/0x9c0
[ 2614.528319][T26106]  ? file_end_write+0x1b0/0x1b0
[ 2614.533009][T26106]  ? __kasan_check_write+0x14/0x20
[ 2614.537959][T26106]  ? create_io_thread+0x1e0/0x1e0
[ 2614.542812][T26106]  ? __mutex_lock_slowpath+0x10/0x10
[ 2614.547937][T26106]  __x64_sys_clone+0x289/0x310
[ 2614.552539][T26106]  ? __do_sys_vfork+0x130/0x130
[ 2614.557221][T26106]  ? debug_smp_processor_id+0x17/0x20
[ 2614.562430][T26106]  do_syscall_64+0x44/0xd0
[ 2614.566682][T26106]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2614.572413][T26106] RIP: 0033:0x7fdb204c00c9
[ 2614.576665][T26106] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2614.596107][T26106] RSP: 002b:00007fdb1f233118 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 2614.604354][T26106] RAX: ffffffffffffffda RBX: 00007fdb205dff80 RCX: 00007fdb204c00c9
[ 2614.612161][T26106] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000007c0ad480
[ 2614.619971][T26106] RBP: 00007fdb1f2331d0 R08: 0000000000000000 R09: 0000000000000000
[ 2614.627782][T26106] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000002
[ 2614.635598][T26106] R13: 00007ffddc47e1af R14: 00007fdb1f233300 R15: 0000000000022000
[ 2614.643409][T26106]  </TASK>
[ 2614.648006][T26106] sysctl could not get directory: //user -12
[ 2614.655886][T26106] CPU: 1 PID: 26106 Comm: syz-executor.4 Not tainted 5.15.91-syzkaller-02991-g7e0097918ff8 #0
[ 2614.665936][T26106] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 2614.675833][T26106] Call Trace:
[ 2614.678957][T26106]  <TASK>
[ 2614.681732][T26106]  dump_stack_lvl+0x151/0x1b7
[ 2614.686247][T26106]  ? __kasan_slab_free+0x11/0x20
[ 2614.691021][T26106]  ? io_uring_drop_tctx_refs+0x19a/0x19a
[ 2614.696486][T26106]  ? __register_sysctl_table+0x1293/0x1330
[ 2614.702128][T26106]  ? kfree+0xc8/0x210
[ 2614.705947][T26106]  dump_stack+0x15/0x17
[ 2614.709940][T26106]  __register_sysctl_table+0x1298/0x1330
[ 2614.715406][T26106]  ? memcpy+0x56/0x70
[ 2614.719230][T26106]  setup_userns_sysctls+0x2b1/0x340
[ 2614.724263][T26106]  create_user_ns+0x1227/0x19b0
[ 2614.728947][T26106]  ? utsns_owner+0x40/0x40
[ 2614.733201][T26106]  ? security_prepare_creds+0x149/0x160
[ 2614.738583][T26106]  ? prepare_creds+0x485/0x690
[ 2614.743183][T26106]  copy_creds+0x200/0x640
[ 2614.747349][T26106]  copy_process+0x775/0x3250
[ 2614.751773][T26106]  ? __kasan_check_write+0x14/0x20
[ 2614.756719][T26106]  ? proc_fail_nth_write+0x213/0x290
[ 2614.761842][T26106]  ? proc_fail_nth_read+0x220/0x220
[ 2614.766876][T26106]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2614.771821][T26106]  ? vfs_write+0xa37/0x1160
[ 2614.776160][T26106]  ? numa_migrate_prep+0xe0/0xe0
[ 2614.780934][T26106]  kernel_clone+0x21d/0x9c0
[ 2614.785273][T26106]  ? file_end_write+0x1b0/0x1b0
[ 2614.789959][T26106]  ? __kasan_check_write+0x14/0x20
[ 2614.794908][T26106]  ? create_io_thread+0x1e0/0x1e0
[ 2614.799771][T26106]  ? __mutex_lock_slowpath+0x10/0x10
[ 2614.804891][T26106]  __x64_sys_clone+0x289/0x310
[ 2614.809492][T26106]  ? __do_sys_vfork+0x130/0x130
[ 2614.814177][T26106]  ? debug_smp_processor_id+0x17/0x20
[ 2614.819383][T26106]  do_syscall_64+0x44/0xd0
[ 2614.823640][T26106]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2614.829364][T26106] RIP: 0033:0x7fdb204c00c9
[ 2614.833624][T26106] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2614.853057][T26106] RSP: 002b:00007fdb1f233118 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 2614.861311][T26106] RAX: ffffffffffffffda RBX: 00007fdb205dff80 RCX: 00007fdb204c00c9
[ 2614.869117][T26106] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000007c0ad480
[ 2614.876927][T26106] RBP: 00007fdb1f2331d0 R08: 0000000000000000 R09: 0000000000000000
[ 2614.884737][T26106] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000002
[ 2614.892548][T26106] R13: 00007ffddc47e1af R14: 00007fdb1f233300 R15: 0000000000022000
[ 2614.900364][T26106]  </TASK>
10:52:56 executing program 3:
mkdir(&(0x7f0000000040)='./file1\x00', 0x40)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000140)={&(0x7f0000000100)='./file0\x00'}, 0x10)
bpf$BPF_MAP_GET_NEXT_ID(0xc, &(0x7f0000002700)={0x1}, 0x8) (async)
mkdir(&(0x7f0000000000)='./file1\x00', 0x8) (async)
unlink(&(0x7f00000000c0)='./file0\x00') (async)
unlink(&(0x7f0000000080)='./file1\x00') (async)
r0 = bpf$ITER_CREATE(0x21, &(0x7f00000001c0), 0x8)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000200)={&(0x7f0000000180)='./file0\x00', r0}, 0x10) (async)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000000300), 0x4) (async)
recvmsg(r1, &(0x7f00000026c0)={0x0, 0x0, &(0x7f0000002540)=[{&(0x7f0000000240)=""/4096, 0x1000}, {&(0x7f0000001240)=""/241, 0xf1}, {&(0x7f0000001340)=""/202, 0xca}, {&(0x7f0000001440)=""/4096, 0x1000}, {&(0x7f0000002440)=""/92, 0x5c}, {&(0x7f00000024c0)=""/72, 0x48}], 0x6, &(0x7f00000025c0)=""/237, 0xed}, 0x2103)

10:52:56 executing program 0:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x20000000000000)

10:52:56 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x801054db, 0x335)

10:52:56 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x500000000000000)

10:52:56 executing program 1:
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$TUNGETSNDBUF(0xffffffffffffffff, 0x800454d3, &(0x7f0000000040))
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000080)='ns/mnt\x00')
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
ioctl$TUNGETSNDBUF(0xffffffffffffffff, 0x800454d3, &(0x7f0000000040)) (async)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000080)='ns/mnt\x00') (async)

10:52:56 executing program 4:
syz_clone(0x7c0ad580, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 21)

10:52:56 executing program 0:
syz_clone(0x188a8400, 0x0, 0x0, 0x0, 0x0, 0x0)

[ 2614.981924][T26173] FAULT_INJECTION: forcing a failure.
[ 2614.981924][T26173] name failslab, interval 1, probability 0, space 0, times 0
[ 2614.998042][T26173] CPU: 0 PID: 26173 Comm: syz-executor.4 Not tainted 5.15.91-syzkaller-02991-g7e0097918ff8 #0
[ 2615.008108][T26173] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 2615.017999][T26173] Call Trace:
[ 2615.021125][T26173]  <TASK>
[ 2615.023901][T26173]  dump_stack_lvl+0x151/0x1b7
[ 2615.028413][T26173]  ? io_uring_drop_tctx_refs+0x19a/0x19a
[ 2615.033883][T26173]  ? do_syscall_64+0x44/0xd0
[ 2615.038310][T26173]  dump_stack+0x15/0x17
[ 2615.042307][T26173]  should_fail+0x3c0/0x510
[ 2615.046553][T26173]  __should_failslab+0x9f/0xe0
[ 2615.051151][T26173]  should_failslab+0x9/0x20
[ 2615.055497][T26173]  kmem_cache_alloc+0x4f/0x2f0
[ 2615.060092][T26173]  ? anon_vma_clone+0xa1/0x4f0
[ 2615.064693][T26173]  anon_vma_clone+0xa1/0x4f0
[ 2615.069125][T26173]  anon_vma_fork+0x91/0x4f0
[ 2615.073457][T26173]  ? anon_vma_name+0x4c/0x70
[ 2615.077888][T26173]  dup_mmap+0x760/0xf10
[ 2615.081878][T26173]  ? __delayed_free_task+0x20/0x20
[ 2615.086826][T26173]  ? mm_init+0x807/0x960
[ 2615.090906][T26173]  dup_mm+0x8e/0x2e0
[ 2615.094634][T26173]  copy_mm+0x108/0x1b0
[ 2615.098542][T26173]  copy_process+0x1295/0x3250
[ 2615.103054][T26173]  ? proc_fail_nth_write+0x213/0x290
[ 2615.108178][T26173]  ? proc_fail_nth_read+0x220/0x220
[ 2615.113210][T26173]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2615.118157][T26173]  ? vfs_write+0xa37/0x1160
[ 2615.122496][T26173]  ? numa_migrate_prep+0xe0/0xe0
[ 2615.127269][T26173]  kernel_clone+0x21d/0x9c0
[ 2615.131608][T26173]  ? file_end_write+0x1b0/0x1b0
[ 2615.136295][T26173]  ? __kasan_check_write+0x14/0x20
[ 2615.141243][T26173]  ? create_io_thread+0x1e0/0x1e0
[ 2615.146109][T26173]  ? __mutex_lock_slowpath+0x10/0x10
[ 2615.151227][T26173]  __x64_sys_clone+0x289/0x310
[ 2615.155825][T26173]  ? __do_sys_vfork+0x130/0x130
[ 2615.160519][T26173]  ? debug_smp_processor_id+0x17/0x20
[ 2615.165718][T26173]  do_syscall_64+0x44/0xd0
[ 2615.169971][T26173]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2615.175701][T26173] RIP: 0033:0x7fdb204c00c9
[ 2615.179953][T26173] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2615.199394][T26173] RSP: 002b:00007fdb1f233118 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 2615.207639][T26173] RAX: ffffffffffffffda RBX: 00007fdb205dff80 RCX: 00007fdb204c00c9
[ 2615.215449][T26173] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000007c0ad480
[ 2615.223263][T26173] RBP: 00007fdb1f2331d0 R08: 0000000000000000 R09: 0000000000000000
10:52:56 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x600000000000000)

10:52:56 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x801c581f, 0x335)

10:52:56 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0xc0045878, 0x335)

10:52:56 executing program 0:
syz_clone(0x188a8400, 0x0, 0x0, 0x0, 0x0, 0x0)

10:52:56 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x700000000000000)

[ 2615.231073][T26173] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000002
[ 2615.238885][T26173] R13: 00007ffddc47e1af R14: 00007fdb1f233300 R15: 0000000000022000
[ 2615.246699][T26173]  </TASK>
10:52:57 executing program 3:
mkdir(&(0x7f0000000040)='./file1\x00', 0x40) (async)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000140)={&(0x7f0000000100)='./file0\x00'}, 0x10)
bpf$BPF_MAP_GET_NEXT_ID(0xc, &(0x7f0000002700)={0x1}, 0x8)
mkdir(&(0x7f0000000000)='./file1\x00', 0x8) (async, rerun: 64)
unlink(&(0x7f00000000c0)='./file0\x00') (async, rerun: 64)
unlink(&(0x7f0000000080)='./file1\x00') (async)
r0 = bpf$ITER_CREATE(0x21, &(0x7f00000001c0), 0x8)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000200)={&(0x7f0000000180)='./file0\x00', r0}, 0x10) (async)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000000300), 0x4) (async)
recvmsg(r1, &(0x7f00000026c0)={0x0, 0x0, &(0x7f0000002540)=[{&(0x7f0000000240)=""/4096, 0x1000}, {&(0x7f0000001240)=""/241, 0xf1}, {&(0x7f0000001340)=""/202, 0xca}, {&(0x7f0000001440)=""/4096, 0x1000}, {&(0x7f0000002440)=""/92, 0x5c}, {&(0x7f00000024c0)=""/72, 0x48}], 0x6, &(0x7f00000025c0)=""/237, 0xed}, 0x2103)

10:52:57 executing program 1:
r0 = syz_clone(0x4c020000, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
r2 = bpf$ITER_CREATE(0x21, &(0x7f0000000180)={r1}, 0x8)
perf_event_open(&(0x7f0000000100)={0x5, 0x80, 0x1f, 0xfa, 0x8, 0x75, 0x0, 0x7, 0x410, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x3, 0x4, @perf_config_ext={0x1, 0xdbd}, 0x8, 0x1000, 0x7fff, 0x4, 0x8, 0x643, 0x2, 0x0, 0x7, 0x0, 0x3}, r0, 0xd, r2, 0x1)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r1, 0xffffffffffffffff, 0x24}, 0x10)
perf_event_open(&(0x7f0000000040)={0x4, 0x80, 0x0, 0x1, 0xd6, 0x5, 0x0, 0x9, 0x20006, 0x8, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x3, 0x1, @perf_bp={&(0x7f0000000000), 0xc}, 0x413, 0x7fff, 0x3, 0x2, 0x2, 0x352, 0x9, 0x0, 0x80000001, 0x0, 0x2}, r0, 0xf, r1, 0x2)
openat$cgroup_pressure(r1, &(0x7f00000000c0)='memory.pressure\x00', 0x2, 0x0)

10:52:57 executing program 4:
syz_clone(0x7c0ad580, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 22)

10:52:57 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0xc0045878, 0x335)

10:52:57 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x800000000000000)

10:52:57 executing program 0:
mkdir(&(0x7f0000000280)='./file0\x00', 0x0)
recvmsg(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000080)=@sco={0x1f, @none}, 0x80, &(0x7f0000000180)=[{&(0x7f0000000140)=""/44, 0x2c}, {&(0x7f0000000140)}], 0x2}, 0x40000040)
mkdir(&(0x7f0000000000)='./file2\x00', 0x108)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000240)={r0, 0x15, 0x1, 0x200, &(0x7f0000000200)=[0x0, 0x0, 0x0], 0x3}, 0x20)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r0, 0xffffffffffffffff, 0x24}, 0x10)
openat$cgroup_freezer_state(r0, &(0x7f0000000100), 0x2, 0x0)

10:52:57 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0xc00000000000000)

10:52:57 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNGETFEATURES(r0, 0x800454cf, &(0x7f0000000040))
syz_clone(0x4c020000, 0x0, 0x0, 0x0, 0x0, 0x0)

10:52:57 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0xd00000000000000)

10:52:57 executing program 1:
r0 = syz_clone(0x4c020000, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
r2 = bpf$ITER_CREATE(0x21, &(0x7f0000000180)={r1}, 0x8)
perf_event_open(&(0x7f0000000100)={0x5, 0x80, 0x1f, 0xfa, 0x8, 0x75, 0x0, 0x7, 0x410, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x3, 0x4, @perf_config_ext={0x1, 0xdbd}, 0x8, 0x1000, 0x7fff, 0x4, 0x8, 0x643, 0x2, 0x0, 0x7, 0x0, 0x3}, r0, 0xd, r2, 0x1) (async)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r1, 0xffffffffffffffff, 0x24}, 0x10) (async)
perf_event_open(&(0x7f0000000040)={0x4, 0x80, 0x0, 0x1, 0xd6, 0x5, 0x0, 0x9, 0x20006, 0x8, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x3, 0x1, @perf_bp={&(0x7f0000000000), 0xc}, 0x413, 0x7fff, 0x3, 0x2, 0x2, 0x352, 0x9, 0x0, 0x80000001, 0x0, 0x2}, r0, 0xf, r1, 0x2) (async, rerun: 64)
openat$cgroup_pressure(r1, &(0x7f00000000c0)='memory.pressure\x00', 0x2, 0x0) (rerun: 64)

[ 2615.818527][T26197] FAULT_INJECTION: forcing a failure.
[ 2615.818527][T26197] name failslab, interval 1, probability 0, space 0, times 0
[ 2615.838173][T26197] CPU: 1 PID: 26197 Comm: syz-executor.4 Not tainted 5.15.91-syzkaller-02991-g7e0097918ff8 #0
[ 2615.848327][T26197] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 2615.858214][T26197] Call Trace:
[ 2615.861343][T26197]  <TASK>
[ 2615.864156][T26197]  dump_stack_lvl+0x151/0x1b7
10:52:57 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x1000000000000000)

10:52:57 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x1c00000000000000)

[ 2615.868629][T26197]  ? io_uring_drop_tctx_refs+0x19a/0x19a
[ 2615.874099][T26197]  ? __register_sysctl_table+0x1264/0x1330
[ 2615.879744][T26197]  dump_stack+0x15/0x17
[ 2615.883730][T26197]  should_fail+0x3c0/0x510
[ 2615.887990][T26197]  ? alloc_ucounts+0x161/0x4e0
[ 2615.892583][T26197]  __should_failslab+0x9f/0xe0
[ 2615.897189][T26197]  should_failslab+0x9/0x20
[ 2615.901521][T26197]  kmem_cache_alloc_trace+0x4a/0x310
[ 2615.906645][T26197]  ? utsns_owner+0x40/0x40
[ 2615.910892][T26197]  alloc_ucounts+0x161/0x4e0
[ 2615.915322][T26197]  copy_creds+0x345/0x640
[ 2615.919487][T26197]  copy_process+0x775/0x3250
[ 2615.923919][T26197]  ? __kasan_check_write+0x14/0x20
[ 2615.928860][T26197]  ? proc_fail_nth_write+0x213/0x290
[ 2615.933983][T26197]  ? proc_fail_nth_read+0x220/0x220
[ 2615.939016][T26197]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2615.943962][T26197]  ? vfs_write+0xa37/0x1160
[ 2615.948303][T26197]  ? numa_migrate_prep+0xe0/0xe0
[ 2615.953075][T26197]  kernel_clone+0x21d/0x9c0
[ 2615.957414][T26197]  ? file_end_write+0x1b0/0x1b0
[ 2615.962098][T26197]  ? __kasan_check_write+0x14/0x20
[ 2615.967047][T26197]  ? create_io_thread+0x1e0/0x1e0
[ 2615.971927][T26197]  ? __mutex_lock_slowpath+0x10/0x10
[ 2615.977029][T26197]  __x64_sys_clone+0x289/0x310
[ 2615.981629][T26197]  ? __do_sys_vfork+0x130/0x130
[ 2615.986316][T26197]  ? debug_smp_processor_id+0x17/0x20
[ 2615.991524][T26197]  do_syscall_64+0x44/0xd0
[ 2615.995775][T26197]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2616.001502][T26197] RIP: 0033:0x7fdb204c00c9
[ 2616.005757][T26197] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2616.025198][T26197] RSP: 002b:00007fdb1f233118 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 2616.033444][T26197] RAX: ffffffffffffffda RBX: 00007fdb205dff80 RCX: 00007fdb204c00c9
[ 2616.041253][T26197] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000007c0ad480
[ 2616.049064][T26197] RBP: 00007fdb1f2331d0 R08: 0000000000000000 R09: 0000000000000000
[ 2616.056964][T26197] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000002
[ 2616.064774][T26197] R13: 00007ffddc47e1af R14: 00007fdb1f233300 R15: 0000000000022000
[ 2616.072586][T26197]  </TASK>
10:52:58 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0xc0189436, 0x335)

10:52:58 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x2000000000000000)

10:52:58 executing program 4:
syz_clone(0x7c0ad580, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 23)

10:52:58 executing program 1:
r0 = syz_clone(0x4c020000, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
r2 = bpf$ITER_CREATE(0x21, &(0x7f0000000180)={r1}, 0x8)
perf_event_open(&(0x7f0000000100)={0x5, 0x80, 0x1f, 0xfa, 0x8, 0x75, 0x0, 0x7, 0x410, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x3, 0x4, @perf_config_ext={0x1, 0xdbd}, 0x8, 0x1000, 0x7fff, 0x4, 0x8, 0x643, 0x2, 0x0, 0x7, 0x0, 0x3}, r0, 0xd, r2, 0x1)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r1, 0xffffffffffffffff, 0x24}, 0x10)
perf_event_open(&(0x7f0000000040)={0x4, 0x80, 0x0, 0x1, 0xd6, 0x5, 0x0, 0x9, 0x20006, 0x8, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x3, 0x1, @perf_bp={&(0x7f0000000000), 0xc}, 0x413, 0x7fff, 0x3, 0x2, 0x2, 0x352, 0x9, 0x0, 0x80000001, 0x0, 0x2}, r0, 0xf, r1, 0x2)
openat$cgroup_pressure(r1, &(0x7f00000000c0)='memory.pressure\x00', 0x2, 0x0)
syz_clone(0x4c020000, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0) (async)
bpf$ITER_CREATE(0x21, &(0x7f0000000180)={r1}, 0x8) (async)
perf_event_open(&(0x7f0000000100)={0x5, 0x80, 0x1f, 0xfa, 0x8, 0x75, 0x0, 0x7, 0x410, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x3, 0x4, @perf_config_ext={0x1, 0xdbd}, 0x8, 0x1000, 0x7fff, 0x4, 0x8, 0x643, 0x2, 0x0, 0x7, 0x0, 0x3}, r0, 0xd, r2, 0x1) (async)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r1, 0xffffffffffffffff, 0x24}, 0x10) (async)
perf_event_open(&(0x7f0000000040)={0x4, 0x80, 0x0, 0x1, 0xd6, 0x5, 0x0, 0x9, 0x20006, 0x8, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x3, 0x1, @perf_bp={&(0x7f0000000000), 0xc}, 0x413, 0x7fff, 0x3, 0x2, 0x2, 0x352, 0x9, 0x0, 0x80000001, 0x0, 0x2}, r0, 0xf, r1, 0x2) (async)
openat$cgroup_pressure(r1, &(0x7f00000000c0)='memory.pressure\x00', 0x2, 0x0) (async)

10:52:58 executing program 0:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x1c00000000000000)

10:52:58 executing program 0:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x1000000000000000)

10:52:58 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0xc020660b, 0x335)

10:52:58 executing program 3:
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000200)={0x1, 0x58, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r0=>0x0}}, 0x10)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r1, 0xffffffffffffffff, 0x24}, 0x10)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000240)={r1, r0, 0x25, 0x10}, 0x10)
unlink(&(0x7f00000000c0)='./file0\x00')
bpf$OBJ_GET_PROG(0x7, &(0x7f00000002c0)={&(0x7f0000000280)='./file0\x00', 0x0, 0x10}, 0x10)
unlink(&(0x7f0000000100)='./file0\x00')
mkdir(&(0x7f0000000140)='./file0\x00', 0x20)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000080)={&(0x7f0000000000)='./file0\x00', 0x0, 0x18}, 0x10)

[ 2616.677419][T26231] FAULT_INJECTION: forcing a failure.
[ 2616.677419][T26231] name failslab, interval 1, probability 0, space 0, times 0
[ 2616.696174][T26231] CPU: 0 PID: 26231 Comm: syz-executor.4 Not tainted 5.15.91-syzkaller-02991-g7e0097918ff8 #0
[ 2616.706237][T26231] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 2616.716132][T26231] Call Trace:
[ 2616.719255][T26231]  <TASK>
[ 2616.722032][T26231]  dump_stack_lvl+0x151/0x1b7
10:52:58 executing program 0:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0xffffff7f)

10:52:58 executing program 3:
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000200)={0x1, 0x58, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r0=>0x0}}, 0x10) (async)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r1, 0xffffffffffffffff, 0x24}, 0x10) (async)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000240)={r1, r0, 0x25, 0x10}, 0x10) (async)
unlink(&(0x7f00000000c0)='./file0\x00')
bpf$OBJ_GET_PROG(0x7, &(0x7f00000002c0)={&(0x7f0000000280)='./file0\x00', 0x0, 0x10}, 0x10) (async)
unlink(&(0x7f0000000100)='./file0\x00') (async)
mkdir(&(0x7f0000000140)='./file0\x00', 0x20) (async)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000080)={&(0x7f0000000000)='./file0\x00', 0x0, 0x18}, 0x10)

10:52:58 executing program 0:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0xffffff7f)

10:52:58 executing program 3:
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000200)={0x1, 0x58, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r0=>0x0}}, 0x10) (async)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r1, 0xffffffffffffffff, 0x24}, 0x10) (async)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000240)={r1, r0, 0x25, 0x10}, 0x10)
unlink(&(0x7f00000000c0)='./file0\x00') (async)
bpf$OBJ_GET_PROG(0x7, &(0x7f00000002c0)={&(0x7f0000000280)='./file0\x00', 0x0, 0x10}, 0x10) (async)
unlink(&(0x7f0000000100)='./file0\x00') (async)
mkdir(&(0x7f0000000140)='./file0\x00', 0x20) (async, rerun: 64)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000080)={&(0x7f0000000000)='./file0\x00', 0x0, 0x18}, 0x10) (rerun: 64)

10:52:58 executing program 0:
ioctl$TUNATTACHFILTER(0xffffffffffffffff, 0x401054d5, &(0x7f0000000a80)={0x7, &(0x7f0000000900)=[{0xc62, 0x1f, 0x45, 0x8000}, {0x3b, 0x4, 0x1, 0x2}, {0xf051, 0xd1, 0xf8, 0x800000}, {0xf766, 0x7, 0x1f, 0x8}, {0x4, 0x2, 0x3, 0x5}, {0x6, 0x6, 0xf2, 0x5}, {0x2, 0x5d, 0xff, 0x1000}]})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x20040, 0x0)
ioctl$TUNSETVNETLE(r0, 0x400454dc, &(0x7f0000000000)=0x3)
ioctl$TUNGETSNDBUF(r0, 0x800454d3, &(0x7f0000000100))
ioctl$TUNSETCARRIER(0xffffffffffffffff, 0x400454e2, &(0x7f0000000980))
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$PERF_EVENT_IOC_RESET(0xffffffffffffffff, 0x2403, 0xf26)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000940)={&(0x7f0000000140), 0x6e, &(0x7f0000000840)=[{&(0x7f00000001c0)=""/25, 0x19}, {&(0x7f0000000200)=""/72, 0x48}, {&(0x7f0000000280)=""/123, 0x7b}, {&(0x7f0000000300)=""/138, 0x8a}, {&(0x7f00000003c0)=""/113, 0x71}, {&(0x7f0000000440)=""/146, 0x92}, {&(0x7f0000000500)=""/142, 0x8e}, {&(0x7f00000005c0)=""/215, 0xd7}, {&(0x7f00000006c0)=""/79, 0x4f}, {&(0x7f0000000740)=""/223, 0xdf}], 0xa, &(0x7f00000009c0)=ANY=[@ANYBLOB="1800000001000100000000000100000081a99168bd7a160ab89c0064f969cd4e54d300fc6fd4c7134b40e22950ca2d7be10bde2e7da8a65983cedd74f3dd3483c354ad9b2dd28a147c907f04a1a25be78aa22fad3fc4472c849c19c7106ccfa488ca2b07539557325f0413558f8b47cd5cf7b45fd09922eb0067a2aa758d000000000000", @ANYRES32, @ANYRES32, @ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00'], 0x38}, 0x60)
mkdir(&(0x7f00000000c0)='./file1\x00', 0x0)

[ 2616.726548][T26231]  ? io_uring_drop_tctx_refs+0x19a/0x19a
[ 2616.732017][T26231]  dump_stack+0x15/0x17
[ 2616.736007][T26231]  should_fail+0x3c0/0x510
[ 2616.740260][T26231]  __should_failslab+0x9f/0xe0
[ 2616.744861][T26231]  should_failslab+0x9/0x20
[ 2616.749204][T26231]  kmem_cache_alloc+0x4f/0x2f0
[ 2616.753805][T26231]  ? copy_fs_struct+0x4e/0x230
[ 2616.758399][T26231]  copy_fs_struct+0x4e/0x230
[ 2616.762827][T26231]  copy_fs+0x72/0x140
[ 2616.766644][T26231]  copy_process+0x1214/0x3250
[ 2616.771160][T26231]  ? proc_fail_nth_write+0x213/0x290
[ 2616.776278][T26231]  ? proc_fail_nth_read+0x220/0x220
[ 2616.781922][T26231]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2616.786866][T26231]  ? vfs_write+0xa37/0x1160
[ 2616.791201][T26231]  ? numa_migrate_prep+0xe0/0xe0
[ 2616.795976][T26231]  kernel_clone+0x21d/0x9c0
[ 2616.800316][T26231]  ? file_end_write+0x1b0/0x1b0
[ 2616.805004][T26231]  ? __kasan_check_write+0x14/0x20
[ 2616.809952][T26231]  ? create_io_thread+0x1e0/0x1e0
[ 2616.814808][T26231]  ? __mutex_lock_slowpath+0x10/0x10
[ 2616.819934][T26231]  __x64_sys_clone+0x289/0x310
[ 2616.824531][T26231]  ? __do_sys_vfork+0x130/0x130
[ 2616.829218][T26231]  ? debug_smp_processor_id+0x17/0x20
[ 2616.834425][T26231]  do_syscall_64+0x44/0xd0
[ 2616.838678][T26231]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2616.844408][T26231] RIP: 0033:0x7fdb204c00c9
[ 2616.848658][T26231] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2616.868120][T26231] RSP: 002b:00007fdb1f233118 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
10:52:58 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x2e00000000000000)

10:52:58 executing program 4:
syz_clone(0x7c0ad580, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 24)

10:52:58 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000100)={&(0x7f0000000080)='./file0\x00'}, 0x10)
unlink(&(0x7f00000000c0)='./file0\x00')
unlink(&(0x7f0000000000)='./file0\x00')
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000180)={&(0x7f0000000140)='./file0\x00'}, 0x10)

10:52:58 executing program 1:
syz_clone(0x39020400, 0x0, 0x0, 0x0, 0x0, 0x0)

10:52:58 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x6)

10:52:58 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x3f00000000000000)

10:52:58 executing program 0:
syz_clone(0x40002000, 0x0, 0xffffffffffffff38, 0x0, 0x0, 0x0)

[ 2616.876344][T26231] RAX: ffffffffffffffda RBX: 00007fdb205dff80 RCX: 00007fdb204c00c9
[ 2616.884156][T26231] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000007c0ad480
[ 2616.891966][T26231] RBP: 00007fdb1f2331d0 R08: 0000000000000000 R09: 0000000000000000
[ 2616.899779][T26231] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000002
[ 2616.907591][T26231] R13: 00007ffddc47e1af R14: 00007fdb1f233300 R15: 0000000000022000
[ 2616.915403][T26231]  </TASK>
[ 2616.952020][T26278] FAULT_INJECTION: forcing a failure.
[ 2616.952020][T26278] name failslab, interval 1, probability 0, space 0, times 0
[ 2616.973136][T26278] CPU: 0 PID: 26278 Comm: syz-executor.4 Not tainted 5.15.91-syzkaller-02991-g7e0097918ff8 #0
[ 2616.983192][T26278] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 2616.993090][T26278] Call Trace:
[ 2616.996210][T26278]  <TASK>
[ 2616.999028][T26278]  dump_stack_lvl+0x151/0x1b7
[ 2617.003503][T26278]  ? io_uring_drop_tctx_refs+0x19a/0x19a
[ 2617.008972][T26278]  dump_stack+0x15/0x17
[ 2617.012961][T26278]  should_fail+0x3c0/0x510
[ 2617.017216][T26278]  __should_failslab+0x9f/0xe0
[ 2617.021814][T26278]  should_failslab+0x9/0x20
[ 2617.026153][T26278]  kmem_cache_alloc+0x4f/0x2f0
[ 2617.030758][T26278]  ? copy_sighand+0x54/0x250
[ 2617.035181][T26278]  ? _raw_spin_unlock+0x4d/0x70
[ 2617.039867][T26278]  copy_sighand+0x54/0x250
[ 2617.044122][T26278]  copy_process+0x123f/0x3250
[ 2617.048633][T26278]  ? proc_fail_nth_write+0x213/0x290
[ 2617.053759][T26278]  ? proc_fail_nth_read+0x220/0x220
[ 2617.058791][T26278]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2617.063743][T26278]  ? vfs_write+0xa37/0x1160
[ 2617.068078][T26278]  ? numa_migrate_prep+0xe0/0xe0
[ 2617.072849][T26278]  kernel_clone+0x21d/0x9c0
[ 2617.077196][T26278]  ? file_end_write+0x1b0/0x1b0
[ 2617.081875][T26278]  ? __kasan_check_write+0x14/0x20
[ 2617.086821][T26278]  ? create_io_thread+0x1e0/0x1e0
[ 2617.091684][T26278]  ? __mutex_lock_slowpath+0x10/0x10
[ 2617.096805][T26278]  __x64_sys_clone+0x289/0x310
[ 2617.101753][T26278]  ? __do_sys_vfork+0x130/0x130
[ 2617.106439][T26278]  ? debug_smp_processor_id+0x17/0x20
[ 2617.111646][T26278]  do_syscall_64+0x44/0xd0
[ 2617.115896][T26278]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2617.121629][T26278] RIP: 0033:0x7fdb204c00c9
[ 2617.125880][T26278] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
10:52:58 executing program 1:
syz_clone(0x39020400, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_clone(0x39020400, 0x0, 0x0, 0x0, 0x0, 0x0) (async)

10:52:58 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000100)={&(0x7f0000000080)='./file0\x00'}, 0x10)
unlink(&(0x7f00000000c0)='./file0\x00')
unlink(&(0x7f0000000000)='./file0\x00')
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000180)={&(0x7f0000000140)='./file0\x00'}, 0x10)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000100)={&(0x7f0000000080)='./file0\x00'}, 0x10) (async)
unlink(&(0x7f00000000c0)='./file0\x00') (async)
unlink(&(0x7f0000000000)='./file0\x00') (async)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000180)={&(0x7f0000000140)='./file0\x00'}, 0x10) (async)

10:52:58 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x4000000000000000)

10:52:58 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x7)

10:52:58 executing program 4:
syz_clone(0x7c0ad580, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 25)

10:52:58 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x10e)

[ 2617.145508][T26278] RSP: 002b:00007fdb1f233118 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 2617.153754][T26278] RAX: ffffffffffffffda RBX: 00007fdb205dff80 RCX: 00007fdb204c00c9
[ 2617.161562][T26278] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000007c0ad480
[ 2617.169374][T26278] RBP: 00007fdb1f2331d0 R08: 0000000000000000 R09: 0000000000000000
[ 2617.177185][T26278] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000002
[ 2617.184996][T26278] R13: 00007ffddc47e1af R14: 00007fdb1f233300 R15: 0000000000022000
[ 2617.192812][T26278]  </TASK>
10:52:58 executing program 1:
syz_clone(0x39020400, 0x0, 0x0, 0x0, 0x0, 0x0)

10:52:58 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x118)

[ 2617.228421][T26290] FAULT_INJECTION: forcing a failure.
[ 2617.228421][T26290] name failslab, interval 1, probability 0, space 0, times 0
[ 2617.253169][T26290] CPU: 1 PID: 26290 Comm: syz-executor.4 Not tainted 5.15.91-syzkaller-02991-g7e0097918ff8 #0
[ 2617.263235][T26290] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 2617.273127][T26290] Call Trace:
[ 2617.276252][T26290]  <TASK>
[ 2617.279043][T26290]  dump_stack_lvl+0x151/0x1b7
[ 2617.283543][T26290]  ? io_uring_drop_tctx_refs+0x19a/0x19a
[ 2617.289010][T26290]  dump_stack+0x15/0x17
[ 2617.293002][T26290]  should_fail+0x3c0/0x510
[ 2617.297257][T26290]  __should_failslab+0x9f/0xe0
[ 2617.301858][T26290]  should_failslab+0x9/0x20
[ 2617.306195][T26290]  kmem_cache_alloc+0x4f/0x2f0
[ 2617.310794][T26290]  ? dup_mm+0x29/0x2e0
[ 2617.314699][T26290]  dup_mm+0x29/0x2e0
[ 2617.319043][T26290]  copy_mm+0x108/0x1b0
[ 2617.322946][T26290]  copy_process+0x1295/0x3250
[ 2617.327459][T26290]  ? proc_fail_nth_write+0x213/0x290
[ 2617.332580][T26290]  ? proc_fail_nth_read+0x220/0x220
[ 2617.337614][T26290]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2617.342561][T26290]  ? vfs_write+0xa37/0x1160
[ 2617.346902][T26290]  ? numa_migrate_prep+0xe0/0xe0
[ 2617.351682][T26290]  kernel_clone+0x21d/0x9c0
[ 2617.356012][T26290]  ? file_end_write+0x1b0/0x1b0
[ 2617.360701][T26290]  ? __kasan_check_write+0x14/0x20
[ 2617.365646][T26290]  ? create_io_thread+0x1e0/0x1e0
[ 2617.370509][T26290]  ? __mutex_lock_slowpath+0x10/0x10
[ 2617.375631][T26290]  __x64_sys_clone+0x289/0x310
[ 2617.380228][T26290]  ? __do_sys_vfork+0x130/0x130
[ 2617.384918][T26290]  ? debug_smp_processor_id+0x17/0x20
[ 2617.390121][T26290]  do_syscall_64+0x44/0xd0
[ 2617.394372][T26290]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2617.400102][T26290] RIP: 0033:0x7fdb204c00c9
[ 2617.404354][T26290] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
10:52:58 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x4000080000000000)

10:52:59 executing program 1:
ioctl$TUNGETSNDBUF(0xffffffffffffffff, 0x800454d3, &(0x7f0000000000))
syz_clone(0x4c020000, 0x0, 0x0, 0x0, 0x0, 0x0)

10:52:59 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000100)={&(0x7f0000000080)='./file0\x00'}, 0x10) (async)
unlink(&(0x7f00000000c0)='./file0\x00') (async)
unlink(&(0x7f0000000000)='./file0\x00') (async)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000180)={&(0x7f0000000140)='./file0\x00'}, 0x10)

[ 2617.423795][T26290] RSP: 002b:00007fdb1f233118 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 2617.432041][T26290] RAX: ffffffffffffffda RBX: 00007fdb205dff80 RCX: 00007fdb204c00c9
[ 2617.439850][T26290] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000007c0ad480
[ 2617.447661][T26290] RBP: 00007fdb1f2331d0 R08: 0000000000000000 R09: 0000000000000000
[ 2617.455473][T26290] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000002
[ 2617.463284][T26290] R13: 00007ffddc47e1af R14: 00007fdb1f233300 R15: 0000000000022000
[ 2617.471099][T26290]  </TASK>
10:52:59 executing program 0:
syz_clone(0x40002000, 0x0, 0xffffffffffffff38, 0x0, 0x0, 0x0)

10:52:59 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x300)

10:52:59 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x8100000000000000)

10:52:59 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)

10:52:59 executing program 1:
ioctl$TUNGETSNDBUF(0xffffffffffffffff, 0x800454d3, &(0x7f0000000000))
syz_clone(0x4c020000, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$TUNGETSNDBUF(0xffffffffffffffff, 0x800454d3, &(0x7f0000000000)) (async)
syz_clone(0x4c020000, 0x0, 0x0, 0x0, 0x0, 0x0) (async)

10:52:59 executing program 4:
syz_clone(0x7c0ad580, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 26)

10:52:59 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)

10:52:59 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x8102000000000000)

10:52:59 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x301)

10:52:59 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)

10:52:59 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x305)

10:52:59 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x8900000000000000)

10:52:59 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x305)

10:52:59 executing program 1:
ioctl$TUNGETSNDBUF(0xffffffffffffffff, 0x800454d3, &(0x7f0000000000)) (async)
syz_clone(0x4c020000, 0x0, 0x0, 0x0, 0x0, 0x0)

10:52:59 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
unlink(&(0x7f00000000c0)='./file0\x00')
r0 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000080)={&(0x7f0000000000)='./file0\x00', 0x0, 0x8}, 0x10)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000140)={&(0x7f0000000100)='./file0\x00', r0}, 0x10)
mkdir(&(0x7f0000000180)='./file0\x00', 0x90)

10:52:59 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x8cffffff00000000)

10:52:59 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x306)

[ 2617.663035][T26348] FAULT_INJECTION: forcing a failure.
[ 2617.663035][T26348] name failslab, interval 1, probability 0, space 0, times 0
[ 2617.702743][T26348] CPU: 1 PID: 26348 Comm: syz-executor.4 Not tainted 5.15.91-syzkaller-02991-g7e0097918ff8 #0
[ 2617.712806][T26348] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 2617.722703][T26348] Call Trace:
[ 2617.725827][T26348]  <TASK>
[ 2617.728602][T26348]  dump_stack_lvl+0x151/0x1b7
[ 2617.733117][T26348]  ? io_uring_drop_tctx_refs+0x19a/0x19a
[ 2617.738591][T26348]  dump_stack+0x15/0x17
[ 2617.742578][T26348]  should_fail+0x3c0/0x510
[ 2617.746856][T26348]  __should_failslab+0x9f/0xe0
[ 2617.751433][T26348]  should_failslab+0x9/0x20
[ 2617.755770][T26348]  kmem_cache_alloc+0x4f/0x2f0
[ 2617.760371][T26348]  ? anon_vma_fork+0x1b9/0x4f0
[ 2617.764968][T26348]  anon_vma_fork+0x1b9/0x4f0
[ 2617.769397][T26348]  dup_mmap+0x760/0xf10
[ 2617.773391][T26348]  ? __delayed_free_task+0x20/0x20
[ 2617.778333][T26348]  ? mm_init+0x807/0x960
[ 2617.782413][T26348]  dup_mm+0x8e/0x2e0
[ 2617.786148][T26348]  copy_mm+0x108/0x1b0
[ 2617.790051][T26348]  copy_process+0x1295/0x3250
[ 2617.794568][T26348]  ? proc_fail_nth_write+0x213/0x290
[ 2617.799693][T26348]  ? proc_fail_nth_read+0x220/0x220
[ 2617.804722][T26348]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2617.809673][T26348]  ? vfs_write+0xa37/0x1160
[ 2617.814006][T26348]  ? numa_migrate_prep+0xe0/0xe0
[ 2617.818780][T26348]  kernel_clone+0x21d/0x9c0
[ 2617.823123][T26348]  ? file_end_write+0x1b0/0x1b0
[ 2617.827806][T26348]  ? __kasan_check_write+0x14/0x20
[ 2617.832757][T26348]  ? create_io_thread+0x1e0/0x1e0
[ 2617.837613][T26348]  ? __mutex_lock_slowpath+0x10/0x10
[ 2617.842736][T26348]  __x64_sys_clone+0x289/0x310
[ 2617.847339][T26348]  ? __do_sys_vfork+0x130/0x130
[ 2617.852025][T26348]  ? debug_smp_processor_id+0x17/0x20
[ 2617.857228][T26348]  do_syscall_64+0x44/0xd0
[ 2617.861481][T26348]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2617.867212][T26348] RIP: 0033:0x7fdb204c00c9
[ 2617.871464][T26348] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2617.890904][T26348] RSP: 002b:00007fdb1f233118 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 2617.899150][T26348] RAX: ffffffffffffffda RBX: 00007fdb205dff80 RCX: 00007fdb204c00c9
10:52:59 executing program 4:
syz_clone(0x7c0ad580, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 27)

10:52:59 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x9100000000000000)

10:52:59 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x308)

10:52:59 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
unlink(&(0x7f00000000c0)='./file0\x00')
r0 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000080)={&(0x7f0000000000)='./file0\x00', 0x0, 0x8}, 0x10)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000140)={&(0x7f0000000100)='./file0\x00', r0}, 0x10)
mkdir(&(0x7f0000000180)='./file0\x00', 0x90)

10:52:59 executing program 1:
syz_clone(0x4c020000, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = openat$cgroup_devices(0xffffffffffffffff, &(0x7f0000000000)='devices.allow\x00', 0x2, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r1, 0xffffffffffffffff, 0x24}, 0x10)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r1, 0x4008240b, &(0x7f0000000080)={0x0, 0x80, 0x20, 0x3, 0x40, 0x6, 0x0, 0x4, 0x50000, 0x5, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x40, 0x2, @perf_config_ext={0x3, 0x3ff}, 0x92021, 0x7f, 0x100, 0x5, 0x9, 0x7, 0x6, 0x0, 0x2, 0x0, 0x6})
write$cgroup_devices(r0, &(0x7f0000001340)=ANY=[@ANYBLOB="61202a3a2a20726d00f9f3864d6c71d3923f3d4a42f4d7623de1d6bae1f8e9e8daeb547987bb5b52d33380c3feead456a16ffe57f23c90f7fc0c86c26e37adb5ae0870558b265a99e6106870426bcce42eae6a6dcd3942febc20688c8a93e36ed72b31993b283264be4b80fe"], 0x9)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000001300)={&(0x7f0000000100)="02eab7a62eed0d33184bfa3099a0a866e5a286b7332d30c8d90338019d39e4610f437bcfe07a409459e672ca1a16d81d822837494e8185ab0a2d2e636729759807ead744545a86beef7ba9d924782e131cd8b4e93a6e9ad4108f58c94f48c908b498e1bfac391a5caff7ec266b87b96ef3275b17a10a8b10a64328b9e4b84293a2fb7316924f3d2345168dc399636a6a25283751", &(0x7f00000001c0)=""/4096, &(0x7f00000011c0)="ca0726bdc9be671195374dd82879476ab53735fbcb54d9ee38b10bb86e9b762b7ec2b8ade1f22c725104f74e99109cc03b5d0cf5bda2754ac7499aa66de824074dde1b96720d33413c131e0025187cde89bcf8360ee46470e679cf80d017edf51ee0b186d4171dc2c5e2531bca88852195a55c331c59245bc9a041bd20f341c4ec0ca1626e93e15541948913469d02", &(0x7f0000001280)="2572ccf6ac117265bef5f458c4a79d372af7b0fb9094d654f67fa03e6a593d050cc0771b475a452f0faf3e9ffb84d4fb0ae2eee833de1840876c4ec2622da60d9eca333d3f4cdb578ee2e8b9177f012a", 0x80000000, r1}, 0x38)
mkdirat$cgroup(r1, &(0x7f00000013c0)='syz0\x00', 0x1ff)

10:52:59 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x305)

[ 2617.906959][T26348] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000007c0ad480
[ 2617.914774][T26348] RBP: 00007fdb1f2331d0 R08: 0000000000000000 R09: 0000000000000000
[ 2617.922583][T26348] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000002
[ 2617.930395][T26348] R13: 00007ffddc47e1af R14: 00007fdb1f233300 R15: 0000000000022000
[ 2617.938213][T26348]  </TASK>
[ 2617.967988][T26358] FAULT_INJECTION: forcing a failure.
[ 2617.967988][T26358] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2617.985531][T26358] CPU: 1 PID: 26358 Comm: syz-executor.4 Not tainted 5.15.91-syzkaller-02991-g7e0097918ff8 #0
[ 2617.995586][T26358] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 2618.005483][T26358] Call Trace:
[ 2618.008604][T26358]  <TASK>
[ 2618.011383][T26358]  dump_stack_lvl+0x151/0x1b7
[ 2618.015897][T26358]  ? io_uring_drop_tctx_refs+0x19a/0x19a
[ 2618.021366][T26358]  ? stack_trace_save+0x12d/0x1f0
[ 2618.026222][T26358]  dump_stack+0x15/0x17
[ 2618.030220][T26358]  should_fail+0x3c0/0x510
[ 2618.034469][T26358]  should_fail_alloc_page+0x58/0x70
[ 2618.039504][T26358]  __alloc_pages+0x1de/0x7c0
[ 2618.043932][T26358]  ? kernel_clone+0x21d/0x9c0
[ 2618.048442][T26358]  ? __count_vm_events+0x30/0x30
[ 2618.053221][T26358]  allocate_slab+0x62/0x580
[ 2618.057557][T26358]  ___slab_alloc+0x2e2/0x6f0
[ 2618.061982][T26358]  ? dup_mm+0x29/0x2e0
[ 2618.065890][T26358]  ? dup_mm+0x29/0x2e0
[ 2618.069793][T26358]  __slab_alloc+0x4a/0x90
[ 2618.073961][T26358]  kmem_cache_alloc+0x205/0x2f0
[ 2618.078646][T26358]  ? dup_mm+0x29/0x2e0
[ 2618.082556][T26358]  dup_mm+0x29/0x2e0
[ 2618.086287][T26358]  copy_mm+0x108/0x1b0
[ 2618.090189][T26358]  copy_process+0x1295/0x3250
[ 2618.094703][T26358]  ? proc_fail_nth_write+0x213/0x290
[ 2618.099825][T26358]  ? proc_fail_nth_read+0x220/0x220
[ 2618.104853][T26358]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2618.109801][T26358]  ? vfs_write+0xa37/0x1160
[ 2618.114139][T26358]  ? numa_migrate_prep+0xe0/0xe0
[ 2618.118917][T26358]  kernel_clone+0x21d/0x9c0
[ 2618.123253][T26358]  ? file_end_write+0x1b0/0x1b0
[ 2618.127943][T26358]  ? __kasan_check_write+0x14/0x20
[ 2618.132888][T26358]  ? create_io_thread+0x1e0/0x1e0
[ 2618.137751][T26358]  ? __mutex_lock_slowpath+0x10/0x10
[ 2618.142869][T26358]  __x64_sys_clone+0x289/0x310
[ 2618.147468][T26358]  ? __do_sys_vfork+0x130/0x130
[ 2618.152156][T26358]  ? debug_smp_processor_id+0x17/0x20
[ 2618.157361][T26358]  do_syscall_64+0x44/0xd0
[ 2618.161615][T26358]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2618.167344][T26358] RIP: 0033:0x7fdb204c00c9
[ 2618.171608][T26358] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2618.191042][T26358] RSP: 002b:00007fdb1f233118 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 2618.199282][T26358] RAX: ffffffffffffffda RBX: 00007fdb205dff80 RCX: 00007fdb204c00c9
[ 2618.207102][T26358] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000007c0ad480
10:52:59 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x9517000000000000)

10:52:59 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
unlink(&(0x7f00000000c0)='./file0\x00') (async)
r0 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000080)={&(0x7f0000000000)='./file0\x00', 0x0, 0x8}, 0x10)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000140)={&(0x7f0000000100)='./file0\x00', r0}, 0x10) (async)
mkdir(&(0x7f0000000180)='./file0\x00', 0x90)

10:52:59 executing program 1:
syz_clone(0x4c020000, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
r0 = openat$cgroup_devices(0xffffffffffffffff, &(0x7f0000000000)='devices.allow\x00', 0x2, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r1, 0xffffffffffffffff, 0x24}, 0x10) (async)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r1, 0x4008240b, &(0x7f0000000080)={0x0, 0x80, 0x20, 0x3, 0x40, 0x6, 0x0, 0x4, 0x50000, 0x5, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x40, 0x2, @perf_config_ext={0x3, 0x3ff}, 0x92021, 0x7f, 0x100, 0x5, 0x9, 0x7, 0x6, 0x0, 0x2, 0x0, 0x6})
write$cgroup_devices(r0, &(0x7f0000001340)=ANY=[@ANYBLOB="61202a3a2a20726d00f9f3864d6c71d3923f3d4a42f4d7623de1d6bae1f8e9e8daeb547987bb5b52d33380c3feead456a16ffe57f23c90f7fc0c86c26e37adb5ae0870558b265a99e6106870426bcce42eae6a6dcd3942febc20688c8a93e36ed72b31993b283264be4b80fe"], 0x9) (async)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000001300)={&(0x7f0000000100)="02eab7a62eed0d33184bfa3099a0a866e5a286b7332d30c8d90338019d39e4610f437bcfe07a409459e672ca1a16d81d822837494e8185ab0a2d2e636729759807ead744545a86beef7ba9d924782e131cd8b4e93a6e9ad4108f58c94f48c908b498e1bfac391a5caff7ec266b87b96ef3275b17a10a8b10a64328b9e4b84293a2fb7316924f3d2345168dc399636a6a25283751", &(0x7f00000001c0)=""/4096, &(0x7f00000011c0)="ca0726bdc9be671195374dd82879476ab53735fbcb54d9ee38b10bb86e9b762b7ec2b8ade1f22c725104f74e99109cc03b5d0cf5bda2754ac7499aa66de824074dde1b96720d33413c131e0025187cde89bcf8360ee46470e679cf80d017edf51ee0b186d4171dc2c5e2531bca88852195a55c331c59245bc9a041bd20f341c4ec0ca1626e93e15541948913469d02", &(0x7f0000001280)="2572ccf6ac117265bef5f458c4a79d372af7b0fb9094d654f67fa03e6a593d050cc0771b475a452f0faf3e9ffb84d4fb0ae2eee833de1840876c4ec2622da60d9eca333d3f4cdb578ee2e8b9177f012a", 0x80000000, r1}, 0x38) (async)
mkdirat$cgroup(r1, &(0x7f00000013c0)='syz0\x00', 0x1ff)

10:52:59 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x30a)

10:52:59 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x9617000000000000)

10:52:59 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
recvmsg(0xffffffffffffffff, &(0x7f0000001180)={&(0x7f0000000180)=@l2tp6={0xa, 0x0, 0x0, @private1}, 0xfffffffffffffdd8, &(0x7f0000000080)}, 0x41)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000100)={&(0x7f0000000080)='./file0\x00', 0x1}, 0x10)
unlink(&(0x7f00000000c0)='./file0\x00')
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000480)={0xffffffffffffffff, 0xe0, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f0000000140)=[0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x6, 0x1, &(0x7f0000000200)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000240)=[0x0], 0x0, 0x8, &(0x7f0000000280)=[{}, {}, {}, {}, {}, {}], 0x30, 0x10, &(0x7f00000002c0), &(0x7f0000000300), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000340)}}, 0x10)
unlink(&(0x7f0000000000)='./file0/../file0\x00')

[ 2618.214912][T26358] RBP: 00007fdb1f2331d0 R08: 0000000000000000 R09: 0000000000000000
[ 2618.222721][T26358] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000002
[ 2618.230529][T26358] R13: 00007ffddc47e1af R14: 00007fdb1f233300 R15: 0000000000022000
[ 2618.238344][T26358]  </TASK>
10:52:59 executing program 4:
syz_clone(0x7c0ad580, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 28)

10:52:59 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x30c)

10:52:59 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x305)

10:52:59 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
recvmsg(0xffffffffffffffff, &(0x7f0000001180)={&(0x7f0000000180)=@l2tp6={0xa, 0x0, 0x0, @private1}, 0xfffffffffffffdd8, &(0x7f0000000080)}, 0x41)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000100)={&(0x7f0000000080)='./file0\x00', 0x1}, 0x10)
unlink(&(0x7f00000000c0)='./file0\x00')
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000480)={0xffffffffffffffff, 0xe0, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f0000000140)=[0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x6, 0x1, &(0x7f0000000200)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000240)=[0x0], 0x0, 0x8, &(0x7f0000000280)=[{}, {}, {}, {}, {}, {}], 0x30, 0x10, &(0x7f00000002c0), &(0x7f0000000300), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000340)}}, 0x10)
unlink(&(0x7f0000000000)='./file0/../file0\x00')
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
recvmsg(0xffffffffffffffff, &(0x7f0000001180)={&(0x7f0000000180)=@l2tp6={0xa, 0x0, 0x0, @private1}, 0xfffffffffffffdd8, &(0x7f0000000080)}, 0x41) (async)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000100)={&(0x7f0000000080)='./file0\x00', 0x1}, 0x10) (async)
unlink(&(0x7f00000000c0)='./file0\x00') (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000480)={0xffffffffffffffff, 0xe0, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f0000000140)=[0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x6, 0x1, &(0x7f0000000200)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000240)=[0x0], 0x0, 0x8, &(0x7f0000000280)=[{}, {}, {}, {}, {}, {}], 0x30, 0x10, &(0x7f00000002c0), &(0x7f0000000300), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000340)}}, 0x10) (async)
unlink(&(0x7f0000000000)='./file0/../file0\x00') (async)

[ 2618.288528][T26380] FAULT_INJECTION: forcing a failure.
[ 2618.288528][T26380] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2618.316084][T26380] CPU: 1 PID: 26380 Comm: syz-executor.4 Not tainted 5.15.91-syzkaller-02991-g7e0097918ff8 #0
[ 2618.326153][T26380] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 2618.336039][T26380] Call Trace:
[ 2618.339162][T26380]  <TASK>
[ 2618.341943][T26380]  dump_stack_lvl+0x151/0x1b7
[ 2618.346453][T26380]  ? io_uring_drop_tctx_refs+0x19a/0x19a
[ 2618.351920][T26380]  ? pcpu_block_update_hint_alloc+0x972/0xd00
[ 2618.357826][T26380]  dump_stack+0x15/0x17
[ 2618.361816][T26380]  should_fail+0x3c0/0x510
[ 2618.366067][T26380]  should_fail_alloc_page+0x58/0x70
[ 2618.371104][T26380]  __alloc_pages+0x1de/0x7c0
[ 2618.375531][T26380]  ? __count_vm_events+0x30/0x30
[ 2618.380307][T26380]  __get_free_pages+0xe/0x30
[ 2618.384731][T26380]  pgd_alloc+0x22/0x2c0
[ 2618.388724][T26380]  mm_init+0x5bf/0x960
[ 2618.392632][T26380]  dup_mm+0x7e/0x2e0
[ 2618.396359][T26380]  copy_mm+0x108/0x1b0
[ 2618.400269][T26380]  copy_process+0x1295/0x3250
[ 2618.404779][T26380]  ? proc_fail_nth_write+0x213/0x290
[ 2618.409896][T26380]  ? proc_fail_nth_read+0x220/0x220
[ 2618.414932][T26380]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2618.419882][T26380]  ? vfs_write+0xa37/0x1160
[ 2618.424220][T26380]  ? numa_migrate_prep+0xe0/0xe0
[ 2618.428994][T26380]  kernel_clone+0x21d/0x9c0
[ 2618.433331][T26380]  ? file_end_write+0x1b0/0x1b0
10:52:59 executing program 1:
syz_clone(0x4c020000, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
r0 = openat$cgroup_devices(0xffffffffffffffff, &(0x7f0000000000)='devices.allow\x00', 0x2, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r1, 0xffffffffffffffff, 0x24}, 0x10)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r1, 0x4008240b, &(0x7f0000000080)={0x0, 0x80, 0x20, 0x3, 0x40, 0x6, 0x0, 0x4, 0x50000, 0x5, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x40, 0x2, @perf_config_ext={0x3, 0x3ff}, 0x92021, 0x7f, 0x100, 0x5, 0x9, 0x7, 0x6, 0x0, 0x2, 0x0, 0x6}) (async)
write$cgroup_devices(r0, &(0x7f0000001340)=ANY=[@ANYBLOB="61202a3a2a20726d00f9f3864d6c71d3923f3d4a42f4d7623de1d6bae1f8e9e8daeb547987bb5b52d33380c3feead456a16ffe57f23c90f7fc0c86c26e37adb5ae0870558b265a99e6106870426bcce42eae6a6dcd3942febc20688c8a93e36ed72b31993b283264be4b80fe"], 0x9)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000001300)={&(0x7f0000000100)="02eab7a62eed0d33184bfa3099a0a866e5a286b7332d30c8d90338019d39e4610f437bcfe07a409459e672ca1a16d81d822837494e8185ab0a2d2e636729759807ead744545a86beef7ba9d924782e131cd8b4e93a6e9ad4108f58c94f48c908b498e1bfac391a5caff7ec266b87b96ef3275b17a10a8b10a64328b9e4b84293a2fb7316924f3d2345168dc399636a6a25283751", &(0x7f00000001c0)=""/4096, &(0x7f00000011c0)="ca0726bdc9be671195374dd82879476ab53735fbcb54d9ee38b10bb86e9b762b7ec2b8ade1f22c725104f74e99109cc03b5d0cf5bda2754ac7499aa66de824074dde1b96720d33413c131e0025187cde89bcf8360ee46470e679cf80d017edf51ee0b186d4171dc2c5e2531bca88852195a55c331c59245bc9a041bd20f341c4ec0ca1626e93e15541948913469d02", &(0x7f0000001280)="2572ccf6ac117265bef5f458c4a79d372af7b0fb9094d654f67fa03e6a593d050cc0771b475a452f0faf3e9ffb84d4fb0ae2eee833de1840876c4ec2622da60d9eca333d3f4cdb578ee2e8b9177f012a", 0x80000000, r1}, 0x38) (async)
mkdirat$cgroup(r1, &(0x7f00000013c0)='syz0\x00', 0x1ff)

10:52:59 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x324)

10:52:59 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
recvmsg(0xffffffffffffffff, &(0x7f0000001180)={&(0x7f0000000180)=@l2tp6={0xa, 0x0, 0x0, @private1}, 0xfffffffffffffdd8, &(0x7f0000000080)}, 0x41)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000100)={&(0x7f0000000080)='./file0\x00', 0x1}, 0x10) (async)
unlink(&(0x7f00000000c0)='./file0\x00') (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000480)={0xffffffffffffffff, 0xe0, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f0000000140)=[0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x6, 0x1, &(0x7f0000000200)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000240)=[0x0], 0x0, 0x8, &(0x7f0000000280)=[{}, {}, {}, {}, {}, {}], 0x30, 0x10, &(0x7f00000002c0), &(0x7f0000000300), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000340)}}, 0x10) (async)
unlink(&(0x7f0000000000)='./file0/../file0\x00')

10:52:59 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
unlink(&(0x7f00000000c0)='./file0\x00')

10:52:59 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
unlink(&(0x7f00000000c0)='./file0\x00')
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
unlink(&(0x7f00000000c0)='./file0\x00') (async)

10:53:00 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
unlink(&(0x7f00000000c0)='./file0\x00')
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
unlink(&(0x7f00000000c0)='./file0\x00') (async)

[ 2618.438023][T26380]  ? __kasan_check_write+0x14/0x20
[ 2618.442968][T26380]  ? create_io_thread+0x1e0/0x1e0
[ 2618.447826][T26380]  ? __mutex_lock_slowpath+0x10/0x10
[ 2618.452951][T26380]  __x64_sys_clone+0x289/0x310
[ 2618.457548][T26380]  ? __do_sys_vfork+0x130/0x130
[ 2618.462235][T26380]  ? debug_smp_processor_id+0x17/0x20
[ 2618.467439][T26380]  do_syscall_64+0x44/0xd0
[ 2618.471702][T26380]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2618.477417][T26380] RIP: 0033:0x7fdb204c00c9
[ 2618.481677][T26380] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2618.501115][T26380] RSP: 002b:00007fdb1f233118 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 2618.509358][T26380] RAX: ffffffffffffffda RBX: 00007fdb205dff80 RCX: 00007fdb204c00c9
[ 2618.517172][T26380] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000007c0ad480
[ 2618.524983][T26380] RBP: 00007fdb1f2331d0 R08: 0000000000000000 R09: 0000000000000000
10:53:00 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0xa1ffffff00000000)

10:53:00 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x11, 0x2, &(0x7f0000000080)=@raw=[@generic={0x3, 0x7, 0xf, 0x7fff, 0x5}, @exit], &(0x7f0000000100)='GPL\x00', 0x2, 0xac, &(0x7f0000000140)=""/172, 0x41000, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000240)={0x3, 0xa, 0xfffffffc, 0x3}, 0x10}, 0x80)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000300)={&(0x7f0000000000)='./file0\x00', r0}, 0x10)
unlink(&(0x7f00000000c0)='./file0\x00')

10:53:00 executing program 4:
syz_clone(0x7c0ad580, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 29)

10:53:00 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x325)

[ 2618.532792][T26380] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000002
[ 2618.540603][T26380] R13: 00007ffddc47e1af R14: 00007fdb1f233300 R15: 0000000000022000
[ 2618.548415][T26380]  </TASK>
[ 2618.584566][T26424] FAULT_INJECTION: forcing a failure.
[ 2618.584566][T26424] name failslab, interval 1, probability 0, space 0, times 0
[ 2618.597058][T26424] CPU: 0 PID: 26424 Comm: syz-executor.4 Not tainted 5.15.91-syzkaller-02991-g7e0097918ff8 #0
[ 2618.607044][T26424] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 2618.616941][T26424] Call Trace:
[ 2618.620064][T26424]  <TASK>
[ 2618.622856][T26424]  dump_stack_lvl+0x151/0x1b7
[ 2618.627355][T26424]  ? io_uring_drop_tctx_refs+0x19a/0x19a
[ 2618.632823][T26424]  dump_stack+0x15/0x17
[ 2618.636816][T26424]  should_fail+0x3c0/0x510
[ 2618.641071][T26424]  __should_failslab+0x9f/0xe0
[ 2618.645666][T26424]  should_failslab+0x9/0x20
[ 2618.650008][T26424]  kmem_cache_alloc+0x4f/0x2f0
[ 2618.654610][T26424]  ? vm_area_dup+0x26/0x220
[ 2618.658948][T26424]  ? __kasan_check_read+0x11/0x20
[ 2618.663809][T26424]  vm_area_dup+0x26/0x220
[ 2618.667975][T26424]  dup_mmap+0x6c8/0xf10
[ 2618.671969][T26424]  ? __delayed_free_task+0x20/0x20
[ 2618.676913][T26424]  ? mm_init+0x807/0x960
[ 2618.680996][T26424]  dup_mm+0x8e/0x2e0
[ 2618.684723][T26424]  copy_mm+0x108/0x1b0
[ 2618.688631][T26424]  copy_process+0x1295/0x3250
[ 2618.693144][T26424]  ? proc_fail_nth_write+0x213/0x290
[ 2618.698264][T26424]  ? proc_fail_nth_read+0x220/0x220
[ 2618.703300][T26424]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2618.708244][T26424]  ? vfs_write+0xa37/0x1160
[ 2618.712585][T26424]  ? numa_migrate_prep+0xe0/0xe0
[ 2618.717358][T26424]  kernel_clone+0x21d/0x9c0
[ 2618.721696][T26424]  ? file_end_write+0x1b0/0x1b0
[ 2618.726382][T26424]  ? __kasan_check_write+0x14/0x20
[ 2618.731329][T26424]  ? create_io_thread+0x1e0/0x1e0
[ 2618.736190][T26424]  ? __mutex_lock_slowpath+0x10/0x10
[ 2618.741310][T26424]  __x64_sys_clone+0x289/0x310
[ 2618.745912][T26424]  ? __do_sys_vfork+0x130/0x130
[ 2618.750604][T26424]  ? debug_smp_processor_id+0x17/0x20
[ 2618.755806][T26424]  do_syscall_64+0x44/0xd0
[ 2618.760061][T26424]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2618.765786][T26424] RIP: 0033:0x7fdb204c00c9
[ 2618.770041][T26424] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2618.789479][T26424] RSP: 002b:00007fdb1f233118 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 2618.797725][T26424] RAX: ffffffffffffffda RBX: 00007fdb205dff80 RCX: 00007fdb204c00c9
[ 2618.805536][T26424] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000007c0ad480
[ 2618.813348][T26424] RBP: 00007fdb1f2331d0 R08: 0000000000000000 R09: 0000000000000000
[ 2618.821159][T26424] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000002
10:53:00 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x305)

10:53:00 executing program 1:
unlink(&(0x7f0000000000)='./file0\x00')
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000080)={&(0x7f0000000040)='./file1\x00'}, 0x10)
syz_clone(0x24102400, 0x0, 0x0, 0x0, 0x0, 0x0)

10:53:00 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0xa1ffffffffffffff)

10:53:00 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x11, 0x2, &(0x7f0000000080)=@raw=[@generic={0x3, 0x7, 0xf, 0x7fff, 0x5}, @exit], &(0x7f0000000100)='GPL\x00', 0x2, 0xac, &(0x7f0000000140)=""/172, 0x41000, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000240)={0x3, 0xa, 0xfffffffc, 0x3}, 0x10}, 0x80)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000300)={&(0x7f0000000000)='./file0\x00', r0}, 0x10) (async)
unlink(&(0x7f00000000c0)='./file0\x00')

10:53:00 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x337)

10:53:00 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x339)

10:53:00 executing program 4:
syz_clone(0x7c0ad580, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 30)

[ 2618.828969][T26424] R13: 00007ffddc47e1af R14: 00007fdb1f233300 R15: 0000000000022000
[ 2618.836783][T26424]  </TASK>
10:53:00 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0xe4ffffff00000000)

10:53:00 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x11, 0x2, &(0x7f0000000080)=@raw=[@generic={0x3, 0x7, 0xf, 0x7fff, 0x5}, @exit], &(0x7f0000000100)='GPL\x00', 0x2, 0xac, &(0x7f0000000140)=""/172, 0x41000, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000240)={0x3, 0xa, 0xfffffffc, 0x3}, 0x10}, 0x80)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000300)={&(0x7f0000000000)='./file0\x00', r0}, 0x10) (async)
unlink(&(0x7f00000000c0)='./file0\x00')

10:53:00 executing program 1:
unlink(&(0x7f0000000000)='./file0\x00')
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000080)={&(0x7f0000000040)='./file1\x00'}, 0x10)
syz_clone(0x24102400, 0x0, 0x0, 0x0, 0x0, 0x0)
unlink(&(0x7f0000000000)='./file0\x00') (async)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000080)={&(0x7f0000000040)='./file1\x00'}, 0x10) (async)
syz_clone(0x24102400, 0x0, 0x0, 0x0, 0x0, 0x0) (async)

10:53:00 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0xfffffffe)

10:53:00 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0xec00000000000000)

[ 2618.866477][T26440] FAULT_INJECTION: forcing a failure.
[ 2618.866477][T26440] name failslab, interval 1, probability 0, space 0, times 0
[ 2618.890181][T26440] CPU: 1 PID: 26440 Comm: syz-executor.4 Not tainted 5.15.91-syzkaller-02991-g7e0097918ff8 #0
[ 2618.900247][T26440] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 2618.910141][T26440] Call Trace:
[ 2618.913261][T26440]  <TASK>
[ 2618.916039][T26440]  dump_stack_lvl+0x151/0x1b7
[ 2618.920553][T26440]  ? io_uring_drop_tctx_refs+0x19a/0x19a
[ 2618.926017][T26440]  ? do_syscall_64+0x44/0xd0
[ 2618.930444][T26440]  dump_stack+0x15/0x17
[ 2618.934438][T26440]  should_fail+0x3c0/0x510
[ 2618.938690][T26440]  __should_failslab+0x9f/0xe0
[ 2618.943287][T26440]  should_failslab+0x9/0x20
[ 2618.947627][T26440]  kmem_cache_alloc+0x4f/0x2f0
[ 2618.952229][T26440]  ? anon_vma_clone+0xa1/0x4f0
[ 2618.956833][T26440]  anon_vma_clone+0xa1/0x4f0
[ 2618.961257][T26440]  anon_vma_fork+0x91/0x4f0
[ 2618.965594][T26440]  ? anon_vma_name+0x4c/0x70
[ 2618.970022][T26440]  dup_mmap+0x760/0xf10
[ 2618.974015][T26440]  ? __delayed_free_task+0x20/0x20
[ 2618.978960][T26440]  ? mm_init+0x807/0x960
[ 2618.983040][T26440]  dup_mm+0x8e/0x2e0
[ 2618.986774][T26440]  copy_mm+0x108/0x1b0
[ 2618.990678][T26440]  copy_process+0x1295/0x3250
[ 2618.995193][T26440]  ? proc_fail_nth_write+0x213/0x290
[ 2619.000311][T26440]  ? proc_fail_nth_read+0x220/0x220
[ 2619.005345][T26440]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2619.010290][T26440]  ? vfs_write+0xa37/0x1160
[ 2619.014632][T26440]  ? numa_migrate_prep+0xe0/0xe0
[ 2619.019405][T26440]  kernel_clone+0x21d/0x9c0
[ 2619.023746][T26440]  ? file_end_write+0x1b0/0x1b0
[ 2619.028431][T26440]  ? __kasan_check_write+0x14/0x20
[ 2619.033377][T26440]  ? create_io_thread+0x1e0/0x1e0
[ 2619.038236][T26440]  ? __mutex_lock_slowpath+0x10/0x10
[ 2619.043359][T26440]  __x64_sys_clone+0x289/0x310
[ 2619.047966][T26440]  ? __do_sys_vfork+0x130/0x130
[ 2619.052647][T26440]  ? debug_smp_processor_id+0x17/0x20
[ 2619.057857][T26440]  do_syscall_64+0x44/0xd0
[ 2619.062107][T26440]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2619.067837][T26440] RIP: 0033:0x7fdb204c00c9
[ 2619.072097][T26440] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2619.091530][T26440] RSP: 002b:00007fdb1f233118 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 2619.099772][T26440] RAX: ffffffffffffffda RBX: 00007fdb205dff80 RCX: 00007fdb204c00c9
[ 2619.107585][T26440] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000007c0ad480
10:53:00 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x305)

10:53:00 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0xf4ffffff00000000)

10:53:00 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x8)
unlink(&(0x7f00000000c0)='./file0\x00')

10:53:00 executing program 1:
unlink(&(0x7f0000000000)='./file0\x00')
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000080)={&(0x7f0000000040)='./file1\x00'}, 0x10)
syz_clone(0x24102400, 0x0, 0x0, 0x0, 0x0, 0x0)
unlink(&(0x7f0000000000)='./file0\x00') (async)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000080)={&(0x7f0000000040)='./file1\x00'}, 0x10) (async)
syz_clone(0x24102400, 0x0, 0x0, 0x0, 0x0, 0x0) (async)

10:53:00 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000080), 0xfffffffffffffd2f)
bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000000000)={r1, r1, 0x4, r1}, 0x10)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFINDEX(r2, 0x400454da, &(0x7f00000011c0))
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335)

10:53:00 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x8) (async)
unlink(&(0x7f00000000c0)='./file0\x00')

[ 2619.115397][T26440] RBP: 00007fdb1f2331d0 R08: 0000000000000000 R09: 0000000000000000
[ 2619.123212][T26440] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000002
[ 2619.131019][T26440] R13: 00007ffddc47e1af R14: 00007fdb1f233300 R15: 0000000000022000
[ 2619.138834][T26440]  </TASK>
10:53:00 executing program 4:
syz_clone(0x7c0ad580, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 31)

10:53:00 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x305)

10:53:00 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0xf6ffffff00000000)

10:53:00 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x8) (async)
unlink(&(0x7f00000000c0)='./file0\x00')

10:53:00 executing program 1:
syz_clone(0x4c020000, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = syz_clone(0x24880100, &(0x7f00000000c0)="8f920b4f0083f0241f394422af3c8ac2af9a9b4b0dc7af9687568d5e51e46cc4a60fcbdd0cbbbb9a28018315dcde9cd8c5663e1ac362b07cd4747ce140591d705f165b2b821d860d0e8b", 0x4a, &(0x7f0000000140), &(0x7f0000000180), &(0x7f00000001c0)="dfac4a23288424e73635d3e2775a6935a3e1bb9253997217893134f9714dfe33948b42d46ba2b146902a0440215b621c25c9e652fb0e9c3aab1fa137c556dee94113ca1bc731da8377c78012ac1aa7bc424aec4f71bb1d0e2b5e2b9196bf9b60f9290d13b296d1655dc3cbe514910193c03fa3ea1ec841b3ba489d45a17770ffcd77c4")
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000280), 0x8)
r2 = perf_event_open(&(0x7f0000000500)={0x1, 0x80, 0xb9, 0x4c, 0x9, 0x5, 0x0, 0xfffffffffffffffe, 0x0, 0x8, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x5}, 0x3f42, 0x512, 0xffff2df7, 0x1, 0x1, 0xaf2d, 0x800, 0x0, 0x12, 0x0, 0x2}, r0, 0xb, r1, 0x0)
perf_event_open(&(0x7f0000000480)={0x3, 0x80, 0x20, 0x5, 0x80, 0x0, 0x0, 0x5, 0x248, 0x2, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x5e18e663, 0x1, @perf_bp={&(0x7f0000000440), 0x3}, 0x2000, 0x7, 0xd7ff, 0x4, 0x7ff, 0x781, 0x7, 0x0, 0xfffffffc, 0x0, 0x5680000000000}, r0, 0xc, r2, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r1, 0x4008240b, &(0x7f0000000300)={0x1, 0x80, 0x8, 0x3, 0x8, 0x8, 0x0, 0x7, 0x20000, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x8, 0x1, @perf_bp={&(0x7f00000002c0)}, 0x80403, 0x3f, 0x4, 0x5, 0x4, 0x1, 0x8000, 0x0, 0x0, 0x0, 0x257})
perf_event_open(&(0x7f0000000040)={0x4, 0x80, 0x80, 0xff, 0x1, 0x9, 0x0, 0x7ff, 0x0, 0x3, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, @perf_bp={&(0x7f0000000000), 0x6}, 0x0, 0x8, 0xfffffff8, 0x1, 0x2, 0x9b, 0x100, 0x0, 0x6, 0x0, 0x3f}, r0, 0x6, 0xffffffffffffffff, 0x9)
bpf$OBJ_GET_MAP(0x7, &(0x7f00000005c0)={&(0x7f0000000580)='./file0\x00'}, 0x10)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r3, 0xffffffffffffffff, 0x24}, 0x10)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r3, 0x4008240b, &(0x7f00000003c0)={0x1, 0x80, 0x8, 0xfc, 0x1, 0x8, 0x0, 0x9, 0x93c0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x3, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x2c, 0x0, @perf_bp={&(0x7f0000000380), 0xe}, 0x12006, 0x3604, 0x800, 0x3, 0x3, 0x1000, 0xffde, 0x0, 0x2, 0x0, 0x100000001})

10:53:00 executing program 0:
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x305)

10:53:00 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0xfbffffff00000000)

10:53:00 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0xfeffffff00000000)

10:53:00 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0xff01000000000000)

10:53:00 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0xffffff7f00000000)

[ 2619.201744][T26481] FAULT_INJECTION: forcing a failure.
[ 2619.201744][T26481] name failslab, interval 1, probability 0, space 0, times 0
[ 2619.219191][T26481] CPU: 1 PID: 26481 Comm: syz-executor.4 Not tainted 5.15.91-syzkaller-02991-g7e0097918ff8 #0
[ 2619.229252][T26481] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 2619.239147][T26481] Call Trace:
[ 2619.242264][T26481]  <TASK>
[ 2619.245045][T26481]  dump_stack_lvl+0x151/0x1b7
[ 2619.249563][T26481]  ? io_uring_drop_tctx_refs+0x19a/0x19a
[ 2619.255030][T26481]  dump_stack+0x15/0x17
[ 2619.259022][T26481]  should_fail+0x3c0/0x510
[ 2619.263273][T26481]  __should_failslab+0x9f/0xe0
[ 2619.267875][T26481]  should_failslab+0x9/0x20
[ 2619.272214][T26481]  kmem_cache_alloc+0x4f/0x2f0
[ 2619.276819][T26481]  ? vm_area_dup+0x26/0x220
[ 2619.281153][T26481]  vm_area_dup+0x26/0x220
[ 2619.285321][T26481]  dup_mmap+0x6c8/0xf10
[ 2619.289313][T26481]  ? __delayed_free_task+0x20/0x20
[ 2619.294260][T26481]  ? mm_init+0x807/0x960
[ 2619.298337][T26481]  dup_mm+0x8e/0x2e0
[ 2619.302070][T26481]  copy_mm+0x108/0x1b0
[ 2619.305976][T26481]  copy_process+0x1295/0x3250
[ 2619.310487][T26481]  ? proc_fail_nth_write+0x213/0x290
[ 2619.315608][T26481]  ? proc_fail_nth_read+0x220/0x220
[ 2619.320643][T26481]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2619.325590][T26481]  ? vfs_write+0xa37/0x1160
[ 2619.329928][T26481]  ? numa_migrate_prep+0xe0/0xe0
[ 2619.334704][T26481]  kernel_clone+0x21d/0x9c0
[ 2619.339040][T26481]  ? file_end_write+0x1b0/0x1b0
[ 2619.343727][T26481]  ? __kasan_check_write+0x14/0x20
[ 2619.348677][T26481]  ? create_io_thread+0x1e0/0x1e0
[ 2619.353538][T26481]  ? __mutex_lock_slowpath+0x10/0x10
[ 2619.358655][T26481]  __x64_sys_clone+0x289/0x310
[ 2619.363253][T26481]  ? __do_sys_vfork+0x130/0x130
[ 2619.367942][T26481]  ? debug_smp_processor_id+0x17/0x20
[ 2619.373147][T26481]  do_syscall_64+0x44/0xd0
[ 2619.377402][T26481]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2619.383129][T26481] RIP: 0033:0x7fdb204c00c9
[ 2619.387383][T26481] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2619.406824][T26481] RSP: 002b:00007fdb1f233118 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 2619.415067][T26481] RAX: ffffffffffffffda RBX: 00007fdb205dff80 RCX: 00007fdb204c00c9
[ 2619.422880][T26481] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000007c0ad480
[ 2619.430690][T26481] RBP: 00007fdb1f2331d0 R08: 0000000000000000 R09: 0000000000000000
[ 2619.438501][T26481] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000002
10:53:00 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0xffffffff00000000)

10:53:01 executing program 0:
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x305)

10:53:01 executing program 4:
syz_clone(0x7c0ad580, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 32)

10:53:01 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000000)={0xffffffffffffffff, 0xd98, 0x8}, 0xc)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r0, 0xffffffffffffffff, 0x24}, 0x10)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r1, 0xffffffffffffffff, 0x24}, 0x10)
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000080)={r0, r1}, 0xc)
r2 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f00000003c0)='./file0\x00'}, 0x10)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@map, 0xffffffffffffffff, 0x24}, 0xffffffffffffff5e)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000800)={r1, 0xe0, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000540)=[0x0], ""/16, <r4=>0x0, 0x0, 0x0, 0x0, 0x1, 0x4, &(0x7f0000000580)=[0x0], &(0x7f00000005c0)=[0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000600)=[{}, {}, {}], 0x18, 0x10, &(0x7f0000000640), &(0x7f0000000680), 0x8, 0x10, 0x8, 0x8, &(0x7f00000006c0)}}, 0x10)
r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r5, 0xffffffffffffffff, 0x24}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x18, 0x11, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x4}, [@map_fd={0x18, 0x5, 0x1, 0x0, r2}, @map_fd={0x18, 0x1, 0x1, 0x0, r1}, @alu={0x3, 0x1, 0x3, 0x0, 0x8, 0x8c}, @map_val={0x18, 0x8, 0x2, 0x0, r1, 0x0, 0x0, 0x0, 0x8}, @map_fd={0x18, 0x7, 0x1, 0x0, r3}, @cb_func={0x18, 0x5, 0x4, 0x0, 0x2}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x4}, @map_fd={0x18, 0x0, 0x1, 0x0, r0}]}, &(0x7f0000000500)='syzkaller\x00', 0x7b, 0x0, 0x0, 0x40f00, 0x10, '\x00', r4, 0x23, r5, 0x8, &(0x7f0000000840)={0x2, 0x5}, 0x8, 0x10, &(0x7f0000000880)={0x5, 0x1, 0x7, 0x2}, 0x10, 0xffffffffffffffff}, 0x80)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x11, 0x7fff, 0x10000, 0xffff, 0x0, 0x1, 0xe000, '\x00', 0x0, r0, 0x5, 0x2}, 0x48)
r7 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0x1d, 0x9, &(0x7f0000000140)=@raw=[@initr0={0x18, 0x0, 0x0, 0x0, 0x391, 0x0, 0x0, 0x0, 0x800}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffa}, @call={0x85, 0x0, 0x0, 0x4b}, @initr0={0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x74}, @cb_func={0x18, 0x3}, @func={0x85, 0x0, 0x1, 0x0, 0x4}], &(0x7f00000001c0)='GPL\x00', 0x20, 0x46, &(0x7f0000000200)=""/70, 0x40f00, 0xe, '\x00', 0x0, 0x1b, r1, 0x8, &(0x7f0000000280)={0x4, 0x4}, 0x8, 0x10, &(0x7f00000002c0)={0x2, 0x6, 0x8000, 0x36}, 0x10, 0xffffffffffffffff}, 0x80)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000380)={@map=r6, r7, 0x19, 0x5, r1}, 0x14)

10:53:01 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000080), 0xfffffffffffffd2f)
bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000000000)={r1, r1, 0x4, r1}, 0x10)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFINDEX(r2, 0x400454da, &(0x7f00000011c0))
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335)
openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) (async)
bpf$ITER_CREATE(0x21, &(0x7f0000000080), 0xfffffffffffffd2f) (async)
bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000000000)={r1, r1, 0x4, r1}, 0x10) (async)
openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0) (async)
ioctl$TUNSETIFINDEX(r2, 0x400454da, &(0x7f00000011c0)) (async)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'\x00', 0x1}) (async)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335) (async)

10:53:01 executing program 1:
syz_clone(0x4c020000, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = syz_clone(0x24880100, &(0x7f00000000c0)="8f920b4f0083f0241f394422af3c8ac2af9a9b4b0dc7af9687568d5e51e46cc4a60fcbdd0cbbbb9a28018315dcde9cd8c5663e1ac362b07cd4747ce140591d705f165b2b821d860d0e8b", 0x4a, &(0x7f0000000140), &(0x7f0000000180), &(0x7f00000001c0)="dfac4a23288424e73635d3e2775a6935a3e1bb9253997217893134f9714dfe33948b42d46ba2b146902a0440215b621c25c9e652fb0e9c3aab1fa137c556dee94113ca1bc731da8377c78012ac1aa7bc424aec4f71bb1d0e2b5e2b9196bf9b60f9290d13b296d1655dc3cbe514910193c03fa3ea1ec841b3ba489d45a17770ffcd77c4")
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000280), 0x8)
r2 = perf_event_open(&(0x7f0000000500)={0x1, 0x80, 0xb9, 0x4c, 0x9, 0x5, 0x0, 0xfffffffffffffffe, 0x0, 0x8, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x5}, 0x3f42, 0x512, 0xffff2df7, 0x1, 0x1, 0xaf2d, 0x800, 0x0, 0x12, 0x0, 0x2}, r0, 0xb, r1, 0x0)
perf_event_open(&(0x7f0000000480)={0x3, 0x80, 0x20, 0x5, 0x80, 0x0, 0x0, 0x5, 0x248, 0x2, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x5e18e663, 0x1, @perf_bp={&(0x7f0000000440), 0x3}, 0x2000, 0x7, 0xd7ff, 0x4, 0x7ff, 0x781, 0x7, 0x0, 0xfffffffc, 0x0, 0x5680000000000}, r0, 0xc, r2, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r1, 0x4008240b, &(0x7f0000000300)={0x1, 0x80, 0x8, 0x3, 0x8, 0x8, 0x0, 0x7, 0x20000, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x8, 0x1, @perf_bp={&(0x7f00000002c0)}, 0x80403, 0x3f, 0x4, 0x5, 0x4, 0x1, 0x8000, 0x0, 0x0, 0x0, 0x257})
perf_event_open(&(0x7f0000000040)={0x4, 0x80, 0x80, 0xff, 0x1, 0x9, 0x0, 0x7ff, 0x0, 0x3, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, @perf_bp={&(0x7f0000000000), 0x6}, 0x0, 0x8, 0xfffffff8, 0x1, 0x2, 0x9b, 0x100, 0x0, 0x6, 0x0, 0x3f}, r0, 0x6, 0xffffffffffffffff, 0x9)
bpf$OBJ_GET_MAP(0x7, &(0x7f00000005c0)={&(0x7f0000000580)='./file0\x00'}, 0x10)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r3, 0xffffffffffffffff, 0x24}, 0x10)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r3, 0x4008240b, &(0x7f00000003c0)={0x1, 0x80, 0x8, 0xfc, 0x1, 0x8, 0x0, 0x9, 0x93c0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x3, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x2c, 0x0, @perf_bp={&(0x7f0000000380), 0xe}, 0x12006, 0x3604, 0x800, 0x3, 0x3, 0x1000, 0xffde, 0x0, 0x2, 0x0, 0x100000001})
syz_clone(0x4c020000, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
syz_clone(0x24880100, &(0x7f00000000c0)="8f920b4f0083f0241f394422af3c8ac2af9a9b4b0dc7af9687568d5e51e46cc4a60fcbdd0cbbbb9a28018315dcde9cd8c5663e1ac362b07cd4747ce140591d705f165b2b821d860d0e8b", 0x4a, &(0x7f0000000140), &(0x7f0000000180), &(0x7f00000001c0)="dfac4a23288424e73635d3e2775a6935a3e1bb9253997217893134f9714dfe33948b42d46ba2b146902a0440215b621c25c9e652fb0e9c3aab1fa137c556dee94113ca1bc731da8377c78012ac1aa7bc424aec4f71bb1d0e2b5e2b9196bf9b60f9290d13b296d1655dc3cbe514910193c03fa3ea1ec841b3ba489d45a17770ffcd77c4") (async)
bpf$ITER_CREATE(0x21, &(0x7f0000000280), 0x8) (async)
perf_event_open(&(0x7f0000000500)={0x1, 0x80, 0xb9, 0x4c, 0x9, 0x5, 0x0, 0xfffffffffffffffe, 0x0, 0x8, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x5}, 0x3f42, 0x512, 0xffff2df7, 0x1, 0x1, 0xaf2d, 0x800, 0x0, 0x12, 0x0, 0x2}, r0, 0xb, r1, 0x0) (async)
perf_event_open(&(0x7f0000000480)={0x3, 0x80, 0x20, 0x5, 0x80, 0x0, 0x0, 0x5, 0x248, 0x2, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x5e18e663, 0x1, @perf_bp={&(0x7f0000000440), 0x3}, 0x2000, 0x7, 0xd7ff, 0x4, 0x7ff, 0x781, 0x7, 0x0, 0xfffffffc, 0x0, 0x5680000000000}, r0, 0xc, r2, 0x0) (async)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r1, 0x4008240b, &(0x7f0000000300)={0x1, 0x80, 0x8, 0x3, 0x8, 0x8, 0x0, 0x7, 0x20000, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x8, 0x1, @perf_bp={&(0x7f00000002c0)}, 0x80403, 0x3f, 0x4, 0x5, 0x4, 0x1, 0x8000, 0x0, 0x0, 0x0, 0x257}) (async)
perf_event_open(&(0x7f0000000040)={0x4, 0x80, 0x80, 0xff, 0x1, 0x9, 0x0, 0x7ff, 0x0, 0x3, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, @perf_bp={&(0x7f0000000000), 0x6}, 0x0, 0x8, 0xfffffff8, 0x1, 0x2, 0x9b, 0x100, 0x0, 0x6, 0x0, 0x3f}, r0, 0x6, 0xffffffffffffffff, 0x9) (async)
bpf$OBJ_GET_MAP(0x7, &(0x7f00000005c0)={&(0x7f0000000580)='./file0\x00'}, 0x10) (async)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0) (async)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r3, 0xffffffffffffffff, 0x24}, 0x10) (async)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r3, 0x4008240b, &(0x7f00000003c0)={0x1, 0x80, 0x8, 0xfc, 0x1, 0x8, 0x0, 0x9, 0x93c0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x3, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x2c, 0x0, @perf_bp={&(0x7f0000000380), 0xe}, 0x12006, 0x3604, 0x800, 0x3, 0x3, 0x1000, 0xffde, 0x0, 0x2, 0x0, 0x100000001}) (async)

10:53:01 executing program 0:
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x305)

[ 2619.446313][T26481] R13: 00007ffddc47e1af R14: 00007fdb1f233300 R15: 0000000000022000
[ 2619.454125][T26481]  </TASK>
10:53:01 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0xffffffffffffffa1)

10:53:01 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000000)={0xffffffffffffffff, 0xd98, 0x8}, 0xc)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r0, 0xffffffffffffffff, 0x24}, 0x10)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r1, 0xffffffffffffffff, 0x24}, 0x10)
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000080)={r0, r1}, 0xc)
r2 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f00000003c0)='./file0\x00'}, 0x10)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@map, 0xffffffffffffffff, 0x24}, 0xffffffffffffff5e)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000800)={r1, 0xe0, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000540)=[0x0], ""/16, <r4=>0x0, 0x0, 0x0, 0x0, 0x1, 0x4, &(0x7f0000000580)=[0x0], &(0x7f00000005c0)=[0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000600)=[{}, {}, {}], 0x18, 0x10, &(0x7f0000000640), &(0x7f0000000680), 0x8, 0x10, 0x8, 0x8, &(0x7f00000006c0)}}, 0x10)
r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r5, 0xffffffffffffffff, 0x24}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x18, 0x11, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x4}, [@map_fd={0x18, 0x5, 0x1, 0x0, r2}, @map_fd={0x18, 0x1, 0x1, 0x0, r1}, @alu={0x3, 0x1, 0x3, 0x0, 0x8, 0x8c}, @map_val={0x18, 0x8, 0x2, 0x0, r1, 0x0, 0x0, 0x0, 0x8}, @map_fd={0x18, 0x7, 0x1, 0x0, r3}, @cb_func={0x18, 0x5, 0x4, 0x0, 0x2}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x4}, @map_fd={0x18, 0x0, 0x1, 0x0, r0}]}, &(0x7f0000000500)='syzkaller\x00', 0x7b, 0x0, 0x0, 0x40f00, 0x10, '\x00', r4, 0x23, r5, 0x8, &(0x7f0000000840)={0x2, 0x5}, 0x8, 0x10, &(0x7f0000000880)={0x5, 0x1, 0x7, 0x2}, 0x10, 0xffffffffffffffff}, 0x80)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x11, 0x7fff, 0x10000, 0xffff, 0x0, 0x1, 0xe000, '\x00', 0x0, r0, 0x5, 0x2}, 0x48)
r7 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0x1d, 0x9, &(0x7f0000000140)=@raw=[@initr0={0x18, 0x0, 0x0, 0x0, 0x391, 0x0, 0x0, 0x0, 0x800}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffa}, @call={0x85, 0x0, 0x0, 0x4b}, @initr0={0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x74}, @cb_func={0x18, 0x3}, @func={0x85, 0x0, 0x1, 0x0, 0x4}], &(0x7f00000001c0)='GPL\x00', 0x20, 0x46, &(0x7f0000000200)=""/70, 0x40f00, 0xe, '\x00', 0x0, 0x1b, r1, 0x8, &(0x7f0000000280)={0x4, 0x4}, 0x8, 0x10, &(0x7f00000002c0)={0x2, 0x6, 0x8000, 0x36}, 0x10, 0xffffffffffffffff}, 0x80)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000380)={@map=r6, r7, 0x19, 0x5, r1}, 0x14)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000000)={0xffffffffffffffff, 0xd98, 0x8}, 0xc) (async)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0) (async)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r0, 0xffffffffffffffff, 0x24}, 0x10) (async)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0) (async)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r1, 0xffffffffffffffff, 0x24}, 0x10) (async)
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000080)={r0, r1}, 0xc) (async)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f00000003c0)='./file0\x00'}, 0x10) (async)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0) (async)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@map, 0xffffffffffffffff, 0x24}, 0xffffffffffffff5e) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000800)={r1, 0xe0, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000540)=[0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x1, 0x4, &(0x7f0000000580)=[0x0], &(0x7f00000005c0)=[0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000600)=[{}, {}, {}], 0x18, 0x10, &(0x7f0000000640), &(0x7f0000000680), 0x8, 0x10, 0x8, 0x8, &(0x7f00000006c0)}}, 0x10) (async)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0) (async)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r5, 0xffffffffffffffff, 0x24}, 0x10) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x18, 0x11, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x4}, [@map_fd={0x18, 0x5, 0x1, 0x0, r2}, @map_fd={0x18, 0x1, 0x1, 0x0, r1}, @alu={0x3, 0x1, 0x3, 0x0, 0x8, 0x8c}, @map_val={0x18, 0x8, 0x2, 0x0, r1, 0x0, 0x0, 0x0, 0x8}, @map_fd={0x18, 0x7, 0x1, 0x0, r3}, @cb_func={0x18, 0x5, 0x4, 0x0, 0x2}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x4}, @map_fd={0x18, 0x0, 0x1, 0x0, r0}]}, &(0x7f0000000500)='syzkaller\x00', 0x7b, 0x0, 0x0, 0x40f00, 0x10, '\x00', r4, 0x23, r5, 0x8, &(0x7f0000000840)={0x2, 0x5}, 0x8, 0x10, &(0x7f0000000880)={0x5, 0x1, 0x7, 0x2}, 0x10, 0xffffffffffffffff}, 0x80) (async)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x11, 0x7fff, 0x10000, 0xffff, 0x0, 0x1, 0xe000, '\x00', 0x0, r0, 0x5, 0x2}, 0x48) (async)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0x1d, 0x9, &(0x7f0000000140)=@raw=[@initr0={0x18, 0x0, 0x0, 0x0, 0x391, 0x0, 0x0, 0x0, 0x800}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffa}, @call={0x85, 0x0, 0x0, 0x4b}, @initr0={0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x74}, @cb_func={0x18, 0x3}, @func={0x85, 0x0, 0x1, 0x0, 0x4}], &(0x7f00000001c0)='GPL\x00', 0x20, 0x46, &(0x7f0000000200)=""/70, 0x40f00, 0xe, '\x00', 0x0, 0x1b, r1, 0x8, &(0x7f0000000280)={0x4, 0x4}, 0x8, 0x10, &(0x7f00000002c0)={0x2, 0x6, 0x8000, 0x36}, 0x10, 0xffffffffffffffff}, 0x80) (async)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000380)={@map=r6, r7, 0x19, 0x5, r1}, 0x14) (async)

10:53:01 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x305)

[ 2619.503719][T26511] FAULT_INJECTION: forcing a failure.
[ 2619.503719][T26511] name failslab, interval 1, probability 0, space 0, times 0
[ 2619.532009][T26511] CPU: 0 PID: 26511 Comm: syz-executor.4 Not tainted 5.15.91-syzkaller-02991-g7e0097918ff8 #0
[ 2619.542088][T26511] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 2619.551980][T26511] Call Trace:
[ 2619.555104][T26511]  <TASK>
[ 2619.557887][T26511]  dump_stack_lvl+0x151/0x1b7
[ 2619.562397][T26511]  ? io_uring_drop_tctx_refs+0x19a/0x19a
[ 2619.567867][T26511]  ? vma_interval_tree_augment_rotate+0x210/0x210
[ 2619.574110][T26511]  dump_stack+0x15/0x17
[ 2619.578103][T26511]  should_fail+0x3c0/0x510
[ 2619.582356][T26511]  __should_failslab+0x9f/0xe0
[ 2619.586956][T26511]  should_failslab+0x9/0x20
[ 2619.591298][T26511]  kmem_cache_alloc+0x4f/0x2f0
[ 2619.595996][T26511]  ? anon_vma_fork+0xf7/0x4f0
[ 2619.600519][T26511]  anon_vma_fork+0xf7/0x4f0
[ 2619.604848][T26511]  ? anon_vma_name+0x4c/0x70
[ 2619.609278][T26511]  dup_mmap+0x760/0xf10
[ 2619.613271][T26511]  ? __delayed_free_task+0x20/0x20
[ 2619.618220][T26511]  ? mm_init+0x807/0x960
[ 2619.622294][T26511]  dup_mm+0x8e/0x2e0
[ 2619.626028][T26511]  copy_mm+0x108/0x1b0
[ 2619.629932][T26511]  copy_process+0x1295/0x3250
[ 2619.634447][T26511]  ? proc_fail_nth_write+0x213/0x290
[ 2619.639564][T26511]  ? proc_fail_nth_read+0x220/0x220
[ 2619.644598][T26511]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2619.649544][T26511]  ? vfs_write+0xa37/0x1160
[ 2619.653888][T26511]  ? numa_migrate_prep+0xe0/0xe0
[ 2619.658661][T26511]  kernel_clone+0x21d/0x9c0
[ 2619.662997][T26511]  ? file_end_write+0x1b0/0x1b0
[ 2619.667683][T26511]  ? __kasan_check_write+0x14/0x20
[ 2619.672631][T26511]  ? create_io_thread+0x1e0/0x1e0
[ 2619.677508][T26511]  ? __mutex_lock_slowpath+0x10/0x10
[ 2619.682616][T26511]  __x64_sys_clone+0x289/0x310
[ 2619.687222][T26511]  ? __do_sys_vfork+0x130/0x130
[ 2619.691904][T26511]  ? debug_smp_processor_id+0x17/0x20
[ 2619.697110][T26511]  do_syscall_64+0x44/0xd0
[ 2619.701360][T26511]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2619.707088][T26511] RIP: 0033:0x7fdb204c00c9
[ 2619.711344][T26511] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2619.730784][T26511] RSP: 002b:00007fdb1f233118 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 2619.739029][T26511] RAX: ffffffffffffffda RBX: 00007fdb205dff80 RCX: 00007fdb204c00c9
[ 2619.746841][T26511] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000007c0ad480
10:53:01 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x305)

10:53:01 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000000)={0xffffffffffffffff, 0xd98, 0x8}, 0xc) (async, rerun: 32)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0) (rerun: 32)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r0, 0xffffffffffffffff, 0x24}, 0x10) (async)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r1, 0xffffffffffffffff, 0x24}, 0x10)
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000080)={r0, r1}, 0xc) (async)
r2 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f00000003c0)='./file0\x00'}, 0x10) (async)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0) (async)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@map, 0xffffffffffffffff, 0x24}, 0xffffffffffffff5e) (async, rerun: 32)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000800)={r1, 0xe0, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000540)=[0x0], ""/16, <r4=>0x0, 0x0, 0x0, 0x0, 0x1, 0x4, &(0x7f0000000580)=[0x0], &(0x7f00000005c0)=[0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000600)=[{}, {}, {}], 0x18, 0x10, &(0x7f0000000640), &(0x7f0000000680), 0x8, 0x10, 0x8, 0x8, &(0x7f00000006c0)}}, 0x10) (async, rerun: 32)
r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r5, 0xffffffffffffffff, 0x24}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x18, 0x11, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x4}, [@map_fd={0x18, 0x5, 0x1, 0x0, r2}, @map_fd={0x18, 0x1, 0x1, 0x0, r1}, @alu={0x3, 0x1, 0x3, 0x0, 0x8, 0x8c}, @map_val={0x18, 0x8, 0x2, 0x0, r1, 0x0, 0x0, 0x0, 0x8}, @map_fd={0x18, 0x7, 0x1, 0x0, r3}, @cb_func={0x18, 0x5, 0x4, 0x0, 0x2}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x4}, @map_fd={0x18, 0x0, 0x1, 0x0, r0}]}, &(0x7f0000000500)='syzkaller\x00', 0x7b, 0x0, 0x0, 0x40f00, 0x10, '\x00', r4, 0x23, r5, 0x8, &(0x7f0000000840)={0x2, 0x5}, 0x8, 0x10, &(0x7f0000000880)={0x5, 0x1, 0x7, 0x2}, 0x10, 0xffffffffffffffff}, 0x80) (async, rerun: 64)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x11, 0x7fff, 0x10000, 0xffff, 0x0, 0x1, 0xe000, '\x00', 0x0, r0, 0x5, 0x2}, 0x48) (async, rerun: 64)
r7 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0x1d, 0x9, &(0x7f0000000140)=@raw=[@initr0={0x18, 0x0, 0x0, 0x0, 0x391, 0x0, 0x0, 0x0, 0x800}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffa}, @call={0x85, 0x0, 0x0, 0x4b}, @initr0={0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x74}, @cb_func={0x18, 0x3}, @func={0x85, 0x0, 0x1, 0x0, 0x4}], &(0x7f00000001c0)='GPL\x00', 0x20, 0x46, &(0x7f0000000200)=""/70, 0x40f00, 0xe, '\x00', 0x0, 0x1b, r1, 0x8, &(0x7f0000000280)={0x4, 0x4}, 0x8, 0x10, &(0x7f00000002c0)={0x2, 0x6, 0x8000, 0x36}, 0x10, 0xffffffffffffffff}, 0x80)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000380)={@map=r6, r7, 0x19, 0x5, r1}, 0x14)

10:53:01 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000080)={&(0x7f0000000000)='./file0\x00', 0x0, 0x18}, 0x10)
recvmsg(0xffffffffffffffff, &(0x7f0000001780)={&(0x7f0000000140)=@pppoe={0x18, 0x0, {0x0, @dev}}, 0x80, &(0x7f0000000700)=[{&(0x7f00000001c0)=""/210, 0xd2}, {&(0x7f00000002c0)=""/80, 0x50}, {&(0x7f0000000340)=""/68, 0x44}, {&(0x7f00000000c0)=""/60, 0x3c}, {&(0x7f00000003c0)=""/235, 0xeb}, {&(0x7f00000004c0)=""/182, 0xb6}, {&(0x7f0000000580)=""/97, 0x61}, {&(0x7f0000000600)=""/217, 0xd9}], 0x8, &(0x7f0000000780)=""/4096, 0x1000}, 0x2042)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0)

10:53:01 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x305)

10:53:01 executing program 4:
syz_clone(0x7c0ad580, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 33)

10:53:01 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000080)={&(0x7f0000000000)='./file0\x00', 0x0, 0x18}, 0x10)
recvmsg(0xffffffffffffffff, &(0x7f0000001780)={&(0x7f0000000140)=@pppoe={0x18, 0x0, {0x0, @dev}}, 0x80, &(0x7f0000000700)=[{&(0x7f00000001c0)=""/210, 0xd2}, {&(0x7f00000002c0)=""/80, 0x50}, {&(0x7f0000000340)=""/68, 0x44}, {&(0x7f00000000c0)=""/60, 0x3c}, {&(0x7f00000003c0)=""/235, 0xeb}, {&(0x7f00000004c0)=""/182, 0xb6}, {&(0x7f0000000580)=""/97, 0x61}, {&(0x7f0000000600)=""/217, 0xd9}], 0x8, &(0x7f0000000780)=""/4096, 0x1000}, 0x2042)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0)

10:53:01 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) (async)
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000080), 0xfffffffffffffd2f)
bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000000000)={r1, r1, 0x4, r1}, 0x10) (async)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFINDEX(r2, 0x400454da, &(0x7f00000011c0)) (async)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335)

10:53:01 executing program 1:
syz_clone(0x4c020000, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = syz_clone(0x24880100, &(0x7f00000000c0)="8f920b4f0083f0241f394422af3c8ac2af9a9b4b0dc7af9687568d5e51e46cc4a60fcbdd0cbbbb9a28018315dcde9cd8c5663e1ac362b07cd4747ce140591d705f165b2b821d860d0e8b", 0x4a, &(0x7f0000000140), &(0x7f0000000180), &(0x7f00000001c0)="dfac4a23288424e73635d3e2775a6935a3e1bb9253997217893134f9714dfe33948b42d46ba2b146902a0440215b621c25c9e652fb0e9c3aab1fa137c556dee94113ca1bc731da8377c78012ac1aa7bc424aec4f71bb1d0e2b5e2b9196bf9b60f9290d13b296d1655dc3cbe514910193c03fa3ea1ec841b3ba489d45a17770ffcd77c4") (async, rerun: 32)
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000280), 0x8) (rerun: 32)
r2 = perf_event_open(&(0x7f0000000500)={0x1, 0x80, 0xb9, 0x4c, 0x9, 0x5, 0x0, 0xfffffffffffffffe, 0x0, 0x8, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x5}, 0x3f42, 0x512, 0xffff2df7, 0x1, 0x1, 0xaf2d, 0x800, 0x0, 0x12, 0x0, 0x2}, r0, 0xb, r1, 0x0)
perf_event_open(&(0x7f0000000480)={0x3, 0x80, 0x20, 0x5, 0x80, 0x0, 0x0, 0x5, 0x248, 0x2, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x5e18e663, 0x1, @perf_bp={&(0x7f0000000440), 0x3}, 0x2000, 0x7, 0xd7ff, 0x4, 0x7ff, 0x781, 0x7, 0x0, 0xfffffffc, 0x0, 0x5680000000000}, r0, 0xc, r2, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r1, 0x4008240b, &(0x7f0000000300)={0x1, 0x80, 0x8, 0x3, 0x8, 0x8, 0x0, 0x7, 0x20000, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x8, 0x1, @perf_bp={&(0x7f00000002c0)}, 0x80403, 0x3f, 0x4, 0x5, 0x4, 0x1, 0x8000, 0x0, 0x0, 0x0, 0x257})
perf_event_open(&(0x7f0000000040)={0x4, 0x80, 0x80, 0xff, 0x1, 0x9, 0x0, 0x7ff, 0x0, 0x3, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, @perf_bp={&(0x7f0000000000), 0x6}, 0x0, 0x8, 0xfffffff8, 0x1, 0x2, 0x9b, 0x100, 0x0, 0x6, 0x0, 0x3f}, r0, 0x6, 0xffffffffffffffff, 0x9) (async)
bpf$OBJ_GET_MAP(0x7, &(0x7f00000005c0)={&(0x7f0000000580)='./file0\x00'}, 0x10) (async, rerun: 32)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0) (rerun: 32)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r3, 0xffffffffffffffff, 0x24}, 0x10)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r3, 0x4008240b, &(0x7f00000003c0)={0x1, 0x80, 0x8, 0xfc, 0x1, 0x8, 0x0, 0x9, 0x93c0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x3, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x2c, 0x0, @perf_bp={&(0x7f0000000380), 0xe}, 0x12006, 0x3604, 0x800, 0x3, 0x3, 0x1000, 0xffde, 0x0, 0x2, 0x0, 0x100000001})

10:53:01 executing program 3:
openat$cgroup_freezer_state(0xffffffffffffffff, &(0x7f0000000000), 0x2, 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x4)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001600)={<r0=>0xffffffffffffffff})
recvmsg$unix(r0, &(0x7f0000001c40)={&(0x7f0000001640), 0x6e, &(0x7f0000001ac0)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9, &(0x7f0000001b80)}, 0x40)
recvmsg$unix(r0, &(0x7f00000002c0)={&(0x7f0000000100), 0x6e, &(0x7f0000000080)=[{&(0x7f0000000180)=""/167, 0xa7}], 0x1, &(0x7f0000000240)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, <r1=>0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x68}, 0x40)
unlink(&(0x7f00000000c0)='./file0\x00')
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
recvmsg(r2, &(0x7f00000015c0)={&(0x7f0000000340)=@generic, 0x80, &(0x7f0000001540)=[{&(0x7f00000003c0)=""/186, 0xba}, {&(0x7f0000000480)=""/86, 0x56}, {&(0x7f0000000500)=""/4096, 0x1000}, {&(0x7f0000001500)=""/17, 0x11}], 0x4, &(0x7f0000001580)=""/30, 0x1e}, 0x10022)
r3 = syz_clone(0x100000, &(0x7f0000001c80)="6b0df212213ab26186e0ea71538d71d008c1fd2c3e603b477cf3d49e02de5c80a4655e9e73909aa71b4fbeab6c6e4d1ab630d05a19785fb98d332d56d5f33ae32cd6cc5799bac7b9fa037c21222e8dee78837461c1417941927c817cd1e5ed14c2302871fae4b4fa33997639ee29b1376c40a6b3efb57f765df39ad3a0d20e934b9a3cab69a75e41cac7c38ff0cdf6c79bffcc2c8bced5d1df363e1abde332a37f1a17fa513eaa6f819ed820ca9e830bb49dc65827f1707afca143b4f12ba50a2486577dc77d6ee7ce93124e94e94a4cd56a753b316e00e6acd2fd5b9c37c2860db8d77271f78eb4fa8e8dae4b85ef81be65234a715a686bd133773f2081840ba7e07e5e51f3dc085f8c66de0223455df8e5df0b2a8d797039cabdf124320aa6ae1fea4a931430c9fcc3c5f8747730b138c96eef237ee54fdb24ea8bbc6d8e45e29b7f6d9e5ee20b92c0df2fe07c87f1ab6dd2eeeb00c332fcd02792f0912bd5059b58f892219dd599cdb00313629aef893adad1c9e7d4c3f7d77e21b2b911385f572ff937cdf11588e2191f7004c3675df790ac950e45d68bb9ce654c886e7e038058a6386a831e22d7c57983ff5f0baa1f8d61b5c8f92f8caac9165fe1185d3ab7da0f1f2975d8a7d6ea7d1848fe62adb7d02eb611cec88dc8fd6c459da17cf063bee6eef71538f2b7d2bc9e7c34f43ffd9c770619e1eba973446594060e948c966c81c11f5d0173ef01da98ddf3d46d0227f105e668096164d7bfe7f96ae037b2643c615d9020b77edc609a0d51a6ff39d6f1db1d39510c19a5f58bae01bcb62977499f0070c3807243ac34e676c340b8f030126c60a5719c73ea3885d4f3ff9e80f4289d624a12e7427b206162339603c79658ce681ac86e6bb2e16fe33f54e8d94e62648eef13b583ea8f00d4c8682fb2497196877f49b539ef13abe7ef3e294e29675cc840da07daf193d977e60177e119e7b1ac159ba353975e7114223cd39087456ac32dc803e4b83f1018849ee16ac9c59ea0d3cb42aa8b4f27dc49fcea6339d51552988f5158ee393b643d7bbc904ab5c4c8f56f30d1909fd020b30e57f7eeb5b088638982930e041711c33252ee947231995aa3b7a3f2053de8175bc580ee6f73cd369d73b26ba931453f4baded96aa62443df3b5d978975c935f5fd7ac47e869d134e099c7f17b7a2fbf22da73e9a3076c41f6f8b1642eb9f21da3be174124ef75c032d77a760d7ee2ccd8dfa9ab81a20e9c15cfd867ad2a081053814d5bab899765dd8e67e02912211b08c2d8fdcc48b46a14fd4040581d45b664e79c50a754a2193f29e5196b9a9c935c11183a2a2b8ec511019acb82bfaf7c825970743a848745e34ba666f9f9609e5c17a45a6e192eba0547249672514877dbcedaa197b6b428b6e5621a8f128f39408d96f8481becde525db6a476a7b967bdd463c8b439e2eacc34a9548fffdccad39bb8acb7afdf150e5398f3f01c754c7a0d620ebde80a40318d34bc3b03a096cf2bf437003d3b5bff9adff7084bae36a20994dc8ec09b36f4c67177f5cb50d25cfc4eb261c9557ba724ff5bf78a0fbc568f5c34080109e030f8d24942218e5f20cbb01c288cf9d6240997616f785e1a7f3d1b0b0812c3c61af1307274ffd1074a29722979e5dba37f8383f28e2acfd745800c77fe3d0b34dc58aa7527cee1866f5418afbc08f913b6b3131d9f3f8d9c31dd0541d78d75a1ac547cbb2de4f346804af0c842a39e4fb34ffd88d6dd38b487366606bffc09416f8932b497461ab1a78d184c381e35fddeefd475c57702cd638eb6fd55105cc6e62d4f4a7ded8ebbdf9fed4a7a604f7d8e20cc07c5a321199e6422fd177adda819f20bd70409a0132de5d627ac5ebbd683db1884e3184c9d803265ca4c53d6caad578819336d882af2335449a056b60a66c6561148157f5f2953eb0362e92ddefd3b320472094d410f4523cf66a25cac97d4ebd7872a38ea25a1ba1f90f6c39649d6744093b5b7a9c76dd3c66e4d4fb77cf46ac7ce085e31def6715a934b19bb3d4774fe6dbeeaf1b2b86ab07e6a7f022c8dbdd82f19ec854586953d9f32c92bea3129219b810c667bdb8887e3e6298a7185bb2ae635f547c7cda69c52d9097bde1a2f279bf7f941775f33334e73661e3fb0c98ad2ddfc7e9944debfa0da387527c3093f10620a5ede7bc8e128e4d66ec880f9d10a2c6911154f1328cf01a632c93486c60026427e3142bf91174534e2f03e897d294d817ce208876ede618671bbe5f6a89772528c2a172bade53831292864fcfec1edd546fe55fb08828241823f101ae51125e052fae100a2b242ff3b31962f2320e855c84f7253e1b770e38d3acb9026db28c1071519d8ba5dcb52c33029ce7d8b42eb5ab35b4961860983447ded6b5f921fdaba2d2ca8d224e8c6c1e03da36c887d7b40810eed73b2884ab0faffd7fff9bd790c50f5a3bdca9908ed3581939999fa9c8ba397e69199a7ac437ca1f82f29b83d3f7039f71f812d7d88fe610dbe526acf3ec284d731705aa74377e925f159b3636cd2b2f39ac899edef283ae1a87f9eff3c3ce3bca06e9e8583c2443c26b6fe72ea5b061855cc6e515982c6bd5da339dbc9b597497e8e2186a46b22f220c343fe280afa54bf8d145f65618f5bbc1f993fb51be11580bd42ff175678af79eb50a8b5e5eca07668d100cfa20b18e089323f7eb61ddf171c8fea192d3c6d332cc1fb83ad259a003f73466669534f733e27c5423a7be3240e3496ff1bb94301eb146cde8d07a5e9b83c13ea0ad3ffb474117e040e18300bbc51c7c4fc12421675d6bf8a85a5de53150e34e284e5d65f2a31a79fad0a1533b48d2f52c4a9c2274e50a463f8765d54dee95e2838e668c73788e91c35e1948a6a9ae9bbcf73607a7d3c5c82f72c35569cef5cd4d034c1550a4539a8f267ef93cc91c5d820525b7c2a8b047b17c46aa0869729f6087d6f225cab453ab701a26a2fd5ea2f74b2ed58549c7a5229e8ca98f1f440c55435adc4fec0c1986ce8baf49ac58a86296acf6b1e2af81d31e4c33e6494b1c798504ab9a65561be04f81470780e04c90429d11906cbb171c075aef75c5172da57b6ba9780ad3ede8c34947861c6e5024c60fbe7e591b4ef596528c95d3f5dbf6317b705eec05a6b348910276cfabf53fa25b910da546479e60ebbe34dbc8cf85a2c3662fecb9f0efcd98696c4f89c6ead150cb287eb39bdb986c572ff0651607c93274e693aab58bf41d8e45e612edb16a346fbe612421749ddb4b873315bc9f873dfe9f8f87ddd91e4a0e7dee7a057d3a833ba1284528a9e9625b92cd57ffa59b3ebf476c616a712fe55044833dba59801ac98da9aebb573ae212498ac5ee991827040c224db3dd7001a3bf29938b7af7a260678622c934a6083838e87b4b2c00a124e091e663401ee8431dcea17730cd57700b7193fbcc41d4ee1dfca688690c2877452e19566080af33c19e3f5defd49d77dda7fd648d9e0f4218dc12c4691a71c1b802547d0d16ee5e60c5c57b4371291a35597754057d40079f96dca625e1306424319d31a96c626d77338d5ba35c85f6324fa4f4c3397d9c6090b5f06c1fd894bda4c2d73389dabd3a695056d1abf951262d6183860642b9120724c38ae1558bb0d6516502f79e970093af658dc3a8955c0b78203826f38b6f612c9243daa075decba240094b3c9da475c2744a41cda39451b2a0f1e705333eea65c138c00c8e420c4b6209708398bbe82672e5cf2fded7d1fa6d26a0c57b72b4f6d09eb70cf314bb10a1ffb3af450155460d5041c873cd90d997ef86c8f0bc905e11ff07bf7d3acfc53f7be67877db7c9f9dd387e1adb11cd34be4fd3a3e53159a94a13aa0dd53e9c18433193d58ee6174755b160133b45784378b494ad4a7abd24f00481cc38f9b6567a386c457888fe37cf8c2f2c0d0ef58a939045be8329e5132c70ef60e01062d8db81c70f3b8cef0dab67bde46edc8e3c87d86067081304556985d1c584d3bd424cc2708c978be0c5475e6726321071defd5feb5c362d96325185129d87215fc57fdd0905fcaf9281773a495c8f482578dd865a25c8e098bda3d7cc6a4473f073e951f754b1951c8272b7d2fcaff663dbfffe4cc0acbd1a4b60a13cdbf5e6fbfd37b60af3359ecba741b11e2ae2b69e3ba8b521f32125944fba88ef10fe03f0b5ab7d4e70d73fa5ab79209d14d26d97b2c7a6df8b202915b38b5fa9bedd00ec0b0cbf6a0e967f6a1058c43ab186376a2f62a4b41764169bca0860c3af1c59acac446739c68934913130c57b82835139731b97864e2443f084c79113a47feea35c939e8482d7661ec31075486d3a60e7abb1bb76e99dfcb9359f5383d86494235f0ef5be4773656bb88c7c16751a1c49fd9921c2e986055642235a64aa6a4ce38c75c385c3d06f02506819e476c18170abf916b6cf0e080e994274c39436db7699b17a312dcc5ee605d7636ddecd1a8c29d34e7c887524e1543088108d09140db40b79e7bdcae7b473289a2b929bac69fe7fa6eec1e94868f0e4ebb97b179dda9ed05b7ffb3a7d4dd9f4d6632956192d00d31bd0825e7d9bb9377ae982359624b849cfe06b4aa29144107d5c973bfca6be751816213ae5ed73fbc9946bfc37428a2b9d99052cb97670cf24e700892af22ba5b0f6458f8f15b122abbd4f2e80a53131831f0405ed3ccebd45abefb54d2362ab67416ab4301068d7bb831dabd6782bdc459104cfb5440ee60066bf1eddd79c13a2a308c131895bbc0e484f6fd072c33606663b71843c25cf538671b95fd7771dbb8108ecb5822ec15879c586245a4b2dc126f15cfe16b900ff593271c518fd7111e13a41d0b34f8aa928f1b28a5dd8eb43da141455e928b398af429d7bf20b13f6d51eea601a05f83b38b2b3fa71e8db89abeb707cc9df2a2e4748c43d15b7252a8148dcd33af0b0c040a89d468c1651ca6f82187aff0e7009769878987124b695908d2964edf1e64c58517d36f9dd75800c4bc0058d2e2419f376229b73eb404c90ba2ac10930f9bf35e5037adf9ea8f321cd84353a8fd2bfbf90bdc6326dd8110e402e1ba1c82d670489efa25830211676d7e91e40692d116c09551606dbcf915cf61b6b7f4c6eaab08319ca891c034d682c3d5262ba213890cba1a9448e5bbd558a7e620803b6e2f706605dbb6a15a13d596f0b7992a409c5b4266ed00c07a3aac4ee1534b60c84d8bec6942426f2305955a0ac8940cba11f430dfb88f6f9ae2d60196a980d831743198f800768cf99b9a58decb0821eddb1fa3423a66aff9258baf37e160c54edc37e243ad6c63256584da6c2d912541d9f0dc229706064cd52e4a6f9cf309780977fac864c7d9d9d525a74ddd7168c11dff4fde63579846341f69328f57119dd950b14fc394446bf48cb37779afd075de88bfe307ab3ba7976804a20ee7209bb42f427e17e7c3db87d59e2bf5fb1458afe3f869561cd483737b0bdd6913c32c27d694197a03278689689af91db4e7156ab39ad0cf62eccf993f8bc53038465df87bf4b46da76117bc15a78bb30c64962d2ad5384bf67d1560cf2898074504d2726718b9f99ac5198a87a7932241bb67344f69b9d3038c896391a862a08464f13f08e147fbfbefd60ea9fe4568f67610a89fc7866f7252351a2a55b0f1b71da98a2371e8e6ed32b2684b5b90a38160cad1f34443c3748d81491991e5a1164bb7d0f51981f015ca43fe2663a902283c946c334fa9f91607373bb3dba8ee2d051c4c392ee6fcf1102", 0x1000, &(0x7f00000016c0), &(0x7f0000001700), &(0x7f0000001740)="b1735d07209f6126594829b45e6fc807249f72684bbe480586d28b47cb7d29fb8efb4a2e5e7b8054ba8d99053411cd45a7bdd0b045fe9edb7c768073d64d5582f7b64a04b65626399f04b583e17e09")
write$cgroup_pid(r1, &(0x7f00000017c0)=r3, 0x12)

[ 2619.754650][T26511] RBP: 00007fdb1f2331d0 R08: 0000000000000000 R09: 0000000000000000
[ 2619.762462][T26511] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000002
[ 2619.770272][T26511] R13: 00007ffddc47e1af R14: 00007fdb1f233300 R15: 0000000000022000
[ 2619.778089][T26511]  </TASK>
10:53:01 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000080)={&(0x7f0000000000)='./file0\x00', 0x0, 0x18}, 0x10) (async)
recvmsg(0xffffffffffffffff, &(0x7f0000001780)={&(0x7f0000000140)=@pppoe={0x18, 0x0, {0x0, @dev}}, 0x80, &(0x7f0000000700)=[{&(0x7f00000001c0)=""/210, 0xd2}, {&(0x7f00000002c0)=""/80, 0x50}, {&(0x7f0000000340)=""/68, 0x44}, {&(0x7f00000000c0)=""/60, 0x3c}, {&(0x7f00000003c0)=""/235, 0xeb}, {&(0x7f00000004c0)=""/182, 0xb6}, {&(0x7f0000000580)=""/97, 0x61}, {&(0x7f0000000600)=""/217, 0xd9}], 0x8, &(0x7f0000000780)=""/4096, 0x1000}, 0x2042)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0)

10:53:01 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x305)

[ 2619.826879][T26552] FAULT_INJECTION: forcing a failure.
[ 2619.826879][T26552] name failslab, interval 1, probability 0, space 0, times 0
[ 2619.842665][T26552] CPU: 1 PID: 26552 Comm: syz-executor.4 Not tainted 5.15.91-syzkaller-02991-g7e0097918ff8 #0
[ 2619.852723][T26552] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 2619.862619][T26552] Call Trace:
[ 2619.865745][T26552]  <TASK>
[ 2619.868521][T26552]  dump_stack_lvl+0x151/0x1b7
10:53:01 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x305)

10:53:01 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x305)

10:53:01 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, 0x0)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x305)

10:53:01 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, 0x0)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x305)

10:53:01 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000500)={&(0x7f0000000080), 0x6e, &(0x7f0000000400)=[{&(0x7f0000000580)=""/248, 0xf8}, {&(0x7f0000000540)=""/28, 0x1c}, {&(0x7f0000000240)=""/217, 0xd9}, {&(0x7f0000000340)=""/46, 0x2e}, {&(0x7f0000000380)=""/82, 0x52}], 0x5, &(0x7f0000000480)=[@cred={{0x1c}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x58}, 0x20)

[ 2619.873033][T26552]  ? io_uring_drop_tctx_refs+0x19a/0x19a
[ 2619.878502][T26552]  dump_stack+0x15/0x17
[ 2619.882494][T26552]  should_fail+0x3c0/0x510
[ 2619.886749][T26552]  __should_failslab+0x9f/0xe0
[ 2619.891350][T26552]  should_failslab+0x9/0x20
[ 2619.895687][T26552]  kmem_cache_alloc+0x4f/0x2f0
[ 2619.900284][T26552]  ? vm_area_dup+0x26/0x220
[ 2619.904627][T26552]  ? __kasan_check_read+0x11/0x20
[ 2619.909525][T26552]  vm_area_dup+0x26/0x220
[ 2619.913654][T26552]  dup_mmap+0x6c8/0xf10
[ 2619.917646][T26552]  ? __delayed_free_task+0x20/0x20
[ 2619.922586][T26552]  ? mm_init+0x807/0x960
[ 2619.926667][T26552]  dup_mm+0x8e/0x2e0
[ 2619.930398][T26552]  copy_mm+0x108/0x1b0
[ 2619.934302][T26552]  copy_process+0x1295/0x3250
[ 2619.938826][T26552]  ? proc_fail_nth_write+0x213/0x290
[ 2619.943941][T26552]  ? proc_fail_nth_read+0x220/0x220
[ 2619.948978][T26552]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2619.953921][T26552]  ? vfs_write+0xa37/0x1160
[ 2619.958265][T26552]  ? numa_migrate_prep+0xe0/0xe0
[ 2619.963039][T26552]  kernel_clone+0x21d/0x9c0
[ 2619.967376][T26552]  ? file_end_write+0x1b0/0x1b0
[ 2619.972068][T26552]  ? __kasan_check_write+0x14/0x20
[ 2619.977013][T26552]  ? create_io_thread+0x1e0/0x1e0
[ 2619.981871][T26552]  ? __mutex_lock_slowpath+0x10/0x10
[ 2619.986993][T26552]  __x64_sys_clone+0x289/0x310
[ 2619.991590][T26552]  ? __do_sys_vfork+0x130/0x130
[ 2619.996280][T26552]  ? debug_smp_processor_id+0x17/0x20
[ 2620.001484][T26552]  do_syscall_64+0x44/0xd0
[ 2620.005738][T26552]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2620.011466][T26552] RIP: 0033:0x7fdb204c00c9
[ 2620.015718][T26552] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2620.035160][T26552] RSP: 002b:00007fdb1f233118 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 2620.043405][T26552] RAX: ffffffffffffffda RBX: 00007fdb205dff80 RCX: 00007fdb204c00c9
[ 2620.051214][T26552] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000007c0ad480
[ 2620.059025][T26552] RBP: 00007fdb1f2331d0 R08: 0000000000000000 R09: 0000000000000000
[ 2620.066841][T26552] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000002
[ 2620.074734][T26552] R13: 00007ffddc47e1af R14: 00007fdb1f233300 R15: 0000000000022000
[ 2620.082549][T26552]  </TASK>
10:53:01 executing program 4:
syz_clone(0x7c0ad580, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 34)

10:53:01 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, 0x0)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x305)

10:53:01 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000500)={&(0x7f0000000080), 0x6e, &(0x7f0000000400)=[{&(0x7f0000000580)=""/248, 0xf8}, {&(0x7f0000000540)=""/28, 0x1c}, {&(0x7f0000000240)=""/217, 0xd9}, {&(0x7f0000000340)=""/46, 0x2e}, {&(0x7f0000000380)=""/82, 0x52}], 0x5, &(0x7f0000000480)=[@cred={{0x1c}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x58}, 0x20)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0) (async)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000500)={&(0x7f0000000080), 0x6e, &(0x7f0000000400)=[{&(0x7f0000000580)=""/248, 0xf8}, {&(0x7f0000000540)=""/28, 0x1c}, {&(0x7f0000000240)=""/217, 0xd9}, {&(0x7f0000000340)=""/46, 0x2e}, {&(0x7f0000000380)=""/82, 0x52}], 0x5, &(0x7f0000000480)=[@cred={{0x1c}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x58}, 0x20) (async)

[ 2620.174405][T26609] FAULT_INJECTION: forcing a failure.
[ 2620.174405][T26609] name failslab, interval 1, probability 0, space 0, times 0
[ 2620.209912][T26609] CPU: 1 PID: 26609 Comm: syz-executor.4 Not tainted 5.15.91-syzkaller-02991-g7e0097918ff8 #0
[ 2620.219982][T26609] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 2620.229872][T26609] Call Trace:
[ 2620.232999][T26609]  <TASK>
[ 2620.235773][T26609]  dump_stack_lvl+0x151/0x1b7
[ 2620.240286][T26609]  ? io_uring_drop_tctx_refs+0x19a/0x19a
[ 2620.245753][T26609]  ? do_syscall_64+0x44/0xd0
[ 2620.250184][T26609]  dump_stack+0x15/0x17
[ 2620.254174][T26609]  should_fail+0x3c0/0x510
[ 2620.258427][T26609]  __should_failslab+0x9f/0xe0
[ 2620.263032][T26609]  should_failslab+0x9/0x20
[ 2620.267366][T26609]  kmem_cache_alloc+0x4f/0x2f0
[ 2620.271967][T26609]  ? anon_vma_clone+0xa1/0x4f0
[ 2620.276568][T26609]  anon_vma_clone+0xa1/0x4f0
[ 2620.281001][T26609]  anon_vma_fork+0x91/0x4f0
[ 2620.285333][T26609]  ? anon_vma_name+0x4c/0x70
[ 2620.289758][T26609]  dup_mmap+0x760/0xf10
[ 2620.293752][T26609]  ? __delayed_free_task+0x20/0x20
[ 2620.298696][T26609]  ? mm_init+0x807/0x960
[ 2620.302777][T26609]  dup_mm+0x8e/0x2e0
[ 2620.306509][T26609]  copy_mm+0x108/0x1b0
[ 2620.310414][T26609]  copy_process+0x1295/0x3250
[ 2620.314929][T26609]  ? proc_fail_nth_write+0x213/0x290
[ 2620.320049][T26609]  ? proc_fail_nth_read+0x220/0x220
[ 2620.325082][T26609]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2620.330030][T26609]  ? vfs_write+0xa37/0x1160
[ 2620.334370][T26609]  ? numa_migrate_prep+0xe0/0xe0
[ 2620.339156][T26609]  kernel_clone+0x21d/0x9c0
[ 2620.343482][T26609]  ? file_end_write+0x1b0/0x1b0
[ 2620.348176][T26609]  ? __kasan_check_write+0x14/0x20
[ 2620.353115][T26609]  ? create_io_thread+0x1e0/0x1e0
[ 2620.358002][T26609]  ? __mutex_lock_slowpath+0x10/0x10
[ 2620.363097][T26609]  __x64_sys_clone+0x289/0x310
[ 2620.367699][T26609]  ? __do_sys_vfork+0x130/0x130
[ 2620.372385][T26609]  ? debug_smp_processor_id+0x17/0x20
[ 2620.377595][T26609]  do_syscall_64+0x44/0xd0
[ 2620.381843][T26609]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2620.387569][T26609] RIP: 0033:0x7fdb204c00c9
[ 2620.391826][T26609] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2620.411265][T26609] RSP: 002b:00007fdb1f233118 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 2620.419509][T26609] RAX: ffffffffffffffda RBX: 00007fdb205dff80 RCX: 00007fdb204c00c9
[ 2620.427324][T26609] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000007c0ad480
[ 2620.435131][T26609] RBP: 00007fdb1f2331d0 R08: 0000000000000000 R09: 0000000000000000
[ 2620.442955][T26609] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000002
[ 2620.450755][T26609] R13: 00007ffddc47e1af R14: 00007fdb1f233300 R15: 0000000000022000
[ 2620.458572][T26609]  </TASK>
10:53:02 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000080), 0xfffffffffffffd2f)
bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000000000)={r1, r1, 0x4, r1}, 0x10)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFINDEX(r2, 0x400454da, &(0x7f00000011c0))
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335)

10:53:02 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'bridge_slave_0\x00', 0x8000})
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000000), 0x8)
openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x4f2303, 0x0)
ioctl$TUNSETLINK(r1, 0x400454cd, 0x206)
bpf$OBJ_GET_PROG(0x7, &(0x7f00000001c0)={&(0x7f0000000140)='./file0\x00', 0x0, 0x18}, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000100)='net_prio.prioidx\x00', 0x0, 0x0)
ioctl$TUNDETACHFILTER(r2, 0x401054d6, 0x0)
ioctl$SIOCSIFHWADDR(r0, 0x8924, &(0x7f0000000040)={'veth1_to_bond\x00', @random="89f13dc51782"})

10:53:02 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x305)

10:53:02 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async, rerun: 32)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0) (rerun: 32)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000500)={&(0x7f0000000080), 0x6e, &(0x7f0000000400)=[{&(0x7f0000000580)=""/248, 0xf8}, {&(0x7f0000000540)=""/28, 0x1c}, {&(0x7f0000000240)=""/217, 0xd9}, {&(0x7f0000000340)=""/46, 0x2e}, {&(0x7f0000000380)=""/82, 0x52}], 0x5, &(0x7f0000000480)=[@cred={{0x1c}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x58}, 0x20)

10:53:02 executing program 4:
syz_clone(0x7c0ad580, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 35)

10:53:02 executing program 3:
openat$cgroup_freezer_state(0xffffffffffffffff, &(0x7f0000000000), 0x2, 0x0) (async)
mkdir(&(0x7f0000000040)='./file0\x00', 0x4)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001600)={<r0=>0xffffffffffffffff})
recvmsg$unix(r0, &(0x7f0000001c40)={&(0x7f0000001640), 0x6e, &(0x7f0000001ac0)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9, &(0x7f0000001b80)}, 0x40)
recvmsg$unix(r0, &(0x7f00000002c0)={&(0x7f0000000100), 0x6e, &(0x7f0000000080)=[{&(0x7f0000000180)=""/167, 0xa7}], 0x1, &(0x7f0000000240)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, <r1=>0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x68}, 0x40)
unlink(&(0x7f00000000c0)='./file0\x00') (async)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
recvmsg(r2, &(0x7f00000015c0)={&(0x7f0000000340)=@generic, 0x80, &(0x7f0000001540)=[{&(0x7f00000003c0)=""/186, 0xba}, {&(0x7f0000000480)=""/86, 0x56}, {&(0x7f0000000500)=""/4096, 0x1000}, {&(0x7f0000001500)=""/17, 0x11}], 0x4, &(0x7f0000001580)=""/30, 0x1e}, 0x10022) (async)
r3 = syz_clone(0x100000, &(0x7f0000001c80)="6b0df212213ab26186e0ea71538d71d008c1fd2c3e603b477cf3d49e02de5c80a4655e9e73909aa71b4fbeab6c6e4d1ab630d05a19785fb98d332d56d5f33ae32cd6cc5799bac7b9fa037c21222e8dee78837461c1417941927c817cd1e5ed14c2302871fae4b4fa33997639ee29b1376c40a6b3efb57f765df39ad3a0d20e934b9a3cab69a75e41cac7c38ff0cdf6c79bffcc2c8bced5d1df363e1abde332a37f1a17fa513eaa6f819ed820ca9e830bb49dc65827f1707afca143b4f12ba50a2486577dc77d6ee7ce93124e94e94a4cd56a753b316e00e6acd2fd5b9c37c2860db8d77271f78eb4fa8e8dae4b85ef81be65234a715a686bd133773f2081840ba7e07e5e51f3dc085f8c66de0223455df8e5df0b2a8d797039cabdf124320aa6ae1fea4a931430c9fcc3c5f8747730b138c96eef237ee54fdb24ea8bbc6d8e45e29b7f6d9e5ee20b92c0df2fe07c87f1ab6dd2eeeb00c332fcd02792f0912bd5059b58f892219dd599cdb00313629aef893adad1c9e7d4c3f7d77e21b2b911385f572ff937cdf11588e2191f7004c3675df790ac950e45d68bb9ce654c886e7e038058a6386a831e22d7c57983ff5f0baa1f8d61b5c8f92f8caac9165fe1185d3ab7da0f1f2975d8a7d6ea7d1848fe62adb7d02eb611cec88dc8fd6c459da17cf063bee6eef71538f2b7d2bc9e7c34f43ffd9c770619e1eba973446594060e948c966c81c11f5d0173ef01da98ddf3d46d0227f105e668096164d7bfe7f96ae037b2643c615d9020b77edc609a0d51a6ff39d6f1db1d39510c19a5f58bae01bcb62977499f0070c3807243ac34e676c340b8f030126c60a5719c73ea3885d4f3ff9e80f4289d624a12e7427b206162339603c79658ce681ac86e6bb2e16fe33f54e8d94e62648eef13b583ea8f00d4c8682fb2497196877f49b539ef13abe7ef3e294e29675cc840da07daf193d977e60177e119e7b1ac159ba353975e7114223cd39087456ac32dc803e4b83f1018849ee16ac9c59ea0d3cb42aa8b4f27dc49fcea6339d51552988f5158ee393b643d7bbc904ab5c4c8f56f30d1909fd020b30e57f7eeb5b088638982930e041711c33252ee947231995aa3b7a3f2053de8175bc580ee6f73cd369d73b26ba931453f4baded96aa62443df3b5d978975c935f5fd7ac47e869d134e099c7f17b7a2fbf22da73e9a3076c41f6f8b1642eb9f21da3be174124ef75c032d77a760d7ee2ccd8dfa9ab81a20e9c15cfd867ad2a081053814d5bab899765dd8e67e02912211b08c2d8fdcc48b46a14fd4040581d45b664e79c50a754a2193f29e5196b9a9c935c11183a2a2b8ec511019acb82bfaf7c825970743a848745e34ba666f9f9609e5c17a45a6e192eba0547249672514877dbcedaa197b6b428b6e5621a8f128f39408d96f8481becde525db6a476a7b967bdd463c8b439e2eacc34a9548fffdccad39bb8acb7afdf150e5398f3f01c754c7a0d620ebde80a40318d34bc3b03a096cf2bf437003d3b5bff9adff7084bae36a20994dc8ec09b36f4c67177f5cb50d25cfc4eb261c9557ba724ff5bf78a0fbc568f5c34080109e030f8d24942218e5f20cbb01c288cf9d6240997616f785e1a7f3d1b0b0812c3c61af1307274ffd1074a29722979e5dba37f8383f28e2acfd745800c77fe3d0b34dc58aa7527cee1866f5418afbc08f913b6b3131d9f3f8d9c31dd0541d78d75a1ac547cbb2de4f346804af0c842a39e4fb34ffd88d6dd38b487366606bffc09416f8932b497461ab1a78d184c381e35fddeefd475c57702cd638eb6fd55105cc6e62d4f4a7ded8ebbdf9fed4a7a604f7d8e20cc07c5a321199e6422fd177adda819f20bd70409a0132de5d627ac5ebbd683db1884e3184c9d803265ca4c53d6caad578819336d882af2335449a056b60a66c6561148157f5f2953eb0362e92ddefd3b320472094d410f4523cf66a25cac97d4ebd7872a38ea25a1ba1f90f6c39649d6744093b5b7a9c76dd3c66e4d4fb77cf46ac7ce085e31def6715a934b19bb3d4774fe6dbeeaf1b2b86ab07e6a7f022c8dbdd82f19ec854586953d9f32c92bea3129219b810c667bdb8887e3e6298a7185bb2ae635f547c7cda69c52d9097bde1a2f279bf7f941775f33334e73661e3fb0c98ad2ddfc7e9944debfa0da387527c3093f10620a5ede7bc8e128e4d66ec880f9d10a2c6911154f1328cf01a632c93486c60026427e3142bf91174534e2f03e897d294d817ce208876ede618671bbe5f6a89772528c2a172bade53831292864fcfec1edd546fe55fb08828241823f101ae51125e052fae100a2b242ff3b31962f2320e855c84f7253e1b770e38d3acb9026db28c1071519d8ba5dcb52c33029ce7d8b42eb5ab35b4961860983447ded6b5f921fdaba2d2ca8d224e8c6c1e03da36c887d7b40810eed73b2884ab0faffd7fff9bd790c50f5a3bdca9908ed3581939999fa9c8ba397e69199a7ac437ca1f82f29b83d3f7039f71f812d7d88fe610dbe526acf3ec284d731705aa74377e925f159b3636cd2b2f39ac899edef283ae1a87f9eff3c3ce3bca06e9e8583c2443c26b6fe72ea5b061855cc6e515982c6bd5da339dbc9b597497e8e2186a46b22f220c343fe280afa54bf8d145f65618f5bbc1f993fb51be11580bd42ff175678af79eb50a8b5e5eca07668d100cfa20b18e089323f7eb61ddf171c8fea192d3c6d332cc1fb83ad259a003f73466669534f733e27c5423a7be3240e3496ff1bb94301eb146cde8d07a5e9b83c13ea0ad3ffb474117e040e18300bbc51c7c4fc12421675d6bf8a85a5de53150e34e284e5d65f2a31a79fad0a1533b48d2f52c4a9c2274e50a463f8765d54dee95e2838e668c73788e91c35e1948a6a9ae9bbcf73607a7d3c5c82f72c35569cef5cd4d034c1550a4539a8f267ef93cc91c5d820525b7c2a8b047b17c46aa0869729f6087d6f225cab453ab701a26a2fd5ea2f74b2ed58549c7a5229e8ca98f1f440c55435adc4fec0c1986ce8baf49ac58a86296acf6b1e2af81d31e4c33e6494b1c798504ab9a65561be04f81470780e04c90429d11906cbb171c075aef75c5172da57b6ba9780ad3ede8c34947861c6e5024c60fbe7e591b4ef596528c95d3f5dbf6317b705eec05a6b348910276cfabf53fa25b910da546479e60ebbe34dbc8cf85a2c3662fecb9f0efcd98696c4f89c6ead150cb287eb39bdb986c572ff0651607c93274e693aab58bf41d8e45e612edb16a346fbe612421749ddb4b873315bc9f873dfe9f8f87ddd91e4a0e7dee7a057d3a833ba1284528a9e9625b92cd57ffa59b3ebf476c616a712fe55044833dba59801ac98da9aebb573ae212498ac5ee991827040c224db3dd7001a3bf29938b7af7a260678622c934a6083838e87b4b2c00a124e091e663401ee8431dcea17730cd57700b7193fbcc41d4ee1dfca688690c2877452e19566080af33c19e3f5defd49d77dda7fd648d9e0f4218dc12c4691a71c1b802547d0d16ee5e60c5c57b4371291a35597754057d40079f96dca625e1306424319d31a96c626d77338d5ba35c85f6324fa4f4c3397d9c6090b5f06c1fd894bda4c2d73389dabd3a695056d1abf951262d6183860642b9120724c38ae1558bb0d6516502f79e970093af658dc3a8955c0b78203826f38b6f612c9243daa075decba240094b3c9da475c2744a41cda39451b2a0f1e705333eea65c138c00c8e420c4b6209708398bbe82672e5cf2fded7d1fa6d26a0c57b72b4f6d09eb70cf314bb10a1ffb3af450155460d5041c873cd90d997ef86c8f0bc905e11ff07bf7d3acfc53f7be67877db7c9f9dd387e1adb11cd34be4fd3a3e53159a94a13aa0dd53e9c18433193d58ee6174755b160133b45784378b494ad4a7abd24f00481cc38f9b6567a386c457888fe37cf8c2f2c0d0ef58a939045be8329e5132c70ef60e01062d8db81c70f3b8cef0dab67bde46edc8e3c87d86067081304556985d1c584d3bd424cc2708c978be0c5475e6726321071defd5feb5c362d96325185129d87215fc57fdd0905fcaf9281773a495c8f482578dd865a25c8e098bda3d7cc6a4473f073e951f754b1951c8272b7d2fcaff663dbfffe4cc0acbd1a4b60a13cdbf5e6fbfd37b60af3359ecba741b11e2ae2b69e3ba8b521f32125944fba88ef10fe03f0b5ab7d4e70d73fa5ab79209d14d26d97b2c7a6df8b202915b38b5fa9bedd00ec0b0cbf6a0e967f6a1058c43ab186376a2f62a4b41764169bca0860c3af1c59acac446739c68934913130c57b82835139731b97864e2443f084c79113a47feea35c939e8482d7661ec31075486d3a60e7abb1bb76e99dfcb9359f5383d86494235f0ef5be4773656bb88c7c16751a1c49fd9921c2e986055642235a64aa6a4ce38c75c385c3d06f02506819e476c18170abf916b6cf0e080e994274c39436db7699b17a312dcc5ee605d7636ddecd1a8c29d34e7c887524e1543088108d09140db40b79e7bdcae7b473289a2b929bac69fe7fa6eec1e94868f0e4ebb97b179dda9ed05b7ffb3a7d4dd9f4d6632956192d00d31bd0825e7d9bb9377ae982359624b849cfe06b4aa29144107d5c973bfca6be751816213ae5ed73fbc9946bfc37428a2b9d99052cb97670cf24e700892af22ba5b0f6458f8f15b122abbd4f2e80a53131831f0405ed3ccebd45abefb54d2362ab67416ab4301068d7bb831dabd6782bdc459104cfb5440ee60066bf1eddd79c13a2a308c131895bbc0e484f6fd072c33606663b71843c25cf538671b95fd7771dbb8108ecb5822ec15879c586245a4b2dc126f15cfe16b900ff593271c518fd7111e13a41d0b34f8aa928f1b28a5dd8eb43da141455e928b398af429d7bf20b13f6d51eea601a05f83b38b2b3fa71e8db89abeb707cc9df2a2e4748c43d15b7252a8148dcd33af0b0c040a89d468c1651ca6f82187aff0e7009769878987124b695908d2964edf1e64c58517d36f9dd75800c4bc0058d2e2419f376229b73eb404c90ba2ac10930f9bf35e5037adf9ea8f321cd84353a8fd2bfbf90bdc6326dd8110e402e1ba1c82d670489efa25830211676d7e91e40692d116c09551606dbcf915cf61b6b7f4c6eaab08319ca891c034d682c3d5262ba213890cba1a9448e5bbd558a7e620803b6e2f706605dbb6a15a13d596f0b7992a409c5b4266ed00c07a3aac4ee1534b60c84d8bec6942426f2305955a0ac8940cba11f430dfb88f6f9ae2d60196a980d831743198f800768cf99b9a58decb0821eddb1fa3423a66aff9258baf37e160c54edc37e243ad6c63256584da6c2d912541d9f0dc229706064cd52e4a6f9cf309780977fac864c7d9d9d525a74ddd7168c11dff4fde63579846341f69328f57119dd950b14fc394446bf48cb37779afd075de88bfe307ab3ba7976804a20ee7209bb42f427e17e7c3db87d59e2bf5fb1458afe3f869561cd483737b0bdd6913c32c27d694197a03278689689af91db4e7156ab39ad0cf62eccf993f8bc53038465df87bf4b46da76117bc15a78bb30c64962d2ad5384bf67d1560cf2898074504d2726718b9f99ac5198a87a7932241bb67344f69b9d3038c896391a862a08464f13f08e147fbfbefd60ea9fe4568f67610a89fc7866f7252351a2a55b0f1b71da98a2371e8e6ed32b2684b5b90a38160cad1f34443c3748d81491991e5a1164bb7d0f51981f015ca43fe2663a902283c946c334fa9f91607373bb3dba8ee2d051c4c392ee6fcf1102", 0x1000, &(0x7f00000016c0), &(0x7f0000001700), &(0x7f0000001740)="b1735d07209f6126594829b45e6fc807249f72684bbe480586d28b47cb7d29fb8efb4a2e5e7b8054ba8d99053411cd45a7bdd0b045fe9edb7c768073d64d5582f7b64a04b65626399f04b583e17e09")
write$cgroup_pid(r1, &(0x7f00000017c0)=r3, 0x12)

10:53:02 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000080)=""/94, 0x5e}, {&(0x7f0000000000)=""/36, 0x24}], 0x2, &(0x7f0000000180)=[@rights={{0x10}}, @cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0xb0}, 0x4101)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0)

10:53:02 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'bridge_slave_0\x00', 0x8000}) (async, rerun: 64)
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000000), 0x8) (rerun: 64)
openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x4f2303, 0x0) (async)
ioctl$TUNSETLINK(r1, 0x400454cd, 0x206) (async)
bpf$OBJ_GET_PROG(0x7, &(0x7f00000001c0)={&(0x7f0000000140)='./file0\x00', 0x0, 0x18}, 0x10) (async)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000100)='net_prio.prioidx\x00', 0x0, 0x0)
ioctl$TUNDETACHFILTER(r2, 0x401054d6, 0x0) (async, rerun: 64)
ioctl$SIOCSIFHWADDR(r0, 0x8924, &(0x7f0000000040)={'veth1_to_bond\x00', @random="89f13dc51782"}) (rerun: 64)

10:53:02 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x305)

10:53:02 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'bridge_slave_0\x00', 0x8000})
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000000), 0x8)
openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x4f2303, 0x0)
ioctl$TUNSETLINK(r1, 0x400454cd, 0x206)
bpf$OBJ_GET_PROG(0x7, &(0x7f00000001c0)={&(0x7f0000000140)='./file0\x00', 0x0, 0x18}, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000100)='net_prio.prioidx\x00', 0x0, 0x0)
ioctl$TUNDETACHFILTER(r2, 0x401054d6, 0x0)
ioctl$SIOCSIFHWADDR(r0, 0x8924, &(0x7f0000000040)={'veth1_to_bond\x00', @random="89f13dc51782"})
openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) (async)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'bridge_slave_0\x00', 0x8000}) (async)
bpf$ITER_CREATE(0x21, &(0x7f0000000000), 0x8) (async)
openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x4f2303, 0x0) (async)
ioctl$TUNSETLINK(r1, 0x400454cd, 0x206) (async)
bpf$OBJ_GET_PROG(0x7, &(0x7f00000001c0)={&(0x7f0000000140)='./file0\x00', 0x0, 0x18}, 0x10) (async)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000100)='net_prio.prioidx\x00', 0x0, 0x0) (async)
ioctl$TUNDETACHFILTER(r2, 0x401054d6, 0x0) (async)
ioctl$SIOCSIFHWADDR(r0, 0x8924, &(0x7f0000000040)={'veth1_to_bond\x00', @random="89f13dc51782"}) (async)

10:53:02 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x305)

10:53:02 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000080)=""/94, 0x5e}, {&(0x7f0000000000)=""/36, 0x24}], 0x2, &(0x7f0000000180)=[@rights={{0x10}}, @cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0xb0}, 0x4101) (async)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0)

[ 2620.808187][T26636] FAULT_INJECTION: forcing a failure.
[ 2620.808187][T26636] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2620.843422][T26636] CPU: 1 PID: 26636 Comm: syz-executor.4 Not tainted 5.15.91-syzkaller-02991-g7e0097918ff8 #0
[ 2620.853486][T26636] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 2620.863381][T26636] Call Trace:
[ 2620.866507][T26636]  <TASK>
[ 2620.869285][T26636]  dump_stack_lvl+0x151/0x1b7
[ 2620.873799][T26636]  ? io_uring_drop_tctx_refs+0x19a/0x19a
[ 2620.879265][T26636]  ? stack_trace_save+0x12d/0x1f0
[ 2620.884125][T26636]  dump_stack+0x15/0x17
[ 2620.888118][T26636]  should_fail+0x3c0/0x510
[ 2620.892372][T26636]  should_fail_alloc_page+0x58/0x70
[ 2620.897405][T26636]  __alloc_pages+0x1de/0x7c0
[ 2620.901831][T26636]  ? save_stack+0x119/0x1e0
[ 2620.906170][T26636]  ? __count_vm_events+0x30/0x30
[ 2620.910943][T26636]  ? kvm_sched_clock_read+0x18/0x40
[ 2620.915977][T26636]  ? sched_clock+0x9/0x10
[ 2620.920144][T26636]  ? sched_clock_cpu+0x18/0x3b0
[ 2620.924830][T26636]  pte_alloc_one+0x73/0x1b0
[ 2620.929169][T26636]  ? pfn_modify_allowed+0x2e0/0x2e0
[ 2620.934201][T26636]  ? __set_page_owner+0x2ce/0x2f0
[ 2620.939067][T26636]  __pte_alloc+0x86/0x350
[ 2620.943229][T26636]  ? free_pgtables+0x210/0x210
[ 2620.947829][T26636]  copy_pte_range+0x11be/0x1780
[ 2620.952518][T26636]  ? __kasan_check_write+0x14/0x20
[ 2620.957464][T26636]  ? _raw_spin_lock+0xa3/0x1b0
[ 2620.962060][T26636]  ? _raw_spin_trylock_bh+0x1d0/0x1d0
[ 2620.967275][T26636]  ? kmem_cache_alloc+0x189/0x2f0
[ 2620.972133][T26636]  ? __kunmap_atomic+0x80/0x80
[ 2620.976733][T26636]  ? __pud_alloc+0x260/0x260
[ 2620.981157][T26636]  ? __pud_alloc+0x218/0x260
[ 2620.985583][T26636]  ? do_handle_mm_fault+0x2410/0x2410
[ 2620.990795][T26636]  copy_page_range+0xc1e/0x1090
[ 2620.995483][T26636]  ? pfn_valid+0x1e0/0x1e0
[ 2620.999733][T26636]  dup_mmap+0x9af/0xf10
[ 2621.003730][T26636]  ? __delayed_free_task+0x20/0x20
[ 2621.008672][T26636]  ? mm_init+0x807/0x960
[ 2621.012753][T26636]  dup_mm+0x8e/0x2e0
[ 2621.016484][T26636]  copy_mm+0x108/0x1b0
[ 2621.020389][T26636]  copy_process+0x1295/0x3250
[ 2621.024900][T26636]  ? proc_fail_nth_write+0x213/0x290
[ 2621.030022][T26636]  ? proc_fail_nth_read+0x220/0x220
[ 2621.035056][T26636]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2621.040008][T26636]  ? vfs_write+0xa37/0x1160
[ 2621.044343][T26636]  ? numa_migrate_prep+0xe0/0xe0
[ 2621.049118][T26636]  kernel_clone+0x21d/0x9c0
[ 2621.053453][T26636]  ? file_end_write+0x1b0/0x1b0
[ 2621.058144][T26636]  ? __kasan_check_write+0x14/0x20
[ 2621.063091][T26636]  ? create_io_thread+0x1e0/0x1e0
[ 2621.067954][T26636]  ? __mutex_lock_slowpath+0x10/0x10
[ 2621.073069][T26636]  __x64_sys_clone+0x289/0x310
[ 2621.077671][T26636]  ? __do_sys_vfork+0x130/0x130
[ 2621.082358][T26636]  ? debug_smp_processor_id+0x17/0x20
[ 2621.087568][T26636]  do_syscall_64+0x44/0xd0
[ 2621.091815][T26636]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2621.097544][T26636] RIP: 0033:0x7fdb204c00c9
[ 2621.101798][T26636] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2621.121256][T26636] RSP: 002b:00007fdb1f233118 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 2621.129484][T26636] RAX: ffffffffffffffda RBX: 00007fdb205dff80 RCX: 00007fdb204c00c9
[ 2621.137290][T26636] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000007c0ad480
[ 2621.145102][T26636] RBP: 00007fdb1f2331d0 R08: 0000000000000000 R09: 0000000000000000
10:53:02 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000080), 0xfffffffffffffd2f)
bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000000000)={r1, r1, 0x4, r1}, 0x10)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFINDEX(r2, 0x400454da, &(0x7f00000011c0))
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335)

10:53:02 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x305)

10:53:02 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000080)=""/94, 0x5e}, {&(0x7f0000000000)=""/36, 0x24}], 0x2, &(0x7f0000000180)=[@rights={{0x10}}, @cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0xb0}, 0x4101) (async)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0)

10:53:02 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x300)

[ 2621.152916][T26636] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000002
[ 2621.160724][T26636] R13: 00007ffddc47e1af R14: 00007fdb1f233300 R15: 0000000000022000
[ 2621.168539][T26636]  </TASK>
10:53:02 executing program 4:
syz_clone(0x7c0ad580, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 36)

[ 2621.438363][T26677] FAULT_INJECTION: forcing a failure.
[ 2621.438363][T26677] name failslab, interval 1, probability 0, space 0, times 0
[ 2621.472707][T26677] CPU: 0 PID: 26677 Comm: syz-executor.4 Not tainted 5.15.91-syzkaller-02991-g7e0097918ff8 #0
[ 2621.482767][T26677] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 2621.492668][T26677] Call Trace:
[ 2621.495789][T26677]  <TASK>
[ 2621.498566][T26677]  dump_stack_lvl+0x151/0x1b7
[ 2621.503079][T26677]  ? io_uring_drop_tctx_refs+0x19a/0x19a
[ 2621.508549][T26677]  dump_stack+0x15/0x17
[ 2621.512546][T26677]  should_fail+0x3c0/0x510
[ 2621.516795][T26677]  __should_failslab+0x9f/0xe0
[ 2621.521392][T26677]  should_failslab+0x9/0x20
[ 2621.525731][T26677]  kmem_cache_alloc+0x4f/0x2f0
[ 2621.530329][T26677]  ? vm_area_dup+0x26/0x220
[ 2621.534672][T26677]  vm_area_dup+0x26/0x220
[ 2621.538834][T26677]  dup_mmap+0x6c8/0xf10
[ 2621.542834][T26677]  ? __delayed_free_task+0x20/0x20
[ 2621.547778][T26677]  ? mm_init+0x807/0x960
[ 2621.551857][T26677]  dup_mm+0x8e/0x2e0
[ 2621.555588][T26677]  copy_mm+0x108/0x1b0
[ 2621.559494][T26677]  copy_process+0x1295/0x3250
[ 2621.564008][T26677]  ? proc_fail_nth_write+0x213/0x290
[ 2621.569127][T26677]  ? proc_fail_nth_read+0x220/0x220
[ 2621.574160][T26677]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2621.579109][T26677]  ? vfs_write+0xa37/0x1160
[ 2621.583450][T26677]  ? numa_migrate_prep+0xe0/0xe0
[ 2621.588219][T26677]  kernel_clone+0x21d/0x9c0
[ 2621.592558][T26677]  ? file_end_write+0x1b0/0x1b0
[ 2621.597247][T26677]  ? __kasan_check_write+0x14/0x20
[ 2621.602197][T26677]  ? create_io_thread+0x1e0/0x1e0
[ 2621.607065][T26677]  ? __mutex_lock_slowpath+0x10/0x10
[ 2621.612174][T26677]  __x64_sys_clone+0x289/0x310
[ 2621.616775][T26677]  ? __do_sys_vfork+0x130/0x130
[ 2621.621463][T26677]  ? debug_smp_processor_id+0x17/0x20
[ 2621.626711][T26677]  do_syscall_64+0x44/0xd0
[ 2621.630925][T26677]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2621.636649][T26677] RIP: 0033:0x7fdb204c00c9
[ 2621.640903][T26677] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2621.660342][T26677] RSP: 002b:00007fdb1f233118 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 2621.668590][T26677] RAX: ffffffffffffffda RBX: 00007fdb205dff80 RCX: 00007fdb204c00c9
[ 2621.676400][T26677] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000007c0ad480
10:53:03 executing program 3:
openat$cgroup_freezer_state(0xffffffffffffffff, &(0x7f0000000000), 0x2, 0x0) (async)
mkdir(&(0x7f0000000040)='./file0\x00', 0x4) (async)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001600)={<r0=>0xffffffffffffffff})
recvmsg$unix(r0, &(0x7f0000001c40)={&(0x7f0000001640), 0x6e, &(0x7f0000001ac0)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9, &(0x7f0000001b80)}, 0x40)
recvmsg$unix(r0, &(0x7f00000002c0)={&(0x7f0000000100), 0x6e, &(0x7f0000000080)=[{&(0x7f0000000180)=""/167, 0xa7}], 0x1, &(0x7f0000000240)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, <r1=>0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x68}, 0x40) (async)
unlink(&(0x7f00000000c0)='./file0\x00') (async)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
recvmsg(r2, &(0x7f00000015c0)={&(0x7f0000000340)=@generic, 0x80, &(0x7f0000001540)=[{&(0x7f00000003c0)=""/186, 0xba}, {&(0x7f0000000480)=""/86, 0x56}, {&(0x7f0000000500)=""/4096, 0x1000}, {&(0x7f0000001500)=""/17, 0x11}], 0x4, &(0x7f0000001580)=""/30, 0x1e}, 0x10022)
r3 = syz_clone(0x100000, &(0x7f0000001c80)="6b0df212213ab26186e0ea71538d71d008c1fd2c3e603b477cf3d49e02de5c80a4655e9e73909aa71b4fbeab6c6e4d1ab630d05a19785fb98d332d56d5f33ae32cd6cc5799bac7b9fa037c21222e8dee78837461c1417941927c817cd1e5ed14c2302871fae4b4fa33997639ee29b1376c40a6b3efb57f765df39ad3a0d20e934b9a3cab69a75e41cac7c38ff0cdf6c79bffcc2c8bced5d1df363e1abde332a37f1a17fa513eaa6f819ed820ca9e830bb49dc65827f1707afca143b4f12ba50a2486577dc77d6ee7ce93124e94e94a4cd56a753b316e00e6acd2fd5b9c37c2860db8d77271f78eb4fa8e8dae4b85ef81be65234a715a686bd133773f2081840ba7e07e5e51f3dc085f8c66de0223455df8e5df0b2a8d797039cabdf124320aa6ae1fea4a931430c9fcc3c5f8747730b138c96eef237ee54fdb24ea8bbc6d8e45e29b7f6d9e5ee20b92c0df2fe07c87f1ab6dd2eeeb00c332fcd02792f0912bd5059b58f892219dd599cdb00313629aef893adad1c9e7d4c3f7d77e21b2b911385f572ff937cdf11588e2191f7004c3675df790ac950e45d68bb9ce654c886e7e038058a6386a831e22d7c57983ff5f0baa1f8d61b5c8f92f8caac9165fe1185d3ab7da0f1f2975d8a7d6ea7d1848fe62adb7d02eb611cec88dc8fd6c459da17cf063bee6eef71538f2b7d2bc9e7c34f43ffd9c770619e1eba973446594060e948c966c81c11f5d0173ef01da98ddf3d46d0227f105e668096164d7bfe7f96ae037b2643c615d9020b77edc609a0d51a6ff39d6f1db1d39510c19a5f58bae01bcb62977499f0070c3807243ac34e676c340b8f030126c60a5719c73ea3885d4f3ff9e80f4289d624a12e7427b206162339603c79658ce681ac86e6bb2e16fe33f54e8d94e62648eef13b583ea8f00d4c8682fb2497196877f49b539ef13abe7ef3e294e29675cc840da07daf193d977e60177e119e7b1ac159ba353975e7114223cd39087456ac32dc803e4b83f1018849ee16ac9c59ea0d3cb42aa8b4f27dc49fcea6339d51552988f5158ee393b643d7bbc904ab5c4c8f56f30d1909fd020b30e57f7eeb5b088638982930e041711c33252ee947231995aa3b7a3f2053de8175bc580ee6f73cd369d73b26ba931453f4baded96aa62443df3b5d978975c935f5fd7ac47e869d134e099c7f17b7a2fbf22da73e9a3076c41f6f8b1642eb9f21da3be174124ef75c032d77a760d7ee2ccd8dfa9ab81a20e9c15cfd867ad2a081053814d5bab899765dd8e67e02912211b08c2d8fdcc48b46a14fd4040581d45b664e79c50a754a2193f29e5196b9a9c935c11183a2a2b8ec511019acb82bfaf7c825970743a848745e34ba666f9f9609e5c17a45a6e192eba0547249672514877dbcedaa197b6b428b6e5621a8f128f39408d96f8481becde525db6a476a7b967bdd463c8b439e2eacc34a9548fffdccad39bb8acb7afdf150e5398f3f01c754c7a0d620ebde80a40318d34bc3b03a096cf2bf437003d3b5bff9adff7084bae36a20994dc8ec09b36f4c67177f5cb50d25cfc4eb261c9557ba724ff5bf78a0fbc568f5c34080109e030f8d24942218e5f20cbb01c288cf9d6240997616f785e1a7f3d1b0b0812c3c61af1307274ffd1074a29722979e5dba37f8383f28e2acfd745800c77fe3d0b34dc58aa7527cee1866f5418afbc08f913b6b3131d9f3f8d9c31dd0541d78d75a1ac547cbb2de4f346804af0c842a39e4fb34ffd88d6dd38b487366606bffc09416f8932b497461ab1a78d184c381e35fddeefd475c57702cd638eb6fd55105cc6e62d4f4a7ded8ebbdf9fed4a7a604f7d8e20cc07c5a321199e6422fd177adda819f20bd70409a0132de5d627ac5ebbd683db1884e3184c9d803265ca4c53d6caad578819336d882af2335449a056b60a66c6561148157f5f2953eb0362e92ddefd3b320472094d410f4523cf66a25cac97d4ebd7872a38ea25a1ba1f90f6c39649d6744093b5b7a9c76dd3c66e4d4fb77cf46ac7ce085e31def6715a934b19bb3d4774fe6dbeeaf1b2b86ab07e6a7f022c8dbdd82f19ec854586953d9f32c92bea3129219b810c667bdb8887e3e6298a7185bb2ae635f547c7cda69c52d9097bde1a2f279bf7f941775f33334e73661e3fb0c98ad2ddfc7e9944debfa0da387527c3093f10620a5ede7bc8e128e4d66ec880f9d10a2c6911154f1328cf01a632c93486c60026427e3142bf91174534e2f03e897d294d817ce208876ede618671bbe5f6a89772528c2a172bade53831292864fcfec1edd546fe55fb08828241823f101ae51125e052fae100a2b242ff3b31962f2320e855c84f7253e1b770e38d3acb9026db28c1071519d8ba5dcb52c33029ce7d8b42eb5ab35b4961860983447ded6b5f921fdaba2d2ca8d224e8c6c1e03da36c887d7b40810eed73b2884ab0faffd7fff9bd790c50f5a3bdca9908ed3581939999fa9c8ba397e69199a7ac437ca1f82f29b83d3f7039f71f812d7d88fe610dbe526acf3ec284d731705aa74377e925f159b3636cd2b2f39ac899edef283ae1a87f9eff3c3ce3bca06e9e8583c2443c26b6fe72ea5b061855cc6e515982c6bd5da339dbc9b597497e8e2186a46b22f220c343fe280afa54bf8d145f65618f5bbc1f993fb51be11580bd42ff175678af79eb50a8b5e5eca07668d100cfa20b18e089323f7eb61ddf171c8fea192d3c6d332cc1fb83ad259a003f73466669534f733e27c5423a7be3240e3496ff1bb94301eb146cde8d07a5e9b83c13ea0ad3ffb474117e040e18300bbc51c7c4fc12421675d6bf8a85a5de53150e34e284e5d65f2a31a79fad0a1533b48d2f52c4a9c2274e50a463f8765d54dee95e2838e668c73788e91c35e1948a6a9ae9bbcf73607a7d3c5c82f72c35569cef5cd4d034c1550a4539a8f267ef93cc91c5d820525b7c2a8b047b17c46aa0869729f6087d6f225cab453ab701a26a2fd5ea2f74b2ed58549c7a5229e8ca98f1f440c55435adc4fec0c1986ce8baf49ac58a86296acf6b1e2af81d31e4c33e6494b1c798504ab9a65561be04f81470780e04c90429d11906cbb171c075aef75c5172da57b6ba9780ad3ede8c34947861c6e5024c60fbe7e591b4ef596528c95d3f5dbf6317b705eec05a6b348910276cfabf53fa25b910da546479e60ebbe34dbc8cf85a2c3662fecb9f0efcd98696c4f89c6ead150cb287eb39bdb986c572ff0651607c93274e693aab58bf41d8e45e612edb16a346fbe612421749ddb4b873315bc9f873dfe9f8f87ddd91e4a0e7dee7a057d3a833ba1284528a9e9625b92cd57ffa59b3ebf476c616a712fe55044833dba59801ac98da9aebb573ae212498ac5ee991827040c224db3dd7001a3bf29938b7af7a260678622c934a6083838e87b4b2c00a124e091e663401ee8431dcea17730cd57700b7193fbcc41d4ee1dfca688690c2877452e19566080af33c19e3f5defd49d77dda7fd648d9e0f4218dc12c4691a71c1b802547d0d16ee5e60c5c57b4371291a35597754057d40079f96dca625e1306424319d31a96c626d77338d5ba35c85f6324fa4f4c3397d9c6090b5f06c1fd894bda4c2d73389dabd3a695056d1abf951262d6183860642b9120724c38ae1558bb0d6516502f79e970093af658dc3a8955c0b78203826f38b6f612c9243daa075decba240094b3c9da475c2744a41cda39451b2a0f1e705333eea65c138c00c8e420c4b6209708398bbe82672e5cf2fded7d1fa6d26a0c57b72b4f6d09eb70cf314bb10a1ffb3af450155460d5041c873cd90d997ef86c8f0bc905e11ff07bf7d3acfc53f7be67877db7c9f9dd387e1adb11cd34be4fd3a3e53159a94a13aa0dd53e9c18433193d58ee6174755b160133b45784378b494ad4a7abd24f00481cc38f9b6567a386c457888fe37cf8c2f2c0d0ef58a939045be8329e5132c70ef60e01062d8db81c70f3b8cef0dab67bde46edc8e3c87d86067081304556985d1c584d3bd424cc2708c978be0c5475e6726321071defd5feb5c362d96325185129d87215fc57fdd0905fcaf9281773a495c8f482578dd865a25c8e098bda3d7cc6a4473f073e951f754b1951c8272b7d2fcaff663dbfffe4cc0acbd1a4b60a13cdbf5e6fbfd37b60af3359ecba741b11e2ae2b69e3ba8b521f32125944fba88ef10fe03f0b5ab7d4e70d73fa5ab79209d14d26d97b2c7a6df8b202915b38b5fa9bedd00ec0b0cbf6a0e967f6a1058c43ab186376a2f62a4b41764169bca0860c3af1c59acac446739c68934913130c57b82835139731b97864e2443f084c79113a47feea35c939e8482d7661ec31075486d3a60e7abb1bb76e99dfcb9359f5383d86494235f0ef5be4773656bb88c7c16751a1c49fd9921c2e986055642235a64aa6a4ce38c75c385c3d06f02506819e476c18170abf916b6cf0e080e994274c39436db7699b17a312dcc5ee605d7636ddecd1a8c29d34e7c887524e1543088108d09140db40b79e7bdcae7b473289a2b929bac69fe7fa6eec1e94868f0e4ebb97b179dda9ed05b7ffb3a7d4dd9f4d6632956192d00d31bd0825e7d9bb9377ae982359624b849cfe06b4aa29144107d5c973bfca6be751816213ae5ed73fbc9946bfc37428a2b9d99052cb97670cf24e700892af22ba5b0f6458f8f15b122abbd4f2e80a53131831f0405ed3ccebd45abefb54d2362ab67416ab4301068d7bb831dabd6782bdc459104cfb5440ee60066bf1eddd79c13a2a308c131895bbc0e484f6fd072c33606663b71843c25cf538671b95fd7771dbb8108ecb5822ec15879c586245a4b2dc126f15cfe16b900ff593271c518fd7111e13a41d0b34f8aa928f1b28a5dd8eb43da141455e928b398af429d7bf20b13f6d51eea601a05f83b38b2b3fa71e8db89abeb707cc9df2a2e4748c43d15b7252a8148dcd33af0b0c040a89d468c1651ca6f82187aff0e7009769878987124b695908d2964edf1e64c58517d36f9dd75800c4bc0058d2e2419f376229b73eb404c90ba2ac10930f9bf35e5037adf9ea8f321cd84353a8fd2bfbf90bdc6326dd8110e402e1ba1c82d670489efa25830211676d7e91e40692d116c09551606dbcf915cf61b6b7f4c6eaab08319ca891c034d682c3d5262ba213890cba1a9448e5bbd558a7e620803b6e2f706605dbb6a15a13d596f0b7992a409c5b4266ed00c07a3aac4ee1534b60c84d8bec6942426f2305955a0ac8940cba11f430dfb88f6f9ae2d60196a980d831743198f800768cf99b9a58decb0821eddb1fa3423a66aff9258baf37e160c54edc37e243ad6c63256584da6c2d912541d9f0dc229706064cd52e4a6f9cf309780977fac864c7d9d9d525a74ddd7168c11dff4fde63579846341f69328f57119dd950b14fc394446bf48cb37779afd075de88bfe307ab3ba7976804a20ee7209bb42f427e17e7c3db87d59e2bf5fb1458afe3f869561cd483737b0bdd6913c32c27d694197a03278689689af91db4e7156ab39ad0cf62eccf993f8bc53038465df87bf4b46da76117bc15a78bb30c64962d2ad5384bf67d1560cf2898074504d2726718b9f99ac5198a87a7932241bb67344f69b9d3038c896391a862a08464f13f08e147fbfbefd60ea9fe4568f67610a89fc7866f7252351a2a55b0f1b71da98a2371e8e6ed32b2684b5b90a38160cad1f34443c3748d81491991e5a1164bb7d0f51981f015ca43fe2663a902283c946c334fa9f91607373bb3dba8ee2d051c4c392ee6fcf1102", 0x1000, &(0x7f00000016c0), &(0x7f0000001700), &(0x7f0000001740)="b1735d07209f6126594829b45e6fc807249f72684bbe480586d28b47cb7d29fb8efb4a2e5e7b8054ba8d99053411cd45a7bdd0b045fe9edb7c768073d64d5582f7b64a04b65626399f04b583e17e09")
write$cgroup_pid(r1, &(0x7f00000017c0)=r3, 0x12)

10:53:03 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000140)={&(0x7f00000000c0)='./file0\x00', 0x0, 0x8}, 0x10)
mkdir(&(0x7f0000000040)='./file0\x00', 0x20)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0)
unlink(&(0x7f0000000080)='./file0/file0\x00')

10:53:03 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1}) (async)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x300)

10:53:03 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x305)

10:53:03 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000080), 0xfffffffffffffd2f)
bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000000000)={r1, r1, 0x4, r1}, 0x10)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFINDEX(r2, 0x400454da, &(0x7f00000011c0))
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335)

10:53:03 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x300)
openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) (async)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1}) (async)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x300) (async)

10:53:03 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000140)={&(0x7f00000000c0)='./file0\x00', 0x0, 0x8}, 0x10) (async)
mkdir(&(0x7f0000000040)='./file0\x00', 0x20) (async)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0)
unlink(&(0x7f0000000080)='./file0/file0\x00')

10:53:03 executing program 2:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0) (async)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000140)={&(0x7f00000000c0)='./file0\x00', 0x0, 0x8}, 0x10)
mkdir(&(0x7f0000000040)='./file0\x00', 0x20)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0)
unlink(&(0x7f0000000080)='./file0/file0\x00')

[ 2621.684209][T26677] RBP: 00007fdb1f2331d0 R08: 0000000000000000 R09: 0000000000000000
[ 2621.692020][T26677] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000002
[ 2621.699836][T26677] R13: 00007ffddc47e1af R14: 00007fdb1f233300 R15: 0000000000022000
[ 2621.707649][T26677]  </TASK>
10:53:03 executing program 2:
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000080)={&(0x7f0000000000)='./file0/file0\x00', 0x0, 0x10}, 0x10)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0)

10:53:03 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f00000011c0))
ioctl$TUNATTACHFILTER(r1, 0x401054d5, &(0x7f0000000040)={0x4, &(0x7f0000000000)=[{0x81, 0x81, 0x28, 0x1}, {0x3, 0x2, 0x6, 0x8}, {0x3, 0x6, 0x5, 0x7}, {0x800, 0x9, 0x27, 0xad}]})
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335)

10:53:03 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f00000011c0)) (async, rerun: 32)
ioctl$TUNATTACHFILTER(r1, 0x401054d5, &(0x7f0000000040)={0x4, &(0x7f0000000000)=[{0x81, 0x81, 0x28, 0x1}, {0x3, 0x2, 0x6, 0x8}, {0x3, 0x6, 0x5, 0x7}, {0x800, 0x9, 0x27, 0xad}]}) (async, rerun: 32)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1}) (async)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335)

10:53:03 executing program 4:
syz_clone(0x7c0ad580, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 37)

[ 2621.813435][T26713] FAULT_INJECTION: forcing a failure.
[ 2621.813435][T26713] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2621.847168][T26713] CPU: 0 PID: 26713 Comm: syz-executor.4 Not tainted 5.15.91-syzkaller-02991-g7e0097918ff8 #0
[ 2621.857234][T26713] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 2621.867133][T26713] Call Trace:
[ 2621.870252][T26713]  <TASK>
[ 2621.873029][T26713]  dump_stack_lvl+0x151/0x1b7
[ 2621.877545][T26713]  ? io_uring_drop_tctx_refs+0x19a/0x19a
[ 2621.883008][T26713]  ? post_alloc_hook+0x1ab/0x1b0
[ 2621.887784][T26713]  dump_stack+0x15/0x17
[ 2621.891777][T26713]  should_fail+0x3c0/0x510
[ 2621.896027][T26713]  should_fail_alloc_page+0x58/0x70
[ 2621.901063][T26713]  __alloc_pages+0x1de/0x7c0
[ 2621.905488][T26713]  ? __count_vm_events+0x30/0x30
[ 2621.910261][T26713]  ? __this_cpu_preempt_check+0x13/0x20
[ 2621.915646][T26713]  ? __mod_node_page_state+0xac/0xf0
[ 2621.920767][T26713]  pte_alloc_one+0x73/0x1b0
[ 2621.925103][T26713]  ? pfn_modify_allowed+0x2e0/0x2e0
[ 2621.930136][T26713]  ? __kasan_check_read+0x11/0x20
[ 2621.934999][T26713]  ? copy_present_pte+0x76f/0xe60
[ 2621.939858][T26713]  __pte_alloc+0x86/0x350
[ 2621.944025][T26713]  ? copy_pte_range+0x1780/0x1780
[ 2621.948883][T26713]  ? free_pgtables+0x210/0x210
[ 2621.953484][T26713]  ? _raw_spin_lock+0xa3/0x1b0
[ 2621.958089][T26713]  ? _raw_spin_trylock_bh+0x1d0/0x1d0
[ 2621.963294][T26713]  ? unwind_get_return_address+0x4c/0x90
[ 2621.968764][T26713]  copy_pte_range+0x11be/0x1780
[ 2621.973448][T26713]  ? __kasan_check_write+0x14/0x20
[ 2621.978394][T26713]  ? stack_trace_snprint+0x100/0x100
[ 2621.983517][T26713]  ? __kunmap_atomic+0x80/0x80
[ 2621.988112][T26713]  ? kmem_cache_alloc+0x189/0x2f0
[ 2621.992972][T26713]  ? vm_area_dup+0x26/0x220
[ 2621.997312][T26713]  ? dup_mmap+0x6c8/0xf10
[ 2622.001477][T26713]  ? dup_mm+0x8e/0x2e0
[ 2622.005383][T26713]  ? copy_mm+0x108/0x1b0
[ 2622.009465][T26713]  ? copy_process+0x1295/0x3250
[ 2622.014155][T26713]  ? kernel_clone+0x21d/0x9c0
[ 2622.018666][T26713]  ? __x64_sys_clone+0x289/0x310
[ 2622.023439][T26713]  ? do_syscall_64+0x44/0xd0
[ 2622.027866][T26713]  copy_page_range+0xc1e/0x1090
[ 2622.032556][T26713]  ? pfn_valid+0x1e0/0x1e0
[ 2622.036805][T26713]  dup_mmap+0x9af/0xf10
[ 2622.040801][T26713]  ? __delayed_free_task+0x20/0x20
[ 2622.045744][T26713]  ? mm_init+0x807/0x960
[ 2622.049824][T26713]  dup_mm+0x8e/0x2e0
[ 2622.053556][T26713]  copy_mm+0x108/0x1b0
[ 2622.057460][T26713]  copy_process+0x1295/0x3250
[ 2622.061975][T26713]  ? proc_fail_nth_write+0x213/0x290
[ 2622.067093][T26713]  ? proc_fail_nth_read+0x220/0x220
[ 2622.072129][T26713]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2622.077076][T26713]  ? vfs_write+0xa37/0x1160
[ 2622.081413][T26713]  ? numa_migrate_prep+0xe0/0xe0
[ 2622.086191][T26713]  kernel_clone+0x21d/0x9c0
[ 2622.090529][T26713]  ? file_end_write+0x1b0/0x1b0
[ 2622.095215][T26713]  ? __kasan_check_write+0x14/0x20
[ 2622.100161][T26713]  ? create_io_thread+0x1e0/0x1e0
[ 2622.105022][T26713]  ? __mutex_lock_slowpath+0x10/0x10
[ 2622.110142][T26713]  __x64_sys_clone+0x289/0x310
[ 2622.114743][T26713]  ? __do_sys_vfork+0x130/0x130
[ 2622.119432][T26713]  ? debug_smp_processor_id+0x17/0x20
[ 2622.124639][T26713]  do_syscall_64+0x44/0xd0
[ 2622.128889][T26713]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2622.134618][T26713] RIP: 0033:0x7fdb204c00c9
[ 2622.138874][T26713] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2622.158310][T26713] RSP: 002b:00007fdb1f233118 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 2622.166562][T26713] RAX: ffffffffffffffda RBX: 00007fdb205dff80 RCX: 00007fdb204c00c9
[ 2622.174367][T26713] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000007c0ad480
[ 2622.182179][T26713] RBP: 00007fdb1f2331d0 R08: 0000000000000000 R09: 0000000000000000
[ 2622.189989][T26713] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000002
[ 2622.197803][T26713] R13: 00007ffddc47e1af R14: 00007fdb1f233300 R15: 0000000000022000
[ 2622.205616][T26713]  </TASK>
10:53:04 executing program 3:
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000380)={0x1, 0x58, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r0=>0x0}}, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x11, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x5}, [@call={0x85, 0x0, 0x0, 0x90}]}, &(0x7f0000000080)='GPL\x00', 0x1ff, 0xe5, &(0x7f00000000c0)=""/229, 0x41100, 0x2, '\x00', r0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000001c0)={0x5, 0x4}, 0x8, 0x10, &(0x7f0000000200)={0x3, 0x7, 0xd0be, 0x9}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000240)=[0xffffffffffffffff, 0x1]}, 0x80)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r1)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)

10:53:04 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x305)

10:53:04 executing program 2:
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000080)={&(0x7f0000000000)='./file0/file0\x00', 0x0, 0x10}, 0x10) (async, rerun: 32)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0) (rerun: 32)

10:53:04 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f00000011c0))
ioctl$TUNATTACHFILTER(r1, 0x401054d5, &(0x7f0000000040)={0x4, &(0x7f0000000000)=[{0x81, 0x81, 0x28, 0x1}, {0x3, 0x2, 0x6, 0x8}, {0x3, 0x6, 0x5, 0x7}, {0x800, 0x9, 0x27, 0xad}]}) (async)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1}) (async)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335)

10:53:04 executing program 4:
syz_clone(0x7c0ad580, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 38)

10:53:04 executing program 1:
openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r0 = bpf$ITER_CREATE(0x21, &(0x7f0000000080), 0xfffffffffffffd2f)
bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000000000)={r0, r0, 0x4, r0}, 0x10)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f00000011c0))
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'\x00', 0x1})

10:53:04 executing program 2:
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000080)={&(0x7f0000000000)='./file0/file0\x00', 0x0, 0x10}, 0x10) (async)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0)

[ 2622.557511][T26720] FAULT_INJECTION: forcing a failure.
[ 2622.557511][T26720] name failslab, interval 1, probability 0, space 0, times 0
[ 2622.585195][T26720] CPU: 0 PID: 26720 Comm: syz-executor.4 Not tainted 5.15.91-syzkaller-02991-g7e0097918ff8 #0
[ 2622.595258][T26720] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 2622.605154][T26720] Call Trace:
[ 2622.608283][T26720]  <TASK>
[ 2622.611057][T26720]  dump_stack_lvl+0x151/0x1b7
[ 2622.615569][T26720]  ? io_uring_drop_tctx_refs+0x19a/0x19a
[ 2622.621039][T26720]  dump_stack+0x15/0x17
[ 2622.625028][T26720]  should_fail+0x3c0/0x510
[ 2622.629282][T26720]  __should_failslab+0x9f/0xe0
[ 2622.633882][T26720]  should_failslab+0x9/0x20
[ 2622.638223][T26720]  kmem_cache_alloc+0x4f/0x2f0
[ 2622.642823][T26720]  ? anon_vma_fork+0x1b9/0x4f0
[ 2622.647424][T26720]  anon_vma_fork+0x1b9/0x4f0
[ 2622.651850][T26720]  dup_mmap+0x760/0xf10
[ 2622.655840][T26720]  ? __delayed_free_task+0x20/0x20
[ 2622.660787][T26720]  ? mm_init+0x807/0x960
[ 2622.664867][T26720]  dup_mm+0x8e/0x2e0
[ 2622.668604][T26720]  copy_mm+0x108/0x1b0
[ 2622.672506][T26720]  copy_process+0x1295/0x3250
[ 2622.677021][T26720]  ? proc_fail_nth_write+0x213/0x290
[ 2622.682141][T26720]  ? proc_fail_nth_read+0x220/0x220
[ 2622.687174][T26720]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2622.692117][T26720]  ? vfs_write+0xa37/0x1160
[ 2622.696473][T26720]  ? numa_migrate_prep+0xe0/0xe0
[ 2622.701233][T26720]  kernel_clone+0x21d/0x9c0
[ 2622.705573][T26720]  ? file_end_write+0x1b0/0x1b0
[ 2622.710256][T26720]  ? __kasan_check_write+0x14/0x20
[ 2622.715207][T26720]  ? create_io_thread+0x1e0/0x1e0
[ 2622.720066][T26720]  ? __mutex_lock_slowpath+0x10/0x10
[ 2622.725189][T26720]  __x64_sys_clone+0x289/0x310
[ 2622.729789][T26720]  ? __do_sys_vfork+0x130/0x130
[ 2622.734476][T26720]  ? debug_smp_processor_id+0x17/0x20
[ 2622.739683][T26720]  do_syscall_64+0x44/0xd0
[ 2622.743935][T26720]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2622.749662][T26720] RIP: 0033:0x7fdb204c00c9
[ 2622.753917][T26720] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2622.773356][T26720] RSP: 002b:00007fdb1f233118 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 2622.781599][T26720] RAX: ffffffffffffffda RBX: 00007fdb205dff80 RCX: 00007fdb204c00c9
[ 2622.789412][T26720] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000007c0ad480
[ 2622.797227][T26720] RBP: 00007fdb1f2331d0 R08: 0000000000000000 R09: 0000000000000000
10:53:04 executing program 3:
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000380)={0x1, 0x58, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r0=>0x0}}, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x11, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x5}, [@call={0x85, 0x0, 0x0, 0x90}]}, &(0x7f0000000080)='GPL\x00', 0x1ff, 0xe5, &(0x7f00000000c0)=""/229, 0x41100, 0x2, '\x00', r0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000001c0)={0x5, 0x4}, 0x8, 0x10, &(0x7f0000000200)={0x3, 0x7, 0xd0be, 0x9}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000240)=[0xffffffffffffffff, 0x1]}, 0x80)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r1) (async, rerun: 64)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (rerun: 64)

10:53:04 executing program 5:
ioctl$TUNSETPERSIST(0xffffffffffffffff, 0x400454cb, 0x1)
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, &(0x7f0000000000))
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335)

10:53:04 executing program 5:
ioctl$TUNSETPERSIST(0xffffffffffffffff, 0x400454cb, 0x1) (async)
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, &(0x7f0000000000))
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335)

10:53:04 executing program 3:
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000380)={0x1, 0x58, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r0=>0x0}}, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x11, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x5}, [@call={0x85, 0x0, 0x0, 0x90}]}, &(0x7f0000000080)='GPL\x00', 0x1ff, 0xe5, &(0x7f00000000c0)=""/229, 0x41100, 0x2, '\x00', r0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000001c0)={0x5, 0x4}, 0x8, 0x10, &(0x7f0000000200)={0x3, 0x7, 0xd0be, 0x9}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000240)=[0xffffffffffffffff, 0x1]}, 0x80)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r1)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)

10:53:04 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001600)={<r0=>0xffffffffffffffff})
close(r0)
recvmsg$unix(r0, &(0x7f0000001c40)={&(0x7f0000001640), 0x6e, &(0x7f0000001ac0)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9, &(0x7f0000001b80)}, 0x40)
recvmsg$unix(r0, &(0x7f0000000000)={&(0x7f0000000080), 0x6e, &(0x7f00000014c0)=[{&(0x7f0000000140)=""/4096, 0x1000}, {&(0x7f0000001140)=""/185, 0xb9}, {&(0x7f0000001200)=""/156, 0x9c}, {&(0x7f00000012c0)=""/231, 0xe7}, {&(0x7f00000013c0)=""/243, 0xf3}], 0x5, &(0x7f0000001540)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}], 0x78}, 0x20)

10:53:04 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)

10:53:04 executing program 5:
ioctl$TUNSETPERSIST(0xffffffffffffffff, 0x400454cb, 0x1)
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, &(0x7f0000000000))
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1}) (async)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335)

10:53:04 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
unlink(&(0x7f00000000c0)='./file0\x00')
recvmsg(0xffffffffffffffff, &(0x7f00000019c0)={&(0x7f0000001640)=@can, 0x80, &(0x7f0000000080)=[{&(0x7f00000016c0)=""/181, 0xb5}, {&(0x7f0000001780)=""/247, 0xf7}, {&(0x7f0000001a40)=""/228, 0xe4}], 0x3, &(0x7f0000001a00)=""/34, 0x22}, 0x5656009dad6977e2)
recvmsg(0xffffffffffffffff, &(0x7f0000000000)={&(0x7f0000000100)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, 0x80, &(0x7f0000001500)=[{&(0x7f0000000180)=""/4096, 0x1000}, {&(0x7f0000001180)=""/174, 0xae}, {&(0x7f0000001240)=""/132, 0x84}, {&(0x7f0000001300)=""/93, 0x5d}, {&(0x7f0000001380)=""/175, 0xaf}, {&(0x7f0000001440)=""/172, 0xac}], 0x6, &(0x7f0000001580)=""/162, 0xa2}, 0x40000024)

10:53:04 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0) (async)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001600)={<r0=>0xffffffffffffffff})
close(r0) (async)
recvmsg$unix(r0, &(0x7f0000001c40)={&(0x7f0000001640), 0x6e, &(0x7f0000001ac0)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9, &(0x7f0000001b80)}, 0x40) (async)
recvmsg$unix(r0, &(0x7f0000000000)={&(0x7f0000000080), 0x6e, &(0x7f00000014c0)=[{&(0x7f0000000140)=""/4096, 0x1000}, {&(0x7f0000001140)=""/185, 0xb9}, {&(0x7f0000001200)=""/156, 0x9c}, {&(0x7f00000012c0)=""/231, 0xe7}, {&(0x7f00000013c0)=""/243, 0xf3}], 0x5, &(0x7f0000001540)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}], 0x78}, 0x20)

[ 2622.805034][T26720] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000002
[ 2622.812845][T26720] R13: 00007ffddc47e1af R14: 00007fdb1f233300 R15: 0000000000022000
[ 2622.820661][T26720]  </TASK>
10:53:04 executing program 4:
syz_clone(0x7c0ad580, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 39)

[ 2622.936931][T26756] FAULT_INJECTION: forcing a failure.
[ 2622.936931][T26756] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2622.957636][T26756] CPU: 0 PID: 26756 Comm: syz-executor.4 Not tainted 5.15.91-syzkaller-02991-g7e0097918ff8 #0
[ 2622.967710][T26756] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 2622.978031][T26756] Call Trace:
[ 2622.981154][T26756]  <TASK>
[ 2622.983940][T26756]  dump_stack_lvl+0x151/0x1b7
[ 2622.988444][T26756]  ? io_uring_drop_tctx_refs+0x19a/0x19a
[ 2622.993912][T26756]  ? post_alloc_hook+0x1ab/0x1b0
[ 2622.998693][T26756]  dump_stack+0x15/0x17
[ 2623.002681][T26756]  should_fail+0x3c0/0x510
[ 2623.006931][T26756]  should_fail_alloc_page+0x58/0x70
[ 2623.011967][T26756]  __alloc_pages+0x1de/0x7c0
[ 2623.016392][T26756]  ? __count_vm_events+0x30/0x30
[ 2623.021168][T26756]  ? __this_cpu_preempt_check+0x13/0x20
[ 2623.026546][T26756]  ? __mod_node_page_state+0xac/0xf0
[ 2623.031666][T26756]  pte_alloc_one+0x73/0x1b0
[ 2623.036006][T26756]  ? pfn_modify_allowed+0x2e0/0x2e0
[ 2623.041038][T26756]  ? __kasan_check_read+0x11/0x20
[ 2623.045901][T26756]  ? copy_present_pte+0x76f/0xe60
[ 2623.050766][T26756]  __pte_alloc+0x86/0x350
[ 2623.054926][T26756]  ? copy_pte_range+0x1780/0x1780
[ 2623.059790][T26756]  ? free_pgtables+0x210/0x210
[ 2623.064388][T26756]  ? _raw_spin_lock+0xa3/0x1b0
[ 2623.068985][T26756]  ? _raw_spin_trylock_bh+0x1d0/0x1d0
[ 2623.074194][T26756]  ? unwind_get_return_address+0x4c/0x90
[ 2623.079662][T26756]  copy_pte_range+0x11be/0x1780
[ 2623.084350][T26756]  ? __kasan_check_write+0x14/0x20
[ 2623.089297][T26756]  ? stack_trace_snprint+0x100/0x100
[ 2623.094418][T26756]  ? __kunmap_atomic+0x80/0x80
[ 2623.099015][T26756]  ? kmem_cache_alloc+0x189/0x2f0
[ 2623.103876][T26756]  ? vm_area_dup+0x26/0x220
[ 2623.108218][T26756]  ? dup_mmap+0x6c8/0xf10
[ 2623.112383][T26756]  ? dup_mm+0x8e/0x2e0
[ 2623.116286][T26756]  ? copy_mm+0x108/0x1b0
[ 2623.120366][T26756]  ? copy_process+0x1295/0x3250
[ 2623.125051][T26756]  ? kernel_clone+0x21d/0x9c0
[ 2623.129566][T26756]  ? __x64_sys_clone+0x289/0x310
[ 2623.134343][T26756]  ? do_syscall_64+0x44/0xd0
[ 2623.138770][T26756]  copy_page_range+0xc1e/0x1090
[ 2623.143459][T26756]  ? pfn_valid+0x1e0/0x1e0
[ 2623.147713][T26756]  dup_mmap+0x9af/0xf10
[ 2623.151703][T26756]  ? __delayed_free_task+0x20/0x20
[ 2623.156645][T26756]  ? mm_init+0x807/0x960
[ 2623.160727][T26756]  dup_mm+0x8e/0x2e0
[ 2623.164456][T26756]  copy_mm+0x108/0x1b0
[ 2623.168365][T26756]  copy_process+0x1295/0x3250
[ 2623.172884][T26756]  ? proc_fail_nth_write+0x213/0x290
[ 2623.177998][T26756]  ? proc_fail_nth_read+0x220/0x220
[ 2623.183031][T26756]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2623.187980][T26756]  ? vfs_write+0xa37/0x1160
[ 2623.192316][T26756]  ? numa_migrate_prep+0xe0/0xe0
[ 2623.197100][T26756]  kernel_clone+0x21d/0x9c0
[ 2623.201431][T26756]  ? file_end_write+0x1b0/0x1b0
[ 2623.206120][T26756]  ? __kasan_check_write+0x14/0x20
[ 2623.211063][T26756]  ? create_io_thread+0x1e0/0x1e0
[ 2623.215929][T26756]  ? __mutex_lock_slowpath+0x10/0x10
[ 2623.221046][T26756]  __x64_sys_clone+0x289/0x310
[ 2623.225649][T26756]  ? __do_sys_vfork+0x130/0x130
[ 2623.230334][T26756]  ? debug_smp_processor_id+0x17/0x20
[ 2623.235553][T26756]  do_syscall_64+0x44/0xd0
[ 2623.239795][T26756]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2623.245530][T26756] RIP: 0033:0x7fdb204c00c9
[ 2623.249860][T26756] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2623.269303][T26756] RSP: 002b:00007fdb1f233118 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 2623.277548][T26756] RAX: ffffffffffffffda RBX: 00007fdb205dff80 RCX: 00007fdb204c00c9
[ 2623.285361][T26756] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000007c0ad480
[ 2623.293169][T26756] RBP: 00007fdb1f2331d0 R08: 0000000000000000 R09: 0000000000000000
[ 2623.300979][T26756] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000002
[ 2623.308793][T26756] R13: 00007ffddc47e1af R14: 00007fdb1f233300 R15: 0000000000022000
[ 2623.316609][T26756]  </TASK>
10:53:04 executing program 1:
openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r0 = bpf$ITER_CREATE(0x21, &(0x7f0000000080), 0xfffffffffffffd2f)
bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000000000)={r0, r0, 0x4, r0}, 0x10)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'\x00', 0x1})

10:53:04 executing program 5:
openat$cgroup_freezer_state(0xffffffffffffffff, &(0x7f0000000000), 0x2, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335)

10:53:04 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
unlink(&(0x7f00000000c0)='./file0\x00') (async)
recvmsg(0xffffffffffffffff, &(0x7f00000019c0)={&(0x7f0000001640)=@can, 0x80, &(0x7f0000000080)=[{&(0x7f00000016c0)=""/181, 0xb5}, {&(0x7f0000001780)=""/247, 0xf7}, {&(0x7f0000001a40)=""/228, 0xe4}], 0x3, &(0x7f0000001a00)=""/34, 0x22}, 0x5656009dad6977e2) (async)
recvmsg(0xffffffffffffffff, &(0x7f0000000000)={&(0x7f0000000100)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, 0x80, &(0x7f0000001500)=[{&(0x7f0000000180)=""/4096, 0x1000}, {&(0x7f0000001180)=""/174, 0xae}, {&(0x7f0000001240)=""/132, 0x84}, {&(0x7f0000001300)=""/93, 0x5d}, {&(0x7f0000001380)=""/175, 0xaf}, {&(0x7f0000001440)=""/172, 0xac}], 0x6, &(0x7f0000001580)=""/162, 0xa2}, 0x40000024)

10:53:04 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)

10:53:04 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
unlink(&(0x7f00000000c0)='./file0\x00') (async)
recvmsg(0xffffffffffffffff, &(0x7f00000019c0)={&(0x7f0000001640)=@can, 0x80, &(0x7f0000000080)=[{&(0x7f00000016c0)=""/181, 0xb5}, {&(0x7f0000001780)=""/247, 0xf7}, {&(0x7f0000001a40)=""/228, 0xe4}], 0x3, &(0x7f0000001a00)=""/34, 0x22}, 0x5656009dad6977e2)
recvmsg(0xffffffffffffffff, &(0x7f0000000000)={&(0x7f0000000100)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, 0x80, &(0x7f0000001500)=[{&(0x7f0000000180)=""/4096, 0x1000}, {&(0x7f0000001180)=""/174, 0xae}, {&(0x7f0000001240)=""/132, 0x84}, {&(0x7f0000001300)=""/93, 0x5d}, {&(0x7f0000001380)=""/175, 0xaf}, {&(0x7f0000001440)=""/172, 0xac}], 0x6, &(0x7f0000001580)=""/162, 0xa2}, 0x40000024)

10:53:04 executing program 5:
openat$cgroup_freezer_state(0xffffffffffffffff, &(0x7f0000000000), 0x2, 0x0) (async)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335)

10:53:05 executing program 5:
openat$cgroup_freezer_state(0xffffffffffffffff, &(0x7f0000000000), 0x2, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1}) (async)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335)

10:53:05 executing program 3:
mkdir(&(0x7f0000000040)='./file1\x00', 0x13)
unlink(&(0x7f0000000000)='./file0\x00')
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000100)={&(0x7f0000000080)='./file1\x00'}, 0x10)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={&(0x7f0000000140)='./file0\x00', 0x0, 0x10}, 0x10)
unlink(&(0x7f00000000c0)='./file0\x00')

10:53:05 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)

10:53:05 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f00000011c0))
ioctl$TUNATTACHFILTER(r1, 0x401054d5, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x7, 0xff, 0x2, 0x7f}]})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335)

10:53:05 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001600)={<r0=>0xffffffffffffffff})
close(r0)
recvmsg$unix(r0, &(0x7f0000001c40)={&(0x7f0000001640), 0x6e, &(0x7f0000001ac0)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9, &(0x7f0000001b80)}, 0x40)
recvmsg$unix(r0, &(0x7f0000000000)={&(0x7f0000000080), 0x6e, &(0x7f00000014c0)=[{&(0x7f0000000140)=""/4096, 0x1000}, {&(0x7f0000001140)=""/185, 0xb9}, {&(0x7f0000001200)=""/156, 0x9c}, {&(0x7f00000012c0)=""/231, 0xe7}, {&(0x7f00000013c0)=""/243, 0xf3}], 0x5, &(0x7f0000001540)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}], 0x78}, 0x20)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0) (async)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001600)) (async)
close(r0) (async)
recvmsg$unix(r0, &(0x7f0000001c40)={&(0x7f0000001640), 0x6e, &(0x7f0000001ac0)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9, &(0x7f0000001b80)}, 0x40) (async)
recvmsg$unix(r0, &(0x7f0000000000)={&(0x7f0000000080), 0x6e, &(0x7f00000014c0)=[{&(0x7f0000000140)=""/4096, 0x1000}, {&(0x7f0000001140)=""/185, 0xb9}, {&(0x7f0000001200)=""/156, 0x9c}, {&(0x7f00000012c0)=""/231, 0xe7}, {&(0x7f00000013c0)=""/243, 0xf3}], 0x5, &(0x7f0000001540)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}], 0x78}, 0x20) (async)

10:53:05 executing program 3:
mkdir(&(0x7f0000000040)='./file1\x00', 0x13)
unlink(&(0x7f0000000000)='./file0\x00') (async)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000100)={&(0x7f0000000080)='./file1\x00'}, 0x10) (async)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={&(0x7f0000000140)='./file0\x00', 0x0, 0x10}, 0x10) (async)
unlink(&(0x7f00000000c0)='./file0\x00')

10:53:05 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1}) (async)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f00000011c0))
ioctl$TUNATTACHFILTER(r1, 0x401054d5, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x7, 0xff, 0x2, 0x7f}]}) (async)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335)

10:53:05 executing program 0:
syz_clone(0x4c020000, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = syz_clone(0x24880100, &(0x7f00000000c0)="8f920b4f0083f0241f394422af3c8ac2af9a9b4b0dc7af9687568d5e51e46cc4a60fcbdd0cbbbb9a28018315dcde9cd8c5663e1ac362b07cd4747ce140591d705f165b2b821d860d0e8b", 0x4a, &(0x7f0000000140), &(0x7f0000000180), &(0x7f00000001c0)="dfac4a23288424e73635d3e2775a6935a3e1bb9253997217893134f9714dfe33948b42d46ba2b146902a0440215b621c25c9e652fb0e9c3aab1fa137c556dee94113ca1bc731da8377c78012ac1aa7bc424aec4f71bb1d0e2b5e2b9196bf9b60f9290d13b296d1655dc3cbe514910193c03fa3ea1ec841b3ba489d45a17770ffcd77c4")
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000280), 0x8)
r2 = perf_event_open(&(0x7f0000000500)={0x1, 0x80, 0xb9, 0x4c, 0x9, 0x5, 0x0, 0xfffffffffffffffe, 0x0, 0x8, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x5}, 0x3f42, 0x512, 0xffff2df7, 0x1, 0x1, 0xaf2d, 0x800, 0x0, 0x12, 0x0, 0x2}, r0, 0xb, r1, 0x0)
perf_event_open(&(0x7f0000000480)={0x3, 0x80, 0x20, 0x5, 0x80, 0x0, 0x0, 0x5, 0x248, 0x2, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x5e18e663, 0x1, @perf_bp={&(0x7f0000000440), 0x3}, 0x2000, 0x7, 0xd7ff, 0x4, 0x7ff, 0x781, 0x7, 0x0, 0xfffffffc, 0x0, 0x5680000000000}, r0, 0xc, r2, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r1, 0x4008240b, &(0x7f0000000300)={0x1, 0x80, 0x8, 0x3, 0x8, 0x8, 0x0, 0x7, 0x20000, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x8, 0x1, @perf_bp={&(0x7f00000002c0)}, 0x80403, 0x3f, 0x4, 0x5, 0x4, 0x1, 0x8000, 0x0, 0x0, 0x0, 0x257})
perf_event_open(&(0x7f0000000040)={0x4, 0x80, 0x80, 0xff, 0x1, 0x9, 0x0, 0x7ff, 0x0, 0x3, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, @perf_bp={&(0x7f0000000000), 0x6}, 0x0, 0x8, 0xfffffff8, 0x1, 0x2, 0x9b, 0x100, 0x0, 0x6, 0x0, 0x3f}, r0, 0x6, 0xffffffffffffffff, 0x9)
bpf$OBJ_GET_MAP(0x7, &(0x7f00000005c0)={&(0x7f0000000580)='./file0\x00'}, 0x10)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r3, 0xffffffffffffffff, 0x24}, 0x10)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r3, 0x4008240b, &(0x7f00000003c0)={0x1, 0x80, 0x8, 0xfc, 0x1, 0x8, 0x0, 0x9, 0x93c0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x3, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x2c, 0x0, @perf_bp={&(0x7f0000000380), 0xe}, 0x12006, 0x3604, 0x800, 0x3, 0x3, 0x1000, 0xffde, 0x0, 0x2, 0x0, 0x100000001})

10:53:05 executing program 4:
syz_clone(0x7c0ad580, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 40)

10:53:05 executing program 1:
openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r0 = bpf$ITER_CREATE(0x21, &(0x7f0000000080), 0xfffffffffffffd2f)
bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000000000)={r0, r0, 0x4, r0}, 0x10)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'\x00', 0x1})

10:53:05 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000300), 0x4)
recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000080)=@vsock={0x28, 0x0, 0x0, @local}, 0x80, &(0x7f0000000000), 0x0, &(0x7f0000000140)=""/223, 0xdf}, 0x1)

10:53:05 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1}) (async, rerun: 32)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0) (rerun: 32)
ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f00000011c0)) (async)
ioctl$TUNATTACHFILTER(r1, 0x401054d5, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x7, 0xff, 0x2, 0x7f}]})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335)

10:53:05 executing program 3:
mkdir(&(0x7f0000000040)='./file1\x00', 0x13)
unlink(&(0x7f0000000000)='./file0\x00')
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000100)={&(0x7f0000000080)='./file1\x00'}, 0x10)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={&(0x7f0000000140)='./file0\x00', 0x0, 0x10}, 0x10)
unlink(&(0x7f00000000c0)='./file0\x00')
mkdir(&(0x7f0000000040)='./file1\x00', 0x13) (async)
unlink(&(0x7f0000000000)='./file0\x00') (async)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000100)={&(0x7f0000000080)='./file1\x00'}, 0x10) (async)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={&(0x7f0000000140)='./file0\x00', 0x0, 0x10}, 0x10) (async)
unlink(&(0x7f00000000c0)='./file0\x00') (async)

10:53:05 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000300), 0x4)
recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000080)=@vsock={0x28, 0x0, 0x0, @local}, 0x80, &(0x7f0000000000), 0x0, &(0x7f0000000140)=""/223, 0xdf}, 0x1)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0) (async)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)) (async)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000300), 0x4) (async)
recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000080)=@vsock={0x28, 0x0, 0x0, @local}, 0x80, &(0x7f0000000000), 0x0, &(0x7f0000000140)=""/223, 0xdf}, 0x1) (async)

10:53:05 executing program 3:
r0 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000200)={&(0x7f00000001c0)='./file0\x00', 0x0, 0x10}, 0x10)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000000)={r0, 0x58, &(0x7f0000000100)}, 0x10)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
unlink(&(0x7f00000000c0)='./file0\x00')
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={&(0x7f0000000080)='./file1\x00', 0x0, 0x10}, 0x10)

10:53:05 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x400000, 0x0)
ioctl$TUNDETACHFILTER(r1, 0x401054d6, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335)

[ 2623.733528][T26796] FAULT_INJECTION: forcing a failure.
[ 2623.733528][T26796] name failslab, interval 1, probability 0, space 0, times 0
[ 2623.802711][T26796] CPU: 0 PID: 26796 Comm: syz-executor.4 Not tainted 5.15.91-syzkaller-02991-g7e0097918ff8 #0
[ 2623.812782][T26796] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 2623.822678][T26796] Call Trace:
[ 2623.825801][T26796]  <TASK>
[ 2623.828579][T26796]  dump_stack_lvl+0x151/0x1b7
[ 2623.833094][T26796]  ? io_uring_drop_tctx_refs+0x19a/0x19a
[ 2623.838563][T26796]  dump_stack+0x15/0x17
[ 2623.842549][T26796]  should_fail+0x3c0/0x510
[ 2623.846806][T26796]  __should_failslab+0x9f/0xe0
[ 2623.851407][T26796]  should_failslab+0x9/0x20
[ 2623.855746][T26796]  kmem_cache_alloc+0x4f/0x2f0
[ 2623.860343][T26796]  ? vm_area_dup+0x26/0x220
[ 2623.864682][T26796]  vm_area_dup+0x26/0x220
[ 2623.868851][T26796]  dup_mmap+0x6c8/0xf10
[ 2623.872845][T26796]  ? __delayed_free_task+0x20/0x20
[ 2623.877791][T26796]  ? mm_init+0x807/0x960
[ 2623.881867][T26796]  dup_mm+0x8e/0x2e0
[ 2623.885600][T26796]  copy_mm+0x108/0x1b0
[ 2623.889509][T26796]  copy_process+0x1295/0x3250
[ 2623.894019][T26796]  ? proc_fail_nth_write+0x213/0x290
[ 2623.899143][T26796]  ? proc_fail_nth_read+0x220/0x220
[ 2623.904173][T26796]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2623.909125][T26796]  ? vfs_write+0xa37/0x1160
[ 2623.913462][T26796]  ? numa_migrate_prep+0xe0/0xe0
[ 2623.918237][T26796]  kernel_clone+0x21d/0x9c0
[ 2623.922575][T26796]  ? file_end_write+0x1b0/0x1b0
[ 2623.927261][T26796]  ? __kasan_check_write+0x14/0x20
[ 2623.932207][T26796]  ? create_io_thread+0x1e0/0x1e0
[ 2623.937069][T26796]  ? __mutex_lock_slowpath+0x10/0x10
[ 2623.942192][T26796]  __x64_sys_clone+0x289/0x310
[ 2623.946791][T26796]  ? __do_sys_vfork+0x130/0x130
[ 2623.951478][T26796]  ? debug_smp_processor_id+0x17/0x20
[ 2623.956684][T26796]  do_syscall_64+0x44/0xd0
[ 2623.960935][T26796]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2623.966662][T26796] RIP: 0033:0x7fdb204c00c9
[ 2623.970917][T26796] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2623.990359][T26796] RSP: 002b:00007fdb1f233118 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
10:53:05 executing program 1:
openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r0 = bpf$ITER_CREATE(0x21, &(0x7f0000000080), 0xfffffffffffffd2f)
bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000000000)={r0, r0, 0x4, r0}, 0x10)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'\x00', 0x1})

10:53:05 executing program 1:
openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r0 = bpf$ITER_CREATE(0x21, &(0x7f0000000080), 0xfffffffffffffd2f)
bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000000000)={r0, r0, 0x4, r0}, 0x10)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'\x00', 0x1})

10:53:05 executing program 3:
r0 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000200)={&(0x7f00000001c0)='./file0\x00', 0x0, 0x10}, 0x10)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000000)={r0, 0x58, &(0x7f0000000100)}, 0x10)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
unlink(&(0x7f00000000c0)='./file0\x00')
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={&(0x7f0000000080)='./file1\x00', 0x0, 0x10}, 0x10)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000200)={&(0x7f00000001c0)='./file0\x00', 0x0, 0x10}, 0x10) (async)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000000)={r0, 0x58, &(0x7f0000000100)}, 0x10) (async)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
unlink(&(0x7f00000000c0)='./file0\x00') (async)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={&(0x7f0000000080)='./file1\x00', 0x0, 0x10}, 0x10) (async)

[ 2623.998604][T26796] RAX: ffffffffffffffda RBX: 00007fdb205dff80 RCX: 00007fdb204c00c9
[ 2624.006420][T26796] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000007c0ad480
[ 2624.014224][T26796] RBP: 00007fdb1f2331d0 R08: 0000000000000000 R09: 0000000000000000
[ 2624.022039][T26796] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000002
[ 2624.029846][T26796] R13: 00007ffddc47e1af R14: 00007fdb1f233300 R15: 0000000000022000
[ 2624.037677][T26796]  </TASK>
10:53:05 executing program 0:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0xf6ffffff00000000)

10:53:05 executing program 4:
syz_clone(0x7c0ad580, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 41)

10:53:05 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x400000, 0x0)
ioctl$TUNDETACHFILTER(r1, 0x401054d6, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335)
openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) (async)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x400000, 0x0) (async)
ioctl$TUNDETACHFILTER(r1, 0x401054d6, 0x0) (async)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1}) (async)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335) (async)

10:53:05 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0) (async)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000300), 0x4) (async)
recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000080)=@vsock={0x28, 0x0, 0x0, @local}, 0x80, &(0x7f0000000000), 0x0, &(0x7f0000000140)=""/223, 0xdf}, 0x1)

10:53:05 executing program 3:
r0 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000200)={&(0x7f00000001c0)='./file0\x00', 0x0, 0x10}, 0x10)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000000)={r0, 0x58, &(0x7f0000000100)}, 0x10)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
unlink(&(0x7f00000000c0)='./file0\x00') (async)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={&(0x7f0000000080)='./file1\x00', 0x0, 0x10}, 0x10)

10:53:05 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0xfffffffe)

10:53:05 executing program 1:
openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
bpf$ITER_CREATE(0x21, &(0x7f0000000080), 0xfffffffffffffd2f)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'\x00', 0x1})

10:53:05 executing program 2:
socketpair(0x23, 0x800, 0x20, &(0x7f0000000000))
ioctl$PERF_EVENT_IOC_SET_OUTPUT(0xffffffffffffffff, 0x2405, 0xffffffffffffffff)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r0, 0xffffffffffffffff, 0x24}, 0x10)
ioctl$PERF_EVENT_IOC_DISABLE(r0, 0x2401, 0x0)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000017c0)='./cgroup.net/syz0\x00', 0x200002, 0x0)
openat$cgroup_devices(r1, &(0x7f0000001800)='devices.deny\x00', 0x2, 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff})
recvmsg(r2, &(0x7f0000001780)={&(0x7f0000000140)=@generic, 0x80, &(0x7f0000001640)=[{&(0x7f00000000c0)=""/57, 0x39}, {&(0x7f00000001c0)=""/4096, 0x1000}, {&(0x7f00000011c0)=""/34, 0x22}, {&(0x7f0000001200)=""/226, 0xe2}, {&(0x7f0000001300)=""/184, 0xb8}, {&(0x7f00000013c0)=""/131, 0x83}, {&(0x7f0000001480)=""/76, 0x4c}, {&(0x7f0000001500)=""/199, 0xc7}, {&(0x7f0000001600)=""/3, 0x3}], 0x9, &(0x7f0000001700)=""/94, 0x5e}, 0x40000002)

10:53:05 executing program 3:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFINDEX(r0, 0x400454da, &(0x7f00000011c0))
ioctl$TUNGETDEVNETNS(r0, 0x54e3, 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0xb, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0xa94d, 0x0, 0x0, 0x0, 0x1620}, [@ldst={0x3, 0x2, 0x1, 0x0, 0x7, 0xfffffffffffffff8, 0xffffffffffffffff}, @call={0x85, 0x0, 0x0, 0xa3}, @map_idx_val={0x18, 0x9, 0x6, 0x0, 0x6, 0x0, 0x0, 0x0, 0x5}, @ldst={0x0, 0x1, 0x6, 0x0, 0x6, 0x50, 0x4}, @alu={0x7, 0x0, 0x0, 0x2, 0x8, 0xc}, @btf_id={0x18, 0x7, 0x3, 0x0, 0x4}]}, &(0x7f0000000080)='syzkaller\x00', 0x9, 0xae, &(0x7f0000000180)=""/174, 0x40f00, 0x1, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000240)={0x2, 0x2}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x2, 0x3f, 0x2}, 0x10, 0x0, 0x0, 0x0, &(0x7f00000002c0)=[0x1]}, 0x80)
ioctl$TUNSETSTEERINGEBPF(r0, 0x800454e0, &(0x7f00000003c0)=r1)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000380)={&(0x7f0000000000)='./file0\x00', r1}, 0x10)
unlink(&(0x7f00000000c0)='./file0\x00')

10:53:05 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) (async)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x400000, 0x0)
ioctl$TUNDETACHFILTER(r1, 0x401054d6, 0x0) (async)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335)

10:53:05 executing program 5:
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'veth0_to_bridge\x00', 0x4000})
ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x335)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='cpuset.effective_mems\x00', 0x0, 0x0)
ioctl$TUNSETVNETBE(r0, 0x400454de, &(0x7f0000000040))

10:53:05 executing program 5:
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'veth0_to_bridge\x00', 0x4000}) (async)
ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x335)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='cpuset.effective_mems\x00', 0x0, 0x0)
ioctl$TUNSETVNETBE(r0, 0x400454de, &(0x7f0000000040))

10:53:05 executing program 3:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFINDEX(r0, 0x400454da, &(0x7f00000011c0)) (async)
ioctl$TUNGETDEVNETNS(r0, 0x54e3, 0x0) (async)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0xb, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0xa94d, 0x0, 0x0, 0x0, 0x1620}, [@ldst={0x3, 0x2, 0x1, 0x0, 0x7, 0xfffffffffffffff8, 0xffffffffffffffff}, @call={0x85, 0x0, 0x0, 0xa3}, @map_idx_val={0x18, 0x9, 0x6, 0x0, 0x6, 0x0, 0x0, 0x0, 0x5}, @ldst={0x0, 0x1, 0x6, 0x0, 0x6, 0x50, 0x4}, @alu={0x7, 0x0, 0x0, 0x2, 0x8, 0xc}, @btf_id={0x18, 0x7, 0x3, 0x0, 0x4}]}, &(0x7f0000000080)='syzkaller\x00', 0x9, 0xae, &(0x7f0000000180)=""/174, 0x40f00, 0x1, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000240)={0x2, 0x2}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x2, 0x3f, 0x2}, 0x10, 0x0, 0x0, 0x0, &(0x7f00000002c0)=[0x1]}, 0x80)
ioctl$TUNSETSTEERINGEBPF(r0, 0x800454e0, &(0x7f00000003c0)=r1) (async)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000380)={&(0x7f0000000000)='./file0\x00', r1}, 0x10) (async)
unlink(&(0x7f00000000c0)='./file0\x00')

[ 2624.448122][T26867] FAULT_INJECTION: forcing a failure.
[ 2624.448122][T26867] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2624.480146][T26867] CPU: 0 PID: 26867 Comm: syz-executor.4 Not tainted 5.15.91-syzkaller-02991-g7e0097918ff8 #0
[ 2624.490215][T26867] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 2624.500127][T26867] Call Trace:
[ 2624.503237][T26867]  <TASK>
[ 2624.506009][T26867]  dump_stack_lvl+0x151/0x1b7
[ 2624.510523][T26867]  ? io_uring_drop_tctx_refs+0x19a/0x19a
[ 2624.515992][T26867]  ? post_alloc_hook+0x1ab/0x1b0
[ 2624.520764][T26867]  dump_stack+0x15/0x17
[ 2624.524758][T26867]  should_fail+0x3c0/0x510
[ 2624.529011][T26867]  should_fail_alloc_page+0x58/0x70
[ 2624.534042][T26867]  __alloc_pages+0x1de/0x7c0
[ 2624.538471][T26867]  ? __count_vm_events+0x30/0x30
[ 2624.543245][T26867]  ? __this_cpu_preempt_check+0x13/0x20
[ 2624.548624][T26867]  ? __mod_node_page_state+0xac/0xf0
[ 2624.553746][T26867]  pte_alloc_one+0x73/0x1b0
[ 2624.558083][T26867]  ? pfn_modify_allowed+0x2e0/0x2e0
[ 2624.563117][T26867]  ? __kasan_check_read+0x11/0x20
[ 2624.567978][T26867]  ? copy_present_pte+0x76f/0xe60
[ 2624.572840][T26867]  __pte_alloc+0x86/0x350
[ 2624.577006][T26867]  ? copy_pte_range+0x1780/0x1780
[ 2624.581883][T26867]  ? free_pgtables+0x210/0x210
[ 2624.586470][T26867]  ? _raw_spin_lock+0xa3/0x1b0
[ 2624.591066][T26867]  ? _raw_spin_trylock_bh+0x1d0/0x1d0
[ 2624.596287][T26867]  ? unwind_get_return_address+0x4c/0x90
[ 2624.601750][T26867]  copy_pte_range+0x11be/0x1780
[ 2624.606431][T26867]  ? __kasan_check_write+0x14/0x20
[ 2624.611378][T26867]  ? stack_trace_snprint+0x100/0x100
[ 2624.616501][T26867]  ? __kunmap_atomic+0x80/0x80
[ 2624.621097][T26867]  ? kmem_cache_alloc+0x189/0x2f0
[ 2624.625955][T26867]  ? vm_area_dup+0x26/0x220
[ 2624.630296][T26867]  ? dup_mmap+0x6c8/0xf10
[ 2624.634464][T26867]  ? dup_mm+0x8e/0x2e0
[ 2624.638368][T26867]  ? copy_mm+0x108/0x1b0
[ 2624.642448][T26867]  ? copy_process+0x1295/0x3250
[ 2624.647135][T26867]  ? kernel_clone+0x21d/0x9c0
[ 2624.651645][T26867]  ? __x64_sys_clone+0x289/0x310
[ 2624.656419][T26867]  ? do_syscall_64+0x44/0xd0
[ 2624.660846][T26867]  copy_page_range+0xc1e/0x1090
[ 2624.665543][T26867]  ? pfn_valid+0x1e0/0x1e0
[ 2624.669790][T26867]  dup_mmap+0x9af/0xf10
[ 2624.673782][T26867]  ? __delayed_free_task+0x20/0x20
[ 2624.678730][T26867]  ? mm_init+0x807/0x960
[ 2624.682804][T26867]  dup_mm+0x8e/0x2e0
[ 2624.686543][T26867]  copy_mm+0x108/0x1b0
[ 2624.690443][T26867]  copy_process+0x1295/0x3250
[ 2624.694958][T26867]  ? proc_fail_nth_write+0x213/0x290
[ 2624.700076][T26867]  ? proc_fail_nth_read+0x220/0x220
[ 2624.705111][T26867]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2624.710058][T26867]  ? vfs_write+0xa37/0x1160
[ 2624.714401][T26867]  ? numa_migrate_prep+0xe0/0xe0
[ 2624.719171][T26867]  kernel_clone+0x21d/0x9c0
[ 2624.723509][T26867]  ? file_end_write+0x1b0/0x1b0
[ 2624.728199][T26867]  ? __kasan_check_write+0x14/0x20
[ 2624.733142][T26867]  ? create_io_thread+0x1e0/0x1e0
[ 2624.738003][T26867]  ? __mutex_lock_slowpath+0x10/0x10
[ 2624.743125][T26867]  __x64_sys_clone+0x289/0x310
[ 2624.747728][T26867]  ? __do_sys_vfork+0x130/0x130
[ 2624.752415][T26867]  ? debug_smp_processor_id+0x17/0x20
[ 2624.757622][T26867]  do_syscall_64+0x44/0xd0
[ 2624.761875][T26867]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2624.767603][T26867] RIP: 0033:0x7fdb204c00c9
[ 2624.771854][T26867] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2624.791297][T26867] RSP: 002b:00007fdb1f233118 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 2624.799540][T26867] RAX: ffffffffffffffda RBX: 00007fdb205dff80 RCX: 00007fdb204c00c9
[ 2624.807354][T26867] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000007c0ad480
[ 2624.815162][T26867] RBP: 00007fdb1f2331d0 R08: 0000000000000000 R09: 0000000000000000
[ 2624.822973][T26867] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000002
[ 2624.830783][T26867] R13: 00007ffddc47e1af R14: 00007fdb1f233300 R15: 0000000000022000
[ 2624.838598][T26867]  </TASK>
10:53:06 executing program 4:
syz_clone(0x7c0ad580, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 42)

10:53:06 executing program 3:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFINDEX(r0, 0x400454da, &(0x7f00000011c0)) (async)
ioctl$TUNGETDEVNETNS(r0, 0x54e3, 0x0) (async)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0xb, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0xa94d, 0x0, 0x0, 0x0, 0x1620}, [@ldst={0x3, 0x2, 0x1, 0x0, 0x7, 0xfffffffffffffff8, 0xffffffffffffffff}, @call={0x85, 0x0, 0x0, 0xa3}, @map_idx_val={0x18, 0x9, 0x6, 0x0, 0x6, 0x0, 0x0, 0x0, 0x5}, @ldst={0x0, 0x1, 0x6, 0x0, 0x6, 0x50, 0x4}, @alu={0x7, 0x0, 0x0, 0x2, 0x8, 0xc}, @btf_id={0x18, 0x7, 0x3, 0x0, 0x4}]}, &(0x7f0000000080)='syzkaller\x00', 0x9, 0xae, &(0x7f0000000180)=""/174, 0x40f00, 0x1, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000240)={0x2, 0x2}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x2, 0x3f, 0x2}, 0x10, 0x0, 0x0, 0x0, &(0x7f00000002c0)=[0x1]}, 0x80)
ioctl$TUNSETSTEERINGEBPF(r0, 0x800454e0, &(0x7f00000003c0)=r1)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000380)={&(0x7f0000000000)='./file0\x00', r1}, 0x10) (async)
unlink(&(0x7f00000000c0)='./file0\x00')

10:53:06 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0xfffffffe)

10:53:06 executing program 5:
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'veth0_to_bridge\x00', 0x4000}) (async)
ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x335) (async)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='cpuset.effective_mems\x00', 0x0, 0x0)
ioctl$TUNSETVNETBE(r0, 0x400454de, &(0x7f0000000040))

10:53:06 executing program 1:
openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'\x00', 0x1})

10:53:06 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNDETACHFILTER(r0, 0x401054d6, 0x0)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335)

[ 2625.076610][T26894] FAULT_INJECTION: forcing a failure.
[ 2625.076610][T26894] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2625.099717][T26894] CPU: 1 PID: 26894 Comm: syz-executor.4 Not tainted 5.15.91-syzkaller-02991-g7e0097918ff8 #0
[ 2625.109781][T26894] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 2625.119675][T26894] Call Trace:
[ 2625.122798][T26894]  <TASK>
[ 2625.125578][T26894]  dump_stack_lvl+0x151/0x1b7
[ 2625.130092][T26894]  ? io_uring_drop_tctx_refs+0x19a/0x19a
[ 2625.135562][T26894]  ? stack_trace_save+0x12d/0x1f0
[ 2625.140417][T26894]  dump_stack+0x15/0x17
[ 2625.144409][T26894]  should_fail+0x3c0/0x510
[ 2625.148665][T26894]  should_fail_alloc_page+0x58/0x70
[ 2625.153695][T26894]  __alloc_pages+0x1de/0x7c0
[ 2625.158121][T26894]  ? save_stack+0x119/0x1e0
[ 2625.162468][T26894]  ? __count_vm_events+0x30/0x30
[ 2625.167242][T26894]  ? kvm_sched_clock_read+0x18/0x40
[ 2625.172270][T26894]  ? sched_clock+0x9/0x10
[ 2625.176435][T26894]  ? sched_clock_cpu+0x18/0x3b0
[ 2625.181122][T26894]  pte_alloc_one+0x73/0x1b0
[ 2625.185465][T26894]  ? pfn_modify_allowed+0x2e0/0x2e0
[ 2625.190499][T26894]  ? __set_page_owner+0x2ce/0x2f0
[ 2625.195360][T26894]  __pte_alloc+0x86/0x350
[ 2625.199524][T26894]  ? free_pgtables+0x210/0x210
[ 2625.204124][T26894]  copy_pte_range+0x11be/0x1780
[ 2625.208814][T26894]  ? __kasan_check_write+0x14/0x20
[ 2625.213756][T26894]  ? _raw_spin_lock+0xa3/0x1b0
[ 2625.218357][T26894]  ? _raw_spin_trylock_bh+0x1d0/0x1d0
[ 2625.223569][T26894]  ? kmem_cache_alloc+0x189/0x2f0
[ 2625.228423][T26894]  ? __kunmap_atomic+0x80/0x80
[ 2625.233026][T26894]  ? __pud_alloc+0x260/0x260
[ 2625.237451][T26894]  ? __pud_alloc+0x218/0x260
[ 2625.241875][T26894]  ? do_handle_mm_fault+0x2410/0x2410
[ 2625.247087][T26894]  copy_page_range+0xc1e/0x1090
[ 2625.251774][T26894]  ? pfn_valid+0x1e0/0x1e0
[ 2625.256028][T26894]  dup_mmap+0x9af/0xf10
[ 2625.260017][T26894]  ? __delayed_free_task+0x20/0x20
[ 2625.264964][T26894]  ? mm_init+0x807/0x960
[ 2625.269045][T26894]  dup_mm+0x8e/0x2e0
[ 2625.272776][T26894]  copy_mm+0x108/0x1b0
[ 2625.276680][T26894]  copy_process+0x1295/0x3250
[ 2625.281194][T26894]  ? proc_fail_nth_write+0x213/0x290
[ 2625.286317][T26894]  ? proc_fail_nth_read+0x220/0x220
[ 2625.291353][T26894]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2625.296299][T26894]  ? vfs_write+0xa37/0x1160
[ 2625.300634][T26894]  ? numa_migrate_prep+0xe0/0xe0
[ 2625.305409][T26894]  kernel_clone+0x21d/0x9c0
[ 2625.309750][T26894]  ? file_end_write+0x1b0/0x1b0
[ 2625.314439][T26894]  ? __kasan_check_write+0x14/0x20
[ 2625.319382][T26894]  ? create_io_thread+0x1e0/0x1e0
[ 2625.324241][T26894]  ? __mutex_lock_slowpath+0x10/0x10
[ 2625.329364][T26894]  __x64_sys_clone+0x289/0x310
[ 2625.333969][T26894]  ? __do_sys_vfork+0x130/0x130
[ 2625.338652][T26894]  ? debug_smp_processor_id+0x17/0x20
[ 2625.343858][T26894]  do_syscall_64+0x44/0xd0
[ 2625.348111][T26894]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2625.353837][T26894] RIP: 0033:0x7fdb204c00c9
[ 2625.358094][T26894] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2625.377531][T26894] RSP: 002b:00007fdb1f233118 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 2625.385775][T26894] RAX: ffffffffffffffda RBX: 00007fdb205dff80 RCX: 00007fdb204c00c9
[ 2625.393588][T26894] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000007c0ad480
[ 2625.401406][T26894] RBP: 00007fdb1f2331d0 R08: 0000000000000000 R09: 0000000000000000
[ 2625.409211][T26894] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000002
[ 2625.417020][T26894] R13: 00007ffddc47e1af R14: 00007fdb1f233300 R15: 0000000000022000
[ 2625.424837][T26894]  </TASK>
10:53:07 executing program 2:
socketpair(0x23, 0x800, 0x20, &(0x7f0000000000)) (async)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(0xffffffffffffffff, 0x2405, 0xffffffffffffffff) (async)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r0, 0xffffffffffffffff, 0x24}, 0x10) (async)
ioctl$PERF_EVENT_IOC_DISABLE(r0, 0x2401, 0x0) (async)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000017c0)='./cgroup.net/syz0\x00', 0x200002, 0x0)
openat$cgroup_devices(r1, &(0x7f0000001800)='devices.deny\x00', 0x2, 0x0) (async)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0) (async, rerun: 64)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff}) (rerun: 64)
recvmsg(r2, &(0x7f0000001780)={&(0x7f0000000140)=@generic, 0x80, &(0x7f0000001640)=[{&(0x7f00000000c0)=""/57, 0x39}, {&(0x7f00000001c0)=""/4096, 0x1000}, {&(0x7f00000011c0)=""/34, 0x22}, {&(0x7f0000001200)=""/226, 0xe2}, {&(0x7f0000001300)=""/184, 0xb8}, {&(0x7f00000013c0)=""/131, 0x83}, {&(0x7f0000001480)=""/76, 0x4c}, {&(0x7f0000001500)=""/199, 0xc7}, {&(0x7f0000001600)=""/3, 0x3}], 0x9, &(0x7f0000001700)=""/94, 0x5e}, 0x40000002)

10:53:07 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNDETACHFILTER(r0, 0x401054d6, 0x0)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335)

10:53:07 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000002c0)={0x6, 0x9, &(0x7f00000000c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x74, 0x0, 0x0, 0x0, 0x7f}, [@map_idx_val={0x18, 0x5, 0x6, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffff}, @alu={0x4, 0x1, 0x8, 0x7, 0x0, 0x40}, @cb_func={0x18, 0x8, 0x4, 0x0, 0xfffffffffffffffa}, @exit]}, &(0x7f0000000140)='GPL\x00', 0x5, 0x7d, &(0x7f0000000180)=""/125, 0x1f00, 0x2, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x1, 0x4}, 0x8, 0x10, &(0x7f0000000240)={0x4, 0xc, 0x7b2, 0xfc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000280)=[0xffffffffffffffff]}, 0x80)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000340)={&(0x7f0000000080)='./file1\x00', r0}, 0x10)
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000380), 0x8)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r2, 0xffffffffffffffff, 0x24}, 0x10)
bpf$BPF_LINK_UPDATE(0x1d, &(0x7f00000003c0)={r1, r2, 0x0, r0}, 0x10)
unlink(&(0x7f0000000000)='./file0\x00')

10:53:07 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0xfffffffe)

10:53:07 executing program 4:
syz_clone(0x7c0ad580, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 43)

10:53:07 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async, rerun: 32)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000002c0)={0x6, 0x9, &(0x7f00000000c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x74, 0x0, 0x0, 0x0, 0x7f}, [@map_idx_val={0x18, 0x5, 0x6, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffff}, @alu={0x4, 0x1, 0x8, 0x7, 0x0, 0x40}, @cb_func={0x18, 0x8, 0x4, 0x0, 0xfffffffffffffffa}, @exit]}, &(0x7f0000000140)='GPL\x00', 0x5, 0x7d, &(0x7f0000000180)=""/125, 0x1f00, 0x2, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x1, 0x4}, 0x8, 0x10, &(0x7f0000000240)={0x4, 0xc, 0x7b2, 0xfc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000280)=[0xffffffffffffffff]}, 0x80) (rerun: 32)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000340)={&(0x7f0000000080)='./file1\x00', r0}, 0x10) (async, rerun: 32)
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000380), 0x8) (rerun: 32)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r2, 0xffffffffffffffff, 0x24}, 0x10) (async)
bpf$BPF_LINK_UPDATE(0x1d, &(0x7f00000003c0)={r1, r2, 0x0, r0}, 0x10) (async)
unlink(&(0x7f0000000000)='./file0\x00')

10:53:07 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1}) (async)
ioctl$TUNDETACHFILTER(r0, 0x401054d6, 0x0) (async)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335)

[ 2625.488574][T26904] FAULT_INJECTION: forcing a failure.
[ 2625.488574][T26904] name failslab, interval 1, probability 0, space 0, times 0
[ 2625.557316][T26904] CPU: 0 PID: 26904 Comm: syz-executor.4 Not tainted 5.15.91-syzkaller-02991-g7e0097918ff8 #0
[ 2625.567383][T26904] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 2625.577281][T26904] Call Trace:
[ 2625.580406][T26904]  <TASK>
[ 2625.583181][T26904]  dump_stack_lvl+0x151/0x1b7
[ 2625.587692][T26904]  ? io_uring_drop_tctx_refs+0x19a/0x19a
[ 2625.593167][T26904]  dump_stack+0x15/0x17
[ 2625.597155][T26904]  should_fail+0x3c0/0x510
[ 2625.601408][T26904]  __should_failslab+0x9f/0xe0
[ 2625.606004][T26904]  should_failslab+0x9/0x20
[ 2625.610345][T26904]  kmem_cache_alloc+0x4f/0x2f0
[ 2625.614946][T26904]  ? vm_area_dup+0x26/0x220
[ 2625.619285][T26904]  ? __kasan_check_read+0x11/0x20
[ 2625.624145][T26904]  vm_area_dup+0x26/0x220
[ 2625.628312][T26904]  dup_mmap+0x6c8/0xf10
[ 2625.632307][T26904]  ? __delayed_free_task+0x20/0x20
[ 2625.637299][T26904]  ? mm_init+0x807/0x960
[ 2625.641331][T26904]  dup_mm+0x8e/0x2e0
[ 2625.645063][T26904]  copy_mm+0x108/0x1b0
[ 2625.648970][T26904]  copy_process+0x1295/0x3250
[ 2625.653481][T26904]  ? proc_fail_nth_write+0x213/0x290
[ 2625.658599][T26904]  ? proc_fail_nth_read+0x220/0x220
[ 2625.663634][T26904]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2625.668582][T26904]  ? vfs_write+0xa37/0x1160
[ 2625.672923][T26904]  ? numa_migrate_prep+0xe0/0xe0
[ 2625.677698][T26904]  kernel_clone+0x21d/0x9c0
[ 2625.682037][T26904]  ? file_end_write+0x1b0/0x1b0
[ 2625.686720][T26904]  ? __kasan_check_write+0x14/0x20
[ 2625.691667][T26904]  ? create_io_thread+0x1e0/0x1e0
[ 2625.696531][T26904]  ? __mutex_lock_slowpath+0x10/0x10
[ 2625.701652][T26904]  __x64_sys_clone+0x289/0x310
[ 2625.706250][T26904]  ? __do_sys_vfork+0x130/0x130
[ 2625.710942][T26904]  ? debug_smp_processor_id+0x17/0x20
[ 2625.716147][T26904]  do_syscall_64+0x44/0xd0
[ 2625.720399][T26904]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2625.726124][T26904] RIP: 0033:0x7fdb204c00c9
[ 2625.730382][T26904] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
10:53:07 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async, rerun: 32)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000002c0)={0x6, 0x9, &(0x7f00000000c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x74, 0x0, 0x0, 0x0, 0x7f}, [@map_idx_val={0x18, 0x5, 0x6, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffff}, @alu={0x4, 0x1, 0x8, 0x7, 0x0, 0x40}, @cb_func={0x18, 0x8, 0x4, 0x0, 0xfffffffffffffffa}, @exit]}, &(0x7f0000000140)='GPL\x00', 0x5, 0x7d, &(0x7f0000000180)=""/125, 0x1f00, 0x2, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x1, 0x4}, 0x8, 0x10, &(0x7f0000000240)={0x4, 0xc, 0x7b2, 0xfc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000280)=[0xffffffffffffffff]}, 0x80) (rerun: 32)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000340)={&(0x7f0000000080)='./file1\x00', r0}, 0x10)
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000380), 0x8) (async)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r2, 0xffffffffffffffff, 0x24}, 0x10)
bpf$BPF_LINK_UPDATE(0x1d, &(0x7f00000003c0)={r1, r2, 0x0, r0}, 0x10)
unlink(&(0x7f0000000000)='./file0\x00')

10:53:07 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x100})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335)
ioctl$TUNSETDEBUG(r0, 0x400454c9, &(0x7f0000000000)=0x9f7)
ioctl$TUNGETVNETHDRSZ(r0, 0x800454d7, &(0x7f00000000c0))
openat$cgroup_devices(0xffffffffffffffff, &(0x7f0000000040)='devices.allow\x00', 0x2, 0x0)

10:53:07 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x100})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335) (async)
ioctl$TUNSETDEBUG(r0, 0x400454c9, &(0x7f0000000000)=0x9f7)
ioctl$TUNGETVNETHDRSZ(r0, 0x800454d7, &(0x7f00000000c0)) (async)
openat$cgroup_devices(0xffffffffffffffff, &(0x7f0000000040)='devices.allow\x00', 0x2, 0x0)

10:53:07 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'\x00', 0x1})

10:53:07 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x100}) (async)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335) (async)
ioctl$TUNSETDEBUG(r0, 0x400454c9, &(0x7f0000000000)=0x9f7)
ioctl$TUNGETVNETHDRSZ(r0, 0x800454d7, &(0x7f00000000c0))
openat$cgroup_devices(0xffffffffffffffff, &(0x7f0000000040)='devices.allow\x00', 0x2, 0x0)

[ 2625.751045][T26904] RSP: 002b:00007fdb1f233118 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 2625.759292][T26904] RAX: ffffffffffffffda RBX: 00007fdb205dff80 RCX: 00007fdb204c00c9
[ 2625.767098][T26904] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000007c0ad480
[ 2625.774917][T26904] RBP: 00007fdb1f2331d0 R08: 0000000000000000 R09: 0000000000000000
[ 2625.783069][T26904] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000002
[ 2625.790881][T26904] R13: 00007ffddc47e1af R14: 00007fdb1f233300 R15: 0000000000022000
[ 2625.798695][T26904]  </TASK>
10:53:07 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff})
recvmsg(r0, &(0x7f00000001c0)={&(0x7f0000000100)=@l2tp={0x2, 0x0, @local}, 0x80, &(0x7f0000000080), 0x0, &(0x7f0000000180)=""/22, 0x16}, 0x10000)
unlink(&(0x7f00000000c0)='./file0\x00')
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001600)={<r1=>0xffffffffffffffff})
socketpair(0x28, 0x80000, 0x101, &(0x7f0000000700)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
recvmsg$unix(r2, &(0x7f0000000980)={&(0x7f0000000740)=@abs, 0x6e, &(0x7f0000000940)=[{&(0x7f00000007c0)=""/116, 0x74}, {&(0x7f0000000840)=""/239, 0xef}, {&(0x7f0000001c80)=""/4096, 0x1000}], 0x3}, 0x40)
recvmsg$unix(r1, &(0x7f0000001c40)={&(0x7f0000001640), 0x6e, &(0x7f0000001ac0)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9, &(0x7f0000001b80)}, 0x40)
recvmsg$unix(r1, &(0x7f0000000680)={&(0x7f0000000200), 0x6e, &(0x7f0000000500)=[{}, {&(0x7f0000000280)=""/38, 0x26}, {&(0x7f00000002c0)=""/1, 0x1}, {&(0x7f0000000300)=""/158, 0x9e}, {&(0x7f00000003c0)=""/24, 0x18}, {&(0x7f0000000400)=""/174, 0xae}, {&(0x7f00000004c0)}], 0x7, &(0x7f0000000580)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="0000000014f60000ff0000000100e9ff01000000", @ANYRES32, @ANYBLOB="0000000024000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="000000002c000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB='\x00\x00\x00\x00'], 0xd0}, 0x40010000)
r3 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000004c0), 0x4)
bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000000)='./file0/file0\x00', r3}, 0x10)

10:53:07 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'\x00', 0x1})

10:53:07 executing program 4:
syz_clone(0x7c0ad580, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 44)

10:53:07 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='memory.swap.events\x00', 0x0, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFINDEX(r2, 0x400454da, &(0x7f00000011c0))
r3 = openat$cgroup_ro(r1, &(0x7f0000000040)='cpu.stat\x00', 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000080)={'geneve0\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335)

10:53:07 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETLINK(r0, 0x400454cd, 0xfffffffe)

10:53:07 executing program 2:
socketpair(0x23, 0x800, 0x20, &(0x7f0000000000)) (async)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(0xffffffffffffffff, 0x2405, 0xffffffffffffffff) (async)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r0, 0xffffffffffffffff, 0x24}, 0x10) (async)
ioctl$PERF_EVENT_IOC_DISABLE(r0, 0x2401, 0x0) (async)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000017c0)='./cgroup.net/syz0\x00', 0x200002, 0x0)
openat$cgroup_devices(r1, &(0x7f0000001800)='devices.deny\x00', 0x2, 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0) (async)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff})
recvmsg(r2, &(0x7f0000001780)={&(0x7f0000000140)=@generic, 0x80, &(0x7f0000001640)=[{&(0x7f00000000c0)=""/57, 0x39}, {&(0x7f00000001c0)=""/4096, 0x1000}, {&(0x7f00000011c0)=""/34, 0x22}, {&(0x7f0000001200)=""/226, 0xe2}, {&(0x7f0000001300)=""/184, 0xb8}, {&(0x7f00000013c0)=""/131, 0x83}, {&(0x7f0000001480)=""/76, 0x4c}, {&(0x7f0000001500)=""/199, 0xc7}, {&(0x7f0000001600)=""/3, 0x3}], 0x9, &(0x7f0000001700)=""/94, 0x5e}, 0x40000002)

10:53:07 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETLINK(r0, 0x400454cd, 0xfffffffe)

10:53:07 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='memory.swap.events\x00', 0x0, 0x0) (async)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFINDEX(r2, 0x400454da, &(0x7f00000011c0)) (async)
r3 = openat$cgroup_ro(r1, &(0x7f0000000040)='cpu.stat\x00', 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000080)={'geneve0\x00', 0x1}) (async)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335)

10:53:07 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) (async)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='memory.swap.events\x00', 0x0, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFINDEX(r2, 0x400454da, &(0x7f00000011c0)) (async)
r3 = openat$cgroup_ro(r1, &(0x7f0000000040)='cpu.stat\x00', 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000080)={'geneve0\x00', 0x1}) (async, rerun: 64)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335) (rerun: 64)

10:53:07 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETLINK(r0, 0x400454cd, 0xfffffffe)

10:53:07 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'\x00', 0x1})

[ 2626.350516][T26945] FAULT_INJECTION: forcing a failure.
[ 2626.350516][T26945] name failslab, interval 1, probability 0, space 0, times 0
[ 2626.397096][T26945] CPU: 0 PID: 26945 Comm: syz-executor.4 Not tainted 5.15.91-syzkaller-02991-g7e0097918ff8 #0
[ 2626.407172][T26945] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 2626.417063][T26945] Call Trace:
[ 2626.420188][T26945]  <TASK>
[ 2626.422963][T26945]  dump_stack_lvl+0x151/0x1b7
[ 2626.427478][T26945]  ? io_uring_drop_tctx_refs+0x19a/0x19a
[ 2626.432945][T26945]  dump_stack+0x15/0x17
[ 2626.436937][T26945]  should_fail+0x3c0/0x510
[ 2626.441193][T26945]  __should_failslab+0x9f/0xe0
[ 2626.445792][T26945]  should_failslab+0x9/0x20
[ 2626.450129][T26945]  kmem_cache_alloc+0x4f/0x2f0
[ 2626.454730][T26945]  ? vm_area_dup+0x26/0x220
[ 2626.459073][T26945]  vm_area_dup+0x26/0x220
[ 2626.463238][T26945]  dup_mmap+0x6c8/0xf10
[ 2626.467230][T26945]  ? __delayed_free_task+0x20/0x20
[ 2626.472173][T26945]  ? mm_init+0x807/0x960
[ 2626.476253][T26945]  dup_mm+0x8e/0x2e0
[ 2626.479985][T26945]  copy_mm+0x108/0x1b0
[ 2626.483898][T26945]  copy_process+0x1295/0x3250
[ 2626.488406][T26945]  ? proc_fail_nth_write+0x213/0x290
[ 2626.493521][T26945]  ? proc_fail_nth_read+0x220/0x220
[ 2626.498561][T26945]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2626.503506][T26945]  ? vfs_write+0xa37/0x1160
[ 2626.507846][T26945]  ? numa_migrate_prep+0xe0/0xe0
[ 2626.512620][T26945]  kernel_clone+0x21d/0x9c0
[ 2626.516962][T26945]  ? file_end_write+0x1b0/0x1b0
[ 2626.521647][T26945]  ? __kasan_check_write+0x14/0x20
[ 2626.526592][T26945]  ? create_io_thread+0x1e0/0x1e0
[ 2626.531453][T26945]  ? __mutex_lock_slowpath+0x10/0x10
[ 2626.536577][T26945]  __x64_sys_clone+0x289/0x310
[ 2626.541178][T26945]  ? __do_sys_vfork+0x130/0x130
[ 2626.545867][T26945]  ? debug_smp_processor_id+0x17/0x20
[ 2626.551070][T26945]  do_syscall_64+0x44/0xd0
[ 2626.555323][T26945]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2626.561047][T26945] RIP: 0033:0x7fdb204c00c9
[ 2626.565303][T26945] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2626.584743][T26945] RSP: 002b:00007fdb1f233118 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
10:53:07 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x20c782, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f00000011c0))
r2 = perf_event_open$cgroup(&(0x7f00000000c0)={0x3, 0x80, 0x40, 0x3, 0x6, 0x3, 0x0, 0xd4, 0x80800, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x2, @perf_config_ext={0x1, 0x20}, 0xb0c8, 0x0, 0x9, 0x4, 0x0, 0xffffff5d, 0x6, 0x0, 0x8e1f, 0x0, 0x1}, 0xffffffffffffffff, 0x2, 0xffffffffffffffff, 0x8)
ioctl$PERF_EVENT_IOC_DISABLE(r2, 0x2401, 0x8)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFINDEX(r3, 0x400454da, &(0x7f00000011c0))
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r4, 0xffffffffffffffff, 0x24}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x1a, 0x2, &(0x7f0000000200)=@raw=[@map_idx_val={0x18, 0x8, 0x6, 0x0, 0x9, 0x0, 0x0, 0x0, 0x7fffffff}], &(0x7f0000000240)='syzkaller\x00', 0x5, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, 0xa, r4, 0x8, &(0x7f0000000280)={0x2, 0x4}, 0x8, 0x10, &(0x7f00000002c0)={0x4, 0x6, 0x800, 0x1}, 0x10, 0xffffffffffffffff, r4, 0x0, &(0x7f0000000300)=[r4, r4, r4, r4, r4]}, 0x80)
r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r5, 0xffffffffffffffff, 0x24}, 0x10)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000700)={0x18, 0x9, &(0x7f0000000480)=@raw=[@kfunc={0x85, 0x0, 0x2, 0x0, 0x3}, @call={0x85, 0x0, 0x0, 0x3b}, @btf_id={0x18, 0x4, 0x3, 0x0, 0x2}, @cb_func={0x18, 0x8, 0x4, 0x0, 0xfffffffffffffffa}, @map_idx_val={0x18, 0x0, 0x6, 0x0, 0xe, 0x0, 0x0, 0x0, 0x7195}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffff8}], &(0x7f0000000500)='syzkaller\x00', 0x0, 0xfa, &(0x7f0000000540)=""/250, 0x40f00, 0x9, '\x00', 0x0, 0x0, r5, 0x8, &(0x7f0000000640)={0x6, 0x3}, 0x8, 0x10, &(0x7f0000000680)={0x0, 0x8, 0x1b71, 0x2}, 0x10, 0x0, 0x0, 0x0, &(0x7f00000006c0)=[r5, r5]}, 0x80)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000003c0)={@map=r4, r6, 0x8, 0x1, r4}, 0x14)
ioctl$TUNSETSTEERINGEBPF(r3, 0x800454e0, &(0x7f0000000140)=r4)
ioctl$SIOCSIFHWADDR(r1, 0x8924, &(0x7f0000000000)={'sit0\x00', @link_local})
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFINDEX(r7, 0x400454da, &(0x7f00000011c0))
openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x4002, 0x0)
ioctl$TUNSETNOCSUM(r7, 0x400454c8, 0x0)
r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x80000, 0x0)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000440)={&(0x7f0000000400)='./file0\x00', 0x0, 0x10}, 0x10)
ioctl$TUNSETIFF(r8, 0x400454ca, &(0x7f0000000080)={'geneve1\x00', 0x800})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335)

[ 2626.592985][T26945] RAX: ffffffffffffffda RBX: 00007fdb205dff80 RCX: 00007fdb204c00c9
[ 2626.600797][T26945] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000007c0ad480
[ 2626.608612][T26945] RBP: 00007fdb1f2331d0 R08: 0000000000000000 R09: 0000000000000000
[ 2626.616424][T26945] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000002
[ 2626.624237][T26945] R13: 00007ffddc47e1af R14: 00007fdb1f233300 R15: 0000000000022000
[ 2626.632048][T26945]  </TASK>
10:53:08 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff})
recvmsg(r0, &(0x7f00000001c0)={&(0x7f0000000100)=@l2tp={0x2, 0x0, @local}, 0x80, &(0x7f0000000080), 0x0, &(0x7f0000000180)=""/22, 0x16}, 0x10000)
unlink(&(0x7f00000000c0)='./file0\x00') (async)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001600)={<r1=>0xffffffffffffffff})
socketpair(0x28, 0x80000, 0x101, &(0x7f0000000700)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
recvmsg$unix(r2, &(0x7f0000000980)={&(0x7f0000000740)=@abs, 0x6e, &(0x7f0000000940)=[{&(0x7f00000007c0)=""/116, 0x74}, {&(0x7f0000000840)=""/239, 0xef}, {&(0x7f0000001c80)=""/4096, 0x1000}], 0x3}, 0x40) (async)
recvmsg$unix(r1, &(0x7f0000001c40)={&(0x7f0000001640), 0x6e, &(0x7f0000001ac0)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9, &(0x7f0000001b80)}, 0x40)
recvmsg$unix(r1, &(0x7f0000000680)={&(0x7f0000000200), 0x6e, &(0x7f0000000500)=[{}, {&(0x7f0000000280)=""/38, 0x26}, {&(0x7f00000002c0)=""/1, 0x1}, {&(0x7f0000000300)=""/158, 0x9e}, {&(0x7f00000003c0)=""/24, 0x18}, {&(0x7f0000000400)=""/174, 0xae}, {&(0x7f00000004c0)}], 0x7, &(0x7f0000000580)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="0000000014f60000ff0000000100e9ff01000000", @ANYRES32, @ANYBLOB="0000000024000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="000000002c000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB='\x00\x00\x00\x00'], 0xd0}, 0x40010000)
r3 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000004c0), 0x4)
bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000000)='./file0/file0\x00', r3}, 0x10)

10:53:08 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x3)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0)

10:53:08 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x20c782, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f00000011c0)) (async, rerun: 32)
r2 = perf_event_open$cgroup(&(0x7f00000000c0)={0x3, 0x80, 0x40, 0x3, 0x6, 0x3, 0x0, 0xd4, 0x80800, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x2, @perf_config_ext={0x1, 0x20}, 0xb0c8, 0x0, 0x9, 0x4, 0x0, 0xffffff5d, 0x6, 0x0, 0x8e1f, 0x0, 0x1}, 0xffffffffffffffff, 0x2, 0xffffffffffffffff, 0x8) (rerun: 32)
ioctl$PERF_EVENT_IOC_DISABLE(r2, 0x2401, 0x8)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFINDEX(r3, 0x400454da, &(0x7f00000011c0)) (async)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r4, 0xffffffffffffffff, 0x24}, 0x10) (async, rerun: 64)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x1a, 0x2, &(0x7f0000000200)=@raw=[@map_idx_val={0x18, 0x8, 0x6, 0x0, 0x9, 0x0, 0x0, 0x0, 0x7fffffff}], &(0x7f0000000240)='syzkaller\x00', 0x5, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, 0xa, r4, 0x8, &(0x7f0000000280)={0x2, 0x4}, 0x8, 0x10, &(0x7f00000002c0)={0x4, 0x6, 0x800, 0x1}, 0x10, 0xffffffffffffffff, r4, 0x0, &(0x7f0000000300)=[r4, r4, r4, r4, r4]}, 0x80) (rerun: 64)
r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r5, 0xffffffffffffffff, 0x24}, 0x10) (async)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000700)={0x18, 0x9, &(0x7f0000000480)=@raw=[@kfunc={0x85, 0x0, 0x2, 0x0, 0x3}, @call={0x85, 0x0, 0x0, 0x3b}, @btf_id={0x18, 0x4, 0x3, 0x0, 0x2}, @cb_func={0x18, 0x8, 0x4, 0x0, 0xfffffffffffffffa}, @map_idx_val={0x18, 0x0, 0x6, 0x0, 0xe, 0x0, 0x0, 0x0, 0x7195}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffff8}], &(0x7f0000000500)='syzkaller\x00', 0x0, 0xfa, &(0x7f0000000540)=""/250, 0x40f00, 0x9, '\x00', 0x0, 0x0, r5, 0x8, &(0x7f0000000640)={0x6, 0x3}, 0x8, 0x10, &(0x7f0000000680)={0x0, 0x8, 0x1b71, 0x2}, 0x10, 0x0, 0x0, 0x0, &(0x7f00000006c0)=[r5, r5]}, 0x80)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000003c0)={@map=r4, r6, 0x8, 0x1, r4}, 0x14) (async)
ioctl$TUNSETSTEERINGEBPF(r3, 0x800454e0, &(0x7f0000000140)=r4) (async)
ioctl$SIOCSIFHWADDR(r1, 0x8924, &(0x7f0000000000)={'sit0\x00', @link_local}) (async)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFINDEX(r7, 0x400454da, &(0x7f00000011c0))
openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x4002, 0x0)
ioctl$TUNSETNOCSUM(r7, 0x400454c8, 0x0)
r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x80000, 0x0)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000440)={&(0x7f0000000400)='./file0\x00', 0x0, 0x10}, 0x10) (async, rerun: 32)
ioctl$TUNSETIFF(r8, 0x400454ca, &(0x7f0000000080)={'geneve1\x00', 0x800}) (rerun: 32)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335)

10:53:08 executing program 0:
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0xfffffffe)

10:53:08 executing program 4:
syz_clone(0x7c0ad580, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 45)

10:53:08 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'\x00', 0x1})

10:53:08 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x3)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x3) (async)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0) (async)

10:53:08 executing program 0:
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0xfffffffe)

10:53:08 executing program 0:
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0xfffffffe)

10:53:08 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x3)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x3) (async)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0) (async)

[ 2627.213443][T26978] FAULT_INJECTION: forcing a failure.
[ 2627.213443][T26978] name failslab, interval 1, probability 0, space 0, times 0
[ 2627.226853][T26978] CPU: 1 PID: 26978 Comm: syz-executor.4 Not tainted 5.15.91-syzkaller-02991-g7e0097918ff8 #0
[ 2627.236915][T26978] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 2627.246811][T26978] Call Trace:
[ 2627.249934][T26978]  <TASK>
[ 2627.252714][T26978]  dump_stack_lvl+0x151/0x1b7
[ 2627.257222][T26978]  ? io_uring_drop_tctx_refs+0x19a/0x19a
10:53:08 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0xfffffffe)

10:53:08 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0xfffffffe)

[ 2627.262694][T26978]  ? vma_interval_tree_augment_rotate+0x210/0x210
[ 2627.268940][T26978]  dump_stack+0x15/0x17
[ 2627.272933][T26978]  should_fail+0x3c0/0x510
[ 2627.277188][T26978]  __should_failslab+0x9f/0xe0
[ 2627.281795][T26978]  should_failslab+0x9/0x20
[ 2627.286127][T26978]  kmem_cache_alloc+0x4f/0x2f0
[ 2627.290723][T26978]  ? anon_vma_fork+0xf7/0x4f0
[ 2627.295237][T26978]  anon_vma_fork+0xf7/0x4f0
[ 2627.299573][T26978]  ? anon_vma_name+0x4c/0x70
[ 2627.304002][T26978]  dup_mmap+0x760/0xf10
[ 2627.307992][T26978]  ? __delayed_free_task+0x20/0x20
[ 2627.312939][T26978]  ? mm_init+0x807/0x960
[ 2627.317017][T26978]  dup_mm+0x8e/0x2e0
[ 2627.320760][T26978]  copy_mm+0x108/0x1b0
[ 2627.324658][T26978]  copy_process+0x1295/0x3250
[ 2627.329171][T26978]  ? proc_fail_nth_write+0x213/0x290
[ 2627.334292][T26978]  ? proc_fail_nth_read+0x220/0x220
[ 2627.339323][T26978]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2627.344270][T26978]  ? vfs_write+0xa37/0x1160
[ 2627.348612][T26978]  ? numa_migrate_prep+0xe0/0xe0
[ 2627.353385][T26978]  kernel_clone+0x21d/0x9c0
[ 2627.357726][T26978]  ? file_end_write+0x1b0/0x1b0
[ 2627.362410][T26978]  ? __kasan_check_write+0x14/0x20
[ 2627.367359][T26978]  ? create_io_thread+0x1e0/0x1e0
[ 2627.372217][T26978]  ? __mutex_lock_slowpath+0x10/0x10
[ 2627.377339][T26978]  __x64_sys_clone+0x289/0x310
[ 2627.381940][T26978]  ? __do_sys_vfork+0x130/0x130
[ 2627.386625][T26978]  ? debug_smp_processor_id+0x17/0x20
[ 2627.391835][T26978]  do_syscall_64+0x44/0xd0
[ 2627.396085][T26978]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2627.401813][T26978] RIP: 0033:0x7fdb204c00c9
[ 2627.406067][T26978] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2627.425510][T26978] RSP: 002b:00007fdb1f233118 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 2627.433752][T26978] RAX: ffffffffffffffda RBX: 00007fdb205dff80 RCX: 00007fdb204c00c9
[ 2627.441651][T26978] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000007c0ad480
[ 2627.449463][T26978] RBP: 00007fdb1f2331d0 R08: 0000000000000000 R09: 0000000000000000
[ 2627.457276][T26978] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000002
[ 2627.465110][T26978] R13: 00007ffddc47e1af R14: 00007fdb1f233300 R15: 0000000000022000
[ 2627.472897][T26978]  </TASK>
10:53:09 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff})
recvmsg(r0, &(0x7f00000001c0)={&(0x7f0000000100)=@l2tp={0x2, 0x0, @local}, 0x80, &(0x7f0000000080), 0x0, &(0x7f0000000180)=""/22, 0x16}, 0x10000)
unlink(&(0x7f00000000c0)='./file0\x00') (async)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001600)={<r1=>0xffffffffffffffff}) (async)
socketpair(0x28, 0x80000, 0x101, &(0x7f0000000700)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
recvmsg$unix(r2, &(0x7f0000000980)={&(0x7f0000000740)=@abs, 0x6e, &(0x7f0000000940)=[{&(0x7f00000007c0)=""/116, 0x74}, {&(0x7f0000000840)=""/239, 0xef}, {&(0x7f0000001c80)=""/4096, 0x1000}], 0x3}, 0x40) (async)
recvmsg$unix(r1, &(0x7f0000001c40)={&(0x7f0000001640), 0x6e, &(0x7f0000001ac0)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9, &(0x7f0000001b80)}, 0x40) (async)
recvmsg$unix(r1, &(0x7f0000000680)={&(0x7f0000000200), 0x6e, &(0x7f0000000500)=[{}, {&(0x7f0000000280)=""/38, 0x26}, {&(0x7f00000002c0)=""/1, 0x1}, {&(0x7f0000000300)=""/158, 0x9e}, {&(0x7f00000003c0)=""/24, 0x18}, {&(0x7f0000000400)=""/174, 0xae}, {&(0x7f00000004c0)}], 0x7, &(0x7f0000000580)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="0000000014f60000ff0000000100e9ff01000000", @ANYRES32, @ANYBLOB="0000000024000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="000000002c000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB='\x00\x00\x00\x00'], 0xd0}, 0x40010000) (async)
r3 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000004c0), 0x4)
bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000000)='./file0/file0\x00', r3}, 0x10)

10:53:09 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0xfffffffe)

10:53:09 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000001500)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000140)=""/133, 0x85}, {&(0x7f0000000200)=""/4096, 0x1000}, {&(0x7f0000000000)=""/25, 0x19}, {&(0x7f0000001200)=""/249, 0xf9}, {&(0x7f0000001300)=""/142, 0x8e}], 0x5, &(0x7f00000013c0)=ANY=[@ANYBLOB="1000000000000000010000000100000014000000000000000100000001000000", @ANYRES32, @ANYBLOB="000000002c000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00', @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000034000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="0000000014000000000000000100000001000000", @ANYRES32, @ANYBLOB="0000000024000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="0000000014000000000000000100000001000000", @ANYRES32, @ANYBLOB='\x00\x00\x00\x00'], 0x128}, 0x10001)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000001540)='devices.list\x00', 0x0, 0x0)
mkdirat$cgroup(r0, &(0x7f0000001580)='syz0\x00', 0x1ff)

10:53:09 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x20c782, 0x0) (async)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f00000011c0)) (async, rerun: 32)
r2 = perf_event_open$cgroup(&(0x7f00000000c0)={0x3, 0x80, 0x40, 0x3, 0x6, 0x3, 0x0, 0xd4, 0x80800, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x2, @perf_config_ext={0x1, 0x20}, 0xb0c8, 0x0, 0x9, 0x4, 0x0, 0xffffff5d, 0x6, 0x0, 0x8e1f, 0x0, 0x1}, 0xffffffffffffffff, 0x2, 0xffffffffffffffff, 0x8) (rerun: 32)
ioctl$PERF_EVENT_IOC_DISABLE(r2, 0x2401, 0x8) (async)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFINDEX(r3, 0x400454da, &(0x7f00000011c0)) (async)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r4, 0xffffffffffffffff, 0x24}, 0x10) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x1a, 0x2, &(0x7f0000000200)=@raw=[@map_idx_val={0x18, 0x8, 0x6, 0x0, 0x9, 0x0, 0x0, 0x0, 0x7fffffff}], &(0x7f0000000240)='syzkaller\x00', 0x5, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, 0xa, r4, 0x8, &(0x7f0000000280)={0x2, 0x4}, 0x8, 0x10, &(0x7f00000002c0)={0x4, 0x6, 0x800, 0x1}, 0x10, 0xffffffffffffffff, r4, 0x0, &(0x7f0000000300)=[r4, r4, r4, r4, r4]}, 0x80)
r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r5, 0xffffffffffffffff, 0x24}, 0x10) (async)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000700)={0x18, 0x9, &(0x7f0000000480)=@raw=[@kfunc={0x85, 0x0, 0x2, 0x0, 0x3}, @call={0x85, 0x0, 0x0, 0x3b}, @btf_id={0x18, 0x4, 0x3, 0x0, 0x2}, @cb_func={0x18, 0x8, 0x4, 0x0, 0xfffffffffffffffa}, @map_idx_val={0x18, 0x0, 0x6, 0x0, 0xe, 0x0, 0x0, 0x0, 0x7195}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffff8}], &(0x7f0000000500)='syzkaller\x00', 0x0, 0xfa, &(0x7f0000000540)=""/250, 0x40f00, 0x9, '\x00', 0x0, 0x0, r5, 0x8, &(0x7f0000000640)={0x6, 0x3}, 0x8, 0x10, &(0x7f0000000680)={0x0, 0x8, 0x1b71, 0x2}, 0x10, 0x0, 0x0, 0x0, &(0x7f00000006c0)=[r5, r5]}, 0x80)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000003c0)={@map=r4, r6, 0x8, 0x1, r4}, 0x14)
ioctl$TUNSETSTEERINGEBPF(r3, 0x800454e0, &(0x7f0000000140)=r4) (async)
ioctl$SIOCSIFHWADDR(r1, 0x8924, &(0x7f0000000000)={'sit0\x00', @link_local}) (async)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFINDEX(r7, 0x400454da, &(0x7f00000011c0))
openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x4002, 0x0) (async)
ioctl$TUNSETNOCSUM(r7, 0x400454c8, 0x0)
r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x80000, 0x0)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000440)={&(0x7f0000000400)='./file0\x00', 0x0, 0x10}, 0x10) (async)
ioctl$TUNSETIFF(r8, 0x400454ca, &(0x7f0000000080)={'geneve1\x00', 0x800})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335)

10:53:09 executing program 4:
syz_clone(0x7c0ad580, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 46)

10:53:09 executing program 1:
openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'\x00', 0x1})

10:53:09 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'pim6reg1\x00', 0x200})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40001, 0x0)
ioctl$TUNSETLINK(r1, 0x400454cd, 0x335)

10:53:09 executing program 1:
openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'\x00', 0x1})

10:53:09 executing program 1:
openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'\x00', 0x1})

10:53:09 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'pim6reg1\x00', 0x200})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40001, 0x0)
ioctl$TUNSETLINK(r1, 0x400454cd, 0x335)
openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) (async)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'pim6reg1\x00', 0x200}) (async)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40001, 0x0) (async)
ioctl$TUNSETLINK(r1, 0x400454cd, 0x335) (async)

10:53:09 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, 0x0)

10:53:09 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'pim6reg1\x00', 0x200}) (async)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40001, 0x0)
ioctl$TUNSETLINK(r1, 0x400454cd, 0x335)

[ 2628.028627][T27011] FAULT_INJECTION: forcing a failure.
[ 2628.028627][T27011] name failslab, interval 1, probability 0, space 0, times 0
[ 2628.047279][T27011] CPU: 0 PID: 27011 Comm: syz-executor.4 Not tainted 5.15.91-syzkaller-02991-g7e0097918ff8 #0
[ 2628.057342][T27011] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 2628.067234][T27011] Call Trace:
[ 2628.070363][T27011]  <TASK>
[ 2628.073138][T27011]  dump_stack_lvl+0x151/0x1b7
[ 2628.077650][T27011]  ? io_uring_drop_tctx_refs+0x19a/0x19a
[ 2628.083119][T27011]  dump_stack+0x15/0x17
[ 2628.087111][T27011]  should_fail+0x3c0/0x510
[ 2628.091363][T27011]  __should_failslab+0x9f/0xe0
[ 2628.095967][T27011]  should_failslab+0x9/0x20
[ 2628.100301][T27011]  kmem_cache_alloc+0x4f/0x2f0
[ 2628.104899][T27011]  ? vm_area_dup+0x26/0x220
[ 2628.109236][T27011]  vm_area_dup+0x26/0x220
[ 2628.113410][T27011]  dup_mmap+0x6c8/0xf10
[ 2628.117397][T27011]  ? __delayed_free_task+0x20/0x20
[ 2628.122348][T27011]  ? mm_init+0x807/0x960
[ 2628.126426][T27011]  dup_mm+0x8e/0x2e0
[ 2628.130154][T27011]  copy_mm+0x108/0x1b0
[ 2628.134061][T27011]  copy_process+0x1295/0x3250
[ 2628.138572][T27011]  ? proc_fail_nth_write+0x213/0x290
[ 2628.143693][T27011]  ? proc_fail_nth_read+0x220/0x220
[ 2628.148728][T27011]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2628.153676][T27011]  ? vfs_write+0xa37/0x1160
[ 2628.158019][T27011]  ? numa_migrate_prep+0xe0/0xe0
[ 2628.162789][T27011]  kernel_clone+0x21d/0x9c0
[ 2628.167128][T27011]  ? file_end_write+0x1b0/0x1b0
[ 2628.171813][T27011]  ? __kasan_check_write+0x14/0x20
[ 2628.176761][T27011]  ? create_io_thread+0x1e0/0x1e0
[ 2628.181623][T27011]  ? __mutex_lock_slowpath+0x10/0x10
[ 2628.186748][T27011]  __x64_sys_clone+0x289/0x310
[ 2628.191341][T27011]  ? __do_sys_vfork+0x130/0x130
[ 2628.196031][T27011]  ? debug_smp_processor_id+0x17/0x20
[ 2628.201239][T27011]  do_syscall_64+0x44/0xd0
[ 2628.205488][T27011]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2628.211223][T27011] RIP: 0033:0x7fdb204c00c9
[ 2628.215472][T27011] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2628.234917][T27011] RSP: 002b:00007fdb1f233118 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 2628.243157][T27011] RAX: ffffffffffffffda RBX: 00007fdb205dff80 RCX: 00007fdb204c00c9
[ 2628.250967][T27011] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000007c0ad480
[ 2628.258782][T27011] RBP: 00007fdb1f2331d0 R08: 0000000000000000 R09: 0000000000000000
[ 2628.266590][T27011] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000002
[ 2628.274401][T27011] R13: 00007ffddc47e1af R14: 00007fdb1f233300 R15: 0000000000022000
[ 2628.282215][T27011]  </TASK>
10:53:10 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x64)
unlink(&(0x7f0000000080)='./file0\x00')
bpf$OBJ_GET_PROG(0x7, &(0x7f00000000c0)={&(0x7f0000000000)='./file0\x00', 0x0, 0x8}, 0x10)

10:53:10 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, 0x0)

10:53:10 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
ioctl$TUNSETDEBUG(r1, 0x400454c9, &(0x7f00000000c0)=0x200)
ioctl$TUNGETSNDBUF(r0, 0x800454d3, &(0x7f0000000000))
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1000})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFINDEX(r2, 0x400454da, &(0x7f00000011c0))
ioctl$TUNGETVNETLE(r2, 0x800454dd, &(0x7f0000000100))

10:53:10 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0xfffffffe)

10:53:10 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000001500)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000140)=""/133, 0x85}, {&(0x7f0000000200)=""/4096, 0x1000}, {&(0x7f0000000000)=""/25, 0x19}, {&(0x7f0000001200)=""/249, 0xf9}, {&(0x7f0000001300)=""/142, 0x8e}], 0x5, &(0x7f00000013c0)=ANY=[@ANYBLOB="1000000000000000010000000100000014000000000000000100000001000000", @ANYRES32, @ANYBLOB="000000002c000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00', @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000034000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="0000000014000000000000000100000001000000", @ANYRES32, @ANYBLOB="0000000024000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="0000000014000000000000000100000001000000", @ANYRES32, @ANYBLOB='\x00\x00\x00\x00'], 0x128}, 0x10001)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000001540)='devices.list\x00', 0x0, 0x0)
mkdirat$cgroup(r0, &(0x7f0000001580)='syz0\x00', 0x1ff)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0) (async)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000001500)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000140)=""/133, 0x85}, {&(0x7f0000000200)=""/4096, 0x1000}, {&(0x7f0000000000)=""/25, 0x19}, {&(0x7f0000001200)=""/249, 0xf9}, {&(0x7f0000001300)=""/142, 0x8e}], 0x5, &(0x7f00000013c0)=ANY=[@ANYBLOB="1000000000000000010000000100000014000000000000000100000001000000", @ANYRES32, @ANYBLOB="000000002c000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00', @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000034000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="0000000014000000000000000100000001000000", @ANYRES32, @ANYBLOB="0000000024000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="0000000014000000000000000100000001000000", @ANYRES32, @ANYBLOB='\x00\x00\x00\x00'], 0x128}, 0x10001) (async)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000001540)='devices.list\x00', 0x0, 0x0) (async)
mkdirat$cgroup(r0, &(0x7f0000001580)='syz0\x00', 0x1ff) (async)

10:53:10 executing program 4:
syz_clone(0x7c0ad580, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 47)

10:53:10 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
ioctl$TUNSETDEBUG(r1, 0x400454c9, &(0x7f00000000c0)=0x200) (async)
ioctl$TUNGETSNDBUF(r0, 0x800454d3, &(0x7f0000000000))
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1000}) (async)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFINDEX(r2, 0x400454da, &(0x7f00000011c0)) (async)
ioctl$TUNGETVNETLE(r2, 0x800454dd, &(0x7f0000000100))

10:53:10 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x64)
unlink(&(0x7f0000000080)='./file0\x00')
bpf$OBJ_GET_PROG(0x7, &(0x7f00000000c0)={&(0x7f0000000000)='./file0\x00', 0x0, 0x8}, 0x10)
mkdir(&(0x7f0000000040)='./file0\x00', 0x64) (async)
unlink(&(0x7f0000000080)='./file0\x00') (async)
bpf$OBJ_GET_PROG(0x7, &(0x7f00000000c0)={&(0x7f0000000000)='./file0\x00', 0x0, 0x8}, 0x10) (async)

10:53:10 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000001500)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000140)=""/133, 0x85}, {&(0x7f0000000200)=""/4096, 0x1000}, {&(0x7f0000000000)=""/25, 0x19}, {&(0x7f0000001200)=""/249, 0xf9}, {&(0x7f0000001300)=""/142, 0x8e}], 0x5, &(0x7f00000013c0)=ANY=[@ANYBLOB="1000000000000000010000000100000014000000000000000100000001000000", @ANYRES32, @ANYBLOB="000000002c000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00', @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000034000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="0000000014000000000000000100000001000000", @ANYRES32, @ANYBLOB="0000000024000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="0000000014000000000000000100000001000000", @ANYRES32, @ANYBLOB='\x00\x00\x00\x00'], 0x128}, 0x10001)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000001540)='devices.list\x00', 0x0, 0x0)
mkdirat$cgroup(r0, &(0x7f0000001580)='syz0\x00', 0x1ff)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0) (async)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000001500)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000140)=""/133, 0x85}, {&(0x7f0000000200)=""/4096, 0x1000}, {&(0x7f0000000000)=""/25, 0x19}, {&(0x7f0000001200)=""/249, 0xf9}, {&(0x7f0000001300)=""/142, 0x8e}], 0x5, &(0x7f00000013c0)=ANY=[@ANYBLOB="1000000000000000010000000100000014000000000000000100000001000000", @ANYRES32, @ANYBLOB="000000002c000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00', @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000034000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="0000000014000000000000000100000001000000", @ANYRES32, @ANYBLOB="0000000024000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="0000000014000000000000000100000001000000", @ANYRES32, @ANYBLOB='\x00\x00\x00\x00'], 0x128}, 0x10001) (async)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000001540)='devices.list\x00', 0x0, 0x0) (async)
mkdirat$cgroup(r0, &(0x7f0000001580)='syz0\x00', 0x1ff) (async)

10:53:10 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, 0x0)

10:53:10 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0xfffffffe)

10:53:10 executing program 2:
openat$cgroup_pressure(0xffffffffffffffff, &(0x7f0000000000)='memory.pressure\x00', 0x2, 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0)

10:53:10 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x64) (async)
unlink(&(0x7f0000000080)='./file0\x00') (async)
bpf$OBJ_GET_PROG(0x7, &(0x7f00000000c0)={&(0x7f0000000000)='./file0\x00', 0x0, 0x8}, 0x10)

10:53:10 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040))

[ 2628.894262][T27050] FAULT_INJECTION: forcing a failure.
[ 2628.894262][T27050] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2628.908777][T27050] CPU: 1 PID: 27050 Comm: syz-executor.4 Not tainted 5.15.91-syzkaller-02991-g7e0097918ff8 #0
[ 2628.918837][T27050] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 2628.928733][T27050] Call Trace:
[ 2628.931857][T27050]  <TASK>
[ 2628.934632][T27050]  dump_stack_lvl+0x151/0x1b7
10:53:10 executing program 2:
openat$cgroup_pressure(0xffffffffffffffff, &(0x7f0000000000)='memory.pressure\x00', 0x2, 0x0) (async)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0)

10:53:10 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0xfffffffe)

10:53:10 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, 0x0)
ioctl$TUNSETLINK(r0, 0x400454cd, 0xfffffffe)

[ 2628.939148][T27050]  ? io_uring_drop_tctx_refs+0x19a/0x19a
[ 2628.944611][T27050]  ? post_alloc_hook+0x1ab/0x1b0
[ 2628.949390][T27050]  dump_stack+0x15/0x17
[ 2628.953383][T27050]  should_fail+0x3c0/0x510
[ 2628.957635][T27050]  should_fail_alloc_page+0x58/0x70
[ 2628.962846][T27050]  __alloc_pages+0x1de/0x7c0
[ 2628.967278][T27050]  ? __count_vm_events+0x30/0x30
[ 2628.972039][T27050]  ? __this_cpu_preempt_check+0x13/0x20
[ 2628.977419][T27050]  ? __mod_node_page_state+0xac/0xf0
[ 2628.982545][T27050]  pte_alloc_one+0x73/0x1b0
[ 2628.986884][T27050]  ? pfn_modify_allowed+0x2e0/0x2e0
[ 2628.991916][T27050]  ? __kasan_check_read+0x11/0x20
[ 2628.996780][T27050]  ? copy_present_pte+0x76f/0xe60
[ 2629.001637][T27050]  __pte_alloc+0x86/0x350
[ 2629.005805][T27050]  ? copy_pte_range+0x1780/0x1780
[ 2629.010658][T27050]  ? free_pgtables+0x210/0x210
[ 2629.015258][T27050]  ? _raw_spin_lock+0xa3/0x1b0
[ 2629.019857][T27050]  ? _raw_spin_trylock_bh+0x1d0/0x1d0
[ 2629.025062][T27050]  ? unwind_get_return_address+0x4c/0x90
[ 2629.030531][T27050]  copy_pte_range+0x11be/0x1780
[ 2629.035221][T27050]  ? __kasan_check_write+0x14/0x20
[ 2629.040171][T27050]  ? stack_trace_snprint+0x100/0x100
[ 2629.045289][T27050]  ? __kunmap_atomic+0x80/0x80
[ 2629.049887][T27050]  ? kmem_cache_alloc+0x189/0x2f0
[ 2629.054746][T27050]  ? vm_area_dup+0x26/0x220
[ 2629.059085][T27050]  ? dup_mmap+0x6c8/0xf10
[ 2629.063270][T27050]  ? dup_mm+0x8e/0x2e0
[ 2629.067157][T27050]  ? copy_mm+0x108/0x1b0
[ 2629.071242][T27050]  ? copy_process+0x1295/0x3250
[ 2629.075923][T27050]  ? kernel_clone+0x21d/0x9c0
[ 2629.080435][T27050]  ? __x64_sys_clone+0x289/0x310
[ 2629.085210][T27050]  ? do_syscall_64+0x44/0xd0
[ 2629.089638][T27050]  copy_page_range+0xc1e/0x1090
[ 2629.094328][T27050]  ? pfn_valid+0x1e0/0x1e0
[ 2629.098578][T27050]  dup_mmap+0x9af/0xf10
[ 2629.102568][T27050]  ? __delayed_free_task+0x20/0x20
[ 2629.107518][T27050]  ? mm_init+0x807/0x960
[ 2629.111597][T27050]  dup_mm+0x8e/0x2e0
[ 2629.115328][T27050]  copy_mm+0x108/0x1b0
[ 2629.119252][T27050]  copy_process+0x1295/0x3250
[ 2629.123747][T27050]  ? proc_fail_nth_write+0x213/0x290
[ 2629.128870][T27050]  ? proc_fail_nth_read+0x220/0x220
[ 2629.133902][T27050]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2629.138871][T27050]  ? vfs_write+0xa37/0x1160
[ 2629.143188][T27050]  ? numa_migrate_prep+0xe0/0xe0
[ 2629.147962][T27050]  kernel_clone+0x21d/0x9c0
[ 2629.152301][T27050]  ? file_end_write+0x1b0/0x1b0
[ 2629.156988][T27050]  ? __kasan_check_write+0x14/0x20
[ 2629.161938][T27050]  ? create_io_thread+0x1e0/0x1e0
[ 2629.166794][T27050]  ? __mutex_lock_slowpath+0x10/0x10
[ 2629.171918][T27050]  __x64_sys_clone+0x289/0x310
[ 2629.176517][T27050]  ? __do_sys_vfork+0x130/0x130
[ 2629.181203][T27050]  ? debug_smp_processor_id+0x17/0x20
[ 2629.186410][T27050]  do_syscall_64+0x44/0xd0
[ 2629.190662][T27050]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2629.196390][T27050] RIP: 0033:0x7fdb204c00c9
[ 2629.200646][T27050] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2629.220092][T27050] RSP: 002b:00007fdb1f233118 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 2629.228329][T27050] RAX: ffffffffffffffda RBX: 00007fdb205dff80 RCX: 00007fdb204c00c9
[ 2629.236141][T27050] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000007c0ad480
10:53:10 executing program 4:
syz_clone(0x7c0ad580, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 48)

10:53:10 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, 0x0)
ioctl$TUNSETLINK(r0, 0x400454cd, 0xfffffffe)

10:53:10 executing program 2:
openat$cgroup_pressure(0xffffffffffffffff, &(0x7f0000000000)='memory.pressure\x00', 0x2, 0x0) (async)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0)

10:53:10 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
ioctl$TUNSETDEBUG(r1, 0x400454c9, &(0x7f00000000c0)=0x200) (async)
ioctl$TUNGETSNDBUF(r0, 0x800454d3, &(0x7f0000000000))
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1000}) (async)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335) (async)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFINDEX(r2, 0x400454da, &(0x7f00000011c0)) (async)
ioctl$TUNGETVNETLE(r2, 0x800454dd, &(0x7f0000000100))

10:53:10 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040))

10:53:10 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
unlink(&(0x7f00000000c0)='./file0\x00')
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000280)={&(0x7f0000000240)='./file0\x00'}, 0x10)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000300), 0x4)
recvmsg(r0, &(0x7f0000000080)={&(0x7f0000000100)=@ax25={{}, [@netrom, @remote, @remote, @bcast, @default, @remote, @null, @rose]}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000180)=""/141, 0x8d}], 0x1}, 0x40000000)

10:53:10 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, 0x0)
ioctl$TUNSETLINK(r0, 0x400454cd, 0xfffffffe)

[ 2629.243953][T27050] RBP: 00007fdb1f2331d0 R08: 0000000000000000 R09: 0000000000000000
[ 2629.251764][T27050] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000002
[ 2629.259574][T27050] R13: 00007ffddc47e1af R14: 00007fdb1f233300 R15: 0000000000022000
[ 2629.267386][T27050]  </TASK>
[ 2629.284564][T27090] FAULT_INJECTION: forcing a failure.
10:53:10 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x107001, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f00000011c0))
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'\x00', 0x800})
ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f0000000040))
r2 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$TUNSETLINK(r2, 0x400454cd, 0x335)

10:53:10 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040))

10:53:10 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000000)='./file0/file0\x00', 0x30)

10:53:10 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0xfffffffe)

[ 2629.284564][T27090] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2629.299405][T27090] CPU: 1 PID: 27090 Comm: syz-executor.4 Not tainted 5.15.91-syzkaller-02991-g7e0097918ff8 #0
[ 2629.309462][T27090] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 2629.319356][T27090] Call Trace:
[ 2629.322478][T27090]  <TASK>
[ 2629.325256][T27090]  dump_stack_lvl+0x151/0x1b7
[ 2629.329769][T27090]  ? io_uring_drop_tctx_refs+0x19a/0x19a
[ 2629.335241][T27090]  ? stack_trace_save+0x12d/0x1f0
[ 2629.340109][T27090]  dump_stack+0x15/0x17
10:53:10 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x107001, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f00000011c0))
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'\x00', 0x800})
ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f0000000040))
r2 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$TUNSETLINK(r2, 0x400454cd, 0x335)
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x107001, 0x0) (async)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1}) (async)
openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0) (async)
ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f00000011c0)) (async)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'\x00', 0x800}) (async)
ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f0000000040)) (async)
openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) (async)
ioctl$TUNSETLINK(r2, 0x400454cd, 0x335) (async)

[ 2629.344092][T27090]  should_fail+0x3c0/0x510
[ 2629.348344][T27090]  should_fail_alloc_page+0x58/0x70
[ 2629.353378][T27090]  __alloc_pages+0x1de/0x7c0
[ 2629.357807][T27090]  ? save_stack+0x119/0x1e0
[ 2629.362150][T27090]  ? __count_vm_events+0x30/0x30
[ 2629.366919][T27090]  ? kvm_sched_clock_read+0x18/0x40
[ 2629.371952][T27090]  ? sched_clock+0x9/0x10
[ 2629.376117][T27090]  ? sched_clock_cpu+0x18/0x3b0
[ 2629.380804][T27090]  pte_alloc_one+0x73/0x1b0
[ 2629.385144][T27090]  ? pfn_modify_allowed+0x2e0/0x2e0
[ 2629.390171][T27090]  ? __set_page_owner+0x2ce/0x2f0
[ 2629.395035][T27090]  __pte_alloc+0x86/0x350
[ 2629.399200][T27090]  ? free_pgtables+0x210/0x210
[ 2629.403804][T27090]  copy_pte_range+0x11be/0x1780
[ 2629.408486][T27090]  ? __kasan_check_write+0x14/0x20
[ 2629.413432][T27090]  ? _raw_spin_lock+0xa3/0x1b0
[ 2629.418035][T27090]  ? _raw_spin_trylock_bh+0x1d0/0x1d0
[ 2629.423241][T27090]  ? kmem_cache_alloc+0x189/0x2f0
[ 2629.428100][T27090]  ? __kunmap_atomic+0x80/0x80
[ 2629.432706][T27090]  ? __pud_alloc+0x260/0x260
[ 2629.437131][T27090]  ? __pud_alloc+0x218/0x260
[ 2629.441554][T27090]  ? do_handle_mm_fault+0x2410/0x2410
[ 2629.446764][T27090]  copy_page_range+0xc1e/0x1090
[ 2629.451451][T27090]  ? pfn_valid+0x1e0/0x1e0
[ 2629.455702][T27090]  dup_mmap+0x9af/0xf10
[ 2629.459695][T27090]  ? __delayed_free_task+0x20/0x20
[ 2629.464645][T27090]  ? mm_init+0x807/0x960
[ 2629.468721][T27090]  dup_mm+0x8e/0x2e0
[ 2629.472452][T27090]  copy_mm+0x108/0x1b0
[ 2629.476357][T27090]  copy_process+0x1295/0x3250
[ 2629.480872][T27090]  ? proc_fail_nth_write+0x213/0x290
[ 2629.485996][T27090]  ? proc_fail_nth_read+0x220/0x220
[ 2629.491025][T27090]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2629.495976][T27090]  ? vfs_write+0xa37/0x1160
[ 2629.500313][T27090]  ? numa_migrate_prep+0xe0/0xe0
[ 2629.505084][T27090]  kernel_clone+0x21d/0x9c0
[ 2629.509425][T27090]  ? file_end_write+0x1b0/0x1b0
[ 2629.514122][T27090]  ? __kasan_check_write+0x14/0x20
[ 2629.519057][T27090]  ? create_io_thread+0x1e0/0x1e0
[ 2629.523922][T27090]  ? __mutex_lock_slowpath+0x10/0x10
[ 2629.529039][T27090]  __x64_sys_clone+0x289/0x310
[ 2629.533640][T27090]  ? __do_sys_vfork+0x130/0x130
[ 2629.538327][T27090]  ? debug_smp_processor_id+0x17/0x20
[ 2629.543536][T27090]  do_syscall_64+0x44/0xd0
[ 2629.547788][T27090]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2629.553513][T27090] RIP: 0033:0x7fdb204c00c9
[ 2629.557767][T27090] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2629.577208][T27090] RSP: 002b:00007fdb1f233118 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 2629.585460][T27090] RAX: ffffffffffffffda RBX: 00007fdb205dff80 RCX: 00007fdb204c00c9
10:53:11 executing program 4:
syz_clone(0x7c0ad580, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 49)

10:53:11 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0xfffffffe)

10:53:11 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000000)='./file0/file0\x00', 0x30)

10:53:11 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x107001, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f00000011c0))
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'\x00', 0x800})
ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f0000000040))
r2 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$TUNSETLINK(r2, 0x400454cd, 0x335)
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x107001, 0x0) (async)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1}) (async)
openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0) (async)
ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f00000011c0)) (async)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'\x00', 0x800}) (async)
ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f0000000040)) (async)
openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) (async)
ioctl$TUNSETLINK(r2, 0x400454cd, 0x335) (async)

10:53:11 executing program 1:
openat$cgroup_pressure(0xffffffffffffffff, &(0x7f0000000000)='memory.pressure\x00', 0x2, 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0)

[ 2629.593265][T27090] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000007c0ad480
[ 2629.601095][T27090] RBP: 00007fdb1f2331d0 R08: 0000000000000000 R09: 0000000000000000
[ 2629.608890][T27090] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000002
[ 2629.616698][T27090] R13: 00007ffddc47e1af R14: 00007fdb1f233300 R15: 0000000000022000
[ 2629.624516][T27090]  </TASK>
[ 2629.640739][T27126] FAULT_INJECTION: forcing a failure.
[ 2629.640739][T27126] name failslab, interval 1, probability 0, space 0, times 0
[ 2629.653347][T27126] CPU: 1 PID: 27126 Comm: syz-executor.4 Not tainted 5.15.91-syzkaller-02991-g7e0097918ff8 #0
[ 2629.663399][T27126] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 2629.673292][T27126] Call Trace:
[ 2629.676413][T27126]  <TASK>
[ 2629.679189][T27126]  dump_stack_lvl+0x151/0x1b7
[ 2629.683705][T27126]  ? io_uring_drop_tctx_refs+0x19a/0x19a
[ 2629.689173][T27126]  dump_stack+0x15/0x17
[ 2629.693165][T27126]  should_fail+0x3c0/0x510
[ 2629.697417][T27126]  __should_failslab+0x9f/0xe0
[ 2629.702016][T27126]  should_failslab+0x9/0x20
[ 2629.706367][T27126]  kmem_cache_alloc+0x4f/0x2f0
[ 2629.710957][T27126]  ? vm_area_dup+0x26/0x220
[ 2629.715296][T27126]  vm_area_dup+0x26/0x220
[ 2629.719459][T27126]  dup_mmap+0x6c8/0xf10
[ 2629.723456][T27126]  ? __delayed_free_task+0x20/0x20
[ 2629.728401][T27126]  ? mm_init+0x807/0x960
[ 2629.732479][T27126]  dup_mm+0x8e/0x2e0
[ 2629.736216][T27126]  copy_mm+0x108/0x1b0
[ 2629.740119][T27126]  copy_process+0x1295/0x3250
[ 2629.744632][T27126]  ? proc_fail_nth_write+0x213/0x290
[ 2629.749752][T27126]  ? proc_fail_nth_read+0x220/0x220
[ 2629.754790][T27126]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2629.759732][T27126]  ? vfs_write+0xa37/0x1160
[ 2629.764072][T27126]  ? numa_migrate_prep+0xe0/0xe0
[ 2629.768851][T27126]  kernel_clone+0x21d/0x9c0
[ 2629.773185][T27126]  ? file_end_write+0x1b0/0x1b0
[ 2629.777876][T27126]  ? __kasan_check_write+0x14/0x20
[ 2629.782821][T27126]  ? create_io_thread+0x1e0/0x1e0
[ 2629.787680][T27126]  ? __mutex_lock_slowpath+0x10/0x10
[ 2629.792801][T27126]  __x64_sys_clone+0x289/0x310
[ 2629.797401][T27126]  ? __do_sys_vfork+0x130/0x130
[ 2629.802087][T27126]  ? debug_smp_processor_id+0x17/0x20
[ 2629.807294][T27126]  do_syscall_64+0x44/0xd0
[ 2629.811547][T27126]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2629.817275][T27126] RIP: 0033:0x7fdb204c00c9
[ 2629.821531][T27126] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2629.840973][T27126] RSP: 002b:00007fdb1f233118 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 2629.849214][T27126] RAX: ffffffffffffffda RBX: 00007fdb205dff80 RCX: 00007fdb204c00c9
[ 2629.857032][T27126] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000007c0ad480
[ 2629.864836][T27126] RBP: 00007fdb1f2331d0 R08: 0000000000000000 R09: 0000000000000000
[ 2629.872648][T27126] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000002
[ 2629.880464][T27126] R13: 00007ffddc47e1af R14: 00007fdb1f233300 R15: 0000000000022000
[ 2629.888273][T27126]  </TASK>
10:53:11 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFINDEX(r0, 0x400454da, &(0x7f00000011c0))
ioctl$TUNGETDEVNETNS(r0, 0x54e3, 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0xb, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0xa94d, 0x0, 0x0, 0x0, 0x1620}, [@ldst={0x3, 0x2, 0x1, 0x0, 0x7, 0xfffffffffffffff8, 0xffffffffffffffff}, @call={0x85, 0x0, 0x0, 0xa3}, @map_idx_val={0x18, 0x9, 0x6, 0x0, 0x6, 0x0, 0x0, 0x0, 0x5}, @ldst={0x0, 0x1, 0x6, 0x0, 0x6, 0x50, 0x4}, @alu={0x7, 0x0, 0x0, 0x2, 0x8, 0xc}, @btf_id={0x18, 0x7, 0x3, 0x0, 0x4}]}, &(0x7f0000000080)='syzkaller\x00', 0x9, 0xae, &(0x7f0000000180)=""/174, 0x40f00, 0x1, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000240)={0x2, 0x2}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x2, 0x3f, 0x2}, 0x10, 0x0, 0x0, 0x0, &(0x7f00000002c0)=[0x1]}, 0x80)
ioctl$TUNSETSTEERINGEBPF(r0, 0x800454e0, &(0x7f00000003c0)=r1)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000380)={&(0x7f0000000000)='./file0\x00', r1}, 0x10)
unlink(&(0x7f00000000c0)='./file0\x00')

10:53:11 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0xfffffffe)

10:53:11 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
unlink(&(0x7f00000000c0)='./file0\x00') (async)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000280)={&(0x7f0000000240)='./file0\x00'}, 0x10)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000300), 0x4) (async)
recvmsg(r0, &(0x7f0000000080)={&(0x7f0000000100)=@ax25={{}, [@netrom, @remote, @remote, @bcast, @default, @remote, @null, @rose]}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000180)=""/141, 0x8d}], 0x1}, 0x40000000)

10:53:11 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000000)='./file0/file0\x00', 0x30)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
mkdir(&(0x7f0000000000)='./file0/file0\x00', 0x30) (async)

10:53:11 executing program 4:
syz_clone(0x7c0ad580, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 50)

10:53:11 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETPERSIST(0xffffffffffffffff, 0x400454cb, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f00000011c0))
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000080)={'pim6reg1\x00', 0x1})
ioctl$TUNDETACHFILTER(r0, 0x401054d6, 0x0)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335)
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x0)
recvmsg$unix(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000000)=@abs, 0xffffffffffffff14, &(0x7f0000000140)=[{&(0x7f00000000c0)=""/96, 0x60}], 0x1}, 0xa32a28433f2cf58c)

10:53:11 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
bpf$OBJ_GET_PROG(0x7, &(0x7f00000000c0)={&(0x7f0000000080)='./file0\x00'}, 0x10)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0)
unlink(&(0x7f0000000000)='./file0/file0\x00')

10:53:11 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
bpf$OBJ_GET_PROG(0x7, &(0x7f00000000c0)={&(0x7f0000000080)='./file0\x00'}, 0x10)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0)
unlink(&(0x7f0000000000)='./file0/file0\x00')
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
bpf$OBJ_GET_PROG(0x7, &(0x7f00000000c0)={&(0x7f0000000080)='./file0\x00'}, 0x10) (async)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0) (async)
unlink(&(0x7f0000000000)='./file0/file0\x00') (async)

10:53:11 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
bpf$OBJ_GET_PROG(0x7, &(0x7f00000000c0)={&(0x7f0000000080)='./file0\x00'}, 0x10)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0)
unlink(&(0x7f0000000000)='./file0/file0\x00')
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
bpf$OBJ_GET_PROG(0x7, &(0x7f00000000c0)={&(0x7f0000000080)='./file0\x00'}, 0x10) (async)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0) (async)
unlink(&(0x7f0000000000)='./file0/file0\x00') (async)

10:53:11 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000080)={&(0x7f0000000000)='./file0/file0\x00'}, 0x10)
socketpair$tipc(0x1e, 0x4, 0x0, &(0x7f0000000380))
r0 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000100)='tasks\x00', 0x2, 0x0)
write$cgroup_pid(r0, &(0x7f0000000140)=0xffffffffffffffff, 0x12)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x80)

[ 2630.156216][T27149] FAULT_INJECTION: forcing a failure.
[ 2630.156216][T27149] name failslab, interval 1, probability 0, space 0, times 0
[ 2630.168855][T27149] CPU: 1 PID: 27149 Comm: syz-executor.4 Not tainted 5.15.91-syzkaller-02991-g7e0097918ff8 #0
[ 2630.178914][T27149] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 2630.188804][T27149] Call Trace:
[ 2630.191935][T27149]  <TASK>
[ 2630.194706][T27149]  dump_stack_lvl+0x151/0x1b7
[ 2630.199220][T27149]  ? io_uring_drop_tctx_refs+0x19a/0x19a
10:53:11 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000080)={&(0x7f0000000000)='./file0/file0\x00'}, 0x10) (async)
socketpair$tipc(0x1e, 0x4, 0x0, &(0x7f0000000380)) (async)
r0 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000100)='tasks\x00', 0x2, 0x0)
write$cgroup_pid(r0, &(0x7f0000000140)=0xffffffffffffffff, 0x12)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x80)

10:53:11 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000080)={&(0x7f0000000000)='./file0/file0\x00'}, 0x10)
socketpair$tipc(0x1e, 0x4, 0x0, &(0x7f0000000380))
r0 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000100)='tasks\x00', 0x2, 0x0)
write$cgroup_pid(r0, &(0x7f0000000140)=0xffffffffffffffff, 0x12)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x80)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000080)={&(0x7f0000000000)='./file0/file0\x00'}, 0x10) (async)
socketpair$tipc(0x1e, 0x4, 0x0, &(0x7f0000000380)) (async)
openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000100)='tasks\x00', 0x2, 0x0) (async)
write$cgroup_pid(r0, &(0x7f0000000140)=0xffffffffffffffff, 0x12) (async)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x80) (async)

[ 2630.204691][T27149]  dump_stack+0x15/0x17
[ 2630.208681][T27149]  should_fail+0x3c0/0x510
[ 2630.212936][T27149]  __should_failslab+0x9f/0xe0
[ 2630.217537][T27149]  should_failslab+0x9/0x20
[ 2630.221875][T27149]  kmem_cache_alloc+0x4f/0x2f0
[ 2630.226477][T27149]  ? vm_area_dup+0x26/0x220
[ 2630.230811][T27149]  vm_area_dup+0x26/0x220
[ 2630.234983][T27149]  dup_mmap+0x6c8/0xf10
[ 2630.238974][T27149]  ? __delayed_free_task+0x20/0x20
[ 2630.243919][T27149]  ? mm_init+0x807/0x960
[ 2630.247993][T27149]  dup_mm+0x8e/0x2e0
[ 2630.251731][T27149]  copy_mm+0x108/0x1b0
[ 2630.255631][T27149]  copy_process+0x1295/0x3250
[ 2630.260145][T27149]  ? proc_fail_nth_write+0x213/0x290
[ 2630.265268][T27149]  ? proc_fail_nth_read+0x220/0x220
[ 2630.270387][T27149]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2630.275331][T27149]  ? vfs_write+0xa37/0x1160
[ 2630.279673][T27149]  ? numa_migrate_prep+0xe0/0xe0
[ 2630.284445][T27149]  kernel_clone+0x21d/0x9c0
[ 2630.288785][T27149]  ? file_end_write+0x1b0/0x1b0
[ 2630.293473][T27149]  ? __kasan_check_write+0x14/0x20
[ 2630.298424][T27149]  ? create_io_thread+0x1e0/0x1e0
[ 2630.303280][T27149]  ? __mutex_lock_slowpath+0x10/0x10
[ 2630.308399][T27149]  __x64_sys_clone+0x289/0x310
[ 2630.313005][T27149]  ? __do_sys_vfork+0x130/0x130
[ 2630.317694][T27149]  ? debug_smp_processor_id+0x17/0x20
[ 2630.322896][T27149]  do_syscall_64+0x44/0xd0
[ 2630.327150][T27149]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2630.332876][T27149] RIP: 0033:0x7fdb204c00c9
[ 2630.337129][T27149] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
10:53:11 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x339)

[ 2630.356569][T27149] RSP: 002b:00007fdb1f233118 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 2630.364816][T27149] RAX: ffffffffffffffda RBX: 00007fdb205dff80 RCX: 00007fdb204c00c9
[ 2630.372626][T27149] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000007c0ad480
[ 2630.380436][T27149] RBP: 00007fdb1f2331d0 R08: 0000000000000000 R09: 0000000000000000
[ 2630.388249][T27149] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000002
[ 2630.396061][T27149] R13: 00007ffddc47e1af R14: 00007fdb1f233300 R15: 0000000000022000
[ 2630.403875][T27149]  </TASK>
10:53:12 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
unlink(&(0x7f00000000c0)='./file0\x00') (async)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000280)={&(0x7f0000000240)='./file0\x00'}, 0x10)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000300), 0x4) (async)
recvmsg(r0, &(0x7f0000000080)={&(0x7f0000000100)=@ax25={{}, [@netrom, @remote, @remote, @bcast, @default, @remote, @null, @rose]}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000180)=""/141, 0x8d}], 0x1}, 0x40000000)

10:53:12 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
unlink(&(0x7f0000000000)='./file0/file0/file0\x00')
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0)

10:53:12 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0xfffffffe)

10:53:12 executing program 4:
syz_clone(0x7c0ad580, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 51)

10:53:12 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) (async)
ioctl$TUNSETPERSIST(0xffffffffffffffff, 0x400454cb, 0x0) (async)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f00000011c0)) (async)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000080)={'pim6reg1\x00', 0x1}) (async)
ioctl$TUNDETACHFILTER(r0, 0x401054d6, 0x0) (async)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335) (async)
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x0) (async)
recvmsg$unix(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000000)=@abs, 0xffffffffffffff14, &(0x7f0000000140)=[{&(0x7f00000000c0)=""/96, 0x60}], 0x1}, 0xa32a28433f2cf58c)

10:53:12 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x339)

10:53:12 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
unlink(&(0x7f0000000000)='./file0/file0/file0\x00')
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
unlink(&(0x7f0000000000)='./file0/file0/file0\x00') (async)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0) (async)

[ 2631.007010][T27198] FAULT_INJECTION: forcing a failure.
[ 2631.007010][T27198] name failslab, interval 1, probability 0, space 0, times 0
[ 2631.021987][T27198] CPU: 1 PID: 27198 Comm: syz-executor.4 Not tainted 5.15.91-syzkaller-02991-g7e0097918ff8 #0
[ 2631.032045][T27198] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 2631.041939][T27198] Call Trace:
[ 2631.045062][T27198]  <TASK>
[ 2631.047862][T27198]  dump_stack_lvl+0x151/0x1b7
[ 2631.052357][T27198]  ? io_uring_drop_tctx_refs+0x19a/0x19a
[ 2631.057824][T27198]  dump_stack+0x15/0x17
[ 2631.061815][T27198]  should_fail+0x3c0/0x510
[ 2631.066068][T27198]  __should_failslab+0x9f/0xe0
[ 2631.070666][T27198]  should_failslab+0x9/0x20
[ 2631.075007][T27198]  kmem_cache_alloc+0x4f/0x2f0
[ 2631.079606][T27198]  ? vm_area_dup+0x26/0x220
[ 2631.083947][T27198]  vm_area_dup+0x26/0x220
[ 2631.088112][T27198]  dup_mmap+0x6c8/0xf10
[ 2631.092106][T27198]  ? __delayed_free_task+0x20/0x20
[ 2631.097053][T27198]  ? mm_init+0x807/0x960
[ 2631.101129][T27198]  dup_mm+0x8e/0x2e0
[ 2631.104863][T27198]  copy_mm+0x108/0x1b0
[ 2631.108769][T27198]  copy_process+0x1295/0x3250
[ 2631.113281][T27198]  ? proc_fail_nth_write+0x213/0x290
[ 2631.118403][T27198]  ? proc_fail_nth_read+0x220/0x220
[ 2631.123436][T27198]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2631.128382][T27198]  ? vfs_write+0xa37/0x1160
[ 2631.132721][T27198]  ? numa_migrate_prep+0xe0/0xe0
[ 2631.137498][T27198]  kernel_clone+0x21d/0x9c0
[ 2631.141834][T27198]  ? file_end_write+0x1b0/0x1b0
[ 2631.146521][T27198]  ? __kasan_check_write+0x14/0x20
[ 2631.151469][T27198]  ? create_io_thread+0x1e0/0x1e0
[ 2631.156329][T27198]  ? __mutex_lock_slowpath+0x10/0x10
[ 2631.161454][T27198]  __x64_sys_clone+0x289/0x310
[ 2631.166051][T27198]  ? __do_sys_vfork+0x130/0x130
[ 2631.170740][T27198]  ? debug_smp_processor_id+0x17/0x20
[ 2631.175949][T27198]  do_syscall_64+0x44/0xd0
[ 2631.180198][T27198]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2631.185926][T27198] RIP: 0033:0x7fdb204c00c9
[ 2631.190179][T27198] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2631.209619][T27198] RSP: 002b:00007fdb1f233118 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 2631.217868][T27198] RAX: ffffffffffffffda RBX: 00007fdb205dff80 RCX: 00007fdb204c00c9
[ 2631.225676][T27198] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000007c0ad480
[ 2631.233487][T27198] RBP: 00007fdb1f2331d0 R08: 0000000000000000 R09: 0000000000000000
[ 2631.241300][T27198] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000002
[ 2631.249109][T27198] R13: 00007ffddc47e1af R14: 00007fdb1f233300 R15: 0000000000022000
10:53:12 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
unlink(&(0x7f0000000000)='./file0/file0/file0\x00')
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0)

10:53:12 executing program 4:
syz_clone(0x7c0ad580, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 52)

[ 2631.256926][T27198]  </TASK>
10:53:12 executing program 2:
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000000)={0xffffffffffffffff, 0x58, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r0=>0x0}}, 0x10)
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, &(0x7f0000000140)=r0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0\x00', 0x105)
mkdir(&(0x7f0000000180)='./file0\x00', 0x27)

10:53:12 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0xfffffffe)

10:53:12 executing program 2:
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000000)={0xffffffffffffffff, 0x58, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r0=>0x0}}, 0x10)
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, &(0x7f0000000140)=r0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async, rerun: 64)
mkdir(&(0x7f0000000100)='./file0\x00', 0x105) (async, rerun: 64)
mkdir(&(0x7f0000000180)='./file0\x00', 0x27)

[ 2631.279365][T27216] FAULT_INJECTION: forcing a failure.
[ 2631.279365][T27216] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2631.292648][T27216] CPU: 0 PID: 27216 Comm: syz-executor.4 Not tainted 5.15.91-syzkaller-02991-g7e0097918ff8 #0
[ 2631.302709][T27216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 2631.312601][T27216] Call Trace:
[ 2631.315728][T27216]  <TASK>
[ 2631.318504][T27216]  dump_stack_lvl+0x151/0x1b7
[ 2631.323016][T27216]  ? io_uring_drop_tctx_refs+0x19a/0x19a
[ 2631.328484][T27216]  ? compat_start_thread+0x20/0x20
[ 2631.333427][T27216]  dump_stack+0x15/0x17
[ 2631.337421][T27216]  should_fail+0x3c0/0x510
[ 2631.341673][T27216]  should_fail_alloc_page+0x58/0x70
[ 2631.346707][T27216]  __alloc_pages+0x1de/0x7c0
[ 2631.351139][T27216]  ? __count_vm_events+0x30/0x30
[ 2631.355906][T27216]  ? release_firmware_map_entry+0x193/0x193
[ 2631.361634][T27216]  pte_alloc_one+0x73/0x1b0
[ 2631.365977][T27216]  ? pfn_modify_allowed+0x2e0/0x2e0
[ 2631.371008][T27216]  ? __kasan_check_read+0x11/0x20
[ 2631.375868][T27216]  ? copy_present_pte+0x76f/0xe60
[ 2631.380733][T27216]  __pte_alloc+0x86/0x350
[ 2631.384902][T27216]  ? copy_pte_range+0x1780/0x1780
[ 2631.389758][T27216]  ? free_pgtables+0x210/0x210
[ 2631.394354][T27216]  ? _raw_spin_lock+0xa3/0x1b0
[ 2631.398955][T27216]  ? _raw_spin_trylock_bh+0x1d0/0x1d0
[ 2631.404162][T27216]  ? preempt_schedule_thunk+0x16/0x18
[ 2631.409371][T27216]  copy_pte_range+0x11be/0x1780
[ 2631.414060][T27216]  ? __kasan_check_write+0x14/0x20
[ 2631.419009][T27216]  ? stack_trace_snprint+0x100/0x100
[ 2631.424126][T27216]  ? __kunmap_atomic+0x80/0x80
[ 2631.428726][T27216]  ? kmem_cache_alloc+0x189/0x2f0
[ 2631.433693][T27216]  ? vm_area_dup+0x26/0x220
[ 2631.438034][T27216]  ? dup_mmap+0x6c8/0xf10
[ 2631.442199][T27216]  ? dup_mm+0x8e/0x2e0
[ 2631.446103][T27216]  ? copy_mm+0x108/0x1b0
[ 2631.450184][T27216]  ? copy_process+0x1295/0x3250
[ 2631.454869][T27216]  ? kernel_clone+0x21d/0x9c0
[ 2631.459386][T27216]  ? __x64_sys_clone+0x289/0x310
[ 2631.464156][T27216]  ? do_syscall_64+0x44/0xd0
[ 2631.468583][T27216]  copy_page_range+0xc1e/0x1090
[ 2631.473272][T27216]  ? pfn_valid+0x1e0/0x1e0
[ 2631.477523][T27216]  dup_mmap+0x9af/0xf10
[ 2631.481522][T27216]  ? __delayed_free_task+0x20/0x20
[ 2631.486465][T27216]  ? mm_init+0x807/0x960
[ 2631.490541][T27216]  dup_mm+0x8e/0x2e0
[ 2631.494275][T27216]  copy_mm+0x108/0x1b0
[ 2631.498180][T27216]  copy_process+0x1295/0x3250
[ 2631.502699][T27216]  ? proc_fail_nth_write+0x213/0x290
[ 2631.507817][T27216]  ? proc_fail_nth_read+0x220/0x220
[ 2631.512850][T27216]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2631.517796][T27216]  ? vfs_write+0xa37/0x1160
[ 2631.522132][T27216]  ? numa_migrate_prep+0xe0/0xe0
[ 2631.526912][T27216]  kernel_clone+0x21d/0x9c0
[ 2631.531249][T27216]  ? file_end_write+0x1b0/0x1b0
[ 2631.535940][T27216]  ? __kasan_check_write+0x14/0x20
[ 2631.540881][T27216]  ? create_io_thread+0x1e0/0x1e0
[ 2631.545749][T27216]  ? __mutex_lock_slowpath+0x10/0x10
[ 2631.550864][T27216]  __x64_sys_clone+0x289/0x310
[ 2631.555464][T27216]  ? __do_sys_vfork+0x130/0x130
[ 2631.560153][T27216]  ? debug_smp_processor_id+0x17/0x20
[ 2631.565362][T27216]  do_syscall_64+0x44/0xd0
[ 2631.569720][T27216]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2631.575439][T27216] RIP: 0033:0x7fdb204c00c9
[ 2631.579691][T27216] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2631.599136][T27216] RSP: 002b:00007fdb1f233118 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 2631.607376][T27216] RAX: ffffffffffffffda RBX: 00007fdb205dff80 RCX: 00007fdb204c00c9
[ 2631.615187][T27216] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000007c0ad480
[ 2631.622998][T27216] RBP: 00007fdb1f2331d0 R08: 0000000000000000 R09: 0000000000000000
[ 2631.630814][T27216] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000002
[ 2631.638628][T27216] R13: 00007ffddc47e1af R14: 00007fdb1f233300 R15: 0000000000022000
[ 2631.646436][T27216]  </TASK>
10:53:13 executing program 3:
bpf$MAP_DELETE_BATCH(0x1b, &(0x7f0000000080)={&(0x7f0000000100)="7a7e6b0ee140049ba0edd0639ad9c3c7295784177253bc72d37c536e6cc0f384333c21f617fb816e5d5a09b1d0a0fbaf57ac66706ef6025538b30c3380da1061bd6de8b1e34a705fe3e57b18b5d061ce0bc37f8503172ae1a51ffb33844042b91d3340ad1a91c4676cfaf3b2cb215e171ffda5bca5515842208430a0f20cda2a6922e4c459be81881820a09ebb63ba285077a5bba4b9ba7bd0a8ed495144f8e842d16464a43110027686338095f8a202be8515cdfc4cfd1216a1878dc9da55ecf3fc6079ea1de40cb075832f45eb10c18d759815842c364666a90a67a26819fae60eae1621fb983f15dd741dc2b9ea5a0b287cf3", &(0x7f0000000200)=""/104, &(0x7f0000000280)="d8ae3da8ed50f9f3079c5f506b97a84985b92c4ca2c3ac24803525e44aaea22c0b2c4b23e993377ff01df8226243e1f6a1fd695468b8efb265d153aec4d97bbb556bc47ae390add37973f703b2130a7503d740b9efa1a6654d28d692e84cc34b18971f8a20c4e7abf06723e7ab6e931796c592d5e72b6b0e9067d88d9dd605e36da0db283cf06539990a641289d1981f52f9a7f98377d6c2bcc47708a8b7fe45ee36393ee8a8d0a625caefebc223c0ef7e6c8bb02b5ab2f3738d8999682352bc3fe126020045950b", &(0x7f0000000000)="5e883e3da5974ef1f6b8195cb19a8d2c98785cf896ced475a66ca1290314de5c13b96fab4d", 0xfff, 0x1}, 0x38)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
unlink(&(0x7f00000000c0)='./file0\x00')

10:53:13 executing program 2:
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000000)={0xffffffffffffffff, 0x58, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r0=>0x0}}, 0x10)
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, &(0x7f0000000140)=r0) (async, rerun: 32)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async, rerun: 32)
mkdir(&(0x7f0000000100)='./file0\x00', 0x105) (async, rerun: 64)
mkdir(&(0x7f0000000180)='./file0\x00', 0x27) (rerun: 64)

10:53:13 executing program 4:
syz_clone(0x7c0ad580, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 53)

10:53:13 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETPERSIST(0xffffffffffffffff, 0x400454cb, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f00000011c0))
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000080)={'pim6reg1\x00', 0x1})
ioctl$TUNDETACHFILTER(r0, 0x401054d6, 0x0)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335)
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x0)
recvmsg$unix(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000000)=@abs, 0xffffffffffffff14, &(0x7f0000000140)=[{&(0x7f00000000c0)=""/96, 0x60}], 0x1}, 0xa32a28433f2cf58c)
openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) (async)
ioctl$TUNSETPERSIST(0xffffffffffffffff, 0x400454cb, 0x0) (async)
openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0) (async)
ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f00000011c0)) (async)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000080)={'pim6reg1\x00', 0x1}) (async)
ioctl$TUNDETACHFILTER(r0, 0x401054d6, 0x0) (async)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335) (async)
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x0) (async)
recvmsg$unix(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000000)=@abs, 0xffffffffffffff14, &(0x7f0000000140)=[{&(0x7f00000000c0)=""/96, 0x60}], 0x1}, 0xa32a28433f2cf58c) (async)

10:53:13 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x339)

10:53:13 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0xfffffffe)

10:53:13 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x188)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000))
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r0, 0xffffffffffffffff, 0x24}, 0x10)
write$cgroup_freezer_state(r0, &(0x7f0000000180)='FREEZING\x00', 0x9)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r1, 0xffffffffffffffff, 0x24}, 0x10)
ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x3)
bpf$OBJ_GET_MAP(0x7, &(0x7f00000000c0)={&(0x7f0000000080)='./file0/file0\x00', 0x0, 0x8}, 0x10)
ioctl$TUNSETSNDBUF(0xffffffffffffffff, 0x400454d4, &(0x7f0000000140)=0x8001)

10:53:13 executing program 3:
bpf$MAP_DELETE_BATCH(0x1b, &(0x7f0000000080)={&(0x7f0000000100)="7a7e6b0ee140049ba0edd0639ad9c3c7295784177253bc72d37c536e6cc0f384333c21f617fb816e5d5a09b1d0a0fbaf57ac66706ef6025538b30c3380da1061bd6de8b1e34a705fe3e57b18b5d061ce0bc37f8503172ae1a51ffb33844042b91d3340ad1a91c4676cfaf3b2cb215e171ffda5bca5515842208430a0f20cda2a6922e4c459be81881820a09ebb63ba285077a5bba4b9ba7bd0a8ed495144f8e842d16464a43110027686338095f8a202be8515cdfc4cfd1216a1878dc9da55ecf3fc6079ea1de40cb075832f45eb10c18d759815842c364666a90a67a26819fae60eae1621fb983f15dd741dc2b9ea5a0b287cf3", &(0x7f0000000200)=""/104, &(0x7f0000000280)="d8ae3da8ed50f9f3079c5f506b97a84985b92c4ca2c3ac24803525e44aaea22c0b2c4b23e993377ff01df8226243e1f6a1fd695468b8efb265d153aec4d97bbb556bc47ae390add37973f703b2130a7503d740b9efa1a6654d28d692e84cc34b18971f8a20c4e7abf06723e7ab6e931796c592d5e72b6b0e9067d88d9dd605e36da0db283cf06539990a641289d1981f52f9a7f98377d6c2bcc47708a8b7fe45ee36393ee8a8d0a625caefebc223c0ef7e6c8bb02b5ab2f3738d8999682352bc3fe126020045950b", &(0x7f0000000000)="5e883e3da5974ef1f6b8195cb19a8d2c98785cf896ced475a66ca1290314de5c13b96fab4d", 0xfff, 0x1}, 0x38)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
unlink(&(0x7f00000000c0)='./file0\x00')
bpf$MAP_DELETE_BATCH(0x1b, &(0x7f0000000080)={&(0x7f0000000100)="7a7e6b0ee140049ba0edd0639ad9c3c7295784177253bc72d37c536e6cc0f384333c21f617fb816e5d5a09b1d0a0fbaf57ac66706ef6025538b30c3380da1061bd6de8b1e34a705fe3e57b18b5d061ce0bc37f8503172ae1a51ffb33844042b91d3340ad1a91c4676cfaf3b2cb215e171ffda5bca5515842208430a0f20cda2a6922e4c459be81881820a09ebb63ba285077a5bba4b9ba7bd0a8ed495144f8e842d16464a43110027686338095f8a202be8515cdfc4cfd1216a1878dc9da55ecf3fc6079ea1de40cb075832f45eb10c18d759815842c364666a90a67a26819fae60eae1621fb983f15dd741dc2b9ea5a0b287cf3", &(0x7f0000000200)=""/104, &(0x7f0000000280)="d8ae3da8ed50f9f3079c5f506b97a84985b92c4ca2c3ac24803525e44aaea22c0b2c4b23e993377ff01df8226243e1f6a1fd695468b8efb265d153aec4d97bbb556bc47ae390add37973f703b2130a7503d740b9efa1a6654d28d692e84cc34b18971f8a20c4e7abf06723e7ab6e931796c592d5e72b6b0e9067d88d9dd605e36da0db283cf06539990a641289d1981f52f9a7f98377d6c2bcc47708a8b7fe45ee36393ee8a8d0a625caefebc223c0ef7e6c8bb02b5ab2f3738d8999682352bc3fe126020045950b", &(0x7f0000000000)="5e883e3da5974ef1f6b8195cb19a8d2c98785cf896ced475a66ca1290314de5c13b96fab4d", 0xfff, 0x1}, 0x38) (async)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
unlink(&(0x7f00000000c0)='./file0\x00') (async)

10:53:13 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x188) (async)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0) (async, rerun: 32)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)) (async, rerun: 32)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r0, 0xffffffffffffffff, 0x24}, 0x10) (async)
write$cgroup_freezer_state(r0, &(0x7f0000000180)='FREEZING\x00', 0x9) (async)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r1, 0xffffffffffffffff, 0x24}, 0x10) (async)
ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x3)
bpf$OBJ_GET_MAP(0x7, &(0x7f00000000c0)={&(0x7f0000000080)='./file0/file0\x00', 0x0, 0x8}, 0x10)
ioctl$TUNSETSNDBUF(0xffffffffffffffff, 0x400454d4, &(0x7f0000000140)=0x8001)

10:53:13 executing program 3:
bpf$MAP_DELETE_BATCH(0x1b, &(0x7f0000000080)={&(0x7f0000000100)="7a7e6b0ee140049ba0edd0639ad9c3c7295784177253bc72d37c536e6cc0f384333c21f617fb816e5d5a09b1d0a0fbaf57ac66706ef6025538b30c3380da1061bd6de8b1e34a705fe3e57b18b5d061ce0bc37f8503172ae1a51ffb33844042b91d3340ad1a91c4676cfaf3b2cb215e171ffda5bca5515842208430a0f20cda2a6922e4c459be81881820a09ebb63ba285077a5bba4b9ba7bd0a8ed495144f8e842d16464a43110027686338095f8a202be8515cdfc4cfd1216a1878dc9da55ecf3fc6079ea1de40cb075832f45eb10c18d759815842c364666a90a67a26819fae60eae1621fb983f15dd741dc2b9ea5a0b287cf3", &(0x7f0000000200)=""/104, &(0x7f0000000280)="d8ae3da8ed50f9f3079c5f506b97a84985b92c4ca2c3ac24803525e44aaea22c0b2c4b23e993377ff01df8226243e1f6a1fd695468b8efb265d153aec4d97bbb556bc47ae390add37973f703b2130a7503d740b9efa1a6654d28d692e84cc34b18971f8a20c4e7abf06723e7ab6e931796c592d5e72b6b0e9067d88d9dd605e36da0db283cf06539990a641289d1981f52f9a7f98377d6c2bcc47708a8b7fe45ee36393ee8a8d0a625caefebc223c0ef7e6c8bb02b5ab2f3738d8999682352bc3fe126020045950b", &(0x7f0000000000)="5e883e3da5974ef1f6b8195cb19a8d2c98785cf896ced475a66ca1290314de5c13b96fab4d", 0xfff, 0x1}, 0x38)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
unlink(&(0x7f00000000c0)='./file0\x00')

10:53:13 executing program 3:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
unlink(&(0x7f00000000c0)='./file0\x00')
r0 = bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
recvmsg$unix(r0, &(0x7f0000000740)={&(0x7f0000000100), 0x6e, &(0x7f0000000600)=[{&(0x7f0000000180)=""/131, 0x83}, {&(0x7f0000000240)=""/165, 0xa5}, {&(0x7f0000000300)=""/102, 0x66}, {&(0x7f0000000380)=""/212, 0xd4}, {&(0x7f0000000480)}, {&(0x7f00000004c0)=""/121, 0x79}, {&(0x7f0000000540)=""/184, 0xb8}], 0x7, &(0x7f0000000680)=[@rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xb0}, 0x40000060)
unlink(&(0x7f0000000000)='./file0/file0\x00')

10:53:13 executing program 3:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
unlink(&(0x7f00000000c0)='./file0\x00')
r0 = bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
recvmsg$unix(r0, &(0x7f0000000740)={&(0x7f0000000100), 0x6e, &(0x7f0000000600)=[{&(0x7f0000000180)=""/131, 0x83}, {&(0x7f0000000240)=""/165, 0xa5}, {&(0x7f0000000300)=""/102, 0x66}, {&(0x7f0000000380)=""/212, 0xd4}, {&(0x7f0000000480)}, {&(0x7f00000004c0)=""/121, 0x79}, {&(0x7f0000000540)=""/184, 0xb8}], 0x7, &(0x7f0000000680)=[@rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xb0}, 0x40000060)
unlink(&(0x7f0000000000)='./file0/file0\x00')
mkdir(&(0x7f0000000080)='./file0\x00', 0x0) (async)
unlink(&(0x7f00000000c0)='./file0\x00') (async)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8) (async)
recvmsg$unix(r0, &(0x7f0000000740)={&(0x7f0000000100), 0x6e, &(0x7f0000000600)=[{&(0x7f0000000180)=""/131, 0x83}, {&(0x7f0000000240)=""/165, 0xa5}, {&(0x7f0000000300)=""/102, 0x66}, {&(0x7f0000000380)=""/212, 0xd4}, {&(0x7f0000000480)}, {&(0x7f00000004c0)=""/121, 0x79}, {&(0x7f0000000540)=""/184, 0xb8}], 0x7, &(0x7f0000000680)=[@rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xb0}, 0x40000060) (async)
unlink(&(0x7f0000000000)='./file0/file0\x00') (async)

[ 2631.874589][T27254] FAULT_INJECTION: forcing a failure.
[ 2631.874589][T27254] name failslab, interval 1, probability 0, space 0, times 0
[ 2631.887060][T27254] CPU: 1 PID: 27254 Comm: syz-executor.4 Not tainted 5.15.91-syzkaller-02991-g7e0097918ff8 #0
[ 2631.897072][T27254] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 2631.906969][T27254] Call Trace:
[ 2631.910090][T27254]  <TASK>
[ 2631.912872][T27254]  dump_stack_lvl+0x151/0x1b7
[ 2631.917382][T27254]  ? io_uring_drop_tctx_refs+0x19a/0x19a
10:53:13 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x188)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0) (async, rerun: 32)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)) (async, rerun: 32)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r0, 0xffffffffffffffff, 0x24}, 0x10) (async)
write$cgroup_freezer_state(r0, &(0x7f0000000180)='FREEZING\x00', 0x9)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r1, 0xffffffffffffffff, 0x24}, 0x10) (async)
ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x3)
bpf$OBJ_GET_MAP(0x7, &(0x7f00000000c0)={&(0x7f0000000080)='./file0/file0\x00', 0x0, 0x8}, 0x10) (async, rerun: 64)
ioctl$TUNSETSNDBUF(0xffffffffffffffff, 0x400454d4, &(0x7f0000000140)=0x8001) (rerun: 64)

10:53:13 executing program 3:
mkdir(&(0x7f0000000080)='./file0\x00', 0x0) (async)
unlink(&(0x7f00000000c0)='./file0\x00') (async)
r0 = bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
recvmsg$unix(r0, &(0x7f0000000740)={&(0x7f0000000100), 0x6e, &(0x7f0000000600)=[{&(0x7f0000000180)=""/131, 0x83}, {&(0x7f0000000240)=""/165, 0xa5}, {&(0x7f0000000300)=""/102, 0x66}, {&(0x7f0000000380)=""/212, 0xd4}, {&(0x7f0000000480)}, {&(0x7f00000004c0)=""/121, 0x79}, {&(0x7f0000000540)=""/184, 0xb8}], 0x7, &(0x7f0000000680)=[@rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xb0}, 0x40000060) (async)
unlink(&(0x7f0000000000)='./file0/file0\x00')

[ 2631.922852][T27254]  dump_stack+0x15/0x17
[ 2631.926842][T27254]  should_fail+0x3c0/0x510
[ 2631.931095][T27254]  __should_failslab+0x9f/0xe0
[ 2631.935694][T27254]  should_failslab+0x9/0x20
[ 2631.940032][T27254]  kmem_cache_alloc+0x4f/0x2f0
[ 2631.944634][T27254]  ? vm_area_dup+0x26/0x220
[ 2631.948972][T27254]  vm_area_dup+0x26/0x220
[ 2631.953138][T27254]  dup_mmap+0x6c8/0xf10
[ 2631.957134][T27254]  ? __delayed_free_task+0x20/0x20
[ 2631.962080][T27254]  ? mm_init+0x807/0x960
[ 2631.966161][T27254]  dup_mm+0x8e/0x2e0
[ 2631.969893][T27254]  copy_mm+0x108/0x1b0
[ 2631.973796][T27254]  copy_process+0x1295/0x3250
[ 2631.978305][T27254]  ? proc_fail_nth_write+0x213/0x290
[ 2631.983425][T27254]  ? proc_fail_nth_read+0x220/0x220
[ 2631.988461][T27254]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2631.993405][T27254]  ? vfs_write+0xa37/0x1160
[ 2631.997747][T27254]  ? numa_migrate_prep+0xe0/0xe0
[ 2632.002521][T27254]  kernel_clone+0x21d/0x9c0
[ 2632.006881][T27254]  ? file_end_write+0x1b0/0x1b0
[ 2632.011546][T27254]  ? __kasan_check_write+0x14/0x20
[ 2632.016492][T27254]  ? create_io_thread+0x1e0/0x1e0
[ 2632.021353][T27254]  ? __mutex_lock_slowpath+0x10/0x10
[ 2632.026476][T27254]  __x64_sys_clone+0x289/0x310
[ 2632.031075][T27254]  ? __do_sys_vfork+0x130/0x130
[ 2632.035765][T27254]  ? debug_smp_processor_id+0x17/0x20
[ 2632.040968][T27254]  do_syscall_64+0x44/0xd0
[ 2632.045221][T27254]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2632.050949][T27254] RIP: 0033:0x7fdb204c00c9
[ 2632.055202][T27254] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
10:53:13 executing program 4:
syz_clone(0x7c0ad580, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 54)

[ 2632.074651][T27254] RSP: 002b:00007fdb1f233118 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 2632.082896][T27254] RAX: ffffffffffffffda RBX: 00007fdb205dff80 RCX: 00007fdb204c00c9
[ 2632.090699][T27254] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000007c0ad480
[ 2632.098509][T27254] RBP: 00007fdb1f2331d0 R08: 0000000000000000 R09: 0000000000000000
[ 2632.106322][T27254] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000002
[ 2632.114133][T27254] R13: 00007ffddc47e1af R14: 00007fdb1f233300 R15: 0000000000022000
[ 2632.121949][T27254]  </TASK>
[ 2632.140516][T27296] FAULT_INJECTION: forcing a failure.
[ 2632.140516][T27296] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2632.153893][T27296] CPU: 1 PID: 27296 Comm: syz-executor.4 Not tainted 5.15.91-syzkaller-02991-g7e0097918ff8 #0
[ 2632.163941][T27296] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 2632.173837][T27296] Call Trace:
[ 2632.176961][T27296]  <TASK>
[ 2632.179754][T27296]  dump_stack_lvl+0x151/0x1b7
[ 2632.184255][T27296]  ? io_uring_drop_tctx_refs+0x19a/0x19a
[ 2632.189719][T27296]  ? post_alloc_hook+0x1ab/0x1b0
[ 2632.194491][T27296]  dump_stack+0x15/0x17
[ 2632.198485][T27296]  should_fail+0x3c0/0x510
[ 2632.202737][T27296]  should_fail_alloc_page+0x58/0x70
[ 2632.207772][T27296]  __alloc_pages+0x1de/0x7c0
[ 2632.212198][T27296]  ? __count_vm_events+0x30/0x30
[ 2632.216972][T27296]  ? __this_cpu_preempt_check+0x13/0x20
[ 2632.222352][T27296]  ? __mod_node_page_state+0xac/0xf0
[ 2632.227475][T27296]  pte_alloc_one+0x73/0x1b0
[ 2632.231812][T27296]  ? pfn_modify_allowed+0x2e0/0x2e0
[ 2632.236846][T27296]  ? __kasan_check_read+0x11/0x20
[ 2632.241706][T27296]  ? copy_present_pte+0x76f/0xe60
[ 2632.246566][T27296]  __pte_alloc+0x86/0x350
[ 2632.250733][T27296]  ? copy_pte_range+0x1780/0x1780
[ 2632.255591][T27296]  ? free_pgtables+0x210/0x210
[ 2632.260190][T27296]  ? _raw_spin_lock+0xa3/0x1b0
[ 2632.264790][T27296]  ? _raw_spin_trylock_bh+0x1d0/0x1d0
[ 2632.269999][T27296]  ? unwind_get_return_address+0x4c/0x90
[ 2632.275469][T27296]  copy_pte_range+0x11be/0x1780
[ 2632.280155][T27296]  ? __kasan_check_write+0x14/0x20
[ 2632.285100][T27296]  ? stack_trace_snprint+0x100/0x100
[ 2632.290224][T27296]  ? __kunmap_atomic+0x80/0x80
[ 2632.294826][T27296]  ? kmem_cache_alloc+0x189/0x2f0
[ 2632.299682][T27296]  ? vm_area_dup+0x26/0x220
[ 2632.304021][T27296]  ? dup_mmap+0x6c8/0xf10
[ 2632.308192][T27296]  ? dup_mm+0x8e/0x2e0
[ 2632.312093][T27296]  ? copy_mm+0x108/0x1b0
[ 2632.316171][T27296]  ? copy_process+0x1295/0x3250
[ 2632.320862][T27296]  ? kernel_clone+0x21d/0x9c0
[ 2632.325374][T27296]  ? __x64_sys_clone+0x289/0x310
[ 2632.330146][T27296]  ? do_syscall_64+0x44/0xd0
[ 2632.334577][T27296]  copy_page_range+0xc1e/0x1090
[ 2632.339262][T27296]  ? pfn_valid+0x1e0/0x1e0
[ 2632.343513][T27296]  dup_mmap+0x9af/0xf10
[ 2632.347506][T27296]  ? __delayed_free_task+0x20/0x20
[ 2632.352451][T27296]  ? mm_init+0x807/0x960
[ 2632.356531][T27296]  dup_mm+0x8e/0x2e0
[ 2632.360264][T27296]  copy_mm+0x108/0x1b0
[ 2632.364171][T27296]  copy_process+0x1295/0x3250
[ 2632.368683][T27296]  ? proc_fail_nth_write+0x213/0x290
[ 2632.373805][T27296]  ? proc_fail_nth_read+0x220/0x220
[ 2632.378837][T27296]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2632.383784][T27296]  ? vfs_write+0xa37/0x1160
[ 2632.388124][T27296]  ? numa_migrate_prep+0xe0/0xe0
[ 2632.392899][T27296]  kernel_clone+0x21d/0x9c0
[ 2632.397237][T27296]  ? file_end_write+0x1b0/0x1b0
[ 2632.401921][T27296]  ? __kasan_check_write+0x14/0x20
[ 2632.406870][T27296]  ? create_io_thread+0x1e0/0x1e0
[ 2632.411730][T27296]  ? __mutex_lock_slowpath+0x10/0x10
[ 2632.416852][T27296]  __x64_sys_clone+0x289/0x310
[ 2632.421452][T27296]  ? __do_sys_vfork+0x130/0x130
[ 2632.426139][T27296]  ? debug_smp_processor_id+0x17/0x20
[ 2632.431347][T27296]  do_syscall_64+0x44/0xd0
[ 2632.435598][T27296]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2632.441326][T27296] RIP: 0033:0x7fdb204c00c9
[ 2632.445580][T27296] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2632.465023][T27296] RSP: 002b:00007fdb1f233118 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 2632.473268][T27296] RAX: ffffffffffffffda RBX: 00007fdb205dff80 RCX: 00007fdb204c00c9
[ 2632.481079][T27296] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000007c0ad480
10:53:14 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335)
ioctl$TUNSETVNETBE(r0, 0x400454de, &(0x7f00000000c0))
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f00000011c0))
ioctl$TUNSETVNETLE(r1, 0x400454dc, &(0x7f0000000000)=0x1)

10:53:14 executing program 2:
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000080)={&(0x7f0000000000)='./file0\x00', 0x0, 0x18}, 0x10)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r0, 0xffffffffffffffff, 0x24}, 0x10)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r1, 0xffffffffffffffff, 0x24}, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r2, 0xffffffffffffffff, 0x24}, 0x10)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r3, 0xffffffffffffffff, 0x24}, 0x10)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r4, 0xffffffffffffffff, 0x24}, 0x10)
r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r5, 0xffffffffffffffff, 0x24}, 0x10)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000340)=@bpf_tracing={0x1a, 0xa, &(0x7f0000000140)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfff, 0x0, 0x0, 0x0, 0x6}, [@func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffd}, @alu={0x4, 0x1, 0x6, 0x2, 0xb, 0xfffffffffffffff0, 0x4}, @map_idx_val={0x18, 0x4, 0x6, 0x0, 0x1}, @alu={0x7, 0x0, 0x5, 0x7, 0x8, 0x0, 0xfffffffffffffff0}, @jmp={0x5, 0x0, 0xa, 0x0, 0x9, 0xffffffffffffffff, 0x4}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffb}]}, &(0x7f00000000c0)='syzkaller\x00', 0x7fff, 0xae, &(0x7f00000001c0)=""/174, 0x40f00, 0x8, '\x00', 0x0, 0x1a, r0, 0x8, &(0x7f0000000280)={0x9, 0x3}, 0x8, 0x10, &(0x7f00000002c0)={0x2, 0x5, 0x100, 0x400}, 0x10, 0x274b2, 0xffffffffffffffff, 0x0, &(0x7f0000000300)=[r1, 0x1, 0x1, r2, r3, r4, 0x1, r5]}, 0x80)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0)

10:53:14 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)

10:53:14 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x88)
unlink(&(0x7f00000000c0)='./file0\x00')

10:53:14 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x339)

10:53:14 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x88) (async)
unlink(&(0x7f00000000c0)='./file0\x00')

10:53:14 executing program 4:
syz_clone(0x7c0ad580, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 55)

10:53:14 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1}) (async)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335) (async)
ioctl$TUNSETVNETBE(r0, 0x400454de, &(0x7f00000000c0)) (async)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f00000011c0)) (async)
ioctl$TUNSETVNETLE(r1, 0x400454dc, &(0x7f0000000000)=0x1)

10:53:14 executing program 2:
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000080)={&(0x7f0000000000)='./file0\x00', 0x0, 0x18}, 0x10) (async)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r0, 0xffffffffffffffff, 0x24}, 0x10) (async, rerun: 64)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0) (rerun: 64)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r1, 0xffffffffffffffff, 0x24}, 0x10) (async)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r2, 0xffffffffffffffff, 0x24}, 0x10) (async)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r3, 0xffffffffffffffff, 0x24}, 0x10) (async, rerun: 32)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0) (rerun: 32)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r4, 0xffffffffffffffff, 0x24}, 0x10)
r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r5, 0xffffffffffffffff, 0x24}, 0x10) (async)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000340)=@bpf_tracing={0x1a, 0xa, &(0x7f0000000140)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfff, 0x0, 0x0, 0x0, 0x6}, [@func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffd}, @alu={0x4, 0x1, 0x6, 0x2, 0xb, 0xfffffffffffffff0, 0x4}, @map_idx_val={0x18, 0x4, 0x6, 0x0, 0x1}, @alu={0x7, 0x0, 0x5, 0x7, 0x8, 0x0, 0xfffffffffffffff0}, @jmp={0x5, 0x0, 0xa, 0x0, 0x9, 0xffffffffffffffff, 0x4}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffb}]}, &(0x7f00000000c0)='syzkaller\x00', 0x7fff, 0xae, &(0x7f00000001c0)=""/174, 0x40f00, 0x8, '\x00', 0x0, 0x1a, r0, 0x8, &(0x7f0000000280)={0x9, 0x3}, 0x8, 0x10, &(0x7f00000002c0)={0x2, 0x5, 0x100, 0x400}, 0x10, 0x274b2, 0xffffffffffffffff, 0x0, &(0x7f0000000300)=[r1, 0x1, 0x1, r2, r3, r4, 0x1, r5]}, 0x80)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0)

10:53:14 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x339)

[ 2632.488891][T27296] RBP: 00007fdb1f2331d0 R08: 0000000000000000 R09: 0000000000000000
[ 2632.496698][T27296] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000002
[ 2632.504511][T27296] R13: 00007ffddc47e1af R14: 00007fdb1f233300 R15: 0000000000022000
[ 2632.512325][T27296]  </TASK>
10:53:14 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x88)
unlink(&(0x7f00000000c0)='./file0\x00')

10:53:14 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335) (async)
ioctl$TUNSETVNETBE(r0, 0x400454de, &(0x7f00000000c0)) (async)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f00000011c0))
ioctl$TUNSETVNETLE(r1, 0x400454dc, &(0x7f0000000000)=0x1)

10:53:14 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x339)

10:53:14 executing program 2:
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000080)={&(0x7f0000000000)='./file0\x00', 0x0, 0x18}, 0x10)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r0, 0xffffffffffffffff, 0x24}, 0x10)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r1, 0xffffffffffffffff, 0x24}, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r2, 0xffffffffffffffff, 0x24}, 0x10)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r3, 0xffffffffffffffff, 0x24}, 0x10)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r4, 0xffffffffffffffff, 0x24}, 0x10)
r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r5, 0xffffffffffffffff, 0x24}, 0x10)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000340)=@bpf_tracing={0x1a, 0xa, &(0x7f0000000140)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfff, 0x0, 0x0, 0x0, 0x6}, [@func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffd}, @alu={0x4, 0x1, 0x6, 0x2, 0xb, 0xfffffffffffffff0, 0x4}, @map_idx_val={0x18, 0x4, 0x6, 0x0, 0x1}, @alu={0x7, 0x0, 0x5, 0x7, 0x8, 0x0, 0xfffffffffffffff0}, @jmp={0x5, 0x0, 0xa, 0x0, 0x9, 0xffffffffffffffff, 0x4}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffb}]}, &(0x7f00000000c0)='syzkaller\x00', 0x7fff, 0xae, &(0x7f00000001c0)=""/174, 0x40f00, 0x8, '\x00', 0x0, 0x1a, r0, 0x8, &(0x7f0000000280)={0x9, 0x3}, 0x8, 0x10, &(0x7f00000002c0)={0x2, 0x5, 0x100, 0x400}, 0x10, 0x274b2, 0xffffffffffffffff, 0x0, &(0x7f0000000300)=[r1, 0x1, 0x1, r2, r3, r4, 0x1, r5]}, 0x80)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000080)={&(0x7f0000000000)='./file0\x00', 0x0, 0x18}, 0x10) (async)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0) (async)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r0, 0xffffffffffffffff, 0x24}, 0x10) (async)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0) (async)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r1, 0xffffffffffffffff, 0x24}, 0x10) (async)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0) (async)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r2, 0xffffffffffffffff, 0x24}, 0x10) (async)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0) (async)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r3, 0xffffffffffffffff, 0x24}, 0x10) (async)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0) (async)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r4, 0xffffffffffffffff, 0x24}, 0x10) (async)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0) (async)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r5, 0xffffffffffffffff, 0x24}, 0x10) (async)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000340)=@bpf_tracing={0x1a, 0xa, &(0x7f0000000140)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfff, 0x0, 0x0, 0x0, 0x6}, [@func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffd}, @alu={0x4, 0x1, 0x6, 0x2, 0xb, 0xfffffffffffffff0, 0x4}, @map_idx_val={0x18, 0x4, 0x6, 0x0, 0x1}, @alu={0x7, 0x0, 0x5, 0x7, 0x8, 0x0, 0xfffffffffffffff0}, @jmp={0x5, 0x0, 0xa, 0x0, 0x9, 0xffffffffffffffff, 0x4}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffb}]}, &(0x7f00000000c0)='syzkaller\x00', 0x7fff, 0xae, &(0x7f00000001c0)=""/174, 0x40f00, 0x8, '\x00', 0x0, 0x1a, r0, 0x8, &(0x7f0000000280)={0x9, 0x3}, 0x8, 0x10, &(0x7f00000002c0)={0x2, 0x5, 0x100, 0x400}, 0x10, 0x274b2, 0xffffffffffffffff, 0x0, &(0x7f0000000300)=[r1, 0x1, 0x1, r2, r3, r4, 0x1, r5]}, 0x80) (async)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0) (async)

[ 2632.559227][T27310] FAULT_INJECTION: forcing a failure.
[ 2632.559227][T27310] name failslab, interval 1, probability 0, space 0, times 0
[ 2632.584128][T27310] CPU: 0 PID: 27310 Comm: syz-executor.4 Not tainted 5.15.91-syzkaller-02991-g7e0097918ff8 #0
[ 2632.594191][T27310] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 2632.604081][T27310] Call Trace:
10:53:14 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)

10:53:14 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
unlink(&(0x7f00000000c0)='./file0\x00')
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000002c0)={0x6, 0x1, &(0x7f00000003c0)=ANY=[@ANYBLOB="9500000000000000213b4175f44cad20907d98d5ae3830cebd18cfbf34d1a6a14bf8b997168f8a18989746946b851c7d8d49f5c89056f57b29ece220c06b12805e8944b8c99cff00e697d20a1b2ed6ad0300a52148481f026e6f3d85c8caacbfb30a60bdc20c6f1c803941cef6a753be304f82aad44cbb04508f375a8f9f479813b289d1b545c1f9f55a7588ca0b8abc851d233a758de5f057ef3d49cccd5d5856273377b6877a58b824668567163fa20ab3797238887b938dc35900a633e64a32f7342bd6b6117d2e275ef5a05cb7500f8d88607fd981b5d795f9d6571f5a7a1bbc2406b88be74a333f747e5adc452ca0264f39c81666ee84de43f6e4f806ecfcf4651fd66ccf6ec820d99f64"], &(0x7f0000000100)='syzkaller\x00', 0x2, 0x9c, &(0x7f0000000140)=""/156, 0x41000, 0x8, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x4, 0x4}, 0x8, 0x10, &(0x7f0000000240)={0x5, 0x0, 0x6a1, 0x4}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000280)=[0x1, 0x1, 0x1, 0xffffffffffffffff]}, 0x80)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000900)={0xffffffffffffffff, 0x58, &(0x7f0000000880)}, 0x10)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r1, 0xffffffffffffffff, 0x24}, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r2, 0xffffffffffffffff, 0x24}, 0x10)
r3 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000a00)={&(0x7f00000009c0)='./file0\x00', 0x0, 0x10}, 0x10)
r4 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000a80)={&(0x7f0000000a40)='./file0\x00'}, 0x10)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000d40)={r2, 0x58, &(0x7f0000000cc0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r5=>0x0}}, 0x10)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000b00)=@bpf_tracing={0x1a, 0x6, &(0x7f00000007c0)=ANY=[@ANYBLOB="180000000100008000000000030000000e320d650c000000000000000000000095000000000062da0000950000000000"], &(0x7f0000000800)='GPL\x00', 0x6, 0x3d, &(0x7f0000000840)=""/61, 0x41000, 0x2, '\x00', r5, 0x1a, r2, 0x8, &(0x7f0000000940)={0x3, 0x4}, 0x8, 0x10, &(0x7f0000000980)={0x0, 0x1, 0x9, 0x3f}, 0x10, 0x28b94, r0, 0x0, &(0x7f0000000ac0)=[r2, r2, r4, 0xffffffffffffffff, r3]}, 0x80)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000c80)={0x1, &(0x7f0000000b80)="68bdc8a4c9c16a7d16780a0684237be2e59724db2d6f9c61b99800ca570a21f4f194d4ce459722aa43afe566014d10f68b9e07a539081226db979514fb8f732d1b7765f4a3aeaf7455bc6e239cf54b4bd99ec9c7b09735c4888da0caae22b13380f8c0b844e1b95b583d94789e8e92ae7927ff394091036bea55ac6372811694f4cb173537ed9601375791283bd8e4839b4bb7ed1f951992f36a0435ccdc8ce3ff2db36eaf7ff8fbb01409d28c24ce4d744ab0dc2c07eb81bca603d28db9935a74088511142364bc84e3aae35f8b71db721223e54a245e7cb33f204a798793a2ade1e21c6b44"}, 0x20)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000780)={r0, 0xe0, &(0x7f0000000680)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x9, 0x8, &(0x7f0000000500)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000380)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000580)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f00000005c0), &(0x7f0000000600), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000640)}}, 0x10)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000340)={&(0x7f0000000000)='./file0\x00', r0}, 0x10)

10:53:14 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
unlink(&(0x7f00000000c0)='./file0\x00')
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000002c0)={0x6, 0x1, &(0x7f00000003c0)=ANY=[@ANYBLOB="9500000000000000213b4175f44cad20907d98d5ae3830cebd18cfbf34d1a6a14bf8b997168f8a18989746946b851c7d8d49f5c89056f57b29ece220c06b12805e8944b8c99cff00e697d20a1b2ed6ad0300a52148481f026e6f3d85c8caacbfb30a60bdc20c6f1c803941cef6a753be304f82aad44cbb04508f375a8f9f479813b289d1b545c1f9f55a7588ca0b8abc851d233a758de5f057ef3d49cccd5d5856273377b6877a58b824668567163fa20ab3797238887b938dc35900a633e64a32f7342bd6b6117d2e275ef5a05cb7500f8d88607fd981b5d795f9d6571f5a7a1bbc2406b88be74a333f747e5adc452ca0264f39c81666ee84de43f6e4f806ecfcf4651fd66ccf6ec820d99f64"], &(0x7f0000000100)='syzkaller\x00', 0x2, 0x9c, &(0x7f0000000140)=""/156, 0x41000, 0x8, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x4, 0x4}, 0x8, 0x10, &(0x7f0000000240)={0x5, 0x0, 0x6a1, 0x4}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000280)=[0x1, 0x1, 0x1, 0xffffffffffffffff]}, 0x80) (async)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000900)={0xffffffffffffffff, 0x58, &(0x7f0000000880)}, 0x10) (async)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r1, 0xffffffffffffffff, 0x24}, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r2, 0xffffffffffffffff, 0x24}, 0x10) (async)
r3 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000a00)={&(0x7f00000009c0)='./file0\x00', 0x0, 0x10}, 0x10)
r4 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000a80)={&(0x7f0000000a40)='./file0\x00'}, 0x10) (async)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000d40)={r2, 0x58, &(0x7f0000000cc0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r5=>0x0}}, 0x10)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000b00)=@bpf_tracing={0x1a, 0x6, &(0x7f00000007c0)=ANY=[@ANYBLOB="180000000100008000000000030000000e320d650c000000000000000000000095000000000062da0000950000000000"], &(0x7f0000000800)='GPL\x00', 0x6, 0x3d, &(0x7f0000000840)=""/61, 0x41000, 0x2, '\x00', r5, 0x1a, r2, 0x8, &(0x7f0000000940)={0x3, 0x4}, 0x8, 0x10, &(0x7f0000000980)={0x0, 0x1, 0x9, 0x3f}, 0x10, 0x28b94, r0, 0x0, &(0x7f0000000ac0)=[r2, r2, r4, 0xffffffffffffffff, r3]}, 0x80) (async)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000c80)={0x1, &(0x7f0000000b80)="68bdc8a4c9c16a7d16780a0684237be2e59724db2d6f9c61b99800ca570a21f4f194d4ce459722aa43afe566014d10f68b9e07a539081226db979514fb8f732d1b7765f4a3aeaf7455bc6e239cf54b4bd99ec9c7b09735c4888da0caae22b13380f8c0b844e1b95b583d94789e8e92ae7927ff394091036bea55ac6372811694f4cb173537ed9601375791283bd8e4839b4bb7ed1f951992f36a0435ccdc8ce3ff2db36eaf7ff8fbb01409d28c24ce4d744ab0dc2c07eb81bca603d28db9935a74088511142364bc84e3aae35f8b71db721223e54a245e7cb33f204a798793a2ade1e21c6b44"}, 0x20) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000780)={r0, 0xe0, &(0x7f0000000680)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x9, 0x8, &(0x7f0000000500)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000380)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000580)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f00000005c0), &(0x7f0000000600), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000640)}}, 0x10) (async, rerun: 64)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000340)={&(0x7f0000000000)='./file0\x00', r0}, 0x10) (rerun: 64)

10:53:14 executing program 2:
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000180)={&(0x7f0000000140)='./file0/file0\x00', r0}, 0x10)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x302)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r1, 0xffffffffffffffff, 0x24}, 0x10)
openat$cgroup_devices(r1, &(0x7f00000001c0)='devices.allow\x00', 0x2, 0x0)
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0xfb, 0x2, 0x3, 0x0, 0x1, 0x1008, 0x2, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x80000001, 0x0, @perf_bp={&(0x7f0000000040), 0xd}, 0x4201, 0x1f, 0xaa, 0x9, 0x2, 0x3, 0xaf, 0x0, 0xffff, 0x0, 0xfffffffffffffffe}, 0xffffffffffffffff, 0x4, r0, 0x8)
mkdir(&(0x7f0000000000)='./file0/file0\x00', 0x1f1)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0)

[ 2632.607205][T27310]  <TASK>
[ 2632.609984][T27310]  dump_stack_lvl+0x151/0x1b7
[ 2632.614495][T27310]  ? io_uring_drop_tctx_refs+0x19a/0x19a
[ 2632.619962][T27310]  ? do_syscall_64+0x44/0xd0
[ 2632.624392][T27310]  dump_stack+0x15/0x17
[ 2632.628384][T27310]  should_fail+0x3c0/0x510
[ 2632.632639][T27310]  __should_failslab+0x9f/0xe0
[ 2632.637233][T27310]  should_failslab+0x9/0x20
[ 2632.641573][T27310]  kmem_cache_alloc+0x4f/0x2f0
[ 2632.646175][T27310]  ? anon_vma_clone+0xa1/0x4f0
[ 2632.650774][T27310]  anon_vma_clone+0xa1/0x4f0
[ 2632.655205][T27310]  anon_vma_fork+0x91/0x4f0
[ 2632.659542][T27310]  ? anon_vma_name+0x43/0x70
[ 2632.663963][T27310]  dup_mmap+0x760/0xf10
[ 2632.667963][T27310]  ? __delayed_free_task+0x20/0x20
[ 2632.672902][T27310]  ? mm_init+0x807/0x960
[ 2632.676982][T27310]  dup_mm+0x8e/0x2e0
[ 2632.680717][T27310]  copy_mm+0x108/0x1b0
[ 2632.684621][T27310]  copy_process+0x1295/0x3250
[ 2632.689135][T27310]  ? proc_fail_nth_write+0x213/0x290
[ 2632.694252][T27310]  ? proc_fail_nth_read+0x220/0x220
[ 2632.699292][T27310]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2632.704240][T27310]  ? vfs_write+0xa37/0x1160
[ 2632.708576][T27310]  ? numa_migrate_prep+0xe0/0xe0
[ 2632.713352][T27310]  kernel_clone+0x21d/0x9c0
[ 2632.717687][T27310]  ? file_end_write+0x1b0/0x1b0
[ 2632.722495][T27310]  ? __kasan_check_write+0x14/0x20
[ 2632.727419][T27310]  ? create_io_thread+0x1e0/0x1e0
[ 2632.732279][T27310]  ? __mutex_lock_slowpath+0x10/0x10
[ 2632.737401][T27310]  __x64_sys_clone+0x289/0x310
[ 2632.742003][T27310]  ? __do_sys_vfork+0x130/0x130
[ 2632.746687][T27310]  ? debug_smp_processor_id+0x17/0x20
[ 2632.751896][T27310]  do_syscall_64+0x44/0xd0
[ 2632.756145][T27310]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2632.761877][T27310] RIP: 0033:0x7fdb204c00c9
[ 2632.766128][T27310] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2632.785571][T27310] RSP: 002b:00007fdb1f233118 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 2632.793814][T27310] RAX: ffffffffffffffda RBX: 00007fdb205dff80 RCX: 00007fdb204c00c9
[ 2632.801625][T27310] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000007c0ad480
10:53:14 executing program 4:
syz_clone(0x7c0ad580, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 56)

10:53:14 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
unlink(&(0x7f00000000c0)='./file0\x00') (async)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000002c0)={0x6, 0x1, &(0x7f00000003c0)=ANY=[@ANYBLOB="9500000000000000213b4175f44cad20907d98d5ae3830cebd18cfbf34d1a6a14bf8b997168f8a18989746946b851c7d8d49f5c89056f57b29ece220c06b12805e8944b8c99cff00e697d20a1b2ed6ad0300a52148481f026e6f3d85c8caacbfb30a60bdc20c6f1c803941cef6a753be304f82aad44cbb04508f375a8f9f479813b289d1b545c1f9f55a7588ca0b8abc851d233a758de5f057ef3d49cccd5d5856273377b6877a58b824668567163fa20ab3797238887b938dc35900a633e64a32f7342bd6b6117d2e275ef5a05cb7500f8d88607fd981b5d795f9d6571f5a7a1bbc2406b88be74a333f747e5adc452ca0264f39c81666ee84de43f6e4f806ecfcf4651fd66ccf6ec820d99f64"], &(0x7f0000000100)='syzkaller\x00', 0x2, 0x9c, &(0x7f0000000140)=""/156, 0x41000, 0x8, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x4, 0x4}, 0x8, 0x10, &(0x7f0000000240)={0x5, 0x0, 0x6a1, 0x4}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000280)=[0x1, 0x1, 0x1, 0xffffffffffffffff]}, 0x80) (async)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000900)={0xffffffffffffffff, 0x58, &(0x7f0000000880)}, 0x10) (async, rerun: 64)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0) (rerun: 64)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r1, 0xffffffffffffffff, 0x24}, 0x10) (async, rerun: 64)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0) (rerun: 64)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r2, 0xffffffffffffffff, 0x24}, 0x10) (async)
r3 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000a00)={&(0x7f00000009c0)='./file0\x00', 0x0, 0x10}, 0x10)
r4 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000a80)={&(0x7f0000000a40)='./file0\x00'}, 0x10) (async, rerun: 64)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000d40)={r2, 0x58, &(0x7f0000000cc0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r5=>0x0}}, 0x10) (rerun: 64)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000b00)=@bpf_tracing={0x1a, 0x6, &(0x7f00000007c0)=ANY=[@ANYBLOB="180000000100008000000000030000000e320d650c000000000000000000000095000000000062da0000950000000000"], &(0x7f0000000800)='GPL\x00', 0x6, 0x3d, &(0x7f0000000840)=""/61, 0x41000, 0x2, '\x00', r5, 0x1a, r2, 0x8, &(0x7f0000000940)={0x3, 0x4}, 0x8, 0x10, &(0x7f0000000980)={0x0, 0x1, 0x9, 0x3f}, 0x10, 0x28b94, r0, 0x0, &(0x7f0000000ac0)=[r2, r2, r4, 0xffffffffffffffff, r3]}, 0x80)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000c80)={0x1, &(0x7f0000000b80)="68bdc8a4c9c16a7d16780a0684237be2e59724db2d6f9c61b99800ca570a21f4f194d4ce459722aa43afe566014d10f68b9e07a539081226db979514fb8f732d1b7765f4a3aeaf7455bc6e239cf54b4bd99ec9c7b09735c4888da0caae22b13380f8c0b844e1b95b583d94789e8e92ae7927ff394091036bea55ac6372811694f4cb173537ed9601375791283bd8e4839b4bb7ed1f951992f36a0435ccdc8ce3ff2db36eaf7ff8fbb01409d28c24ce4d744ab0dc2c07eb81bca603d28db9935a74088511142364bc84e3aae35f8b71db721223e54a245e7cb33f204a798793a2ade1e21c6b44"}, 0x20) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000780)={r0, 0xe0, &(0x7f0000000680)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x9, 0x8, &(0x7f0000000500)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000380)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000580)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f00000005c0), &(0x7f0000000600), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000640)}}, 0x10) (async)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000340)={&(0x7f0000000000)='./file0\x00', r0}, 0x10)

10:53:14 executing program 2:
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000180)={&(0x7f0000000140)='./file0/file0\x00', r0}, 0x10)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x302)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r1, 0xffffffffffffffff, 0x24}, 0x10)
openat$cgroup_devices(r1, &(0x7f00000001c0)='devices.allow\x00', 0x2, 0x0)
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0xfb, 0x2, 0x3, 0x0, 0x1, 0x1008, 0x2, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x80000001, 0x0, @perf_bp={&(0x7f0000000040), 0xd}, 0x4201, 0x1f, 0xaa, 0x9, 0x2, 0x3, 0xaf, 0x0, 0xffff, 0x0, 0xfffffffffffffffe}, 0xffffffffffffffff, 0x4, r0, 0x8)
mkdir(&(0x7f0000000000)='./file0/file0\x00', 0x1f1)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0) (async)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000180)={&(0x7f0000000140)='./file0/file0\x00', r0}, 0x10) (async)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x302) (async)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0) (async)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r1, 0xffffffffffffffff, 0x24}, 0x10) (async)
openat$cgroup_devices(r1, &(0x7f00000001c0)='devices.allow\x00', 0x2, 0x0) (async)
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0xfb, 0x2, 0x3, 0x0, 0x1, 0x1008, 0x2, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x80000001, 0x0, @perf_bp={&(0x7f0000000040), 0xd}, 0x4201, 0x1f, 0xaa, 0x9, 0x2, 0x3, 0xaf, 0x0, 0xffff, 0x0, 0xfffffffffffffffe}, 0xffffffffffffffff, 0x4, r0, 0x8) (async)
mkdir(&(0x7f0000000000)='./file0/file0\x00', 0x1f1) (async)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0) (async)

10:53:14 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFINDEX(r0, 0x400454da, &(0x7f00000011c0))
ioctl$TUNSETFILTEREBPF(r0, 0x800454e1, &(0x7f00000000c0))
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff})
recvmsg(r1, &(0x7f00000003c0)={0x0, 0x0, 0x0}, 0x40012042)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNGETSNDBUF(r2, 0x800454d3, &(0x7f0000000000))
ioctl$TUNSETLINK(r2, 0x400454cd, 0x335)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x900, 0x0)
r4 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000140), 0x4)
ioctl$TUNSETSTEERINGEBPF(r3, 0x800454e0, &(0x7f00000001c0)=r4)

10:53:14 executing program 1:
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x339)

10:53:14 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFINDEX(r0, 0x400454da, &(0x7f00000011c0)) (async)
ioctl$TUNSETFILTEREBPF(r0, 0x800454e1, &(0x7f00000000c0)) (async)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff})
recvmsg(r1, &(0x7f00000003c0)={0x0, 0x0, 0x0}, 0x40012042) (async)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNGETSNDBUF(r2, 0x800454d3, &(0x7f0000000000)) (async)
ioctl$TUNSETLINK(r2, 0x400454cd, 0x335) (async)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x900, 0x0) (async)
r4 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000140), 0x4)
ioctl$TUNSETSTEERINGEBPF(r3, 0x800454e0, &(0x7f00000001c0)=r4)

10:53:14 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)

[ 2632.809435][T27310] RBP: 00007fdb1f2331d0 R08: 0000000000000000 R09: 0000000000000000
[ 2632.817250][T27310] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000002
[ 2632.825059][T27310] R13: 00007ffddc47e1af R14: 00007fdb1f233300 R15: 0000000000022000
[ 2632.832874][T27310]  </TASK>
10:53:14 executing program 1:
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x339)

10:53:14 executing program 3:
r0 = bpf$ITER_CREATE(0x21, &(0x7f0000000000), 0x8)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x58, &(0x7f0000000100)}, 0x10)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
unlink(&(0x7f00000000c0)='./file0\x00')

10:53:14 executing program 2:
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000180)={&(0x7f0000000140)='./file0/file0\x00', r0}, 0x10) (async)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x302)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r1, 0xffffffffffffffff, 0x24}, 0x10) (async)
openat$cgroup_devices(r1, &(0x7f00000001c0)='devices.allow\x00', 0x2, 0x0)
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0xfb, 0x2, 0x3, 0x0, 0x1, 0x1008, 0x2, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x80000001, 0x0, @perf_bp={&(0x7f0000000040), 0xd}, 0x4201, 0x1f, 0xaa, 0x9, 0x2, 0x3, 0xaf, 0x0, 0xffff, 0x0, 0xfffffffffffffffe}, 0xffffffffffffffff, 0x4, r0, 0x8) (async)
mkdir(&(0x7f0000000000)='./file0/file0\x00', 0x1f1) (async)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0)

10:53:14 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFINDEX(r0, 0x400454da, &(0x7f00000011c0))
ioctl$TUNSETFILTEREBPF(r0, 0x800454e1, &(0x7f00000000c0))
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff})
recvmsg(r1, &(0x7f00000003c0)={0x0, 0x0, 0x0}, 0x40012042)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNGETSNDBUF(r2, 0x800454d3, &(0x7f0000000000))
ioctl$TUNSETLINK(r2, 0x400454cd, 0x335)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x900, 0x0)
r4 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000140), 0x4)
ioctl$TUNSETSTEERINGEBPF(r3, 0x800454e0, &(0x7f00000001c0)=r4)
openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0) (async)
ioctl$TUNSETIFINDEX(r0, 0x400454da, &(0x7f00000011c0)) (async)
ioctl$TUNSETFILTEREBPF(r0, 0x800454e1, &(0x7f00000000c0)) (async)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)) (async)
recvmsg(r1, &(0x7f00000003c0)={0x0, 0x0, 0x0}, 0x40012042) (async)
openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) (async)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1}) (async)
ioctl$TUNGETSNDBUF(r2, 0x800454d3, &(0x7f0000000000)) (async)
ioctl$TUNSETLINK(r2, 0x400454cd, 0x335) (async)
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x900, 0x0) (async)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000140), 0x4) (async)
ioctl$TUNSETSTEERINGEBPF(r3, 0x800454e0, &(0x7f00000001c0)=r4) (async)

10:53:14 executing program 1:
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x339)

[ 2632.871812][T27372] FAULT_INJECTION: forcing a failure.
[ 2632.871812][T27372] name failslab, interval 1, probability 0, space 0, times 0
[ 2632.897756][T27372] CPU: 0 PID: 27372 Comm: syz-executor.4 Not tainted 5.15.91-syzkaller-02991-g7e0097918ff8 #0
[ 2632.907818][T27372] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 2632.917715][T27372] Call Trace:
[ 2632.920843][T27372]  <TASK>
[ 2632.923614][T27372]  dump_stack_lvl+0x151/0x1b7
[ 2632.928126][T27372]  ? io_uring_drop_tctx_refs+0x19a/0x19a
[ 2632.933614][T27372]  dump_stack+0x15/0x17
[ 2632.937583][T27372]  should_fail+0x3c0/0x510
[ 2632.941837][T27372]  __should_failslab+0x9f/0xe0
[ 2632.946436][T27372]  should_failslab+0x9/0x20
[ 2632.950776][T27372]  kmem_cache_alloc+0x4f/0x2f0
[ 2632.955377][T27372]  ? vm_area_dup+0x26/0x220
[ 2632.959716][T27372]  vm_area_dup+0x26/0x220
[ 2632.963882][T27372]  dup_mmap+0x6c8/0xf10
[ 2632.967900][T27372]  ? __delayed_free_task+0x20/0x20
[ 2632.972831][T27372]  ? mm_init+0x807/0x960
[ 2632.976901][T27372]  dup_mm+0x8e/0x2e0
[ 2632.980633][T27372]  copy_mm+0x108/0x1b0
[ 2632.984539][T27372]  copy_process+0x1295/0x3250
[ 2632.989058][T27372]  ? proc_fail_nth_write+0x213/0x290
[ 2632.994174][T27372]  ? proc_fail_nth_read+0x220/0x220
[ 2632.999208][T27372]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2633.004156][T27372]  ? vfs_write+0xa37/0x1160
[ 2633.008494][T27372]  ? numa_migrate_prep+0xe0/0xe0
[ 2633.013268][T27372]  kernel_clone+0x21d/0x9c0
[ 2633.017605][T27372]  ? file_end_write+0x1b0/0x1b0
[ 2633.022293][T27372]  ? __kasan_check_write+0x14/0x20
[ 2633.027242][T27372]  ? create_io_thread+0x1e0/0x1e0
[ 2633.032101][T27372]  ? __mutex_lock_slowpath+0x10/0x10
[ 2633.037221][T27372]  __x64_sys_clone+0x289/0x310
[ 2633.041824][T27372]  ? __do_sys_vfork+0x130/0x130
[ 2633.046509][T27372]  ? debug_smp_processor_id+0x17/0x20
[ 2633.051714][T27372]  do_syscall_64+0x44/0xd0
[ 2633.055971][T27372]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2633.061700][T27372] RIP: 0033:0x7fdb204c00c9
[ 2633.065949][T27372] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2633.085389][T27372] RSP: 002b:00007fdb1f233118 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 2633.093638][T27372] RAX: ffffffffffffffda RBX: 00007fdb205dff80 RCX: 00007fdb204c00c9
[ 2633.101446][T27372] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000007c0ad480
[ 2633.109259][T27372] RBP: 00007fdb1f2331d0 R08: 0000000000000000 R09: 0000000000000000
10:53:14 executing program 4:
syz_clone(0x7c0ad580, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 57)

10:53:14 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x339)

10:53:14 executing program 3:
r0 = bpf$ITER_CREATE(0x21, &(0x7f0000000000), 0x8)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x58, &(0x7f0000000100)}, 0x10)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
unlink(&(0x7f00000000c0)='./file0\x00')
bpf$ITER_CREATE(0x21, &(0x7f0000000000), 0x8) (async)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x58, &(0x7f0000000100)}, 0x10) (async)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
unlink(&(0x7f00000000c0)='./file0\x00') (async)

10:53:14 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r0, 0xffffffffffffffff, 0x24}, 0x10)
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0xfd, 0x7, 0x8, 0x80, 0x0, 0x1f, 0x0, 0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x3, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x2, 0x2, @perf_config_ext={0x7fff, 0x3}, 0x44, 0x2, 0x6, 0x6, 0xe1, 0x6, 0x3ff, 0x0, 0x4, 0x0, 0x2}, 0x0, 0x2007, r0, 0xa)

10:53:14 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0) (async, rerun: 64)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0) (rerun: 64)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r0, 0xffffffffffffffff, 0x24}, 0x10)
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0xfd, 0x7, 0x8, 0x80, 0x0, 0x1f, 0x0, 0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x3, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x2, 0x2, @perf_config_ext={0x7fff, 0x3}, 0x44, 0x2, 0x6, 0x6, 0xe1, 0x6, 0x3ff, 0x0, 0x4, 0x0, 0x2}, 0x0, 0x2007, r0, 0xa)

10:53:14 executing program 0:
mkdir(&(0x7f0000000040)='./file0\x00', 0x188)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000))
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r0, 0xffffffffffffffff, 0x24}, 0x10)
write$cgroup_freezer_state(r0, &(0x7f0000000180)='FREEZING\x00', 0x9)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r1, 0xffffffffffffffff, 0x24}, 0x10)
ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x3)
bpf$OBJ_GET_MAP(0x7, &(0x7f00000000c0)={&(0x7f0000000080)='./file0/file0\x00', 0x0, 0x8}, 0x10)
ioctl$TUNSETSNDBUF(0xffffffffffffffff, 0x400454d4, &(0x7f0000000140)=0x8001)

[ 2633.117068][T27372] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000002
[ 2633.124881][T27372] R13: 00007ffddc47e1af R14: 00007fdb1f233300 R15: 0000000000022000
[ 2633.132700][T27372]  </TASK>
10:53:14 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x339)

10:53:14 executing program 0:
unlink(&(0x7f0000000000)='./file0\x00')
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000080)={&(0x7f0000000040)='./file1\x00'}, 0x10)
syz_clone(0x24102400, 0x0, 0x0, 0x0, 0x0, 0x0)

10:53:14 executing program 3:
r0 = bpf$ITER_CREATE(0x21, &(0x7f0000000000), 0x8)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x58, &(0x7f0000000100)}, 0x10) (async)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
unlink(&(0x7f00000000c0)='./file0\x00')

10:53:14 executing program 5:
r0 = bpf$ITER_CREATE(0x21, &(0x7f0000000000), 0x8)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000040)={0xffffffffffffffff, r0, 0x12}, 0x10)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r2 = openat$cgroup(r0, &(0x7f0000000680)='syz0\x00', 0x200002, 0x0)
r3 = openat$cgroup_ro(r2, &(0x7f00000006c0)='io.stat\x00', 0x0, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r4, 0xffffffffffffffff, 0x24}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000740)={@map=r0, r3, 0x29, 0x1, r4}, 0x14)
mkdirat$cgroup(r4, &(0x7f0000000780)='syz1\x00', 0x1ff)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
r5 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000140)=0xffffffffffffffff, 0x4)
r6 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000003c0)={0x6, 0x6, &(0x7f0000000240)=@raw=[@generic={0xfa, 0x5, 0x2, 0x6, 0x200}, @initr0={0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x2}, @jmp={0x5, 0x1, 0xc, 0x7, 0x1, 0xb4, 0x1}, @map_idx_val={0x18, 0xb, 0x6, 0x0, 0x6, 0x0, 0x0, 0x0, 0x400}], &(0x7f0000000280)='GPL\x00', 0x3, 0x74, &(0x7f00000002c0)=""/116, 0x40f00, 0x2, '\x00', 0x0, 0x25, r0, 0x8, &(0x7f0000000340)={0x9, 0x2}, 0x8, 0x10, &(0x7f0000000380)={0x3, 0xf, 0x0, 0x3}, 0x10}, 0x80)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@bloom_filter={0x1e, 0xa9, 0x75a, 0x3, 0x0, r0, 0x675, '\x00', 0x0, r0, 0x0, 0x0, 0x5, 0x7}, 0x48)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@bloom_filter={0x1e, 0x6, 0x1, 0x200, 0x1200, r0, 0x8, '\x00', 0x0, r0, 0x3, 0x0, 0x4, 0x40000000000000b}, 0x48)
r9 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r9, 0xffffffffffffffff, 0x24}, 0x10)
r10 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r10, 0xffffffffffffffff, 0x24}, 0x10)
r11 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000580)={&(0x7f0000000540)='./file0\x00', 0x0, 0x10}, 0x10)
openat$cgroup_subtree(r10, &(0x7f0000000700), 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0xa, 0x4, &(0x7f00000000c0)=@raw=[@map_idx_val={0x18, 0x3, 0x6, 0x0, 0xa, 0x0, 0x0, 0x0, 0x5}, @cb_func={0x18, 0x0, 0x4, 0x0, 0xfffffffffffffffd}], &(0x7f0000000100)='syzkaller\x00', 0x3, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, 0xf, r5, 0x8, &(0x7f00000001c0)={0x8, 0x2}, 0x8, 0x10, &(0x7f0000000200)={0x3, 0x0, 0x0, 0x6}, 0x10, 0x0, r6, 0x0, &(0x7f00000005c0)=[0x1, r7, r8, r9, r0, r0, r10, r0, r11]}, 0x80)
ioctl$TUNSETLINK(r1, 0x400454cd, 0x335)

10:53:14 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0) (async)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r0, 0xffffffffffffffff, 0x24}, 0x10) (async)
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0xfd, 0x7, 0x8, 0x80, 0x0, 0x1f, 0x0, 0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x3, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x2, 0x2, @perf_config_ext={0x7fff, 0x3}, 0x44, 0x2, 0x6, 0x6, 0xe1, 0x6, 0x3ff, 0x0, 0x4, 0x0, 0x2}, 0x0, 0x2007, r0, 0xa)

10:53:14 executing program 3:
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000080), 0xc)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
unlink(&(0x7f0000000000)='./file0/file0/file0\x00')
unlink(&(0x7f00000000c0)='./file0\x00')

[ 2633.171805][T27421] FAULT_INJECTION: forcing a failure.
[ 2633.171805][T27421] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2633.211218][T27421] CPU: 0 PID: 27421 Comm: syz-executor.4 Not tainted 5.15.91-syzkaller-02991-g7e0097918ff8 #0
[ 2633.221284][T27421] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 2633.231176][T27421] Call Trace:
[ 2633.234303][T27421]  <TASK>
[ 2633.237073][T27421]  dump_stack_lvl+0x151/0x1b7
[ 2633.241588][T27421]  ? io_uring_drop_tctx_refs+0x19a/0x19a
[ 2633.247053][T27421]  ? compat_start_thread+0x20/0x20
[ 2633.252001][T27421]  dump_stack+0x15/0x17
[ 2633.255994][T27421]  should_fail+0x3c0/0x510
[ 2633.260250][T27421]  should_fail_alloc_page+0x58/0x70
[ 2633.265287][T27421]  __alloc_pages+0x1de/0x7c0
[ 2633.269707][T27421]  ? __count_vm_events+0x30/0x30
[ 2633.274483][T27421]  ? release_firmware_map_entry+0x193/0x193
[ 2633.280211][T27421]  pte_alloc_one+0x73/0x1b0
[ 2633.284551][T27421]  ? pfn_modify_allowed+0x2e0/0x2e0
[ 2633.289586][T27421]  ? __kasan_check_read+0x11/0x20
[ 2633.294444][T27421]  ? copy_present_pte+0x76f/0xe60
[ 2633.299306][T27421]  __pte_alloc+0x86/0x350
[ 2633.303474][T27421]  ? copy_pte_range+0x1780/0x1780
[ 2633.308330][T27421]  ? free_pgtables+0x210/0x210
[ 2633.312932][T27421]  ? _raw_spin_lock+0xa3/0x1b0
[ 2633.317530][T27421]  ? _raw_spin_trylock_bh+0x1d0/0x1d0
[ 2633.322738][T27421]  ? preempt_schedule_thunk+0x16/0x18
[ 2633.327946][T27421]  copy_pte_range+0x11be/0x1780
[ 2633.332634][T27421]  ? __kasan_check_write+0x14/0x20
[ 2633.337580][T27421]  ? stack_trace_snprint+0x100/0x100
[ 2633.342704][T27421]  ? __kunmap_atomic+0x80/0x80
[ 2633.347299][T27421]  ? kmem_cache_alloc+0x189/0x2f0
[ 2633.352163][T27421]  ? vm_area_dup+0x26/0x220
[ 2633.356499][T27421]  ? dup_mmap+0x6c8/0xf10
[ 2633.360681][T27421]  ? dup_mm+0x8e/0x2e0
[ 2633.364573][T27421]  ? copy_mm+0x108/0x1b0
[ 2633.368650][T27421]  ? copy_process+0x1295/0x3250
[ 2633.373336][T27421]  ? kernel_clone+0x21d/0x9c0
[ 2633.377850][T27421]  ? __x64_sys_clone+0x289/0x310
[ 2633.382626][T27421]  ? do_syscall_64+0x44/0xd0
[ 2633.387055][T27421]  copy_page_range+0xc1e/0x1090
[ 2633.391741][T27421]  ? pfn_valid+0x1e0/0x1e0
[ 2633.395992][T27421]  dup_mmap+0x9af/0xf10
[ 2633.399984][T27421]  ? __delayed_free_task+0x20/0x20
[ 2633.404934][T27421]  ? mm_init+0x807/0x960
[ 2633.409007][T27421]  dup_mm+0x8e/0x2e0
[ 2633.412745][T27421]  copy_mm+0x108/0x1b0
[ 2633.416656][T27421]  copy_process+0x1295/0x3250
[ 2633.421164][T27421]  ? proc_fail_nth_write+0x213/0x290
[ 2633.426283][T27421]  ? proc_fail_nth_read+0x220/0x220
[ 2633.431316][T27421]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2633.436265][T27421]  ? vfs_write+0xa37/0x1160
[ 2633.440601][T27421]  ? numa_migrate_prep+0xe0/0xe0
[ 2633.445376][T27421]  kernel_clone+0x21d/0x9c0
[ 2633.449714][T27421]  ? file_end_write+0x1b0/0x1b0
[ 2633.454400][T27421]  ? __kasan_check_write+0x14/0x20
[ 2633.459348][T27421]  ? create_io_thread+0x1e0/0x1e0
[ 2633.464212][T27421]  ? __mutex_lock_slowpath+0x10/0x10
[ 2633.469329][T27421]  __x64_sys_clone+0x289/0x310
[ 2633.473929][T27421]  ? __do_sys_vfork+0x130/0x130
[ 2633.478621][T27421]  ? debug_smp_processor_id+0x17/0x20
[ 2633.483826][T27421]  do_syscall_64+0x44/0xd0
[ 2633.488076][T27421]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2633.493805][T27421] RIP: 0033:0x7fdb204c00c9
[ 2633.498058][T27421] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
10:53:15 executing program 4:
syz_clone(0x7c0ad580, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 58)

10:53:15 executing program 5:
r0 = bpf$ITER_CREATE(0x21, &(0x7f0000000000), 0x8)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000040)={0xffffffffffffffff, r0, 0x12}, 0x10)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) (async)
r2 = openat$cgroup(r0, &(0x7f0000000680)='syz0\x00', 0x200002, 0x0)
r3 = openat$cgroup_ro(r2, &(0x7f00000006c0)='io.stat\x00', 0x0, 0x0) (async)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r4, 0xffffffffffffffff, 0x24}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000740)={@map=r0, r3, 0x29, 0x1, r4}, 0x14)
mkdirat$cgroup(r4, &(0x7f0000000780)='syz1\x00', 0x1ff) (async)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
r5 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000140)=0xffffffffffffffff, 0x4) (async)
r6 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000003c0)={0x6, 0x6, &(0x7f0000000240)=@raw=[@generic={0xfa, 0x5, 0x2, 0x6, 0x200}, @initr0={0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x2}, @jmp={0x5, 0x1, 0xc, 0x7, 0x1, 0xb4, 0x1}, @map_idx_val={0x18, 0xb, 0x6, 0x0, 0x6, 0x0, 0x0, 0x0, 0x400}], &(0x7f0000000280)='GPL\x00', 0x3, 0x74, &(0x7f00000002c0)=""/116, 0x40f00, 0x2, '\x00', 0x0, 0x25, r0, 0x8, &(0x7f0000000340)={0x9, 0x2}, 0x8, 0x10, &(0x7f0000000380)={0x3, 0xf, 0x0, 0x3}, 0x10}, 0x80) (async)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@bloom_filter={0x1e, 0xa9, 0x75a, 0x3, 0x0, r0, 0x675, '\x00', 0x0, r0, 0x0, 0x0, 0x5, 0x7}, 0x48) (async)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@bloom_filter={0x1e, 0x6, 0x1, 0x200, 0x1200, r0, 0x8, '\x00', 0x0, r0, 0x3, 0x0, 0x4, 0x40000000000000b}, 0x48) (async)
r9 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r9, 0xffffffffffffffff, 0x24}, 0x10) (async)
r10 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r10, 0xffffffffffffffff, 0x24}, 0x10)
r11 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000580)={&(0x7f0000000540)='./file0\x00', 0x0, 0x10}, 0x10)
openat$cgroup_subtree(r10, &(0x7f0000000700), 0x2, 0x0) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0xa, 0x4, &(0x7f00000000c0)=@raw=[@map_idx_val={0x18, 0x3, 0x6, 0x0, 0xa, 0x0, 0x0, 0x0, 0x5}, @cb_func={0x18, 0x0, 0x4, 0x0, 0xfffffffffffffffd}], &(0x7f0000000100)='syzkaller\x00', 0x3, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, 0xf, r5, 0x8, &(0x7f00000001c0)={0x8, 0x2}, 0x8, 0x10, &(0x7f0000000200)={0x3, 0x0, 0x0, 0x6}, 0x10, 0x0, r6, 0x0, &(0x7f00000005c0)=[0x1, r7, r8, r9, r0, r0, r10, r0, r11]}, 0x80)
ioctl$TUNSETLINK(r1, 0x400454cd, 0x335)

10:53:15 executing program 0:
unlink(&(0x7f0000000000)='./file0\x00')
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000080)={&(0x7f0000000040)='./file1\x00'}, 0x10)
syz_clone(0x24102400, 0x0, 0x0, 0x0, 0x0, 0x0)

10:53:15 executing program 3:
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000080), 0xc)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
unlink(&(0x7f0000000000)='./file0/file0/file0\x00')
unlink(&(0x7f00000000c0)='./file0\x00')
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000080), 0xc) (async)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
unlink(&(0x7f0000000000)='./file0/file0/file0\x00') (async)
unlink(&(0x7f00000000c0)='./file0\x00') (async)

10:53:15 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x339)

10:53:15 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
unlink(&(0x7f0000000080)='./file0\x00')
mkdir(&(0x7f0000000000)='./file0/file0\x00', 0x4a)

10:53:15 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
unlink(&(0x7f0000000080)='./file0\x00')
mkdir(&(0x7f0000000000)='./file0/file0\x00', 0x4a)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
unlink(&(0x7f0000000080)='./file0\x00') (async)
mkdir(&(0x7f0000000000)='./file0/file0\x00', 0x4a) (async)

10:53:15 executing program 5:
r0 = bpf$ITER_CREATE(0x21, &(0x7f0000000000), 0x8)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000040)={0xffffffffffffffff, r0, 0x12}, 0x10) (async, rerun: 64)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) (async, rerun: 64)
r2 = openat$cgroup(r0, &(0x7f0000000680)='syz0\x00', 0x200002, 0x0)
r3 = openat$cgroup_ro(r2, &(0x7f00000006c0)='io.stat\x00', 0x0, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r4, 0xffffffffffffffff, 0x24}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000740)={@map=r0, r3, 0x29, 0x1, r4}, 0x14) (async)
mkdirat$cgroup(r4, &(0x7f0000000780)='syz1\x00', 0x1ff) (async)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1}) (async, rerun: 64)
r5 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000140)=0xffffffffffffffff, 0x4) (async, rerun: 64)
r6 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000003c0)={0x6, 0x6, &(0x7f0000000240)=@raw=[@generic={0xfa, 0x5, 0x2, 0x6, 0x200}, @initr0={0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x2}, @jmp={0x5, 0x1, 0xc, 0x7, 0x1, 0xb4, 0x1}, @map_idx_val={0x18, 0xb, 0x6, 0x0, 0x6, 0x0, 0x0, 0x0, 0x400}], &(0x7f0000000280)='GPL\x00', 0x3, 0x74, &(0x7f00000002c0)=""/116, 0x40f00, 0x2, '\x00', 0x0, 0x25, r0, 0x8, &(0x7f0000000340)={0x9, 0x2}, 0x8, 0x10, &(0x7f0000000380)={0x3, 0xf, 0x0, 0x3}, 0x10}, 0x80)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@bloom_filter={0x1e, 0xa9, 0x75a, 0x3, 0x0, r0, 0x675, '\x00', 0x0, r0, 0x0, 0x0, 0x5, 0x7}, 0x48)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@bloom_filter={0x1e, 0x6, 0x1, 0x200, 0x1200, r0, 0x8, '\x00', 0x0, r0, 0x3, 0x0, 0x4, 0x40000000000000b}, 0x48) (async)
r9 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r9, 0xffffffffffffffff, 0x24}, 0x10) (async)
r10 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r10, 0xffffffffffffffff, 0x24}, 0x10) (async)
r11 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000580)={&(0x7f0000000540)='./file0\x00', 0x0, 0x10}, 0x10)
openat$cgroup_subtree(r10, &(0x7f0000000700), 0x2, 0x0) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0xa, 0x4, &(0x7f00000000c0)=@raw=[@map_idx_val={0x18, 0x3, 0x6, 0x0, 0xa, 0x0, 0x0, 0x0, 0x5}, @cb_func={0x18, 0x0, 0x4, 0x0, 0xfffffffffffffffd}], &(0x7f0000000100)='syzkaller\x00', 0x3, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, 0xf, r5, 0x8, &(0x7f00000001c0)={0x8, 0x2}, 0x8, 0x10, &(0x7f0000000200)={0x3, 0x0, 0x0, 0x6}, 0x10, 0x0, r6, 0x0, &(0x7f00000005c0)=[0x1, r7, r8, r9, r0, r0, r10, r0, r11]}, 0x80) (async)
ioctl$TUNSETLINK(r1, 0x400454cd, 0x335)

[ 2633.517500][T27421] RSP: 002b:00007fdb1f233118 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 2633.525741][T27421] RAX: ffffffffffffffda RBX: 00007fdb205dff80 RCX: 00007fdb204c00c9
[ 2633.533558][T27421] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000007c0ad480
[ 2633.541369][T27421] RBP: 00007fdb1f2331d0 R08: 0000000000000000 R09: 0000000000000000
[ 2633.549176][T27421] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000002
[ 2633.556990][T27421] R13: 00007ffddc47e1af R14: 00007fdb1f233300 R15: 0000000000022000
[ 2633.564804][T27421]  </TASK>
10:53:15 executing program 0:
unlink(&(0x7f0000000000)='./file0\x00')
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000080)={&(0x7f0000000040)='./file1\x00'}, 0x10)
syz_clone(0x24102400, 0x0, 0x0, 0x0, 0x0, 0x0)

10:53:15 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x339)

10:53:15 executing program 3:
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000080), 0xc)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
unlink(&(0x7f0000000000)='./file0/file0/file0\x00') (async)
unlink(&(0x7f00000000c0)='./file0\x00')

10:53:15 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
unlink(&(0x7f0000000080)='./file0\x00')
mkdir(&(0x7f0000000000)='./file0/file0\x00', 0x4a)

[ 2633.600433][T27455] FAULT_INJECTION: forcing a failure.
[ 2633.600433][T27455] name failslab, interval 1, probability 0, space 0, times 0
[ 2633.622160][T27455] CPU: 0 PID: 27455 Comm: syz-executor.4 Not tainted 5.15.91-syzkaller-02991-g7e0097918ff8 #0
[ 2633.632221][T27455] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 2633.642115][T27455] Call Trace:
[ 2633.645239][T27455]  <TASK>
[ 2633.648015][T27455]  dump_stack_lvl+0x151/0x1b7
[ 2633.652531][T27455]  ? io_uring_drop_tctx_refs+0x19a/0x19a
[ 2633.657996][T27455]  ? vma_interval_tree_augment_rotate+0x210/0x210
[ 2633.664247][T27455]  dump_stack+0x15/0x17
[ 2633.668236][T27455]  should_fail+0x3c0/0x510
[ 2633.672493][T27455]  __should_failslab+0x9f/0xe0
[ 2633.677087][T27455]  should_failslab+0x9/0x20
[ 2633.681426][T27455]  kmem_cache_alloc+0x4f/0x2f0
[ 2633.686027][T27455]  ? anon_vma_fork+0xf7/0x4f0
[ 2633.690543][T27455]  anon_vma_fork+0xf7/0x4f0
[ 2633.694879][T27455]  ? anon_vma_name+0x43/0x70
[ 2633.699306][T27455]  dup_mmap+0x760/0xf10
[ 2633.703298][T27455]  ? __delayed_free_task+0x20/0x20
[ 2633.708247][T27455]  ? mm_init+0x807/0x960
[ 2633.712326][T27455]  dup_mm+0x8e/0x2e0
[ 2633.716091][T27455]  copy_mm+0x108/0x1b0
[ 2633.719962][T27455]  copy_process+0x1295/0x3250
[ 2633.724476][T27455]  ? __switch_to+0x617/0x1170
[ 2633.728989][T27455]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2633.733936][T27455]  kernel_clone+0x21d/0x9c0
[ 2633.738284][T27455]  ? _raw_spin_unlock+0x4d/0x70
[ 2633.742966][T27455]  ? create_io_thread+0x1e0/0x1e0
[ 2633.747822][T27455]  ? __schedule+0xb08/0x1040
[ 2633.752248][T27455]  __x64_sys_clone+0x289/0x310
[ 2633.756849][T27455]  ? __do_sys_vfork+0x130/0x130
[ 2633.761536][T27455]  ? fpregs_restore_userregs+0x1f0/0x3a0
[ 2633.767007][T27455]  ? switch_fpu_return+0xe/0x10
[ 2633.771695][T27455]  do_syscall_64+0x44/0xd0
[ 2633.775946][T27455]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2633.781671][T27455] RIP: 0033:0x7fdb204c00c9
[ 2633.785925][T27455] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2633.805366][T27455] RSP: 002b:00007fdb1f233118 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 2633.813611][T27455] RAX: ffffffffffffffda RBX: 00007fdb205dff80 RCX: 00007fdb204c00c9
[ 2633.821422][T27455] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000007c0ad480
[ 2633.829231][T27455] RBP: 00007fdb1f2331d0 R08: 0000000000000000 R09: 0000000000000000
[ 2633.837042][T27455] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000002
10:53:15 executing program 4:
syz_clone(0x7c0ad580, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 59)

10:53:15 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r0, 0xffffffffffffffff, 0x24}, 0x10)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000280)={r0, &(0x7f0000000140)="fd2a7016261e6c83c9e963b36d7bb9c6164210bdb8f53152169111276541136d2ef49f04b6dbe2129e91e8765c3baab89f1fb15b520e9b090572d4", &(0x7f00000001c0)=""/171, 0x4}, 0x20)
write$cgroup_subtree(r0, &(0x7f0000000080)=ANY=[@ANYRES32=r0], 0x2b)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'vcan0\x00', 0x4000})
ioctl$TUNSETLINK(r1, 0x400454cd, 0x335)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFINDEX(r2, 0x400454da, &(0x7f00000011c0))
ioctl$TUNATTACHFILTER(r2, 0x401054d5, &(0x7f0000000100)={0x3, &(0x7f00000000c0)=[{0x20, 0x7f, 0x7, 0x7fff}, {0x1, 0x0, 0x5, 0x40}, {0x1, 0xa0, 0x2, 0xffff}]})

10:53:15 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
unlink(&(0x7f00000000c0)='./file0\x00')
r0 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000080), 0x4)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000100)={&(0x7f0000000000)='./file0\x00', r0}, 0x10)

10:53:15 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0)
mkdir(&(0x7f00000000c0)='./file0/file0\x00', 0x1)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000080)={&(0x7f0000000000)='./file0\x00'}, 0x10)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000180)={&(0x7f0000000140)='./file0/file0\x00'}, 0x10)

10:53:15 executing program 0:
unlink(&(0x7f0000000000)='./file0\x00')
syz_clone(0x24102400, 0x0, 0x0, 0x0, 0x0, 0x0)

10:53:15 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x339)

10:53:15 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
unlink(&(0x7f00000000c0)='./file0\x00')
r0 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000080), 0x4)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000100)={&(0x7f0000000000)='./file0\x00', r0}, 0x10)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
unlink(&(0x7f00000000c0)='./file0\x00') (async)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000080), 0x4) (async)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000100)={&(0x7f0000000000)='./file0\x00', r0}, 0x10) (async)

10:53:15 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x339)

10:53:15 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0) (async)
mkdir(&(0x7f00000000c0)='./file0/file0\x00', 0x1) (async)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000080)={&(0x7f0000000000)='./file0\x00'}, 0x10) (async)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000180)={&(0x7f0000000140)='./file0/file0\x00'}, 0x10)

[ 2633.844854][T27455] R13: 00007ffddc47e1af R14: 00007fdb1f233300 R15: 0000000000022000
[ 2633.852676][T27455]  </TASK>
10:53:15 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r0, 0xffffffffffffffff, 0x24}, 0x10) (async)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000280)={r0, &(0x7f0000000140)="fd2a7016261e6c83c9e963b36d7bb9c6164210bdb8f53152169111276541136d2ef49f04b6dbe2129e91e8765c3baab89f1fb15b520e9b090572d4", &(0x7f00000001c0)=""/171, 0x4}, 0x20) (async)
write$cgroup_subtree(r0, &(0x7f0000000080)=ANY=[@ANYRES32=r0], 0x2b) (async)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'vcan0\x00', 0x4000})
ioctl$TUNSETLINK(r1, 0x400454cd, 0x335)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFINDEX(r2, 0x400454da, &(0x7f00000011c0))
ioctl$TUNATTACHFILTER(r2, 0x401054d5, &(0x7f0000000100)={0x3, &(0x7f00000000c0)=[{0x20, 0x7f, 0x7, 0x7fff}, {0x1, 0x0, 0x5, 0x40}, {0x1, 0xa0, 0x2, 0xffff}]})

10:53:15 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0) (async)
mkdir(&(0x7f00000000c0)='./file0/file0\x00', 0x1) (async)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000080)={&(0x7f0000000000)='./file0\x00'}, 0x10)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000180)={&(0x7f0000000140)='./file0/file0\x00'}, 0x10)

10:53:15 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, 0x0)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x339)

[ 2633.887871][T27485] FAULT_INJECTION: forcing a failure.
[ 2633.887871][T27485] name failslab, interval 1, probability 0, space 0, times 0
[ 2633.913395][T27485] CPU: 0 PID: 27485 Comm: syz-executor.4 Not tainted 5.15.91-syzkaller-02991-g7e0097918ff8 #0
[ 2633.923456][T27485] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 2633.933350][T27485] Call Trace:
[ 2633.936501][T27485]  <TASK>
[ 2633.939256][T27485]  dump_stack_lvl+0x151/0x1b7
[ 2633.943778][T27485]  ? io_uring_drop_tctx_refs+0x19a/0x19a
[ 2633.949233][T27485]  dump_stack+0x15/0x17
[ 2633.953223][T27485]  should_fail+0x3c0/0x510
[ 2633.957476][T27485]  __should_failslab+0x9f/0xe0
[ 2633.962079][T27485]  should_failslab+0x9/0x20
[ 2633.966415][T27485]  kmem_cache_alloc+0x4f/0x2f0
[ 2633.971014][T27485]  ? vm_area_dup+0x26/0x220
[ 2633.975355][T27485]  vm_area_dup+0x26/0x220
[ 2633.979525][T27485]  dup_mmap+0x6c8/0xf10
[ 2633.983516][T27485]  ? __delayed_free_task+0x20/0x20
[ 2633.988465][T27485]  ? mm_init+0x807/0x960
[ 2633.992541][T27485]  dup_mm+0x8e/0x2e0
[ 2633.996272][T27485]  copy_mm+0x108/0x1b0
[ 2634.000177][T27485]  copy_process+0x1295/0x3250
[ 2634.004690][T27485]  ? proc_fail_nth_write+0x213/0x290
[ 2634.009812][T27485]  ? proc_fail_nth_read+0x220/0x220
[ 2634.014844][T27485]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2634.019791][T27485]  ? vfs_write+0xa37/0x1160
[ 2634.024130][T27485]  ? numa_migrate_prep+0xe0/0xe0
[ 2634.028904][T27485]  kernel_clone+0x21d/0x9c0
[ 2634.033245][T27485]  ? file_end_write+0x1b0/0x1b0
[ 2634.037932][T27485]  ? __kasan_check_write+0x14/0x20
[ 2634.042877][T27485]  ? create_io_thread+0x1e0/0x1e0
[ 2634.047742][T27485]  ? __mutex_lock_slowpath+0x10/0x10
[ 2634.052861][T27485]  __x64_sys_clone+0x289/0x310
[ 2634.057461][T27485]  ? __do_sys_vfork+0x130/0x130
[ 2634.062146][T27485]  ? debug_smp_processor_id+0x17/0x20
[ 2634.067356][T27485]  do_syscall_64+0x44/0xd0
[ 2634.071607][T27485]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2634.077339][T27485] RIP: 0033:0x7fdb204c00c9
[ 2634.081590][T27485] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2634.101028][T27485] RSP: 002b:00007fdb1f233118 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 2634.109272][T27485] RAX: ffffffffffffffda RBX: 00007fdb205dff80 RCX: 00007fdb204c00c9
[ 2634.117084][T27485] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000007c0ad480
[ 2634.124894][T27485] RBP: 00007fdb1f2331d0 R08: 0000000000000000 R09: 0000000000000000
10:53:15 executing program 4:
syz_clone(0x7c0ad580, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 60)

10:53:15 executing program 0:
syz_clone(0x24102400, 0x0, 0x0, 0x0, 0x0, 0x0)

10:53:15 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r0, 0xffffffffffffffff, 0x24}, 0x10)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000280)={r0, &(0x7f0000000140)="fd2a7016261e6c83c9e963b36d7bb9c6164210bdb8f53152169111276541136d2ef49f04b6dbe2129e91e8765c3baab89f1fb15b520e9b090572d4", &(0x7f00000001c0)=""/171, 0x4}, 0x20)
write$cgroup_subtree(r0, &(0x7f0000000080)=ANY=[@ANYRES32=r0], 0x2b)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'vcan0\x00', 0x4000})
ioctl$TUNSETLINK(r1, 0x400454cd, 0x335)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFINDEX(r2, 0x400454da, &(0x7f00000011c0))
ioctl$TUNATTACHFILTER(r2, 0x401054d5, &(0x7f0000000100)={0x3, &(0x7f00000000c0)=[{0x20, 0x7f, 0x7, 0x7fff}, {0x1, 0x0, 0x5, 0x40}, {0x1, 0xa0, 0x2, 0xffff}]})
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0) (async)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r0, 0xffffffffffffffff, 0x24}, 0x10) (async)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000280)={r0, &(0x7f0000000140)="fd2a7016261e6c83c9e963b36d7bb9c6164210bdb8f53152169111276541136d2ef49f04b6dbe2129e91e8765c3baab89f1fb15b520e9b090572d4", &(0x7f00000001c0)=""/171, 0x4}, 0x20) (async)
write$cgroup_subtree(r0, &(0x7f0000000080)=ANY=[@ANYRES32=r0], 0x2b) (async)
openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) (async)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'vcan0\x00', 0x4000}) (async)
ioctl$TUNSETLINK(r1, 0x400454cd, 0x335) (async)
openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0) (async)
ioctl$TUNSETIFINDEX(r2, 0x400454da, &(0x7f00000011c0)) (async)
ioctl$TUNATTACHFILTER(r2, 0x401054d5, &(0x7f0000000100)={0x3, &(0x7f00000000c0)=[{0x20, 0x7f, 0x7, 0x7fff}, {0x1, 0x0, 0x5, 0x40}, {0x1, 0xa0, 0x2, 0xffff}]}) (async)

10:53:15 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0)
r0 = bpf$ITER_CREATE(0x21, &(0x7f0000000080), 0x8)
bpf$OBJ_PIN_PROG(0x6, &(0x7f00000000c0)={&(0x7f0000000000)='./file0\x00', r0}, 0x10)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r1, 0xffffffffffffffff, 0x24}, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r2, 0xffffffffffffffff, 0x24}, 0x10)
bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000000140)={r0, r1, 0x0, r2}, 0x10)

10:53:15 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
unlink(&(0x7f00000000c0)='./file0\x00')
r0 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000080), 0x4)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000100)={&(0x7f0000000000)='./file0\x00', r0}, 0x10)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
unlink(&(0x7f00000000c0)='./file0\x00') (async)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000080), 0x4) (async)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000100)={&(0x7f0000000000)='./file0\x00', r0}, 0x10) (async)

10:53:15 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, 0x0)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x339)

[ 2634.132710][T27485] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000002
[ 2634.140522][T27485] R13: 00007ffddc47e1af R14: 00007fdb1f233300 R15: 0000000000022000
[ 2634.148331][T27485]  </TASK>
[ 2634.164647][T27513] FAULT_INJECTION: forcing a failure.
[ 2634.164647][T27513] name fail_page_alloc, interval 1, probability 0, space 0, times 0
10:53:15 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, 0x0)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x339)

10:53:15 executing program 0:
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)

10:53:15 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335)
ioctl$TUNSETOFFLOAD(r0, 0x400454d0, 0x10)
ioctl$TUNSETDEBUG(r0, 0x400454c9, &(0x7f0000000000)=0x8001)
ioctl$TUNSETVNETLE(r0, 0x400454dc, &(0x7f0000000040)=0xfff)

10:53:15 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0) (async)
r0 = bpf$ITER_CREATE(0x21, &(0x7f0000000080), 0x8)
bpf$OBJ_PIN_PROG(0x6, &(0x7f00000000c0)={&(0x7f0000000000)='./file0\x00', r0}, 0x10) (async)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r1, 0xffffffffffffffff, 0x24}, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r2, 0xffffffffffffffff, 0x24}, 0x10) (async)
bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000000140)={r0, r1, 0x0, r2}, 0x10)

10:53:15 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x339)

10:53:15 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x339)

[ 2634.180327][T27513] CPU: 0 PID: 27513 Comm: syz-executor.4 Not tainted 5.15.91-syzkaller-02991-g7e0097918ff8 #0
[ 2634.190384][T27513] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 2634.200290][T27513] Call Trace:
[ 2634.203401][T27513]  <TASK>
[ 2634.206183][T27513]  dump_stack_lvl+0x151/0x1b7
[ 2634.210692][T27513]  ? io_uring_drop_tctx_refs+0x19a/0x19a
[ 2634.216187][T27513]  ? post_alloc_hook+0x1ab/0x1b0
[ 2634.220936][T27513]  dump_stack+0x15/0x17
[ 2634.224925][T27513]  should_fail+0x3c0/0x510
[ 2634.229181][T27513]  should_fail_alloc_page+0x58/0x70
[ 2634.234213][T27513]  __alloc_pages+0x1de/0x7c0
[ 2634.238640][T27513]  ? __count_vm_events+0x30/0x30
[ 2634.243413][T27513]  ? __this_cpu_preempt_check+0x13/0x20
[ 2634.248793][T27513]  ? __mod_node_page_state+0xac/0xf0
[ 2634.253910][T27513]  pte_alloc_one+0x73/0x1b0
[ 2634.258252][T27513]  ? pfn_modify_allowed+0x2e0/0x2e0
[ 2634.263282][T27513]  ? __kasan_check_read+0x11/0x20
[ 2634.268146][T27513]  ? copy_present_pte+0x76f/0xe60
[ 2634.273012][T27513]  __pte_alloc+0x86/0x350
[ 2634.277172][T27513]  ? copy_pte_range+0x1780/0x1780
[ 2634.282032][T27513]  ? free_pgtables+0x210/0x210
[ 2634.286647][T27513]  ? _raw_spin_lock+0xa3/0x1b0
[ 2634.291233][T27513]  ? _raw_spin_trylock_bh+0x1d0/0x1d0
[ 2634.296438][T27513]  ? unwind_get_return_address+0x4c/0x90
[ 2634.301914][T27513]  copy_pte_range+0x11be/0x1780
[ 2634.306597][T27513]  ? __kasan_check_write+0x14/0x20
[ 2634.311543][T27513]  ? stack_trace_snprint+0x100/0x100
[ 2634.316661][T27513]  ? __kunmap_atomic+0x80/0x80
[ 2634.321260][T27513]  ? kmem_cache_alloc+0x189/0x2f0
[ 2634.326126][T27513]  ? vm_area_dup+0x26/0x220
[ 2634.330463][T27513]  ? dup_mmap+0x6c8/0xf10
[ 2634.334626][T27513]  ? dup_mm+0x8e/0x2e0
[ 2634.338532][T27513]  ? copy_mm+0x108/0x1b0
[ 2634.342619][T27513]  ? copy_process+0x1295/0x3250
[ 2634.347297][T27513]  ? kernel_clone+0x21d/0x9c0
[ 2634.351811][T27513]  ? __x64_sys_clone+0x289/0x310
[ 2634.356585][T27513]  ? do_syscall_64+0x44/0xd0
[ 2634.361014][T27513]  copy_page_range+0xc1e/0x1090
[ 2634.365703][T27513]  ? pfn_valid+0x1e0/0x1e0
[ 2634.369953][T27513]  dup_mmap+0x9af/0xf10
[ 2634.373949][T27513]  ? __delayed_free_task+0x20/0x20
[ 2634.378889][T27513]  ? mm_init+0x807/0x960
[ 2634.382978][T27513]  dup_mm+0x8e/0x2e0
[ 2634.386711][T27513]  copy_mm+0x108/0x1b0
[ 2634.390614][T27513]  copy_process+0x1295/0x3250
[ 2634.395131][T27513]  ? proc_fail_nth_write+0x213/0x290
[ 2634.400241][T27513]  ? proc_fail_nth_read+0x220/0x220
[ 2634.405274][T27513]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2634.410225][T27513]  ? vfs_write+0xa37/0x1160
[ 2634.414561][T27513]  ? numa_migrate_prep+0xe0/0xe0
[ 2634.419353][T27513]  kernel_clone+0x21d/0x9c0
[ 2634.423674][T27513]  ? file_end_write+0x1b0/0x1b0
[ 2634.428364][T27513]  ? __kasan_check_write+0x14/0x20
[ 2634.433309][T27513]  ? create_io_thread+0x1e0/0x1e0
[ 2634.438170][T27513]  ? __mutex_lock_slowpath+0x10/0x10
[ 2634.443290][T27513]  __x64_sys_clone+0x289/0x310
[ 2634.447890][T27513]  ? __do_sys_vfork+0x130/0x130
[ 2634.452581][T27513]  ? debug_smp_processor_id+0x17/0x20
[ 2634.457785][T27513]  do_syscall_64+0x44/0xd0
[ 2634.462039][T27513]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2634.467765][T27513] RIP: 0033:0x7fdb204c00c9
[ 2634.472017][T27513] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2634.491462][T27513] RSP: 002b:00007fdb1f233118 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 2634.499703][T27513] RAX: ffffffffffffffda RBX: 00007fdb205dff80 RCX: 00007fdb204c00c9
[ 2634.507517][T27513] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000007c0ad480
[ 2634.515325][T27513] RBP: 00007fdb1f2331d0 R08: 0000000000000000 R09: 0000000000000000
[ 2634.523139][T27513] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000002
[ 2634.530955][T27513] R13: 00007ffddc47e1af R14: 00007fdb1f233300 R15: 0000000000022000
10:53:16 executing program 4:
syz_clone(0x7c0ad580, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 61)

10:53:16 executing program 0:
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)

10:53:16 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0) (async)
r0 = bpf$ITER_CREATE(0x21, &(0x7f0000000080), 0x8)
bpf$OBJ_PIN_PROG(0x6, &(0x7f00000000c0)={&(0x7f0000000000)='./file0\x00', r0}, 0x10) (async)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r1, 0xffffffffffffffff, 0x24}, 0x10) (async, rerun: 64)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0) (rerun: 64)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r2, 0xffffffffffffffff, 0x24}, 0x10) (async)
bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000000140)={r0, r1, 0x0, r2}, 0x10)

10:53:16 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
unlink(&(0x7f00000000c0)='./file0\x00')

10:53:16 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x339)

10:53:16 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1}) (async)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335) (async)
ioctl$TUNSETOFFLOAD(r0, 0x400454d0, 0x10) (async)
ioctl$TUNSETDEBUG(r0, 0x400454c9, &(0x7f0000000000)=0x8001)
ioctl$TUNSETVNETLE(r0, 0x400454dc, &(0x7f0000000040)=0xfff)

[ 2634.538760][T27513]  </TASK>
10:53:16 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x339)

10:53:16 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1}) (async)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335)
ioctl$TUNSETOFFLOAD(r0, 0x400454d0, 0x10)
ioctl$TUNSETDEBUG(r0, 0x400454c9, &(0x7f0000000000)=0x8001) (async, rerun: 64)
ioctl$TUNSETVNETLE(r0, 0x400454dc, &(0x7f0000000040)=0xfff) (rerun: 64)

10:53:16 executing program 2:
ioctl$TUNDETACHFILTER(0xffffffffffffffff, 0x401054d6, 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000001c0)='blkio.bfq.io_service_time\x00', 0x0, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r3, 0xffffffffffffffff, 0x24}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000200)={@cgroup=r0, r2, 0x1f, 0x2, r3}, 0x14)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r1, 0xffffffffffffffff, 0x24}, 0x10)
mkdirat$cgroup(r0, &(0x7f00000027c0)='syz0\x00', 0x1ff)
ioctl$PERF_EVENT_IOC_QUERY_BPF(r1, 0xc008240a, &(0x7f0000002400)={0xa, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
openat$cgroup_devices(0xffffffffffffffff, &(0x7f0000000280)='devices.deny\x00', 0x2, 0x0)
r4 = openat$cgroup_ro(r0, &(0x7f0000000140)='blkio.bfq.empty_time\x00', 0x0, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r5, 0xffffffffffffffff, 0x24}, 0x10)
openat$cgroup_type(r5, &(0x7f0000001300), 0x2, 0x0)
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000180)={r1, r4}, 0xc)
[ 2634.576274][T27567] FAULT_INJECTION: forcing a failure.
[ 2634.576274][T27567] name failslab, interval 1, probability 0, space 0, times 0
[ 2634.601803][T27567] CPU: 0 PID: 27567 Comm: syz-executor.4 Not tainted 5.15.91-syzkaller-02991-g7e0097918ff8 #0
[ 2634.611953][T27567] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 2634.621850][T27567] Call Trace:
[ 2634.624976][T27567]  <TASK>
[ 2634.627748][T27567]  dump_stack_lvl+0x151/0x1b7
[ 2634.632265][T27567]  ? io_uring_drop_tctx_refs+0x19a/0x19a
[ 2634.637730][T27567]  dump_stack+0x15/0x17
[ 2634.641717][T27567]  should_fail+0x3c0/0x510
[ 2634.645971][T27567]  __should_failslab+0x9f/0xe0
[ 2634.650571][T27567]  should_failslab+0x9/0x20
[ 2634.654910][T27567]  kmem_cache_alloc+0x4f/0x2f0
[ 2634.659514][T27567]  ? vm_area_dup+0x26/0x220
[ 2634.663851][T27567]  ? __kasan_check_read+0x11/0x20
[ 2634.668711][T27567]  vm_area_dup+0x26/0x220
[ 2634.672963][T27567]  dup_mmap+0x6c8/0xf10
[ 2634.676959][T27567]  ? __delayed_free_task+0x20/0x20
[ 2634.681905][T27567]  ? mm_init+0x807/0x960
[ 2634.685985][T27567]  dup_mm+0x8e/0x2e0
[ 2634.689718][T27567]  copy_mm+0x108/0x1b0
[ 2634.693620][T27567]  copy_process+0x1295/0x3250
[ 2634.698134][T27567]  ? proc_fail_nth_write+0x213/0x290
[ 2634.703255][T27567]  ? proc_fail_nth_read+0x220/0x220
[ 2634.708288][T27567]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2634.713236][T27567]  ? vfs_write+0xa37/0x1160
[ 2634.717579][T27567]  ? numa_migrate_prep+0xe0/0xe0
[ 2634.722354][T27567]  kernel_clone+0x21d/0x9c0
[ 2634.726690][T27567]  ? file_end_write+0x1b0/0x1b0
[ 2634.731376][T27567]  ? __kasan_check_write+0x14/0x20
[ 2634.736324][T27567]  ? create_io_thread+0x1e0/0x1e0
[ 2634.741183][T27567]  ? __mutex_lock_slowpath+0x10/0x10
[ 2634.746305][T27567]  __x64_sys_clone+0x289/0x310
[ 2634.750904][T27567]  ? __do_sys_vfork+0x130/0x130
[ 2634.755595][T27567]  ? debug_smp_processor_id+0x17/0x20
[ 2634.760806][T27567]  do_syscall_64+0x44/0xd0
[ 2634.765056][T27567]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2634.770781][T27567] RIP: 0033:0x7fdb204c00c9
[ 2634.775032][T27567] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2634.794472][T27567] RSP: 002b:00007fdb1f233118 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 2634.802717][T27567] RAX: ffffffffffffffda RBX: 00007fdb205dff80 RCX: 00007fdb204c00c9
[ 2634.810532][T27567] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000007c0ad480
[ 2634.818339][T27567] RBP: 00007fdb1f2331d0 R08: 0000000000000000 R09: 0000000000000000
sendmsg$tipc(r1, &(0x7f0000002780)={&(0x7f00000002c0)=@id={0x1e, 0x3, 0x3, {0x4e21, 0x3}}, 0x10, &(0x7f0000002600)=[{&(0x7f0000000300)="b9a4ef1c51319662d791e03ca10b920882530116a446128dd477a6a1aa5636aa9f6595643de1ffbc6a504c8835efbb2bc6d39281b17e602cc7ecdcf55803914afb91cf90781974f09bf5b71b40a30d17df8c0aef6510ba3a7b91ef8d67cd67184db325b6a1aca7f22f97a1ab2551aa8e4195e7c3a08e173ce02f1af8796caa7b77ac33a50ce38a783dd47cbce7dc7332b3ea13ceade4de019185fc25088876338dd6bf76a61dd3e5eea1a4d567975d750cb136acaee9da871db116fb8890745b12d3a059451b018bad51efd61c1d538a0c89c8fbb638c9fc185bb6d8b3c62f95b8b0acbbaa40d3b855880efe1f51c271ee89c13aedab6c9d0a481a80c2900a9c3b96bfaf6309140e73d8b2bb26d6a40a594fee23be3fd2125824ca7b69f28d5ad50a5d43aa4a119b84578106ea702698c0cefb7ad2eec64e6eeed3fd48a66688713a08bbbfcce978a94ee1d0d5834673bb9b617845917b0bc215ae0163205ff1bf9ca2f727db3ef8887dc50ba5d020ee8e721b63fdf853fc815d08d7cd8b46f2f77390b99603a78239e136a4879030aa094dc043e5029289de2eb63bd72bce68ecb9aa3f3a1d057bc5ef0d87e42206aa323fda6440e117e9c47a1c60c606a862ba68a639c21fcfb3662fc25276259b15f1ea77dcf147d62724e6583be5a7c95bab17e62db8f063a45279be0ba076e464cbdef6097044967d6bac97e9434194fa40d79e6a56ca7eb06f41d3804076d748d6b8a8e3a40f3fd92fcbbfce5995259f87966dd89bda33b2fadc3a04e2dc35247a183cac5021246c72b75218cf0dcf91fe65db214fdaf2564e6bbef3db5ce833055a6810e49e4d3f29dc48ecbe98f6ff18aab8b2aadcf3529da351500cf529e144c0b2473d3a6912702e1e6f61dc7bbf5324d75845fdb5be4ccee53ec789b60cc689f54238f62f6e6f16d68ea719da2b3cd9dd395d5af32e7e9549f6dfe443aef4f7a9104ff457800cb57c74544c3b545e57f57c10e8d34681652641b1700beaf8a12b47c7da5cb0e381283cbf21a112c1258f84bf7bc013fba1a2401759da7d45bfe5941297f1f4294e9ec69417a9713b8b559c274329851e0f81fe81a1b6a0ab76834c5431519b61853c5b11b5d2e91b7612eefea69bed2a1fa1dbecad2032285091241164d74c0eb1b5edca1272eed426d4e6ed23da79f580b6716a927fbd1abfa0c9cdbb78fc9f69ec8083e5f923cac50acc1af8adc018db986fc262a2504e06ce77f27cef4b76671ebb429950feeca2035c924fd5ee6af13409df87753b8e4f9faa470c4b23ad20cc2de52d112847ce45b50e226ed8bc51e7ac12ee8c96c79e5123cad866b6432d96ad173ed6034a97eed0ec8eece0fdd1c02244753acac679bbf37464e555a38a3df3cdf763025d885ac24a6e5d96911a25b0ccf0ccab608269748652049e41b1dd7a6ce5c2c636f0ff1fb11712b7e336d583e99ac1dbb015ef967d3e2dedff3a70477c2904710952af456c23e5b7cb24d8b381adcac4d493530336d5cec0d3835a8783b508cc490f7d4a14740929c5ccbc5564ae763dcdca30442a83a045268c69f9b3ff8cbf95b82af7934b6ce83e72e92df75b2dcfdc72a8aedb59d1dc8bd7aaf204e80129e7bcdf6952262fe928b16b019878beca17284f547eb7bb48a6bd0a0417af1973a16a70ee8439629a8f6b13a78acd601683afdf29545b6197b5053da64409eda5418051fb00bd2b0359957da3a3401f1bc3fcdf2b0b55a15c0e1c4122febf348dee9ed200f02a22312489c8047d8404298c53ca93b87addccad68a8cdc9a71b08843ebbc6ce798082338ba8bc5eb093b6bddf004f1409981e6d5faa29cf25ee1f33a691007e5185af53257b22b88714fc133599771fc8d3c839f36098d423c08ce96317127ef6e9ca6176c371e15d324d8b2fa38fe1066832776493506d0e20b1c8226657885408bf55a78beb9a69a0383618057e28e4e7cd6e7bcefbe2c9454946ee60a7557746fbfc2db3969f241b2a7a78e0f0ce29723d9add9f36130a6692f1ec0e3c775831b0c95c2f7496966d333342333ea9fd3501037cec978c83f12adc8d7cfa22011b79734d740008e6593cac0ff74478ef09a26a7751bf3df33f0cbdc759717ae1440b4e432520aa73fbc3dc8d48190d3b4ecf52f0b7ae328eac4bf8d108d9b52653991e9414bbbb563de2a7d562859f3530c3b0ca38bffb35b3dd4eabb0ecdd00ea96f02e81ef9e09efb599ee99066463a72939911949191b8a71856ef7e4e57c5f64e35ea32c88a0ce200f53d89e6483942a7b3ef03056a324683e8b4f55a7f3be4b694ce77cea2eead1c7b8b8e496b64208fac5ef07149fdba98ae55e72a20d9cb2f1462e50a8ad8d19dd99f1967d24371a7e56b4364ca7f16439f7c2f565d7523709563303e58a48335c213039bf189e573d3355e273235602ec5d39c78915e57474eca9e3f3ba53ce9d843c5753f4dea7511e3f78e90a1040f98b79496aa7d93153d679e937fbbe57340c1bd7293629eac958473dd0c3e79d2d4d7bcd536fd5de3b6697417b93a530fbd7fb5c3516be089f5b3a58c4a9fb7f62f8d16243cb3889592d6edb001a5077d92dd7bc427e5cf8b2325080afd396dd536bef89308795cbb2029596cd1e4416c55001af5ec2490ccd8c2c6cd3a3a9525fca1aa718e406c8b624fb4fe0e95ae1483eda635f3f122bab1476b6a2d94e1d7859b836361b65962d76e7a78f289ceede245c7e3b75d6d5a551df02736839777cf5ac708d66ee989042c795947ef57c94dc87a4fbcd0ac99b9da7a012063c1056c379b98dc8d8f3fec81ef04c135b8c1bf2dc61ac71e353ef43e78bad380399bcfe2c91cf9aefdad404b5df9d04348ab9da7c4772dde5740ef20d8df39e8daf43434893305ae6f246f8ccded33df71adf618b25ca8971d85a27fe23c56dbe81bd77d21e5d51903256135c433f1de6a78f593c49524c6da301aaedabcf40270e3e329f519d868aaa3bd853fbf4aa96736b9b85fcc57f56e8bb69b0c82479693ce8cd29b6d6b15c68a1e147e8c211865028c150b9dc48a8b692efe4f68493c7a98df92bb76349d503592d0314c0918ee70c115f1d9add459f2747bf01c2199a215cd50842fb9adaba34497d68a3418948ca549411f3219169d780721e39b8e73407e4322f98b9197316831a91cefcd703c90fa80f70d0d0d2b8edd0329027bde67279647e6f4923d49a1d9490383a51e133ae95a9b606b46e30893b01868e696d827ccfe11fc515efcb42f6f3173bd2ead1747c08acceb123259cda40012a3fe4781828153bb0fde6c5040bf1de183b5c06facf25123bf8e150958c454d4f5ee03308a2a7f12b7ec17a7a9424a78e975b1a5a0ac987c7715303831523bedb47c4c0e769d86c9a5d924e53ab2b5bcaaa6414e42a5fcc94bafbc3db3a0b92be90e849f923938514d202e301cbe410d40aa0d664b66e36c0418835aaaeb2e8566fe253fc9b90a42fa9f7a1bcdd8c1f06305f715d85670545a7a74660b5510c4c94e813e4fbadf5f9ea488ed2d05307939a3073e147916eaae4c5878c3abc6a1d1a4f5c8246de2bd666fe48a0955f5b2c159b0acef89ff3461fc9267a2007f872b2ced6df1f2310a49f45b1f71fd0807c0bfd4a0a20caaf298fb18c72e208f9534c28ae4a2d09d084c2b0ec438c26545db65bd6547ad5871f04ec2aad8fb82ae1b2f85a328c9ec00216cde506752a4982da17bab0501584d6a08cb3880788c3353eda9e63ee3a236eb9b74ccf62e960b6f627254c0c3361de73b7ba4d777099194b67dce60287b05cc6100f1f1f792978662042864375e0f2b8d3add1ac9b2538e249d376b653f4c16b7d6088a5a25d7fcadb7ed8f8600ffb176461518502068942192d9b135b1861ad48898d497863929dbca9649ed8f59eaf7d3772c854e6ce3c272a9e99abda44ae3ef28aa1fa4df9052661bc9fe0bb70758d4508a25779f64d72711311f339ce005312a4e2c44981bb7d236bf01244a10e76c62415588868b013e17c39b884c99ca534a604b104d1571637565a9edaa1577b9ebd761c4d114328d53bd2ea1eaaf39e0abe3dc8f37bc3e5a6f0dc42a4747146562008fcb9b2f05d93899270da9ac66bceaa7b1fc4951f0f4f1a6b9a09d592df5326106413a09a6e3f4e6248e45ec439bbc53f5588d4755161ab0b15c3a93e17a69c656dc987589929e52d35a15eb3324e41f65429bc93fda4dd3f3e1a65156e0176ab647ea5438ac2e7b065fb6c8e66b80c7de0cdb0ed56fd57fae0f0d25d7124c398db36f47be6b5cdf724ecc8a1937e0257d929f16f138be00cd06c1ccde3e8a03d8951bddc5822fc4d44106468164a2394c15da956bfcff67a1639e17646b4c7f5ee10dd6acf621f18e60c2fe99c4896771dec239823f5290da863698e24316e626fce1f20b4987d348574409f9f1b331cd24863ad4ef7cddac6303e7419182ac5363ba54a9ac5c513ece644b9223e75f18878c5b03a67b454419a694b52deb1b2747311bdce597c243c1fcb867f23e04d65c1c9fb71c3ba23e967e84aeee74b7e69373accd084ed4acc17d976231d1bc6afefa39f124a7afbb20c41eb67ba55cab98967973261921863acd41d613e635f0c1a75cc68d7cf1b11436f2448b42f7c16fa1818ca3c00dfab3db7e26d91433cc1539d14bd6df943d816a59b4e642b9d7c110c3a428a42340191d8992e6c8d439b091b985a301b5c5c4028c9c968cf269b4aa0c2835ae3529377e629ffd3fe405980ae9a143301f70e85bcac210e11ea5eec294ac3c28fd5e8ed11a781afd369b068d3458270385ef0f6e9cde4a7bd8a96c996d51e6108c11494309286befbee0fb8f6226d05b6d8588ef4ba7f4654cd7af029d892b7a06dd80b360f7ff8e262b745ca27f524b31bfedd7646243c9afc9a7705f2d0ac95a442945b8754ac241471e4fa2073c16030ef408920cc4425178061df00339cdcead54cd2adba1135758e4ea976e64dcd2d21383fb470884fc772acb5e30cb63a17ff7007a8df0ef38505ea706a7a754816a3547bcf8809f6b00549ac373da29b2ee536cad7e9905a7fc739a509de1fca804f67a6479aa418f1c1404ca65a41e08058c9cf8f82d6e5b0f34b38f6c0db55c44365d5584ec26cd9774dfb954fe12b25e4d6264f2a2366ea144f5b3dd6a3cf5f4104baf58f21ec5dba6e452b687ebd7c6e555e0018083c7fe83f1f55a515dc1efaf50a77464eb4e9ffed22c5848c1d9ce48778900316be71ba9d894dcebbc549d142995b41ee5b5130d6667fbf7359398f3f7d166258596c45fe2554e99d875bd48008759f7f725a4f162e94e638d44d1633faab5e4135ae9045121a67e7f01e843f98248b6bc4aae89f0c77d06372094dedbfbed750d5b5893ca727a7c6da237fe7bbf58f2b8c5cbc40b740ee68bf142e7dcb9feca4d0a5a0a9e8bf81b79d4d3b272232923f5a14082ed1d86b71372d2d23840886fe04240c360cb57e2a5df2c3c7ed1743b152fcaa0b640233c1ba0101fa4842e991ff2d2d1461b9024925033b897275b455c1e3fc20899ec718d8d1f1199de8621d658766d6069f5b83db1abd961f2869e72ed7ca8802a3af88686f96e11e0a4a448e0d6aae8736f986832b22a033999f14011c5ee3e84c0f5d90ad36e2e91a0a14580cba041ce8eff7d14a2f790d61be20e3ef36dbd343b5f25f9bf005128e339b6e811346399c999c112ddc0aed7af2b20faf9fb91ea5d20855c929bb4f181d6dcd7cf0b3c7019c847e71e7c433e4fa714d702c8f2f78d3", 0x1000}, {&(0x7f0000002380)="b8db6e07a2b43ffd40b6602a01e49898e412bb500780a91bece9d1d266b3c79eaa7271c29001bbd1f56efee15b1326550d7b69957571efa2aa8aa74537f4c18a65683684cb778800d30c23aa6462be7a352c7eadff92", 0x56}, {&(0x7f0000001340)="739a0dd4dc44c8b5e962b2a5b725389f59666cd8f590d5c676d1c11a196bb8415c62cb70cd25363757e71b76df787cd75d567dc9d14cdf420576da4b9e5c9d780a3a06605c050fd5881ca12a68be919927389761388d7b0e26c8b27d61e13c0433e48c25a1fe4f982223027fc27f054cabd56b396ccdb71e065a6643d71824ab670149f05ebd05ff156bba20bef0debdd2b1f1d8793cf771137aff308467ad743f9f8e7a256afa9fcb2e5630785992105a90fb7c59dde7846d6f350cbe28b738f5b4549af090b024c94d2906ec609751260bc316900779bffe5356328674f5bd0eb064da963c53de926e51e318155a98409dc0500e8f140f8e146f4b4663d69daee24f63fbd91ac14c951a9a11034d7c26b33232604808739d886f29751b9841ec46252aaf46668a4fb379e8c1e046dcc1431dc100f8b292f3989e5b6547379005db211db6761c84e3ae5f99cd56f9ebb3315c38f39b6024ddb7ee7995daf5bfc64bbda0e73691a01a5dd568fb8b3e2ec8fad1a46853514b432e8805b38339064ea61eae22fecce44b1abb1f46203d27e6f074bea5b37fe9fb35f558e8d7c9afaeec4fda3b96a17fd7ea819e8c0843c832d6beb6e30d99d2695431f9e001c201a63baf05c79e6bf4ef1bf66c0544ace25b96e8ee3a0591cd82ad3576164af1458809f5de21a45f8679036f3f227e463fed88bdc699b62042146e4295990b75f68845b04f84a9fd9622d44e0be5e2740379b8cfca55aee9ca6005b3bf6c195816a6e2024b50cd158563514f71c5f99a0929b07a09252194d6b7dfe2f1bcfe4b63949cb22d63b437afd3a9f8c85db4e0e6e6bc78b902c9316d8c63577af62bf86d86c006397cbc5049868f5ca69fcd794f253223b331bcfd0871dc78eed3b4cd9a90936a9fca9e8aa9335ea4677d2f5b975ccc70effb0241d25b25665a7be4984862ed51d0c4b58908059c605e167970f0e8464d8767b6a4c8478a67e380c80d76acbffc5fb533a5bbf66cd4f479e64e6dd612751cd37ebd714f555fcd8529f013e4a48746ab4004a6383ccdf366f507c4f679e26e1a181572017933f4a7d0f285df7b02e3309455ec716a9fbbef2b1bcf8683c20a2c6c2e6b0558e10d349c1b6ab8ce53c05a06d3b217890ca020046b7f226af89252c98d14d8b983d6e6bbb7a9ba8d8b104678ff274409c2fb0717968b0055edc1bc78c4c6c442f53f2c33528fc8361f74931c8b7d03a6fe697d43a81e21b9f36681852feed2f6b9d1c1370f66954a5cd3f997474dbbeac43acf1a908fdead546a977c317d41d1b909afb5c060727ee9266618872580babf33b075cf4c79bf25456b24d966bff316f6380c38363ca6e634bef856bf251df2626fbef7d5717e6364b2077fe8e97e718778b2ec9c14f4c1981ba063088c0a75a5eec351d60458622dfa2b29ffdc2e95b6cb30a4b5b045531d04bb98ed5d8217bffdea98255c9d32e6f0c966bf41a36480bcb12cc20a36898aa998601e86fcc5e652e07f7700a1bd8dc5ecd356604cff22eb1249f48817481a37b150061748f9a6542cfba431775424c667bb1495879f5c067c0d1fd1b1a4716bba0fe69b124eda22a037cc48980075227ce7ec83b7656a82d65a4f0124044333970a923f22677fcb5c4138170f5481f48d6dff2c9edc81381a7d242c91dbb81fcf2c04273a9a17be8f9ba61deb37ecf097851388d735b55fa8e3550d7ff8a201bc6d60f61c99b5c3b25b5e69605917f1bb01c79b9e0bc6173c598768dc1e2d033db0b2468de5eeb7d34a496984e4bd9a5d72bf2ef364f089870bb3c4562826e283332e9c3d8cab303c208dfbfdcdbbd3a984e078c46698880a6145e458fde81a95855c2b1597dd660a1f03d580525c09660aaf73e6ca4a1042f4641b88e868cdca930c922e406617f2d6406d6a8662324d24517f4b3da17647b1da1f345a85b81c532d7e35428e87224b94a293bbd1dd9925153f7c2082763e0af09b9b595b7bf62fff768f57856fee557cb9f9b7560dc0ace34cc3f84d3b8205fbc6a21f9bfaf4b4b208ef9ae398cfa67e7a19529730e395f0461c7ac64b111e64dc3d5fca087b1588ba8640b3f808c7040f00e67a2731ab3f56b0ee5bedd318f0a9c63353ae3808bdb260d8dae0a7cb3835bd47b5aa35baf283009794a37734bdc752aa4ad52182f27aed27156659d38573e99c944abbeaf322b233c4b769735d33e2328bb42a69aafd6b27d5567fe0d2c447bdb0ef997e6edb9d9d0f9053a733f897186efc6d6e97bae88bb80d6119f9bc7db5e394f7c9703a28e40c96bca88685c1878b1ecb3a81d3970a3b8b0f6c0d78521b4b4f1fdc94d0e3b5fe40b4e556ca2c1e646a3eb8ac1104627262f5b50b9258291f474e4c8f4c76b24297b8e2dd940113ee085dc7c42c46694d79362637731ac7e602b6084a39a74ba15fa6ee772f1f8bbd5240ca300395f69c6682dd66fdddb28247f067993f1ff1c3895257c8291343191232c3eb61be2fb9b82e0c2f00fd4828e11c38355c8ee211f55eccf8c910756685d639e22d1e1855243f1e51a9fe3f9be25a350acaafa286be49afe0056c8c9d51b81ce10fbc68f77713c7dcbd8dfa2347b5f1054809313e11b00748afe275c0eda04bc5fbc08b54e3db9c10b7dc54b2cb6e2c9c8a1fd9153f1915dd4fe5a49767c72666adc6d31448b74aa484537c5b34a2abb3463a2f9246ec545066753a35e0d47c08aa68c01c095fb7bad61d8827ca74ee2c92db4e73b45759d0937ac1f7e9da5bdfbd8cdcca356ef850481a64463b2dae470f6ae7df942b11466cce9f7f0256e4867f7b36d2c4ab3a910bebf06857775509ad24176ddb7173780256382d7877efde2997a560b2dfcf11c2e06a51dabe1610ae5a0b6a3cbe2ad2d12099421c96ce4024f6717be19bdc46111ba8a64a1bc780fea7e4636742a4fa8e08c94717f8e3ef910b639b8f864ebee0ebe6b3cefdf77292fd1856ca8f0470a2f0e0a85c5072a46620e412e6dde83c06f69820f6a792cfc693552fcb17986363622729d44d61a68ab134406f139f89c7ec7aee5352bb4819e08b8b7ebb147d86b7de30859e4da81e6d0f861126bf1998232529cf5f4257a54778516fb193af52ee8c8594390ca9151e945cd5cd50164e485e55eeb34b9507a2997387ddf57e11d0a6831276af82de19a572ef013989988819ef9fdfeab46a357a7686a90105bd294f5ba70f23670e0f967a63907c05d02c767f7cc5073b54dbd93d1995bd6313d6ce73aea283425617a785a163f59ded98069bf924e007e87098d121cf130b659cd9fae6144ccb15f5434be644a9a2d7408b11387f91220f83cfeceee64f77d22405f9e692e85930c1b7d084d6be046eea18c1c59485ce334832d970b2d5b24d7c5c1df62f89bfeddee9796ee9684162a2fe098409582b562d38f2891ef4a5f55389cba66f33cb0581d7039e4597d20a80da26e677a395b150ac2137186f6efb0ee412c91a253e18319b5b2c0cc14a8ca6a157f4c1d696c8ee33d376ebaaa0fcf2e0c51d141af85cdbb7e12bd1817ad18e2bdb26bd29f5bc0eaceb5f44529fffd3bdfac31be7951d2a5284d63e64d82346511ad0953bb6425d834ad2bd610f8091235f5ad7a4c5c831a60eab12e5057e781d09a05de992ac3df73cb0b3aa626b8d1809f2ddab60831f435c7c5c611ef6560531723c1ef9ef2d631fbd59bdabf80f6e0488275dbab9b5e381ccbdf812573c76e0b8fca396b33c2cf48eaea99024072d355893d5aac5a5c313754cf8e7cef622a739beaf8866d24150bb13e4f74a2cea150267f9ea36b9c8c779d8ddd590dc0758c99ee2c6c91ed7a292a2b63ac2eb293676581b09b6956292ff20557564932edaba5ce9ebd16d606673c57025adb3cf75a555686048fc2ea2e71574718c76e13417d85d33d8e866359d404e0831b0bfb17973654763cc95be121f5deac224fc8d5905738cdc957bc13569edb6c6afcce653dc3e50d4d6ba581722d3af58dee71213a56dab6761a42deca091f7d524fb2f7f4fe0c8ab52b0e63dea3c43ea847cb7e8dc921596fe95ca057e611f4846b1ac4095a32d0986a8c6af395f8ed76f8feac99063b19693f2fd1789210be826af24823b3ff9ae5bc1ce57844c97292ba3265a389bbe1a5d76e4e388585e83a7f009bc858ac57eaa1e289465b5bc37d63e22949389096d06a6b6aec850aff996d5edebb1f8138880ee5c7851a72424dbadeecbfc274f51e86fd344d5d2a3f1c1b12509441cd7c9bae7cf50dc06d3c7abbd547ffe81be8d80efb8c1dbbb69c4164288a44ba363b4b0eb047a351259890bd6a5281d08179710edccd6828d58f8a637c6a77e438bbd77f1a8cef6b3795c6706c0a72a73073f08aa3043c2c3d0a239a404272d9ec9861e43d0ff6e1b6286010022eda8459cd7583e102a8f8a3c16a87f3fd3cf72af40e8826b0869578565996182427c4be58a8cd07a831149e020fbcfeac26e552be23da29e10fd8fa083062f50826ccdec37a697728101e6b7244234950306991edd5db9f34144a64fb589d86245da7e7af2e1c9db825210aecca6dac74af14e43be51877374a6daa7ec6f768dea8e48ab50b4747d0b22e2cb2c51110582a1a6ecf415fce4203dbca0991468eae3b8cd82a90b0aa3e235d351ffb2c0bfbb79e8b878554868919eb04b45cb6f0b2686116c818c527da7316fd544b3424dfd4426bfadfaa2ecec2cf8f2ec2780f122916a15f91ede656d3e1c612d2cddac160f8abb036eab9146b7334f46836dbcdd856076b1ed53e0114d764c1345b2799553f0a9696c16502f887a4c611235d845475c4e45bcaab7d5f61f1d343280b55e81cd1fbc44e4e89d57c1a2bf070de28f2f1abc8d876a8e3fa1f565c57f36afa06234793ee88dd45dbe44d13ca1fa1c72951c2f1d7327be72a264ef95673519f8e80888009ba87915e1e0e71d5c91a457aea2e5d6b04f9ffc96b1c3cd9c94f9c92988f7071283cc0157b90cf6d0786b3e1d5fc0496afadf6d789c4047891d24706e7e4b2dc7339f0898f10b273ed55452448256be1f0cf631e14eaae21bb95abd1f9a9aed70e9cbcf4e5594b1f2a10e49249378a81ccde7c2bfcfe9b49e4c8a363e6833cfe1ed2f417412e40cea805cab97ce173cf3276c6c0120f866890b110881e815279df2ce1524a70057e9eadb969e6a87b95639ecd2bde173f398d9dc5788d319c6376478ae896f7c853bf227dfd2880d28667527aa602763db640c35102df9a1dbd15769fc5a047b66c5a12358e5ff0cd17cf8b864e7fa5a79bbe1ceece4455c179fdf2f27c928ca89f6e9779644ce9214d0152b8b5ec200e2ec465312acd98522784e5f9c8c3635c9fdec17659616bf9d9e8504cee80fde4e2b667b71d73c3d1e025e3b2413c751c920ec63ffeee8702df7a3b5f11846beb102051f46a18740a74692819c0b893a1a59a8a3e905caea4e62edf4edb11982e5c2f724afef11878da401ed247f5f68fe1c88304303c1113fda84d06414c51296cca93bd5934f476d845cb80a1d4d66c4d59532981aee6aa2791a99ff85f9ecb39a36e820bd5d18825b432619caafce9a748afb6ec19dcd38a49cd2b7caea9da963e70836698d8c7bd3f8bcdfdeb06ee64820e9ba71a4aa8e2fb169b773a617c0193f3676488f6878e7cc2840de345b6dae94261548338a19c156b42547e75cfc09ab48f963638ad7f9b9b3834c018107f0cfd6832c69670c8d078d0191f1fcb400ad8c799a0f54a82b73e2c212b94c7f4947d9108d0659b045c1d1de88035c", 0x1000}, {&(0x7f0000002340)="e54c0777e80cd571b897d100631a42a65ccde9865ef1f7e58f174ecf57d6ae5271cd71fcd1fdd22fef4ca6bd10535d2e35410fb05af287846e", 0x39}, {&(0x7f0000002840)="a7f21c41f89ec14eefd9737a8c68561fed506b21fc8058ea0e667a7a8e9a59c72f817d30525132b4dbda8b45eae75519abde55a87f0db33505354f4206e5e8b4646ce7fec03ad6f56dae25d3ddfc0bb5754d8c826ea00480c980a33f65bdffd616f7f15a286ba386cc4780fdc78d5f74fe01abf4d5d5e1d048beb2d49fe6225127f3468bebafe861f9c17e3a043d95c46c97ee308a1a81718cf14d216414aaaf00e51425df007ccd443864f704e8050d57c15524057278a6e1d1a1e3d7c9bd638fa94ebb01bfce3dc9e0bca561e902d02d5693a4d2bdef5e9dac6a8e285e664de5363d1839b4efd67f0ed728d03cceb3234f03d63c368ed23fd12e640da2e1e9813c4ccbee86a352ac63df0519362ac3113935389142f974af34bde8022a65a001f59a27bf048be365df4f8d0328d17a52ea", 0x132}, {&(0x7f0000002440)="611733bd55ea1ef8", 0x8}, {&(0x7f0000002480)="9a06538c53a277cf291a9a8bb92201fc1759d2e3506096b809a76ea9d63f56821b4e839955c3c6b808e3319a7082d6fdd75b850c3bb9d9a00c7e4ccf5d51c3a9822d1389c7df7f41e786327ce77d296ba5ae14d0ef558b679d08989254f9fb179a2393e1882a2019581c1d033ec77f329b01d8ff6ed679586f1e3bc3aa363d67854451b380f51742c3fce8354832f638f10cdb45c230659526f04bed4edc5b4a820b669aec8d23f242590d29466219fc4c864c27983793149233f952a402d9ed6a95f0ec9b7e42faad4db5999d5e50f1cf27326dd07ff767f4a80ded5fe9090042c419952506fde051", 0xe9}, {&(0x7f0000002580)="73eacdaf788e1cce71008c9a4e02e01fc89ec924b6fd18dbe29c872d7bf1e004e04f449b3181624f95ffeb70338da5728573d5844818dbdad4203719e4720f7a36decd57140c4a3899024f3f521838dac6e364991091a804558392", 0x5b}], 0x8, &(0x7f0000002680)="fd141e22a132858acc8801c4cb495e6f3e515835c03da5122f1295b159512466898939891365697b6a90db9cee8b55ee1bd56db6ccd959122b5d9c0bba6720792e4b2ea5a32944eb44cfc2eeb50312ebc2a8c2bf5e8e10f92bb1e42de6ed11feb267c86bf6a3493be7181cdf7525f635e7b48b4c015266322b7c41b7a0c8c8392ea2e708bed61efa5cd39a3e7dd0a2bb63bf713b97bb7e1eba978f12986c74728e909e4fc70019db10877f2e6983d8756fdc71b15a0fec8d1d7966d6627c1e4a9fd19c3daf4708250c226e883715ddeaa2821a548231f5", 0xd7, 0x80}, 0x10)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r0, 0xffffffffffffffff, 0x24}, 0x10)
r6 = bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000002800)={r4, r1, 0x5}, 0x10)
r7 = bpf$ITER_CREATE(0x21, &(0x7f0000000240)={r6}, 0x8)
r8 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r8, 0xffffffffffffffff, 0x24}, 0x10)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r7, 0x2405, r8)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000080)={&(0x7f00000000c0)='./file0/file0\x00', r0}, 0x10)

10:53:16 executing program 0:
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)

10:53:16 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
unlink(&(0x7f00000000c0)='./file0\x00')

10:53:16 executing program 0:
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000080), 0xc)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
unlink(&(0x7f0000000000)='./file0/file0/file0\x00')
unlink(&(0x7f00000000c0)='./file0\x00')

10:53:16 executing program 4:
syz_clone(0x7c0ad580, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 62)

10:53:16 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f00000011c0))
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x3c101, 0x0)
ioctl$TUNSETLINK(r2, 0x400454cd, 0x5)
ioctl$TUNSETDEBUG(r1, 0x400454c9, &(0x7f0000000000)=0xea3)

10:53:16 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
unlink(&(0x7f00000000c0)='./file0\x00')
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
unlink(&(0x7f00000000c0)='./file0\x00') (async)

10:53:16 executing program 2:
ioctl$TUNDETACHFILTER(0xffffffffffffffff, 0x401054d6, 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0) (async)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0) (async)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000001c0)='blkio.bfq.io_service_time\x00', 0x0, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r3, 0xffffffffffffffff, 0x24}, 0x10) (async)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000200)={@cgroup=r0, r2, 0x1f, 0x2, r3}, 0x14) (async)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r1, 0xffffffffffffffff, 0x24}, 0x10) (async)
mkdirat$cgroup(r0, &(0x7f00000027c0)='syz0\x00', 0x1ff) (async)
ioctl$PERF_EVENT_IOC_QUERY_BPF(r1, 0xc008240a, &(0x7f0000002400)={0xa, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) (async)
openat$cgroup_devices(0xffffffffffffffff, &(0x7f0000000280)='devices.deny\x00', 0x2, 0x0) (async)
r4 = openat$cgroup_ro(r0, &(0x7f0000000140)='blkio.bfq.empty_time\x00', 0x0, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r5, 0xffffffffffffffff, 0x24}, 0x10)
openat$cgroup_type(r5, &(0x7f0000001300), 0x2, 0x0)
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000180)={r1, r4}, 0xc) (async)
sendmsg$tipc(r1, &(0x7f0000002780)={&(0x7f00000002c0)=@id={0x1e, 0x3, 0x3, {0x4e21, 0x3}}, 0x10, &(0x7f0000002600)=[{&(0x7f0000000300)="b9a4ef1c51319662d791e03ca10b920882530116a446128dd477a6a1aa5636aa9f6595643de1ffbc6a504c8835efbb2bc6d39281b17e602cc7ecdcf55803914afb91cf90781974f09bf5b71b40a30d17df8c0aef6510ba3a7b91ef8d67cd67184db325b6a1aca7f22f97a1ab2551aa8e4195e7c3a08e173ce02f1af8796caa7b77ac33a50ce38a783dd47cbce7dc7332b3ea13ceade4de019185fc25088876338dd6bf76a61dd3e5eea1a4d567975d750cb136acaee9da871db116fb8890745b12d3a059451b018bad51efd61c1d538a0c89c8fbb638c9fc185bb6d8b3c62f95b8b0acbbaa40d3b855880efe1f51c271ee89c13aedab6c9d0a481a80c2900a9c3b96bfaf6309140e73d8b2bb26d6a40a594fee23be3fd2125824ca7b69f28d5ad50a5d43aa4a119b84578106ea702698c0cefb7ad2eec64e6eeed3fd48a66688713a08bbbfcce978a94ee1d0d5834673bb9b617845917b0bc215ae0163205ff1bf9ca2f727db3ef8887dc50ba5d020ee8e721b63fdf853fc815d08d7cd8b46f2f77390b99603a78239e136a4879030aa094dc043e5029289de2eb63bd72bce68ecb9aa3f3a1d057bc5ef0d87e42206aa323fda6440e117e9c47a1c60c606a862ba68a639c21fcfb3662fc25276259b15f1ea77dcf147d62724e6583be5a7c95bab17e62db8f063a45279be0ba076e464cbdef6097044967d6bac97e9434194fa40d79e6a56ca7eb06f41d3804076d748d6b8a8e3a40f3fd92fcbbfce5995259f87966dd89bda33b2fadc3a04e2dc35247a183cac5021246c72b75218cf0dcf91fe65db214fdaf2564e6bbef3db5ce833055a6810e49e4d3f29dc48ecbe98f6ff18aab8b2aadcf3529da351500cf529e144c0b2473d3a6912702e1e6f61dc7bbf5324d75845fdb5be4ccee53ec789b60cc689f54238f62f6e6f16d68ea719da2b3cd9dd395d5af32e7e9549f6dfe443aef4f7a9104ff457800cb57c74544c3b545e57f57c10e8d34681652641b1700beaf8a12b47c7da5cb0e381283cbf21a112c1258f84bf7bc013fba1a2401759da7d45bfe5941297f1f4294e9ec69417a9713b8b559c274329851e0f81fe81a1b6a0ab76834c5431519b61853c5b11b5d2e91b7612eefea69bed2a1fa1dbecad2032285091241164d74c0eb1b5edca1272eed426d4e6ed23da79f580b6716a927fbd1abfa0c9cdbb78fc9f69ec8083e5f923cac50acc1af8adc018db986fc262a2504e06ce77f27cef4b76671ebb429950feeca2035c924fd5ee6af13409df87753b8e4f9faa470c4b23ad20cc2de52d112847ce45b50e226ed8bc51e7ac12ee8c96c79e5123cad866b6432d96ad173ed6034a97eed0ec8eece0fdd1c02244753acac679bbf37464e555a38a3df3cdf763025d885ac24a6e5d96911a25b0ccf0ccab608269748652049e41b1dd7a6ce5c2c636f0ff1fb11712b7e336d583e99ac1dbb015ef967d3e2dedff3a70477c2904710952af456c23e5b7cb24d8b381adcac4d493530336d5cec0d3835a8783b508cc490f7d4a14740929c5ccbc5564ae763dcdca30442a83a045268c69f9b3ff8cbf95b82af7934b6ce83e72e92df75b2dcfdc72a8aedb59d1dc8bd7aaf204e80129e7bcdf6952262fe928b16b019878beca17284f547eb7bb48a6bd0a0417af1973a16a70ee8439629a8f6b13a78acd601683afdf29545b6197b5053da64409eda5418051fb00bd2b0359957da3a3401f1bc3fcdf2b0b55a15c0e1c4122febf348dee9ed200f02a22312489c8047d8404298c53ca93b87addccad68a8cdc9a71b08843ebbc6ce798082338ba8bc5eb093b6bddf004f1409981e6d5faa29cf25ee1f33a691007e5185af53257b22b88714fc133599771fc8d3c839f36098d423c08ce96317127ef6e9ca6176c371e15d324d8b2fa38fe1066832776493506d0e20b1c8226657885408bf55a78beb9a69a0383618057e28e4e7cd6e7bcefbe2c9454946ee60a7557746fbfc2db3969f241b2a7a78e0f0ce29723d9add9f36130a6692f1ec0e3c775831b0c95c2f7496966d333342333ea9fd3501037cec978c83f12adc8d7cfa22011b79734d740008e6593cac0ff74478ef09a26a7751bf3df33f0cbdc759717ae1440b4e432520aa73fbc3dc8d48190d3b4ecf52f0b7ae328eac4bf8d108d9b52653991e9414bbbb563de2a7d562859f3530c3b0ca38bffb35b3dd4eabb0ecdd00ea96f02e81ef9e09efb599ee99066463a72939911949191b8a71856ef7e4e57c5f64e35ea32c88a0ce200f53d89e6483942a7b3ef03056a324683e8b4f55a7f3be4b694ce77cea2eead1c7b8b8e496b64208fac5ef07149fdba98ae55e72a20d9cb2f1462e50a8ad8d19dd99f1967d24371a7e56b4364ca7f16439f7c2f565d7523709563303e58a48335c213039bf189e573d3355e273235602ec5d39c78915e57474eca9e3f3ba53ce9d843c5753f4dea7511e3f78e90a1040f98b79496aa7d93153d679e937fbbe57340c1bd7293629eac958473dd0c3e79d2d4d7bcd536fd5de3b6697417b93a530fbd7fb5c3516be089f5b3a58c4a9fb7f62f8d16243cb3889592d6edb001a5077d92dd7bc427e5cf8b2325080afd396dd536bef89308795cbb2029596cd1e4416c55001af5ec2490ccd8c2c6cd3a3a9525fca1aa718e406c8b624fb4fe0e95ae1483eda635f3f122bab1476b6a2d94e1d7859b836361b65962d76e7a78f289ceede245c7e3b75d6d5a551df02736839777cf5ac708d66ee989042c795947ef57c94dc87a4fbcd0ac99b9da7a012063c1056c379b98dc8d8f3fec81ef04c135b8c1bf2dc61ac71e353ef43e78bad380399bcfe2c91cf9aefdad404b5df9d04348ab9da7c4772dde5740ef20d8df39e8daf43434893305ae6f246f8ccded33df71adf618b25ca8971d85a27fe23c56dbe81bd77d21e5d51903256135c433f1de6a78f593c49524c6da301aaedabcf40270e3e329f519d868aaa3bd853fbf4aa96736b9b85fcc57f56e8bb69b0c82479693ce8cd29b6d6b15c68a1e147e8c211865028c150b9dc48a8b692efe4f68493c7a98df92bb76349d503592d0314c0918ee70c115f1d9add459f2747bf01c2199a215cd50842fb9adaba34497d68a3418948ca549411f3219169d780721e39b8e73407e4322f98b9197316831a91cefcd703c90fa80f70d0d0d2b8edd0329027bde67279647e6f4923d49a1d9490383a51e133ae95a9b606b46e30893b01868e696d827ccfe11fc515efcb42f6f3173bd2ead1747c08acceb123259cda40012a3fe4781828153bb0fde6c5040bf1de183b5c06facf25123bf8e150958c454d4f5ee03308a2a7f12b7ec17a7a9424a78e975b1a5a0ac987c7715303831523bedb47c4c0e769d86c9a5d924e53ab2b5bcaaa6414e42a5fcc94bafbc3db3a0b92be90e849f923938514d202e301cbe410d40aa0d664b66e36c0418835aaaeb2e8566fe253fc9b90a42fa9f7a1bcdd8c1f06305f715d85670545a7a74660b5510c4c94e813e4fbadf5f9ea488ed2d05307939a3073e147916eaae4c5878c3abc6a1d1a4f5c8246de2bd666fe48a0955f5b2c159b0acef89ff3461fc9267a2007f872b2ced6df1f2310a49f45b1f71fd0807c0bfd4a0a20caaf298fb18c72e208f9534c28ae4a2d09d084c2b0ec438c26545db65bd6547ad5871f04ec2aad8fb82ae1b2f85a328c9ec00216cde506752a4982da17bab0501584d6a08cb3880788c3353eda9e63ee3a236eb9b74ccf62e960b6f627254c0c3361de73b7ba4d777099194b67dce60287b05cc6100f1f1f792978662042864375e0f2b8d3add1ac9b2538e249d376b653f4c16b7d6088a5a25d7fcadb7ed8f8600ffb176461518502068942192d9b135b1861ad48898d497863929dbca9649ed8f59eaf7d3772c854e6ce3c272a9e99abda44ae3ef28aa1fa4df9052661bc9fe0bb70758d4508a25779f64d72711311f339ce005312a4e2c44981bb7d236bf01244a10e76c62415588868b013e17c39b884c99ca534a604b104d1571637565a9edaa1577b9ebd761c4d114328d53bd2ea1eaaf39e0abe3dc8f37bc3e5a6f0dc42a4747146562008fcb9b2f05d93899270da9ac66bceaa7b1fc4951f0f4f1a6b9a09d592df5326106413a09a6e3f4e6248e45ec439bbc53f5588d4755161ab0b15c3a93e17a69c656dc987589929e52d35a15eb3324e41f65429bc93fda4dd3f3e1a65156e0176ab647ea5438ac2e7b065fb6c8e66b80c7de0cdb0ed56fd57fae0f0d25d7124c398db36f47be6b5cdf724ecc8a1937e0257d929f16f138be00cd06c1ccde3e8a03d8951bddc5822fc4d44106468164a2394c15da956bfcff67a1639e17646b4c7f5ee10dd6acf621f18e60c2fe99c4896771dec239823f5290da863698e24316e626fce1f20b4987d348574409f9f1b331cd24863ad4ef7cddac6303e7419182ac5363ba54a9ac5c513ece644b9223e75f18878c5b03a67b454419a694b52deb1b2747311bdce597c243c1fcb867f23e04d65c1c9fb71c3ba23e967e84aeee74b7e69373accd084ed4acc17d976231d1bc6afefa39f124a7afbb20c41eb67ba55cab98967973261921863acd41d613e635f0c1a75cc68d7cf1b11436f2448b42f7c16fa1818ca3c00dfab3db7e26d91433cc1539d14bd6df943d816a59b4e642b9d7c110c3a428a42340191d8992e6c8d439b091b985a301b5c5c4028c9c968cf269b4aa0c2835ae3529377e629ffd3fe405980ae9a143301f70e85bcac210e11ea5eec294ac3c28fd5e8ed11a781afd369b068d3458270385ef0f6e9cde4a7bd8a96c996d51e6108c11494309286befbee0fb8f6226d05b6d8588ef4ba7f4654cd7af029d892b7a06dd80b360f7ff8e262b745ca27f524b31bfedd7646243c9afc9a7705f2d0ac95a442945b8754ac241471e4fa2073c16030ef408920cc4425178061df00339cdcead54cd2adba1135758e4ea976e64dcd2d21383fb470884fc772acb5e30cb63a17ff7007a8df0ef38505ea706a7a754816a3547bcf8809f6b00549ac373da29b2ee536cad7e9905a7fc739a509de1fca804f67a6479aa418f1c1404ca65a41e08058c9cf8f82d6e5b0f34b38f6c0db55c44365d5584ec26cd9774dfb954fe12b25e4d6264f2a2366ea144f5b3dd6a3cf5f4104baf58f21ec5dba6e452b687ebd7c6e555e0018083c7fe83f1f55a515dc1efaf50a77464eb4e9ffed22c5848c1d9ce48778900316be71ba9d894dcebbc549d142995b41ee5b5130d6667fbf7359398f3f7d166258596c45fe2554e99d875bd48008759f7f725a4f162e94e638d44d1633faab5e4135ae9045121a67e7f01e843f98248b6bc4aae89f0c77d06372094dedbfbed750d5b5893ca727a7c6da237fe7bbf58f2b8c5cbc40b740ee68bf142e7dcb9feca4d0a5a0a9e8bf81b79d4d3b272232923f5a14082ed1d86b71372d2d23840886fe04240c360cb57e2a5df2c3c7ed1743b152fcaa0b640233c1ba0101fa4842e991ff2d2d1461b9024925033b897275b455c1e3fc20899ec718d8d1f1199de8621d658766d6069f5b83db1abd961f2869e72ed7ca8802a3af88686f96e11e0a4a448e0d6aae8736f986832b22a033999f14011c5ee3e84c0f5d90ad36e2e91a0a14580cba041ce8eff7d14a2f790d61be20e3ef36dbd343b5f25f9bf005128e339b6e811346399c999c112ddc0aed7af2b20faf9fb91ea5d20855c929bb4f181d6dcd7cf0b3c7019c847e71e7c433e4fa714d702c8f2f78d3", 0x1000}, {&(0x7f0000002380)="b8db6e07a2b43ffd40b6602a01e49898e412bb500780a91bece9d1d266b3c79eaa7271c29001bbd1f56efee15b1326550d7b69957571efa2aa8aa74537f4c18a65683684cb778800d30c23aa6462be7a352c7eadff92", 0x56}, {&(0x7f0000001340)="739a0dd4dc44c8b5e962b2a5b725389f59666cd8f590d5c676d1c11a196bb8415c62cb70cd25363757e71b76df787cd75d567dc9d14cdf420576da4b9e5c9d780a3a06605c050fd5881ca12a68be919927389761388d7b0e26c8b27d61e13c0433e48c25a1fe4f982223027fc27f054cabd56b396ccdb71e065a6643d71824ab670149f05ebd05ff156bba20bef0debdd2b1f1d8793cf771137aff308467ad743f9f8e7a256afa9fcb2e5630785992105a90fb7c59dde7846d6f350cbe28b738f5b4549af090b024c94d2906ec609751260bc316900779bffe5356328674f5bd0eb064da963c53de926e51e318155a98409dc0500e8f140f8e146f4b4663d69daee24f63fbd91ac14c951a9a11034d7c26b33232604808739d886f29751b9841ec46252aaf46668a4fb379e8c1e046dcc1431dc100f8b292f3989e5b6547379005db211db6761c84e3ae5f99cd56f9ebb3315c38f39b6024ddb7ee7995daf5bfc64bbda0e73691a01a5dd568fb8b3e2ec8fad1a46853514b432e8805b38339064ea61eae22fecce44b1abb1f46203d27e6f074bea5b37fe9fb35f558e8d7c9afaeec4fda3b96a17fd7ea819e8c0843c832d6beb6e30d99d2695431f9e001c201a63baf05c79e6bf4ef1bf66c0544ace25b96e8ee3a0591cd82ad3576164af1458809f5de21a45f8679036f3f227e463fed88bdc699b62042146e4295990b75f68845b04f84a9fd9622d44e0be5e2740379b8cfca55aee9ca6005b3bf6c195816a6e2024b50cd158563514f71c5f99a0929b07a09252194d6b7dfe2f1bcfe4b63949cb22d63b437afd3a9f8c85db4e0e6e6bc78b902c9316d8c63577af62bf86d86c006397cbc5049868f5ca69fcd794f253223b331bcfd0871dc78eed3b4cd9a90936a9fca9e8aa9335ea4677d2f5b975ccc70effb0241d25b25665a7be4984862ed51d0c4b58908059c605e167970f0e8464d8767b6a4c8478a67e380c80d76acbffc5fb533a5bbf66cd4f479e64e6dd612751cd37ebd714f555fcd8529f013e4a48746ab4004a6383ccdf366f507c4f679e26e1a181572017933f4a7d0f285df7b02e3309455ec716a9fbbef2b1bcf8683c20a2c6c2e6b0558e10d349c1b6ab8ce53c05a06d3b217890ca020046b7f226af89252c98d14d8b983d6e6bbb7a9ba8d8b104678ff274409c2fb0717968b0055edc1bc78c4c6c442f53f2c33528fc8361f74931c8b7d03a6fe697d43a81e21b9f36681852feed2f6b9d1c1370f66954a5cd3f997474dbbeac43acf1a908fdead546a977c317d41d1b909afb5c060727ee9266618872580babf33b075cf4c79bf25456b24d966bff316f6380c38363ca6e634bef856bf251df2626fbef7d5717e6364b2077fe8e97e718778b2ec9c14f4c1981ba063088c0a75a5eec351d60458622dfa2b29ffdc2e95b6cb30a4b5b045531d04bb98ed5d8217bffdea98255c9d32e6f0c966bf41a36480bcb12cc20a36898aa998601e86fcc5e652e07f7700a1bd8dc5ecd356604cff22eb1249f48817481a37b150061748f9a6542cfba431775424c667bb1495879f5c067c0d1fd1b1a4716bba0fe69b124eda22a037cc48980075227ce7ec83b7656a82d65a4f0124044333970a923f22677fcb5c4138170f5481f48d6dff2c9edc81381a7d242c91dbb81fcf2c04273a9a17be8f9ba61deb37ecf097851388d735b55fa8e3550d7ff8a201bc6d60f61c99b5c3b25b5e69605917f1bb01c79b9e0bc6173c598768dc1e2d033db0b2468de5eeb7d34a496984e4bd9a5d72bf2ef364f089870bb3c4562826e283332e9c3d8cab303c208dfbfdcdbbd3a984e078c46698880a6145e458fde81a95855c2b1597dd660a1f03d580525c09660aaf73e6ca4a1042f4641b88e868cdca930c922e406617f2d6406d6a8662324d24517f4b3da17647b1da1f345a85b81c532d7e35428e87224b94a293bbd1dd9925153f7c2082763e0af09b9b595b7bf62fff768f57856fee557cb9f9b7560dc0ace34cc3f84d3b8205fbc6a21f9bfaf4b4b208ef9ae398cfa67e7a19529730e395f0461c7ac64b111e64dc3d5fca087b1588ba8640b3f808c7040f00e67a2731ab3f56b0ee5bedd318f0a9c63353ae3808bdb260d8dae0a7cb3835bd47b5aa35baf283009794a37734bdc752aa4ad52182f27aed27156659d38573e99c944abbeaf322b233c4b769735d33e2328bb42a69aafd6b27d5567fe0d2c447bdb0ef997e6edb9d9d0f9053a733f897186efc6d6e97bae88bb80d6119f9bc7db5e394f7c9703a28e40c96bca88685c1878b1ecb3a81d3970a3b8b0f6c0d78521b4b4f1fdc94d0e3b5fe40b4e556ca2c1e646a3eb8ac1104627262f5b50b9258291f474e4c8f4c76b24297b8e2dd940113ee085dc7c42c46694d79362637731ac7e602b6084a39a74ba15fa6ee772f1f8bbd5240ca300395f69c6682dd66fdddb28247f067993f1ff1c3895257c8291343191232c3eb61be2fb9b82e0c2f00fd4828e11c38355c8ee211f55eccf8c910756685d639e22d1e1855243f1e51a9fe3f9be25a350acaafa286be49afe0056c8c9d51b81ce10fbc68f77713c7dcbd8dfa2347b5f1054809313e11b00748afe275c0eda04bc5fbc08b54e3db9c10b7dc54b2cb6e2c9c8a1fd9153f1915dd4fe5a49767c72666adc6d31448b74aa484537c5b34a2abb3463a2f9246ec545066753a35e0d47c08aa68c01c095fb7bad61d8827ca74ee2c92db4e73b45759d0937ac1f7e9da5bdfbd8cdcca356ef850481a64463b2dae470f6ae7df942b11466cce9f7f0256e4867f7b36d2c4ab3a910bebf06857775509ad24176ddb7173780256382d7877efde2997a560b2dfcf11c2e06a51dabe1610ae5a0b6a3cbe2ad2d12099421c96ce4024f6717be19bdc46111ba8a64a1bc780fea7e4636742a4fa8e08c94717f8e3ef910b639b8f864ebee0ebe6b3cefdf77292fd1856ca8f0470a2f0e0a85c5072a46620e412e6dde83c06f69820f6a792cfc693552fcb17986363622729d44d61a68ab134406f139f89c7ec7aee5352bb4819e08b8b7ebb147d86b7de30859e4da81e6d0f861126bf1998232529cf5f4257a54778516fb193af52ee8c8594390ca9151e945cd5cd50164e485e55eeb34b9507a2997387ddf57e11d0a6831276af82de19a572ef013989988819ef9fdfeab46a357a7686a90105bd294f5ba70f23670e0f967a63907c05d02c767f7cc5073b54dbd93d1995bd6313d6ce73aea283425617a785a163f59ded98069bf924e007e87098d121cf130b659cd9fae6144ccb15f5434be644a9a2d7408b11387f91220f83cfeceee64f77d22405f9e692e85930c1b7d084d6be046eea18c1c59485ce334832d970b2d5b24d7c5c1df62f89bfeddee9796ee9684162a2fe098409582b562d38f2891ef4a5f55389cba66f33cb0581d7039e4597d20a80da26e677a395b150ac2137186f6efb0ee412c91a253e18319b5b2c0cc14a8ca6a157f4c1d696c8ee33d376ebaaa0fcf2e0c51d141af85cdbb7e12bd1817ad18e2bdb26bd29f5bc0eaceb5f44529fffd3bdfac31be7951d2a5284d63e64d82346511ad0953bb6425d834ad2bd610f8091235f5ad7a4c5c831a60eab12e5057e781d09a05de992ac3df73cb0b3aa626b8d1809f2ddab60831f435c7c5c611ef6560531723c1ef9ef2d631fbd59bdabf80f6e0488275dbab9b5e381ccbdf812573c76e0b8fca396b33c2cf48eaea99024072d355893d5aac5a5c313754cf8e7cef622a739beaf8866d24150bb13e4f74a2cea150267f9ea36b9c8c779d8ddd590dc0758c99ee2c6c91ed7a292a2b63ac2eb293676581b09b6956292ff20557564932edaba5ce9ebd16d606673c57025adb3cf75a555686048fc2ea2e71574718c76e13417d85d33d8e866359d404e0831b0bfb17973654763cc95be121f5deac224fc8d5905738cdc957bc13569edb6c6afcce653dc3e50d4d6ba581722d3af58dee71213a56dab6761a42deca091f7d524fb2f7f4fe0c8ab52b0e63dea3c43ea847cb7e8dc921596fe95ca057e611f4846b1ac4095a32d0986a8c6af395f8ed76f8feac99063b19693f2fd1789210be826af24823b3ff9ae5bc1ce57844c97292ba3265a389bbe1a5d76e4e388585e83a7f009bc858ac57eaa1e289465b5bc37d63e22949389096d06a6b6aec850aff996d5edebb1f8138880ee5c7851a72424dbadeecbfc274f51e86fd344d5d2a3f1c1b12509441cd7c9bae7cf50dc06d3c7abbd547ffe81be8d80efb8c1dbbb69c4164288a44ba363b4b0eb047a351259890bd6a5281d08179710edccd6828d58f8a637c6a77e438bbd77f1a8cef6b3795c6706c0a72a73073f08aa3043c2c3d0a239a404272d9ec9861e43d0ff6e1b6286010022eda8459cd7583e102a8f8a3c16a87f3fd3cf72af40e8826b0869578565996182427c4be58a8cd07a831149e020fbcfeac26e552be23da29e10fd8fa083062f50826ccdec37a697728101e6b7244234950306991edd5db9f34144a64fb589d86245da7e7af2e1c9db825210aecca6dac74af14e43be51877374a6daa7ec6f768dea8e48ab50b4747d0b22e2cb2c51110582a1a6ecf415fce4203dbca0991468eae3b8cd82a90b0aa3e235d351ffb2c0bfbb79e8b878554868919eb04b45cb6f0b2686116c818c527da7316fd544b3424dfd4426bfadfaa2ecec2cf8f2ec2780f122916a15f91ede656d3e1c612d2cddac160f8abb036eab9146b7334f46836dbcdd856076b1ed53e0114d764c1345b2799553f0a9696c16502f887a4c611235d845475c4e45bcaab7d5f61f1d343280b55e81cd1fbc44e4e89d57c1a2bf070de28f2f1abc8d876a8e3fa1f565c57f36afa06234793ee88dd45dbe44d13ca1fa1c72951c2f1d7327be72a264ef95673519f8e80888009ba87915e1e0e71d5c91a457aea2e5d6b04f9ffc96b1c3cd9c94f9c92988f7071283cc0157b90cf6d0786b3e1d5fc0496afadf6d789c4047891d24706e7e4b2dc7339f0898f10b273ed55452448256be1f0cf631e14eaae21bb95abd1f9a9aed70e9cbcf4e5594b1f2a10e49249378a81ccde7c2bfcfe9b49e4c8a363e6833cfe1ed2f417412e40cea805cab97ce173cf3276c6c0120f866890b110881e815279df2ce1524a70057e9eadb969e6a87b95639ecd2bde173f398d9dc5788d319c6376478ae896f7c853bf227dfd2880d28667527aa602763db640c35102df9a1dbd15769fc5a047b66c5a12358e5ff0cd17cf8b864e7fa5a79bbe1ceece4455c179fdf2f27c928ca89f6e9779644ce9214d0152b8b5ec200e2ec465312acd98522784e5f9c8c3635c9fdec17659616bf9d9e8504cee80fde4e2b667b71d73c3d1e025e3b2413c751c920ec63ffeee8702df7a3b5f11846beb102051f46a18740a74692819c0b893a1a59a8a3e905caea4e62edf4edb11982e5c2f724afef11878da401ed247f5f68fe1c88304303c1113fda84d06414c51296cca93bd5934f476d845cb80a1d4d66c4d59532981aee6aa2791a99ff85f9ecb39a36e820bd5d18825b432619caafce9a748afb6ec19dcd38a49cd2b7caea9da963e70836698d8c7bd3f8bcdfdeb06ee64820e9ba71a4aa8e2fb169b773a617c0193f3676488f6878e7cc2840de345b6dae94261548338a19c156b42547e75cfc09ab48f963638ad7f9b9b3834c018107f0cfd6832c69670c8d078d0191f1fcb400ad8c799a0f54a82b73e2c212b94c7f4947d9108d0659b045c1d1de88035c", 0x1000}, {&(0x7f0000002340)="e54c0777e80cd571b897d100631a42a65ccde9865ef1f7e58f174ecf57d6ae5271cd71fcd1fdd22fef4ca6bd10535d2e35410fb05af287846e", 0x39}, {&(0x7f0000002840)="a7f21c41f89ec14eefd9737a8c68561fed506b21fc8058ea0e667a7a8e9a59c72f817d30525132b4dbda8b45eae75519abde55a87f0db33505354f4206e5e8b4646ce7fec03ad6f56dae25d3ddfc0bb5754d8c826ea00480c980a33f65bdffd616f7f15a286ba386cc4780fdc78d5f74fe01abf4d5d5e1d048beb2d49fe6225127f3468bebafe861f9c17e3a043d95c46c97ee308a1a81718cf14d216414aaaf00e51425df007ccd443864f704e8050d57c15524057278a6e1d1a1e3d7c9bd638fa94ebb01bfce3dc9e0bca561e902d02d5693a4d2bdef5e9dac6a8e285e664de5363d1839b4efd67f0ed728d03cceb3234f03d63c368ed23fd12e640da2e1e9813c4ccbee86a352ac63df0519362ac3113935389142f974af34bde8022a65a001f59a27bf048be365df4f8d0328d17a52ea", 0x132}, {&(0x7f0000002440)="611733bd55ea1ef8", 0x8}, {&(0x7f0000002480)="9a06538c53a277cf291a9a8bb92201fc1759d2e3506096b809a76ea9d63f56821b4e839955c3c6b808e3319a7082d6fdd75b850c3bb9d9a00c7e4ccf5d51c3a9822d1389c7df7f41e786327ce77d296ba5ae14d0ef558b679d08989254f9fb179a2393e1882a2019581c1d033ec77f329b01d8ff6ed679586f1e3bc3aa363d67854451b380f51742c3fce8354832f638f10cdb45c230659526f04bed4edc5b4a820b669aec8d23f242590d29466219fc4c864c27983793149233f952a402d9ed6a95f0ec9b7e42faad4db5999d5e50f1cf27326dd07ff767f4a80ded5fe9090042c419952506fde051", 0xe9}, {&(0x7f0000002580)="73eacdaf788e1cce71008c9a4e02e01fc89ec924b6fd18dbe29c872d7bf1e004e04f449b3181624f95ffeb70338da5728573d5844818dbdad4203719e4720f7a36decd57140c4a3899024f3f521838dac6e364991091a804558392", 0x5b}], 0x8, &(0x7f0000002680)="fd141e22a132858acc8801c4cb495e6f3e515835c03da5122f1295b159512466898939891365697b6a90db9cee8b55ee1bd56db6ccd959122b5d9c0bba6720792e4b2ea5a32944eb44cfc2eeb50312ebc2a8c2bf5e8e10f92bb1e42de6ed11feb267c86bf6a3493be7181cdf7525f635e7b48b4c015266322b7c41b7a0c8c8392ea2e708bed61efa5cd39a3e7dd0a2bb63bf713b97bb7e1eba978f12986c74728e909e4fc70019db10877f2e6983d8756fdc71b15a0fec8d1d7966d6627c1e4a9fd19c3daf4708250c226e883715ddeaa2821a548231f5", 0xd7, 0x80}, 0x10)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r0, 0xffffffffffffffff, 0x24}, 0x10) (async)
r6 = bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000002800)={r4, r1, 0x5}, 0x10)
r7 = bpf$ITER_CREATE(0x21, &(0x7f0000000240)={r6}, 0x8)
r8 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r8, 0xffffffffffffffff, 0x24}, 0x10) (async)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r7, 0x2405, r8) (async)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000080)={&(0x7f00000000c0)='./file0/file0\x00', r0}, 0x10)

10:53:16 executing program 0:
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000080), 0xc)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
unlink(&(0x7f0000000000)='./file0/file0/file0\x00')
unlink(&(0x7f00000000c0)='./file0\x00')

[ 2634.826149][T27567] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000002
[ 2634.833962][T27567] R13: 00007ffddc47e1af R14: 00007fdb1f233300 R15: 0000000000022000
[ 2634.841777][T27567]  </TASK>
10:53:16 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x339)

10:53:16 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0x44)
unlink(&(0x7f00000000c0)='./file0\x00')

10:53:16 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1}) (async)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f00000011c0))
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x3c101, 0x0)
ioctl$TUNSETLINK(r2, 0x400454cd, 0x5) (async)
ioctl$TUNSETDEBUG(r1, 0x400454c9, &(0x7f0000000000)=0xea3)

10:53:16 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async, rerun: 32)
mkdir(&(0x7f0000000000)='./file0\x00', 0x44) (async, rerun: 32)
unlink(&(0x7f00000000c0)='./file0\x00')

10:53:16 executing program 0:
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000080), 0xc)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
unlink(&(0x7f0000000000)='./file0/file0/file0\x00')
unlink(&(0x7f00000000c0)='./file0\x00')

10:53:16 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f00000011c0))
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x3c101, 0x0)
ioctl$TUNSETLINK(r2, 0x400454cd, 0x5)
ioctl$TUNSETDEBUG(r1, 0x400454c9, &(0x7f0000000000)=0xea3)
openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) (async)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1}) (async)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335) (async)
openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0) (async)
ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f00000011c0)) (async)
openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x3c101, 0x0) (async)
ioctl$TUNSETLINK(r2, 0x400454cd, 0x5) (async)
ioctl$TUNSETDEBUG(r1, 0x400454c9, &(0x7f0000000000)=0xea3) (async)

10:53:16 executing program 2:
ioctl$TUNDETACHFILTER(0xffffffffffffffff, 0x401054d6, 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0) (async)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0) (async)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000001c0)='blkio.bfq.io_service_time\x00', 0x0, 0x0) (async)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r3, 0xffffffffffffffff, 0x24}, 0x10) (async)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000200)={@cgroup=r0, r2, 0x1f, 0x2, r3}, 0x14) (async)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r1, 0xffffffffffffffff, 0x24}, 0x10) (async)
mkdirat$cgroup(r0, &(0x7f00000027c0)='syz0\x00', 0x1ff) (async)
ioctl$PERF_EVENT_IOC_QUERY_BPF(r1, 0xc008240a, &(0x7f0000002400)={0xa, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
openat$cgroup_devices(0xffffffffffffffff, &(0x7f0000000280)='devices.deny\x00', 0x2, 0x0) (async, rerun: 32)
r4 = openat$cgroup_ro(r0, &(0x7f0000000140)='blkio.bfq.empty_time\x00', 0x0, 0x0) (async, rerun: 32)
r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r5, 0xffffffffffffffff, 0x24}, 0x10) (async)
openat$cgroup_type(r5, &(0x7f0000001300), 0x2, 0x0) (async)
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000180)={r1, r4}, 0xc) (async, rerun: 32)
sendmsg$tipc(r1, &(0x7f0000002780)={&(0x7f00000002c0)=@id={0x1e, 0x3, 0x3, {0x4e21, 0x3}}, 0x10, &(0x7f0000002600)=[{&(0x7f0000000300)="b9a4ef1c51319662d791e03ca10b920882530116a446128dd477a6a1aa5636aa9f6595643de1ffbc6a504c8835efbb2bc6d39281b17e602cc7ecdcf55803914afb91cf90781974f09bf5b71b40a30d17df8c0aef6510ba3a7b91ef8d67cd67184db325b6a1aca7f22f97a1ab2551aa8e4195e7c3a08e173ce02f1af8796caa7b77ac33a50ce38a783dd47cbce7dc7332b3ea13ceade4de019185fc25088876338dd6bf76a61dd3e5eea1a4d567975d750cb136acaee9da871db116fb8890745b12d3a059451b018bad51efd61c1d538a0c89c8fbb638c9fc185bb6d8b3c62f95b8b0acbbaa40d3b855880efe1f51c271ee89c13aedab6c9d0a481a80c2900a9c3b96bfaf6309140e73d8b2bb26d6a40a594fee23be3fd2125824ca7b69f28d5ad50a5d43aa4a119b84578106ea702698c0cefb7ad2eec64e6eeed3fd48a66688713a08bbbfcce978a94ee1d0d5834673bb9b617845917b0bc215ae0163205ff1bf9ca2f727db3ef8887dc50ba5d020ee8e721b63fdf853fc815d08d7cd8b46f2f77390b99603a78239e136a4879030aa094dc043e5029289de2eb63bd72bce68ecb9aa3f3a1d057bc5ef0d87e42206aa323fda6440e117e9c47a1c60c606a862ba68a639c21fcfb3662fc25276259b15f1ea77dcf147d62724e6583be5a7c95bab17e62db8f063a45279be0ba076e464cbdef6097044967d6bac97e9434194fa40d79e6a56ca7eb06f41d3804076d748d6b8a8e3a40f3fd92fcbbfce5995259f87966dd89bda33b2fadc3a04e2dc35247a183cac5021246c72b75218cf0dcf91fe65db214fdaf2564e6bbef3db5ce833055a6810e49e4d3f29dc48ecbe98f6ff18aab8b2aadcf3529da351500cf529e144c0b2473d3a6912702e1e6f61dc7bbf5324d75845fdb5be4ccee53ec789b60cc689f54238f62f6e6f16d68ea719da2b3cd9dd395d5af32e7e9549f6dfe443aef4f7a9104ff457800cb57c74544c3b545e57f57c10e8d34681652641b1700beaf8a12b47c7da5cb0e381283cbf21a112c1258f84bf7bc013fba1a2401759da7d45bfe5941297f1f4294e9ec69417a9713b8b559c274329851e0f81fe81a1b6a0ab76834c5431519b61853c5b11b5d2e91b7612eefea69bed2a1fa1dbecad2032285091241164d74c0eb1b5edca1272eed426d4e6ed23da79f580b6716a927fbd1abfa0c9cdbb78fc9f69ec8083e5f923cac50acc1af8adc018db986fc262a2504e06ce77f27cef4b76671ebb429950feeca2035c924fd5ee6af13409df87753b8e4f9faa470c4b23ad20cc2de52d112847ce45b50e226ed8bc51e7ac12ee8c96c79e5123cad866b6432d96ad173ed6034a97eed0ec8eece0fdd1c02244753acac679bbf37464e555a38a3df3cdf763025d885ac24a6e5d96911a25b0ccf0ccab608269748652049e41b1dd7a6ce5c2c636f0ff1fb11712b7e336d583e99ac1dbb015ef967d3e2dedff3a70477c2904710952af456c23e5b7cb24d8b381adcac4d493530336d5cec0d3835a8783b508cc490f7d4a14740929c5ccbc5564ae763dcdca30442a83a045268c69f9b3ff8cbf95b82af7934b6ce83e72e92df75b2dcfdc72a8aedb59d1dc8bd7aaf204e80129e7bcdf6952262fe928b16b019878beca17284f547eb7bb48a6bd0a0417af1973a16a70ee8439629a8f6b13a78acd601683afdf29545b6197b5053da64409eda5418051fb00bd2b0359957da3a3401f1bc3fcdf2b0b55a15c0e1c4122febf348dee9ed200f02a22312489c8047d8404298c53ca93b87addccad68a8cdc9a71b08843ebbc6ce798082338ba8bc5eb093b6bddf004f1409981e6d5faa29cf25ee1f33a691007e5185af53257b22b88714fc133599771fc8d3c839f36098d423c08ce96317127ef6e9ca6176c371e15d324d8b2fa38fe1066832776493506d0e20b1c8226657885408bf55a78beb9a69a0383618057e28e4e7cd6e7bcefbe2c9454946ee60a7557746fbfc2db3969f241b2a7a78e0f0ce29723d9add9f36130a6692f1ec0e3c775831b0c95c2f7496966d333342333ea9fd3501037cec978c83f12adc8d7cfa22011b79734d740008e6593cac0ff74478ef09a26a7751bf3df33f0cbdc759717ae1440b4e432520aa73fbc3dc8d48190d3b4ecf52f0b7ae328eac4bf8d108d9b52653991e9414bbbb563de2a7d562859f3530c3b0ca38bffb35b3dd4eabb0ecdd00ea96f02e81ef9e09efb599ee99066463a72939911949191b8a71856ef7e4e57c5f64e35ea32c88a0ce200f53d89e6483942a7b3ef03056a324683e8b4f55a7f3be4b694ce77cea2eead1c7b8b8e496b64208fac5ef07149fdba98ae55e72a20d9cb2f1462e50a8ad8d19dd99f1967d24371a7e56b4364ca7f16439f7c2f565d7523709563303e58a48335c213039bf189e573d3355e273235602ec5d39c78915e57474eca9e3f3ba53ce9d843c5753f4dea7511e3f78e90a1040f98b79496aa7d93153d679e937fbbe57340c1bd7293629eac958473dd0c3e79d2d4d7bcd536fd5de3b6697417b93a530fbd7fb5c3516be089f5b3a58c4a9fb7f62f8d16243cb3889592d6edb001a5077d92dd7bc427e5cf8b2325080afd396dd536bef89308795cbb2029596cd1e4416c55001af5ec2490ccd8c2c6cd3a3a9525fca1aa718e406c8b624fb4fe0e95ae1483eda635f3f122bab1476b6a2d94e1d7859b836361b65962d76e7a78f289ceede245c7e3b75d6d5a551df02736839777cf5ac708d66ee989042c795947ef57c94dc87a4fbcd0ac99b9da7a012063c1056c379b98dc8d8f3fec81ef04c135b8c1bf2dc61ac71e353ef43e78bad380399bcfe2c91cf9aefdad404b5df9d04348ab9da7c4772dde5740ef20d8df39e8daf43434893305ae6f246f8ccded33df71adf618b25ca8971d85a27fe23c56dbe81bd77d21e5d51903256135c433f1de6a78f593c49524c6da301aaedabcf40270e3e329f519d868aaa3bd853fbf4aa96736b9b85fcc57f56e8bb69b0c82479693ce8cd29b6d6b15c68a1e147e8c211865028c150b9dc48a8b692efe4f68493c7a98df92bb76349d503592d0314c0918ee70c115f1d9add459f2747bf01c2199a215cd50842fb9adaba34497d68a3418948ca549411f3219169d780721e39b8e73407e4322f98b9197316831a91cefcd703c90fa80f70d0d0d2b8edd0329027bde67279647e6f4923d49a1d9490383a51e133ae95a9b606b46e30893b01868e696d827ccfe11fc515efcb42f6f3173bd2ead1747c08acceb123259cda40012a3fe4781828153bb0fde6c5040bf1de183b5c06facf25123bf8e150958c454d4f5ee03308a2a7f12b7ec17a7a9424a78e975b1a5a0ac987c7715303831523bedb47c4c0e769d86c9a5d924e53ab2b5bcaaa6414e42a5fcc94bafbc3db3a0b92be90e849f923938514d202e301cbe410d40aa0d664b66e36c0418835aaaeb2e8566fe253fc9b90a42fa9f7a1bcdd8c1f06305f715d85670545a7a74660b5510c4c94e813e4fbadf5f9ea488ed2d05307939a3073e147916eaae4c5878c3abc6a1d1a4f5c8246de2bd666fe48a0955f5b2c159b0acef89ff3461fc9267a2007f872b2ced6df1f2310a49f45b1f71fd0807c0bfd4a0a20caaf298fb18c72e208f9534c28ae4a2d09d084c2b0ec438c26545db65bd6547ad5871f04ec2aad8fb82ae1b2f85a328c9ec00216cde506752a4982da17bab0501584d6a08cb3880788c3353eda9e63ee3a236eb9b74ccf62e960b6f627254c0c3361de73b7ba4d777099194b67dce60287b05cc6100f1f1f792978662042864375e0f2b8d3add1ac9b2538e249d376b653f4c16b7d6088a5a25d7fcadb7ed8f8600ffb176461518502068942192d9b135b1861ad48898d497863929dbca9649ed8f59eaf7d3772c854e6ce3c272a9e99abda44ae3ef28aa1fa4df9052661bc9fe0bb70758d4508a25779f64d72711311f339ce005312a4e2c44981bb7d236bf01244a10e76c62415588868b013e17c39b884c99ca534a604b104d1571637565a9edaa1577b9ebd761c4d114328d53bd2ea1eaaf39e0abe3dc8f37bc3e5a6f0dc42a4747146562008fcb9b2f05d93899270da9ac66bceaa7b1fc4951f0f4f1a6b9a09d592df5326106413a09a6e3f4e6248e45ec439bbc53f5588d4755161ab0b15c3a93e17a69c656dc987589929e52d35a15eb3324e41f65429bc93fda4dd3f3e1a65156e0176ab647ea5438ac2e7b065fb6c8e66b80c7de0cdb0ed56fd57fae0f0d25d7124c398db36f47be6b5cdf724ecc8a1937e0257d929f16f138be00cd06c1ccde3e8a03d8951bddc5822fc4d44106468164a2394c15da956bfcff67a1639e17646b4c7f5ee10dd6acf621f18e60c2fe99c4896771dec239823f5290da863698e24316e626fce1f20b4987d348574409f9f1b331cd24863ad4ef7cddac6303e7419182ac5363ba54a9ac5c513ece644b9223e75f18878c5b03a67b454419a694b52deb1b2747311bdce597c243c1fcb867f23e04d65c1c9fb71c3ba23e967e84aeee74b7e69373accd084ed4acc17d976231d1bc6afefa39f124a7afbb20c41eb67ba55cab98967973261921863acd41d613e635f0c1a75cc68d7cf1b11436f2448b42f7c16fa1818ca3c00dfab3db7e26d91433cc1539d14bd6df943d816a59b4e642b9d7c110c3a428a42340191d8992e6c8d439b091b985a301b5c5c4028c9c968cf269b4aa0c2835ae3529377e629ffd3fe405980ae9a143301f70e85bcac210e11ea5eec294ac3c28fd5e8ed11a781afd369b068d3458270385ef0f6e9cde4a7bd8a96c996d51e6108c11494309286befbee0fb8f6226d05b6d8588ef4ba7f4654cd7af029d892b7a06dd80b360f7ff8e262b745ca27f524b31bfedd7646243c9afc9a7705f2d0ac95a442945b8754ac241471e4fa2073c16030ef408920cc4425178061df00339cdcead54cd2adba1135758e4ea976e64dcd2d21383fb470884fc772acb5e30cb63a17ff7007a8df0ef38505ea706a7a754816a3547bcf8809f6b00549ac373da29b2ee536cad7e9905a7fc739a509de1fca804f67a6479aa418f1c1404ca65a41e08058c9cf8f82d6e5b0f34b38f6c0db55c44365d5584ec26cd9774dfb954fe12b25e4d6264f2a2366ea144f5b3dd6a3cf5f4104baf58f21ec5dba6e452b687ebd7c6e555e0018083c7fe83f1f55a515dc1efaf50a77464eb4e9ffed22c5848c1d9ce48778900316be71ba9d894dcebbc549d142995b41ee5b5130d6667fbf7359398f3f7d166258596c45fe2554e99d875bd48008759f7f725a4f162e94e638d44d1633faab5e4135ae9045121a67e7f01e843f98248b6bc4aae89f0c77d06372094dedbfbed750d5b5893ca727a7c6da237fe7bbf58f2b8c5cbc40b740ee68bf142e7dcb9feca4d0a5a0a9e8bf81b79d4d3b272232923f5a14082ed1d86b71372d2d23840886fe04240c360cb57e2a5df2c3c7ed1743b152fcaa0b640233c1ba0101fa4842e991ff2d2d1461b9024925033b897275b455c1e3fc20899ec718d8d1f1199de8621d658766d6069f5b83db1abd961f2869e72ed7ca8802a3af88686f96e11e0a4a448e0d6aae8736f986832b22a033999f14011c5ee3e84c0f5d90ad36e2e91a0a14580cba041ce8eff7d14a2f790d61be20e3ef36dbd343b5f25f9bf005128e339b6e811346399c999c112ddc0aed7af2b20faf9fb91ea5d20855c929bb4f181d6dcd7cf0b3c7019c847e71e7c433e4fa714d702c8f2f78d3", 0x1000}, {&(0x7f0000002380)="b8db6e07a2b43ffd40b6602a01e49898e412bb500780a91bece9d1d266b3c79eaa7271c29001bbd1f56efee15b1326550d7b69957571efa2aa8aa74537f4c18a65683684cb778800d30c23aa6462be7a352c7eadff92", 0x56}, {&(0x7f0000001340)="739a0dd4dc44c8b5e962b2a5b725389f59666cd8f590d5c676d1c11a196bb8415c62cb70cd25363757e71b76df787cd75d567dc9d14cdf420576da4b9e5c9d780a3a06605c050fd5881ca12a68be919927389761388d7b0e26c8b27d61e13c0433e48c25a1fe4f982223027fc27f054cabd56b396ccdb71e065a6643d71824ab670149f05ebd05ff156bba20bef0debdd2b1f1d8793cf771137aff308467ad743f9f8e7a256afa9fcb2e5630785992105a90fb7c59dde7846d6f350cbe28b738f5b4549af090b024c94d2906ec609751260bc316900779bffe5356328674f5bd0eb064da963c53de926e51e318155a98409dc0500e8f140f8e146f4b4663d69daee24f63fbd91ac14c951a9a11034d7c26b33232604808739d886f29751b9841ec46252aaf46668a4fb379e8c1e046dcc1431dc100f8b292f3989e5b6547379005db211db6761c84e3ae5f99cd56f9ebb3315c38f39b6024ddb7ee7995daf5bfc64bbda0e73691a01a5dd568fb8b3e2ec8fad1a46853514b432e8805b38339064ea61eae22fecce44b1abb1f46203d27e6f074bea5b37fe9fb35f558e8d7c9afaeec4fda3b96a17fd7ea819e8c0843c832d6beb6e30d99d2695431f9e001c201a63baf05c79e6bf4ef1bf66c0544ace25b96e8ee3a0591cd82ad3576164af1458809f5de21a45f8679036f3f227e463fed88bdc699b62042146e4295990b75f68845b04f84a9fd9622d44e0be5e2740379b8cfca55aee9ca6005b3bf6c195816a6e2024b50cd158563514f71c5f99a0929b07a09252194d6b7dfe2f1bcfe4b63949cb22d63b437afd3a9f8c85db4e0e6e6bc78b902c9316d8c63577af62bf86d86c006397cbc5049868f5ca69fcd794f253223b331bcfd0871dc78eed3b4cd9a90936a9fca9e8aa9335ea4677d2f5b975ccc70effb0241d25b25665a7be4984862ed51d0c4b58908059c605e167970f0e8464d8767b6a4c8478a67e380c80d76acbffc5fb533a5bbf66cd4f479e64e6dd612751cd37ebd714f555fcd8529f013e4a48746ab4004a6383ccdf366f507c4f679e26e1a181572017933f4a7d0f285df7b02e3309455ec716a9fbbef2b1bcf8683c20a2c6c2e6b0558e10d349c1b6ab8ce53c05a06d3b217890ca020046b7f226af89252c98d14d8b983d6e6bbb7a9ba8d8b104678ff274409c2fb0717968b0055edc1bc78c4c6c442f53f2c33528fc8361f74931c8b7d03a6fe697d43a81e21b9f36681852feed2f6b9d1c1370f66954a5cd3f997474dbbeac43acf1a908fdead546a977c317d41d1b909afb5c060727ee9266618872580babf33b075cf4c79bf25456b24d966bff316f6380c38363ca6e634bef856bf251df2626fbef7d5717e6364b2077fe8e97e718778b2ec9c14f4c1981ba063088c0a75a5eec351d60458622dfa2b29ffdc2e95b6cb30a4b5b045531d04bb98ed5d8217bffdea98255c9d32e6f0c966bf41a36480bcb12cc20a36898aa998601e86fcc5e652e07f7700a1bd8dc5ecd356604cff22eb1249f48817481a37b150061748f9a6542cfba431775424c667bb1495879f5c067c0d1fd1b1a4716bba0fe69b124eda22a037cc48980075227ce7ec83b7656a82d65a4f0124044333970a923f22677fcb5c4138170f5481f48d6dff2c9edc81381a7d242c91dbb81fcf2c04273a9a17be8f9ba61deb37ecf097851388d735b55fa8e3550d7ff8a201bc6d60f61c99b5c3b25b5e69605917f1bb01c79b9e0bc6173c598768dc1e2d033db0b2468de5eeb7d34a496984e4bd9a5d72bf2ef364f089870bb3c4562826e283332e9c3d8cab303c208dfbfdcdbbd3a984e078c46698880a6145e458fde81a95855c2b1597dd660a1f03d580525c09660aaf73e6ca4a1042f4641b88e868cdca930c922e406617f2d6406d6a8662324d24517f4b3da17647b1da1f345a85b81c532d7e35428e87224b94a293bbd1dd9925153f7c2082763e0af09b9b595b7bf62fff768f57856fee557cb9f9b7560dc0ace34cc3f84d3b8205fbc6a21f9bfaf4b4b208ef9ae398cfa67e7a19529730e395f0461c7ac64b111e64dc3d5fca087b1588ba8640b3f808c7040f00e67a2731ab3f56b0ee5bedd318f0a9c63353ae3808bdb260d8dae0a7cb3835bd47b5aa35baf283009794a37734bdc752aa4ad52182f27aed27156659d38573e99c944abbeaf322b233c4b769735d33e2328bb42a69aafd6b27d5567fe0d2c447bdb0ef997e6edb9d9d0f9053a733f897186efc6d6e97bae88bb80d6119f9bc7db5e394f7c9703a28e40c96bca88685c1878b1ecb3a81d3970a3b8b0f6c0d78521b4b4f1fdc94d0e3b5fe40b4e556ca2c1e646a3eb8ac1104627262f5b50b9258291f474e4c8f4c76b24297b8e2dd940113ee085dc7c42c46694d79362637731ac7e602b6084a39a74ba15fa6ee772f1f8bbd5240ca300395f69c6682dd66fdddb28247f067993f1ff1c3895257c8291343191232c3eb61be2fb9b82e0c2f00fd4828e11c38355c8ee211f55eccf8c910756685d639e22d1e1855243f1e51a9fe3f9be25a350acaafa286be49afe0056c8c9d51b81ce10fbc68f77713c7dcbd8dfa2347b5f1054809313e11b00748afe275c0eda04bc5fbc08b54e3db9c10b7dc54b2cb6e2c9c8a1fd9153f1915dd4fe5a49767c72666adc6d31448b74aa484537c5b34a2abb3463a2f9246ec545066753a35e0d47c08aa68c01c095fb7bad61d8827ca74ee2c92db4e73b45759d0937ac1f7e9da5bdfbd8cdcca356ef850481a64463b2dae470f6ae7df942b11466cce9f7f0256e4867f7b36d2c4ab3a910bebf06857775509ad24176ddb7173780256382d7877efde2997a560b2dfcf11c2e06a51dabe1610ae5a0b6a3cbe2ad2d12099421c96ce4024f6717be19bdc46111ba8a64a1bc780fea7e4636742a4fa8e08c94717f8e3ef910b639b8f864ebee0ebe6b3cefdf77292fd1856ca8f0470a2f0e0a85c5072a46620e412e6dde83c06f69820f6a792cfc693552fcb17986363622729d44d61a68ab134406f139f89c7ec7aee5352bb4819e08b8b7ebb147d86b7de30859e4da81e6d0f861126bf1998232529cf5f4257a54778516fb193af52ee8c8594390ca9151e945cd5cd50164e485e55eeb34b9507a2997387ddf57e11d0a6831276af82de19a572ef013989988819ef9fdfeab46a357a7686a90105bd294f5ba70f23670e0f967a63907c05d02c767f7cc5073b54dbd93d1995bd6313d6ce73aea283425617a785a163f59ded98069bf924e007e87098d121cf130b659cd9fae6144ccb15f5434be644a9a2d7408b11387f91220f83cfeceee64f77d22405f9e692e85930c1b7d084d6be046eea18c1c59485ce334832d970b2d5b24d7c5c1df62f89bfeddee9796ee9684162a2fe098409582b562d38f2891ef4a5f55389cba66f33cb0581d7039e4597d20a80da26e677a395b150ac2137186f6efb0ee412c91a253e18319b5b2c0cc14a8ca6a157f4c1d696c8ee33d376ebaaa0fcf2e0c51d141af85cdbb7e12bd1817ad18e2bdb26bd29f5bc0eaceb5f44529fffd3bdfac31be7951d2a5284d63e64d82346511ad0953bb6425d834ad2bd610f8091235f5ad7a4c5c831a60eab12e5057e781d09a05de992ac3df73cb0b3aa626b8d1809f2ddab60831f435c7c5c611ef6560531723c1ef9ef2d631fbd59bdabf80f6e0488275dbab9b5e381ccbdf812573c76e0b8fca396b33c2cf48eaea99024072d355893d5aac5a5c313754cf8e7cef622a739beaf8866d24150bb13e4f74a2cea150267f9ea36b9c8c779d8ddd590dc0758c99ee2c6c91ed7a292a2b63ac2eb293676581b09b6956292ff20557564932edaba5ce9ebd16d606673c57025adb3cf75a555686048fc2ea2e71574718c76e13417d85d33d8e866359d404e0831b0bfb17973654763cc95be121f5deac224fc8d5905738cdc957bc13569edb6c6afcce653dc3e50d4d6ba581722d3af58dee71213a56dab6761a42deca091f7d524fb2f7f4fe0c8ab52b0e63dea3c43ea847cb7e8dc921596fe95ca057e611f4846b1ac4095a32d0986a8c6af395f8ed76f8feac99063b19693f2fd1789210be826af24823b3ff9ae5bc1ce57844c97292ba3265a389bbe1a5d76e4e388585e83a7f009bc858ac57eaa1e289465b5bc37d63e22949389096d06a6b6aec850aff996d5edebb1f8138880ee5c7851a72424dbadeecbfc274f51e86fd344d5d2a3f1c1b12509441cd7c9bae7cf50dc06d3c7abbd547ffe81be8d80efb8c1dbbb69c4164288a44ba363b4b0eb047a351259890bd6a5281d08179710edccd6828d58f8a637c6a77e438bbd77f1a8cef6b3795c6706c0a72a73073f08aa3043c2c3d0a239a404272d9ec9861e43d0ff6e1b6286010022eda8459cd7583e102a8f8a3c16a87f3fd3cf72af40e8826b0869578565996182427c4be58a8cd07a831149e020fbcfeac26e552be23da29e10fd8fa083062f50826ccdec37a697728101e6b7244234950306991edd5db9f34144a64fb589d86245da7e7af2e1c9db825210aecca6dac74af14e43be51877374a6daa7ec6f768dea8e48ab50b4747d0b22e2cb2c51110582a1a6ecf415fce4203dbca0991468eae3b8cd82a90b0aa3e235d351ffb2c0bfbb79e8b878554868919eb04b45cb6f0b2686116c818c527da7316fd544b3424dfd4426bfadfaa2ecec2cf8f2ec2780f122916a15f91ede656d3e1c612d2cddac160f8abb036eab9146b7334f46836dbcdd856076b1ed53e0114d764c1345b2799553f0a9696c16502f887a4c611235d845475c4e45bcaab7d5f61f1d343280b55e81cd1fbc44e4e89d57c1a2bf070de28f2f1abc8d876a8e3fa1f565c57f36afa06234793ee88dd45dbe44d13ca1fa1c72951c2f1d7327be72a264ef95673519f8e80888009ba87915e1e0e71d5c91a457aea2e5d6b04f9ffc96b1c3cd9c94f9c92988f7071283cc0157b90cf6d0786b3e1d5fc0496afadf6d789c4047891d24706e7e4b2dc7339f0898f10b273ed55452448256be1f0cf631e14eaae21bb95abd1f9a9aed70e9cbcf4e5594b1f2a10e49249378a81ccde7c2bfcfe9b49e4c8a363e6833cfe1ed2f417412e40cea805cab97ce173cf3276c6c0120f866890b110881e815279df2ce1524a70057e9eadb969e6a87b95639ecd2bde173f398d9dc5788d319c6376478ae896f7c853bf227dfd2880d28667527aa602763db640c35102df9a1dbd15769fc5a047b66c5a12358e5ff0cd17cf8b864e7fa5a79bbe1ceece4455c179fdf2f27c928ca89f6e9779644ce9214d0152b8b5ec200e2ec465312acd98522784e5f9c8c3635c9fdec17659616bf9d9e8504cee80fde4e2b667b71d73c3d1e025e3b2413c751c920ec63ffeee8702df7a3b5f11846beb102051f46a18740a74692819c0b893a1a59a8a3e905caea4e62edf4edb11982e5c2f724afef11878da401ed247f5f68fe1c88304303c1113fda84d06414c51296cca93bd5934f476d845cb80a1d4d66c4d59532981aee6aa2791a99ff85f9ecb39a36e820bd5d18825b432619caafce9a748afb6ec19dcd38a49cd2b7caea9da963e70836698d8c7bd3f8bcdfdeb06ee64820e9ba71a4aa8e2fb169b773a617c0193f3676488f6878e7cc2840de345b6dae94261548338a19c156b42547e75cfc09ab48f963638ad7f9b9b3834c018107f0cfd6832c69670c8d078d0191f1fcb400ad8c799a0f54a82b73e2c212b94c7f4947d9108d0659b045c1d1de88035c", 0x1000}, {&(0x7f0000002340)="e54c0777e80cd571b897d100631a42a65ccde9865ef1f7e58f174ecf57d6ae5271cd71fcd1fdd22fef4ca6bd10535d2e35410fb05af287846e", 0x39}, {&(0x7f0000002840)="a7f21c41f89ec14eefd9737a8c68561fed506b21fc8058ea0e667a7a8e9a59c72f817d30525132b4dbda8b45eae75519abde55a87f0db33505354f4206e5e8b4646ce7fec03ad6f56dae25d3ddfc0bb5754d8c826ea00480c980a33f65bdffd616f7f15a286ba386cc4780fdc78d5f74fe01abf4d5d5e1d048beb2d49fe6225127f3468bebafe861f9c17e3a043d95c46c97ee308a1a81718cf14d216414aaaf00e51425df007ccd443864f704e8050d57c15524057278a6e1d1a1e3d7c9bd638fa94ebb01bfce3dc9e0bca561e902d02d5693a4d2bdef5e9dac6a8e285e664de5363d1839b4efd67f0ed728d03cceb3234f03d63c368ed23fd12e640da2e1e9813c4ccbee86a352ac63df0519362ac3113935389142f974af34bde8022a65a001f59a27bf048be365df4f8d0328d17a52ea", 0x132}, {&(0x7f0000002440)="611733bd55ea1ef8", 0x8}, {&(0x7f0000002480)="9a06538c53a277cf291a9a8bb92201fc1759d2e3506096b809a76ea9d63f56821b4e839955c3c6b808e3319a7082d6fdd75b850c3bb9d9a00c7e4ccf5d51c3a9822d1389c7df7f41e786327ce77d296ba5ae14d0ef558b679d08989254f9fb179a2393e1882a2019581c1d033ec77f329b01d8ff6ed679586f1e3bc3aa363d67854451b380f51742c3fce8354832f638f10cdb45c230659526f04bed4edc5b4a820b669aec8d23f242590d29466219fc4c864c27983793149233f952a402d9ed6a95f0ec9b7e42faad4db5999d5e50f1cf27326dd07ff767f4a80ded5fe9090042c419952506fde051", 0xe9}, {&(0x7f0000002580)="73eacdaf788e1cce71008c9a4e02e01fc89ec924b6fd18dbe29c872d7bf1e004e04f449b3181624f95ffeb70338da5728573d5844818dbdad4203719e4720f7a36decd57140c4a3899024f3f521838dac6e364991091a804558392", 0x5b}], 0x8, &(0x7f0000002680)="fd141e22a132858acc8801c4cb495e6f3e515835c03da5122f1295b159512466898939891365697b6a90db9cee8b55ee1bd56db6ccd959122b5d9c0bba6720792e4b2ea5a32944eb44cfc2eeb50312ebc2a8c2bf5e8e10f92bb1e42de6ed11feb267c86bf6a3493be7181cdf7525f635e7b48b4c015266322b7c41b7a0c8c8392ea2e708bed61efa5cd39a3e7dd0a2bb63bf713b97bb7e1eba978f12986c74728e909e4fc70019db10877f2e6983d8756fdc71b15a0fec8d1d7966d6627c1e4a9fd19c3daf4708250c226e883715ddeaa2821a548231f5", 0xd7, 0x80}, 0x10) (async, rerun: 32)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r0, 0xffffffffffffffff, 0x24}, 0x10) (async)
r6 = bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000002800)={r4, r1, 0x5}, 0x10)
r7 = bpf$ITER_CREATE(0x21, &(0x7f0000000240)={r6}, 0x8) (async)
r8 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r8, 0xffffffffffffffff, 0x24}, 0x10)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r7, 0x2405, r8) (async)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000080)={&(0x7f00000000c0)='./file0/file0\x00', r0}, 0x10)

[ 2634.903544][T27600] FAULT_INJECTION: forcing a failure.
[ 2634.903544][T27600] name failslab, interval 1, probability 0, space 0, times 0
[ 2634.923547][T27600] CPU: 0 PID: 27600 Comm: syz-executor.4 Not tainted 5.15.91-syzkaller-02991-g7e0097918ff8 #0
[ 2634.933604][T27600] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 2634.943496][T27600] Call Trace:
[ 2634.946619][T27600]  <TASK>
[ 2634.949398][T27600]  dump_stack_lvl+0x151/0x1b7
[ 2634.953912][T27600]  ? io_uring_drop_tctx_refs+0x19a/0x19a
[ 2634.959381][T27600]  dump_stack+0x15/0x17
[ 2634.963376][T27600]  should_fail+0x3c0/0x510
[ 2634.967626][T27600]  __should_failslab+0x9f/0xe0
[ 2634.972224][T27600]  should_failslab+0x9/0x20
[ 2634.976581][T27600]  kmem_cache_alloc+0x4f/0x2f0
[ 2634.981165][T27600]  ? vm_area_dup+0x26/0x220
[ 2634.985503][T27600]  vm_area_dup+0x26/0x220
[ 2634.989667][T27600]  dup_mmap+0x6c8/0xf10
[ 2634.993663][T27600]  ? __delayed_free_task+0x20/0x20
[ 2634.998609][T27600]  ? mm_init+0x807/0x960
[ 2635.002690][T27600]  dup_mm+0x8e/0x2e0
[ 2635.006422][T27600]  copy_mm+0x108/0x1b0
[ 2635.010329][T27600]  copy_process+0x1295/0x3250
[ 2635.014844][T27600]  ? proc_fail_nth_write+0x213/0x290
[ 2635.019960][T27600]  ? proc_fail_nth_read+0x220/0x220
[ 2635.024996][T27600]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2635.029939][T27600]  ? vfs_write+0xa37/0x1160
[ 2635.034280][T27600]  ? numa_migrate_prep+0xe0/0xe0
[ 2635.039053][T27600]  kernel_clone+0x21d/0x9c0
[ 2635.043402][T27600]  ? file_end_write+0x1b0/0x1b0
[ 2635.048084][T27600]  ? __kasan_check_write+0x14/0x20
[ 2635.053034][T27600]  ? create_io_thread+0x1e0/0x1e0
[ 2635.057889][T27600]  ? __mutex_lock_slowpath+0x10/0x10
[ 2635.063009][T27600]  __x64_sys_clone+0x289/0x310
[ 2635.067609][T27600]  ? __do_sys_vfork+0x130/0x130
[ 2635.072302][T27600]  ? debug_smp_processor_id+0x17/0x20
[ 2635.077505][T27600]  do_syscall_64+0x44/0xd0
[ 2635.081755][T27600]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2635.087485][T27600] RIP: 0033:0x7fdb204c00c9
[ 2635.091737][T27600] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2635.111182][T27600] RSP: 002b:00007fdb1f233118 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 2635.119429][T27600] RAX: ffffffffffffffda RBX: 00007fdb205dff80 RCX: 00007fdb204c00c9
[ 2635.127233][T27600] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000007c0ad480
[ 2635.135048][T27600] RBP: 00007fdb1f2331d0 R08: 0000000000000000 R09: 0000000000000000
[ 2635.142857][T27600] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000002
10:53:16 executing program 4:
syz_clone(0x7c0ad580, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 63)

10:53:16 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0x44)
unlink(&(0x7f00000000c0)='./file0\x00')
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
mkdir(&(0x7f0000000000)='./file0\x00', 0x44) (async)
unlink(&(0x7f00000000c0)='./file0\x00') (async)

10:53:16 executing program 0:
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000080), 0xc)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
unlink(&(0x7f00000000c0)='./file0\x00')

10:53:16 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFINDEX(r0, 0x400454da, &(0x7f00000011c0))
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x80100, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x100, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f00000011c0))
ioctl$TUNSETOFFLOAD(r1, 0x400454d0, 0x18)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r2, 0x400454cd, 0x335)
ioctl$TUNGETDEVNETNS(r2, 0x54e3, 0x0)

10:53:16 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
unlink(&(0x7f00000000c0)='./file0\x00')
r0 = perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x4, 0x6, 0x5, 0x8, 0x0, 0x100000000, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x4, 0x3, @perf_bp={&(0x7f0000000000), 0x1}, 0x110, 0x0, 0x7, 0x4, 0x7fff, 0xffffffe1, 0xfff, 0x0, 0x10000, 0x0, 0x9}, 0x0, 0x10, 0xffffffffffffffff, 0x2)
ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0x1)

[ 2635.150673][T27600] R13: 00007ffddc47e1af R14: 00007fdb1f233300 R15: 0000000000022000
[ 2635.158481][T27600]  </TASK>
[ 2635.182322][T27636] FAULT_INJECTION: forcing a failure.
[ 2635.182322][T27636] name fail_page_alloc, interval 1, probability 0, space 0, times 0
10:53:16 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x339)

10:53:16 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0)
mkdir(&(0x7f0000000000)='./file0/file0/file0\x00', 0xa0)

10:53:16 executing program 0:
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000080), 0xc)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
unlink(&(0x7f00000000c0)='./file0\x00')

10:53:16 executing program 0:
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000080), 0xc)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
unlink(&(0x7f00000000c0)='./file0\x00')

10:53:16 executing program 0:
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000080), 0xc)
unlink(&(0x7f0000000000)='./file0/file0/file0\x00')
unlink(&(0x7f00000000c0)='./file0\x00')

[ 2635.206064][T27636] CPU: 1 PID: 27636 Comm: syz-executor.4 Not tainted 5.15.91-syzkaller-02991-g7e0097918ff8 #0
[ 2635.216119][T27636] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 2635.226018][T27636] Call Trace:
[ 2635.229139][T27636]  <TASK>
[ 2635.231918][T27636]  dump_stack_lvl+0x151/0x1b7
[ 2635.236430][T27636]  ? io_uring_drop_tctx_refs+0x19a/0x19a
[ 2635.241898][T27636]  ? post_alloc_hook+0x1ab/0x1b0
[ 2635.246675][T27636]  dump_stack+0x15/0x17
[ 2635.250661][T27636]  should_fail+0x3c0/0x510
10:53:16 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0)
mkdir(&(0x7f0000000000)='./file0/file0/file0\x00', 0xa0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0) (async)
mkdir(&(0x7f0000000000)='./file0/file0/file0\x00', 0xa0) (async)

10:53:16 executing program 0:
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000080), 0xc)
unlink(&(0x7f0000000000)='./file0/file0/file0\x00')
unlink(&(0x7f00000000c0)='./file0\x00')

[ 2635.254920][T27636]  should_fail_alloc_page+0x58/0x70
[ 2635.259950][T27636]  __alloc_pages+0x1de/0x7c0
[ 2635.264384][T27636]  ? __count_vm_events+0x30/0x30
[ 2635.269152][T27636]  ? __this_cpu_preempt_check+0x13/0x20
[ 2635.274530][T27636]  ? __mod_node_page_state+0xac/0xf0
[ 2635.279654][T27636]  pte_alloc_one+0x73/0x1b0
[ 2635.283988][T27636]  ? pfn_modify_allowed+0x2e0/0x2e0
[ 2635.289034][T27636]  ? __kasan_check_read+0x11/0x20
[ 2635.293883][T27636]  ? copy_present_pte+0x76f/0xe60
[ 2635.298742][T27636]  __pte_alloc+0x86/0x350
[ 2635.302908][T27636]  ? copy_pte_range+0x1780/0x1780
[ 2635.307768][T27636]  ? free_pgtables+0x210/0x210
[ 2635.312366][T27636]  ? _raw_spin_lock+0xa3/0x1b0
[ 2635.316972][T27636]  ? _raw_spin_trylock_bh+0x1d0/0x1d0
[ 2635.322177][T27636]  ? unwind_get_return_address+0x4c/0x90
[ 2635.327643][T27636]  copy_pte_range+0x11be/0x1780
[ 2635.332336][T27636]  ? __kasan_check_write+0x14/0x20
[ 2635.337276][T27636]  ? stack_trace_snprint+0x100/0x100
[ 2635.342398][T27636]  ? __kunmap_atomic+0x80/0x80
[ 2635.346995][T27636]  ? kmem_cache_alloc+0x189/0x2f0
[ 2635.351863][T27636]  ? vm_area_dup+0x26/0x220
[ 2635.356198][T27636]  ? dup_mmap+0x6c8/0xf10
[ 2635.360364][T27636]  ? dup_mm+0x8e/0x2e0
[ 2635.364269][T27636]  ? copy_mm+0x108/0x1b0
[ 2635.368349][T27636]  ? copy_process+0x1295/0x3250
[ 2635.373036][T27636]  ? kernel_clone+0x21d/0x9c0
[ 2635.377554][T27636]  ? __x64_sys_clone+0x289/0x310
[ 2635.382321][T27636]  ? do_syscall_64+0x44/0xd0
[ 2635.386753][T27636]  copy_page_range+0xc1e/0x1090
[ 2635.391437][T27636]  ? pfn_valid+0x1e0/0x1e0
[ 2635.395690][T27636]  dup_mmap+0x9af/0xf10
[ 2635.399681][T27636]  ? __delayed_free_task+0x20/0x20
[ 2635.404628][T27636]  ? mm_init+0x807/0x960
[ 2635.408706][T27636]  dup_mm+0x8e/0x2e0
[ 2635.412438][T27636]  copy_mm+0x108/0x1b0
[ 2635.416346][T27636]  copy_process+0x1295/0x3250
[ 2635.420857][T27636]  ? proc_fail_nth_write+0x213/0x290
[ 2635.425983][T27636]  ? proc_fail_nth_read+0x220/0x220
[ 2635.431018][T27636]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2635.435959][T27636]  ? vfs_write+0xa37/0x1160
[ 2635.440299][T27636]  ? numa_migrate_prep+0xe0/0xe0
[ 2635.445072][T27636]  kernel_clone+0x21d/0x9c0
[ 2635.449414][T27636]  ? file_end_write+0x1b0/0x1b0
[ 2635.454100][T27636]  ? __kasan_check_write+0x14/0x20
[ 2635.459047][T27636]  ? create_io_thread+0x1e0/0x1e0
[ 2635.463906][T27636]  ? __mutex_lock_slowpath+0x10/0x10
[ 2635.469026][T27636]  __x64_sys_clone+0x289/0x310
[ 2635.473628][T27636]  ? __do_sys_vfork+0x130/0x130
[ 2635.478319][T27636]  ? debug_smp_processor_id+0x17/0x20
[ 2635.483530][T27636]  do_syscall_64+0x44/0xd0
[ 2635.487775][T27636]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2635.493507][T27636] RIP: 0033:0x7fdb204c00c9
[ 2635.497757][T27636] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2635.517196][T27636] RSP: 002b:00007fdb1f233118 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 2635.525442][T27636] RAX: ffffffffffffffda RBX: 00007fdb205dff80 RCX: 00007fdb204c00c9
[ 2635.533255][T27636] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000007c0ad480
[ 2635.541062][T27636] RBP: 00007fdb1f2331d0 R08: 0000000000000000 R09: 0000000000000000
[ 2635.548875][T27636] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000002
10:53:17 executing program 4:
syz_clone(0x7c0ad580, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 64)

10:53:17 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0) (async)
mkdir(&(0x7f0000000000)='./file0/file0/file0\x00', 0xa0)

10:53:17 executing program 0:
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000080), 0xc)
unlink(&(0x7f0000000000)='./file0/file0/file0\x00')
unlink(&(0x7f00000000c0)='./file0\x00')

10:53:17 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
unlink(&(0x7f00000000c0)='./file0\x00') (async, rerun: 32)
r0 = perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x4, 0x6, 0x5, 0x8, 0x0, 0x100000000, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x4, 0x3, @perf_bp={&(0x7f0000000000), 0x1}, 0x110, 0x0, 0x7, 0x4, 0x7fff, 0xffffffe1, 0xfff, 0x0, 0x10000, 0x0, 0x9}, 0x0, 0x10, 0xffffffffffffffff, 0x2) (rerun: 32)
ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0x1)

10:53:17 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFINDEX(r0, 0x400454da, &(0x7f00000011c0))
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x80100, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x100, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f00000011c0))
ioctl$TUNSETOFFLOAD(r1, 0x400454d0, 0x18)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r2, 0x400454cd, 0x335)
ioctl$TUNGETDEVNETNS(r2, 0x54e3, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0) (async)
ioctl$TUNSETIFINDEX(r0, 0x400454da, &(0x7f00000011c0)) (async)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x80100, 0x0) (async)
openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x100, 0x0) (async)
openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0) (async)
ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f00000011c0)) (async)
ioctl$TUNSETOFFLOAD(r1, 0x400454d0, 0x18) (async)
openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) (async)
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x0) (async)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1}) (async)
ioctl$TUNSETLINK(r2, 0x400454cd, 0x335) (async)
ioctl$TUNGETDEVNETNS(r2, 0x54e3, 0x0) (async)

[ 2635.556689][T27636] R13: 00007ffddc47e1af R14: 00007fdb1f233300 R15: 0000000000022000
[ 2635.564499][T27636]  </TASK>
10:53:17 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)

10:53:17 executing program 0:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
unlink(&(0x7f0000000000)='./file0/file0/file0\x00')
unlink(&(0x7f00000000c0)='./file0\x00')

10:53:17 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
unlink(&(0x7f00000000c0)='./file0\x00') (async)
r0 = perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x4, 0x6, 0x5, 0x8, 0x0, 0x100000000, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x4, 0x3, @perf_bp={&(0x7f0000000000), 0x1}, 0x110, 0x0, 0x7, 0x4, 0x7fff, 0xffffffe1, 0xfff, 0x0, 0x10000, 0x0, 0x9}, 0x0, 0x10, 0xffffffffffffffff, 0x2)
ioctl$PERF_EVENT_IOC_REFRESH(r0, 0x2402, 0x1)

10:53:17 executing program 2:
mkdir(&(0x7f0000000040)='./file0/file0\x00', 0x14f)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000300), 0x4)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000002c0)='blkio.bfq.io_queued\x00', 0x0, 0x0)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000340)={0xffffffffffffffff, r1, 0x16}, 0x10)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r2, 0x1, 0x32, &(0x7f0000000300), 0x4)
recvmsg(r2, &(0x7f0000000280)={&(0x7f0000000080)=@nl, 0xfffffffffffffee7, &(0x7f0000000540)=[{&(0x7f0000000140)=""/86}, {&(0x7f0000000380)=""/101}, {&(0x7f0000000400)=""/96}, {&(0x7f0000000580)=""/179}], 0x0, &(0x7f0000000480)=""/154, 0x96}, 0x2000)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000880)={r1, 0x20, &(0x7f0000000840)={&(0x7f00000007c0)=""/61, 0x3d, <r3=>0x0, &(0x7f0000000800)=""/25, 0x19}}, 0x10)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000900)=@bpf_lsm={0x1d, 0x2, &(0x7f0000000980)=ANY=[@ANYBLOB="b733ffff010000003c37f4fffcffffffd73dd055c5df7f0a7bfc5db3385832df2801f5b6f2178f4bdcc24e237be620c918151974f2bd2c7c24937eb7b50aed1bb65873a61689dbeba55689a0dbc2a04b61e709e68325c6e1c6d810d53a3ecffe6a12106f6996529f065e07e3c42bee009b1d6f0d575f7743cf16fe05c485ae7114fb4ead27cdeb64139af41763b1931cff20152a69b8920c1f6e9b1ef2e23cc8495fa0cb43c5c3642521de2d636c841972a519e060b28c0fa30ebb5b58f67e6ec69ca96aceddfc5d3994743d23d97782c03497e763b99ad56bd7637cc93e718ceae159ea513b044c54f1e9"], &(0x7f0000000680)='GPL\x00', 0x1f, 0x5e, &(0x7f00000006c0)=""/94, 0x41000, 0x17, '\x00', 0x0, 0x1b, r1, 0x8, &(0x7f0000000740)={0x2, 0x3}, 0x8, 0x10, &(0x7f0000000780)={0x4, 0xd, 0x1e, 0x93}, 0x10, r3, 0x0, 0x0, &(0x7f00000008c0)}, 0x80)
openat$cgroup_ro(r1, &(0x7f00000001c0)='blkio.bfq.io_merged_recursive\x00', 0x0, 0x0)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000240)={&(0x7f0000000200)='./file0/file0\x00', 0x0, 0x8}, 0x10)

10:53:17 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFINDEX(r0, 0x400454da, &(0x7f00000011c0))
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x80100, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x100, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f00000011c0))
ioctl$TUNSETOFFLOAD(r1, 0x400454d0, 0x18)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r2, 0x400454cd, 0x335)
ioctl$TUNGETDEVNETNS(r2, 0x54e3, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0) (async)
ioctl$TUNSETIFINDEX(r0, 0x400454da, &(0x7f00000011c0)) (async)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x80100, 0x0) (async)
openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x100, 0x0) (async)
openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0) (async)
ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f00000011c0)) (async)
ioctl$TUNSETOFFLOAD(r1, 0x400454d0, 0x18) (async)
openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) (async)
ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x0) (async)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1}) (async)
ioctl$TUNSETLINK(r2, 0x400454cd, 0x335) (async)
ioctl$TUNGETDEVNETNS(r2, 0x54e3, 0x0) (async)

10:53:17 executing program 2:
mkdir(&(0x7f0000000040)='./file0/file0\x00', 0x14f)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000300), 0x4)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000002c0)='blkio.bfq.io_queued\x00', 0x0, 0x0)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000340)={0xffffffffffffffff, r1, 0x16}, 0x10)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r2, 0x1, 0x32, &(0x7f0000000300), 0x4)
recvmsg(r2, &(0x7f0000000280)={&(0x7f0000000080)=@nl, 0xfffffffffffffee7, &(0x7f0000000540)=[{&(0x7f0000000140)=""/86}, {&(0x7f0000000380)=""/101}, {&(0x7f0000000400)=""/96}, {&(0x7f0000000580)=""/179}], 0x0, &(0x7f0000000480)=""/154, 0x96}, 0x2000)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000880)={r1, 0x20, &(0x7f0000000840)={&(0x7f00000007c0)=""/61, 0x3d, <r3=>0x0, &(0x7f0000000800)=""/25, 0x19}}, 0x10)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000900)=@bpf_lsm={0x1d, 0x2, &(0x7f0000000980)=ANY=[@ANYBLOB="b733ffff010000003c37f4fffcffffffd73dd055c5df7f0a7bfc5db3385832df2801f5b6f2178f4bdcc24e237be620c918151974f2bd2c7c24937eb7b50aed1bb65873a61689dbeba55689a0dbc2a04b61e709e68325c6e1c6d810d53a3ecffe6a12106f6996529f065e07e3c42bee009b1d6f0d575f7743cf16fe05c485ae7114fb4ead27cdeb64139af41763b1931cff20152a69b8920c1f6e9b1ef2e23cc8495fa0cb43c5c3642521de2d636c841972a519e060b28c0fa30ebb5b58f67e6ec69ca96aceddfc5d3994743d23d97782c03497e763b99ad56bd7637cc93e718ceae159ea513b044c54f1e9"], &(0x7f0000000680)='GPL\x00', 0x1f, 0x5e, &(0x7f00000006c0)=""/94, 0x41000, 0x17, '\x00', 0x0, 0x1b, r1, 0x8, &(0x7f0000000740)={0x2, 0x3}, 0x8, 0x10, &(0x7f0000000780)={0x4, 0xd, 0x1e, 0x93}, 0x10, r3, 0x0, 0x0, &(0x7f00000008c0)}, 0x80)
openat$cgroup_ro(r1, &(0x7f00000001c0)='blkio.bfq.io_merged_recursive\x00', 0x0, 0x0)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000240)={&(0x7f0000000200)='./file0/file0\x00', 0x0, 0x8}, 0x10)
mkdir(&(0x7f0000000040)='./file0/file0\x00', 0x14f) (async)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0) (async)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)) (async)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000300), 0x4) (async)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000002c0)='blkio.bfq.io_queued\x00', 0x0, 0x0) (async)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000340)={0xffffffffffffffff, r1, 0x16}, 0x10) (async)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)) (async)
setsockopt$sock_attach_bpf(r2, 0x1, 0x32, &(0x7f0000000300), 0x4) (async)
recvmsg(r2, &(0x7f0000000280)={&(0x7f0000000080)=@nl, 0xfffffffffffffee7, &(0x7f0000000540)=[{&(0x7f0000000140)=""/86}, {&(0x7f0000000380)=""/101}, {&(0x7f0000000400)=""/96}, {&(0x7f0000000580)=""/179}], 0x0, &(0x7f0000000480)=""/154, 0x96}, 0x2000) (async)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000880)={r1, 0x20, &(0x7f0000000840)={&(0x7f00000007c0)=""/61, 0x3d, 0x0, &(0x7f0000000800)=""/25, 0x19}}, 0x10) (async)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000900)=@bpf_lsm={0x1d, 0x2, &(0x7f0000000980)=ANY=[@ANYBLOB="b733ffff010000003c37f4fffcffffffd73dd055c5df7f0a7bfc5db3385832df2801f5b6f2178f4bdcc24e237be620c918151974f2bd2c7c24937eb7b50aed1bb65873a61689dbeba55689a0dbc2a04b61e709e68325c6e1c6d810d53a3ecffe6a12106f6996529f065e07e3c42bee009b1d6f0d575f7743cf16fe05c485ae7114fb4ead27cdeb64139af41763b1931cff20152a69b8920c1f6e9b1ef2e23cc8495fa0cb43c5c3642521de2d636c841972a519e060b28c0fa30ebb5b58f67e6ec69ca96aceddfc5d3994743d23d97782c03497e763b99ad56bd7637cc93e718ceae159ea513b044c54f1e9"], &(0x7f0000000680)='GPL\x00', 0x1f, 0x5e, &(0x7f00000006c0)=""/94, 0x41000, 0x17, '\x00', 0x0, 0x1b, r1, 0x8, &(0x7f0000000740)={0x2, 0x3}, 0x8, 0x10, &(0x7f0000000780)={0x4, 0xd, 0x1e, 0x93}, 0x10, r3, 0x0, 0x0, &(0x7f00000008c0)}, 0x80) (async)
openat$cgroup_ro(r1, &(0x7f00000001c0)='blkio.bfq.io_merged_recursive\x00', 0x0, 0x0) (async)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000240)={&(0x7f0000000200)='./file0/file0\x00', 0x0, 0x8}, 0x10) (async)

[ 2635.600667][T27683] FAULT_INJECTION: forcing a failure.
[ 2635.600667][T27683] name failslab, interval 1, probability 0, space 0, times 0
[ 2635.616887][T27683] CPU: 0 PID: 27683 Comm: syz-executor.4 Not tainted 5.15.91-syzkaller-02991-g7e0097918ff8 #0
[ 2635.626943][T27683] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 2635.636839][T27683] Call Trace:
[ 2635.639960][T27683]  <TASK>
[ 2635.642740][T27683]  dump_stack_lvl+0x151/0x1b7
10:53:17 executing program 2:
mkdir(&(0x7f0000000040)='./file0/file0\x00', 0x14f) (async)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000300), 0x4) (async)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000002c0)='blkio.bfq.io_queued\x00', 0x0, 0x0)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000340)={0xffffffffffffffff, r1, 0x16}, 0x10) (async)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r2, 0x1, 0x32, &(0x7f0000000300), 0x4)
recvmsg(r2, &(0x7f0000000280)={&(0x7f0000000080)=@nl, 0xfffffffffffffee7, &(0x7f0000000540)=[{&(0x7f0000000140)=""/86}, {&(0x7f0000000380)=""/101}, {&(0x7f0000000400)=""/96}, {&(0x7f0000000580)=""/179}], 0x0, &(0x7f0000000480)=""/154, 0x96}, 0x2000) (async, rerun: 32)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000880)={r1, 0x20, &(0x7f0000000840)={&(0x7f00000007c0)=""/61, 0x3d, <r3=>0x0, &(0x7f0000000800)=""/25, 0x19}}, 0x10) (rerun: 32)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000900)=@bpf_lsm={0x1d, 0x2, &(0x7f0000000980)=ANY=[@ANYBLOB="b733ffff010000003c37f4fffcffffffd73dd055c5df7f0a7bfc5db3385832df2801f5b6f2178f4bdcc24e237be620c918151974f2bd2c7c24937eb7b50aed1bb65873a61689dbeba55689a0dbc2a04b61e709e68325c6e1c6d810d53a3ecffe6a12106f6996529f065e07e3c42bee009b1d6f0d575f7743cf16fe05c485ae7114fb4ead27cdeb64139af41763b1931cff20152a69b8920c1f6e9b1ef2e23cc8495fa0cb43c5c3642521de2d636c841972a519e060b28c0fa30ebb5b58f67e6ec69ca96aceddfc5d3994743d23d97782c03497e763b99ad56bd7637cc93e718ceae159ea513b044c54f1e9"], &(0x7f0000000680)='GPL\x00', 0x1f, 0x5e, &(0x7f00000006c0)=""/94, 0x41000, 0x17, '\x00', 0x0, 0x1b, r1, 0x8, &(0x7f0000000740)={0x2, 0x3}, 0x8, 0x10, &(0x7f0000000780)={0x4, 0xd, 0x1e, 0x93}, 0x10, r3, 0x0, 0x0, &(0x7f00000008c0)}, 0x80) (async, rerun: 32)
openat$cgroup_ro(r1, &(0x7f00000001c0)='blkio.bfq.io_merged_recursive\x00', 0x0, 0x0) (async, rerun: 32)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000240)={&(0x7f0000000200)='./file0/file0\x00', 0x0, 0x8}, 0x10)

[ 2635.647254][T27683]  ? io_uring_drop_tctx_refs+0x19a/0x19a
[ 2635.652722][T27683]  dump_stack+0x15/0x17
[ 2635.656715][T27683]  should_fail+0x3c0/0x510
[ 2635.660968][T27683]  __should_failslab+0x9f/0xe0
[ 2635.665566][T27683]  should_failslab+0x9/0x20
[ 2635.669905][T27683]  kmem_cache_alloc+0x4f/0x2f0
[ 2635.674509][T27683]  ? anon_vma_clone+0xa1/0x4f0
[ 2635.679114][T27683]  anon_vma_clone+0xa1/0x4f0
[ 2635.683537][T27683]  anon_vma_fork+0x91/0x4f0
[ 2635.687871][T27683]  ? anon_vma_name+0x43/0x70
[ 2635.692297][T27683]  dup_mmap+0x760/0xf10
[ 2635.696287][T27683]  ? __delayed_free_task+0x20/0x20
[ 2635.701233][T27683]  ? mm_init+0x807/0x960
[ 2635.705317][T27683]  dup_mm+0x8e/0x2e0
[ 2635.709043][T27683]  copy_mm+0x108/0x1b0
[ 2635.712950][T27683]  copy_process+0x1295/0x3250
[ 2635.717464][T27683]  ? proc_fail_nth_write+0x213/0x290
[ 2635.722590][T27683]  ? proc_fail_nth_read+0x220/0x220
[ 2635.727619][T27683]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2635.732565][T27683]  ? vfs_write+0xa37/0x1160
[ 2635.736904][T27683]  ? numa_migrate_prep+0xe0/0xe0
[ 2635.741679][T27683]  kernel_clone+0x21d/0x9c0
[ 2635.746451][T27683]  ? file_end_write+0x1b0/0x1b0
[ 2635.751137][T27683]  ? __kasan_check_write+0x14/0x20
[ 2635.756084][T27683]  ? create_io_thread+0x1e0/0x1e0
[ 2635.760948][T27683]  ? __mutex_lock_slowpath+0x10/0x10
[ 2635.766067][T27683]  __x64_sys_clone+0x289/0x310
[ 2635.770666][T27683]  ? __do_sys_vfork+0x130/0x130
[ 2635.775354][T27683]  ? debug_smp_processor_id+0x17/0x20
[ 2635.780562][T27683]  do_syscall_64+0x44/0xd0
[ 2635.784813][T27683]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2635.790545][T27683] RIP: 0033:0x7fdb204c00c9
[ 2635.794800][T27683] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2635.814239][T27683] RSP: 002b:00007fdb1f233118 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 2635.822481][T27683] RAX: ffffffffffffffda RBX: 00007fdb205dff80 RCX: 00007fdb204c00c9
[ 2635.830292][T27683] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000007c0ad480
[ 2635.838103][T27683] RBP: 00007fdb1f2331d0 R08: 0000000000000000 R09: 0000000000000000
10:53:17 executing program 4:
syz_clone(0x7c0ad580, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 65)

10:53:17 executing program 0:
mkdir(0x0, 0x0)
unlink(&(0x7f0000000000)='./file0/file0/file0\x00')
unlink(&(0x7f00000000c0)='./file0\x00')

10:53:17 executing program 3:
mkdir(&(0x7f0000000040)='./file1/file0\x00', 0x1a9)
unlink(&(0x7f00000000c0)='./file0\x00')

10:53:17 executing program 2:
ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x206)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r0, 0xffffffffffffffff, 0x24}, 0x10)
openat$cgroup_freezer_state(r0, &(0x7f00000000c0), 0x2, 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@map=r1, 0xffffffffffffffff, 0x24}, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r2, 0xffffffffffffffff, 0x24}, 0x10)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r3, 0xffffffffffffffff, 0x24}, 0x10)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000080)={r2, r3, 0x32}, 0x10)
ioctl$TUNSETSTEERINGEBPF(0xffffffffffffffff, 0x800454e0, &(0x7f0000000000)=r1)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0)

10:53:17 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
ioctl$TUNSETLINK(r1, 0x400454cd, 0x205)
ioctl$TUNGETFEATURES(r1, 0x800454cf, &(0x7f0000000000))
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335)

[ 2635.845915][T27683] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000002
[ 2635.853730][T27683] R13: 00007ffddc47e1af R14: 00007fdb1f233300 R15: 0000000000022000
[ 2635.861545][T27683]  </TASK>
[ 2635.890837][T27732] FAULT_INJECTION: forcing a failure.
[ 2635.890837][T27732] name failslab, interval 1, probability 0, space 0, times 0
[ 2635.903304][T27732] CPU: 0 PID: 27732 Comm: syz-executor.4 Not tainted 5.15.91-syzkaller-02991-g7e0097918ff8 #0
[ 2635.913306][T27732] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 2635.923201][T27732] Call Trace:
[ 2635.926327][T27732]  <TASK>
[ 2635.929101][T27732]  dump_stack_lvl+0x151/0x1b7
[ 2635.933615][T27732]  ? io_uring_drop_tctx_refs+0x19a/0x19a
[ 2635.939084][T27732]  ? vma_interval_tree_augment_rotate+0x210/0x210
[ 2635.945335][T27732]  dump_stack+0x15/0x17
[ 2635.949326][T27732]  should_fail+0x3c0/0x510
[ 2635.953578][T27732]  __should_failslab+0x9f/0xe0
[ 2635.958176][T27732]  should_failslab+0x9/0x20
[ 2635.962516][T27732]  kmem_cache_alloc+0x4f/0x2f0
[ 2635.967117][T27732]  ? anon_vma_fork+0xf7/0x4f0
[ 2635.971632][T27732]  anon_vma_fork+0xf7/0x4f0
[ 2635.975969][T27732]  ? anon_vma_name+0x43/0x70
[ 2635.980396][T27732]  dup_mmap+0x760/0xf10
[ 2635.984389][T27732]  ? __delayed_free_task+0x20/0x20
[ 2635.989336][T27732]  ? mm_init+0x807/0x960
[ 2635.993418][T27732]  dup_mm+0x8e/0x2e0
[ 2635.997146][T27732]  copy_mm+0x108/0x1b0
[ 2636.001053][T27732]  copy_process+0x1295/0x3250
[ 2636.005566][T27732]  ? proc_fail_nth_write+0x213/0x290
[ 2636.010687][T27732]  ? proc_fail_nth_read+0x220/0x220
[ 2636.015722][T27732]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2636.020670][T27732]  ? vfs_write+0xa37/0x1160
[ 2636.025008][T27732]  ? numa_migrate_prep+0xe0/0xe0
[ 2636.029781][T27732]  kernel_clone+0x21d/0x9c0
[ 2636.034119][T27732]  ? file_end_write+0x1b0/0x1b0
[ 2636.038808][T27732]  ? __kasan_check_write+0x14/0x20
[ 2636.043753][T27732]  ? create_io_thread+0x1e0/0x1e0
[ 2636.048621][T27732]  ? __mutex_lock_slowpath+0x10/0x10
[ 2636.053741][T27732]  __x64_sys_clone+0x289/0x310
[ 2636.058341][T27732]  ? __do_sys_vfork+0x130/0x130
[ 2636.063027][T27732]  ? debug_smp_processor_id+0x17/0x20
[ 2636.068231][T27732]  do_syscall_64+0x44/0xd0
[ 2636.072494][T27732]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2636.078211][T27732] RIP: 0033:0x7fdb204c00c9
[ 2636.082472][T27732] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
10:53:17 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)

10:53:17 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
ioctl$TUNSETLINK(r1, 0x400454cd, 0x205)
ioctl$TUNGETFEATURES(r1, 0x800454cf, &(0x7f0000000000))
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335)
openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) (async)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8) (async)
ioctl$TUNSETLINK(r1, 0x400454cd, 0x205) (async)
ioctl$TUNGETFEATURES(r1, 0x800454cf, &(0x7f0000000000)) (async)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1}) (async)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335) (async)

10:53:17 executing program 3:
mkdir(&(0x7f0000000040)='./file1/file0\x00', 0x1a9)
unlink(&(0x7f00000000c0)='./file0\x00')
mkdir(&(0x7f0000000040)='./file1/file0\x00', 0x1a9) (async)
unlink(&(0x7f00000000c0)='./file0\x00') (async)

10:53:17 executing program 0:
mkdir(0x0, 0x0)
unlink(&(0x7f0000000000)='./file0/file0/file0\x00')
unlink(&(0x7f00000000c0)='./file0\x00')

10:53:17 executing program 2:
ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x206)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r0, 0xffffffffffffffff, 0x24}, 0x10) (async)
openat$cgroup_freezer_state(r0, &(0x7f00000000c0), 0x2, 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@map=r1, 0xffffffffffffffff, 0x24}, 0x10) (async)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r2, 0xffffffffffffffff, 0x24}, 0x10) (async)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r3, 0xffffffffffffffff, 0x24}, 0x10) (async)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000080)={r2, r3, 0x32}, 0x10) (async)
ioctl$TUNSETSTEERINGEBPF(0xffffffffffffffff, 0x800454e0, &(0x7f0000000000)=r1)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0)

10:53:17 executing program 4:
syz_clone(0x7c0ad580, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 66)

10:53:17 executing program 3:
mkdir(&(0x7f0000000040)='./file1/file0\x00', 0x1a9) (async)
unlink(&(0x7f00000000c0)='./file0\x00')

10:53:17 executing program 0:
mkdir(0x0, 0x0)
unlink(&(0x7f0000000000)='./file0/file0/file0\x00')
unlink(&(0x7f00000000c0)='./file0\x00')

[ 2636.101907][T27732] RSP: 002b:00007fdb1f233118 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 2636.110149][T27732] RAX: ffffffffffffffda RBX: 00007fdb205dff80 RCX: 00007fdb204c00c9
[ 2636.117961][T27732] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000007c0ad480
[ 2636.125772][T27732] RBP: 00007fdb1f2331d0 R08: 0000000000000000 R09: 0000000000000000
[ 2636.133584][T27732] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000002
[ 2636.141393][T27732] R13: 00007ffddc47e1af R14: 00007fdb1f233300 R15: 0000000000022000
[ 2636.149211][T27732]  </TASK>
10:53:17 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
ioctl$TUNSETLINK(r1, 0x400454cd, 0x205)
ioctl$TUNGETFEATURES(r1, 0x800454cf, &(0x7f0000000000))
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335)
openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) (async)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8) (async)
ioctl$TUNSETLINK(r1, 0x400454cd, 0x205) (async)
ioctl$TUNGETFEATURES(r1, 0x800454cf, &(0x7f0000000000)) (async)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1}) (async)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335) (async)

10:53:17 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000140)={&(0x7f0000000100)='./file0\x00', 0x0, 0x8}, 0x10)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r0, 0xffffffffffffffff, 0x24}, 0x10)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000080)={&(0x7f0000000000)='./file0\x00', r0}, 0x10)
unlink(&(0x7f00000000c0)='./file0\x00')

10:53:17 executing program 0:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
unlink(0x0)
unlink(&(0x7f00000000c0)='./file0\x00')

10:53:17 executing program 2:
ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x206) (async, rerun: 64)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0) (rerun: 64)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r0, 0xffffffffffffffff, 0x24}, 0x10) (async)
openat$cgroup_freezer_state(r0, &(0x7f00000000c0), 0x2, 0x0) (async, rerun: 64)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async, rerun: 64)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@map=r1, 0xffffffffffffffff, 0x24}, 0x10) (async)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r2, 0xffffffffffffffff, 0x24}, 0x10) (async)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r3, 0xffffffffffffffff, 0x24}, 0x10) (async)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000080)={r2, r3, 0x32}, 0x10) (async)
ioctl$TUNSETSTEERINGEBPF(0xffffffffffffffff, 0x800454e0, &(0x7f0000000000)=r1) (async, rerun: 32)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0) (rerun: 32)

[ 2636.189900][T27757] FAULT_INJECTION: forcing a failure.
[ 2636.189900][T27757] name failslab, interval 1, probability 0, space 0, times 0
[ 2636.215045][T27757] CPU: 0 PID: 27757 Comm: syz-executor.4 Not tainted 5.15.91-syzkaller-02991-g7e0097918ff8 #0
[ 2636.225111][T27757] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 2636.235002][T27757] Call Trace:
[ 2636.238124][T27757]  <TASK>
[ 2636.240899][T27757]  dump_stack_lvl+0x151/0x1b7
[ 2636.245413][T27757]  ? io_uring_drop_tctx_refs+0x19a/0x19a
[ 2636.250877][T27757]  ? vma_interval_tree_augment_rotate+0x210/0x210
[ 2636.257126][T27757]  dump_stack+0x15/0x17
[ 2636.261121][T27757]  should_fail+0x3c0/0x510
[ 2636.265374][T27757]  __should_failslab+0x9f/0xe0
[ 2636.269974][T27757]  should_failslab+0x9/0x20
[ 2636.274314][T27757]  kmem_cache_alloc+0x4f/0x2f0
[ 2636.278911][T27757]  ? anon_vma_fork+0xf7/0x4f0
[ 2636.283427][T27757]  anon_vma_fork+0xf7/0x4f0
[ 2636.287764][T27757]  ? anon_vma_name+0x43/0x70
[ 2636.292191][T27757]  dup_mmap+0x760/0xf10
[ 2636.296185][T27757]  ? __delayed_free_task+0x20/0x20
[ 2636.301133][T27757]  ? mm_init+0x807/0x960
[ 2636.305210][T27757]  dup_mm+0x8e/0x2e0
[ 2636.308941][T27757]  copy_mm+0x108/0x1b0
[ 2636.312848][T27757]  copy_process+0x1295/0x3250
[ 2636.317365][T27757]  ? proc_fail_nth_write+0x213/0x290
[ 2636.322481][T27757]  ? proc_fail_nth_read+0x220/0x220
[ 2636.327515][T27757]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2636.332464][T27757]  ? vfs_write+0xa37/0x1160
[ 2636.336802][T27757]  ? numa_migrate_prep+0xe0/0xe0
[ 2636.341577][T27757]  kernel_clone+0x21d/0x9c0
[ 2636.345916][T27757]  ? file_end_write+0x1b0/0x1b0
[ 2636.350600][T27757]  ? __kasan_check_write+0x14/0x20
[ 2636.355549][T27757]  ? create_io_thread+0x1e0/0x1e0
[ 2636.360409][T27757]  ? __mutex_lock_slowpath+0x10/0x10
[ 2636.365534][T27757]  __x64_sys_clone+0x289/0x310
[ 2636.370130][T27757]  ? __do_sys_vfork+0x130/0x130
[ 2636.374820][T27757]  ? debug_smp_processor_id+0x17/0x20
[ 2636.380026][T27757]  do_syscall_64+0x44/0xd0
[ 2636.384278][T27757]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2636.390004][T27757] RIP: 0033:0x7fdb204c00c9
[ 2636.394261][T27757] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2636.413698][T27757] RSP: 002b:00007fdb1f233118 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 2636.421944][T27757] RAX: ffffffffffffffda RBX: 00007fdb205dff80 RCX: 00007fdb204c00c9
[ 2636.429754][T27757] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000007c0ad480
10:53:17 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)

10:53:17 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f00000011c0))
ioctl$TUNGETDEVNETNS(r1, 0x54e3, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='devlink_trap_report\x00'}, 0x10)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335)
ioctl$TUNSETSTEERINGEBPF(r0, 0x800454e0, &(0x7f00000000c0))

10:53:17 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000140)={&(0x7f0000000100)='./file0\x00', 0x0, 0x8}, 0x10)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r0, 0xffffffffffffffff, 0x24}, 0x10) (async, rerun: 32)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000080)={&(0x7f0000000000)='./file0\x00', r0}, 0x10) (async, rerun: 32)
unlink(&(0x7f00000000c0)='./file0\x00')

10:53:17 executing program 0:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
unlink(0x0)
unlink(&(0x7f00000000c0)='./file0\x00')

10:53:17 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000080)={&(0x7f0000000000)='./file0\x00'}, 0x10)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r0, 0xffffffffffffffff, 0x24}, 0x10)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000000c0)={r0, 0xffffffffffffffff, 0xa}, 0x10)

10:53:18 executing program 4:
syz_clone(0x7c0ad580, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 67)

10:53:18 executing program 0:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
unlink(0x0)
unlink(&(0x7f00000000c0)='./file0\x00')

10:53:18 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) (async)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f00000011c0))
ioctl$TUNGETDEVNETNS(r1, 0x54e3, 0x0) (async, rerun: 64)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1}) (async, rerun: 64)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='devlink_trap_report\x00'}, 0x10) (async)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335)
ioctl$TUNSETSTEERINGEBPF(r0, 0x800454e0, &(0x7f00000000c0))

[ 2636.437568][T27757] RBP: 00007fdb1f2331d0 R08: 0000000000000000 R09: 0000000000000000
[ 2636.445378][T27757] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000002
[ 2636.453190][T27757] R13: 00007ffddc47e1af R14: 00007fdb1f233300 R15: 0000000000022000
[ 2636.461004][T27757]  </TASK>
10:53:18 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000140)={&(0x7f0000000100)='./file0\x00', 0x0, 0x8}, 0x10) (async)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r0, 0xffffffffffffffff, 0x24}, 0x10) (async)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000080)={&(0x7f0000000000)='./file0\x00', r0}, 0x10) (async)
unlink(&(0x7f00000000c0)='./file0\x00')

[ 2636.491500][T27790] FAULT_INJECTION: forcing a failure.
[ 2636.491500][T27790] name failslab, interval 1, probability 0, space 0, times 0
[ 2636.507013][T27790] CPU: 1 PID: 27790 Comm: syz-executor.4 Not tainted 5.15.91-syzkaller-02991-g7e0097918ff8 #0
[ 2636.517072][T27790] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 2636.527049][T27790] Call Trace:
[ 2636.530171][T27790]  <TASK>
[ 2636.532949][T27790]  dump_stack_lvl+0x151/0x1b7
[ 2636.537462][T27790]  ? io_uring_drop_tctx_refs+0x19a/0x19a
[ 2636.542936][T27790]  dump_stack+0x15/0x17
[ 2636.546922][T27790]  should_fail+0x3c0/0x510
[ 2636.551183][T27790]  __should_failslab+0x9f/0xe0
[ 2636.555777][T27790]  should_failslab+0x9/0x20
[ 2636.560116][T27790]  kmem_cache_alloc+0x4f/0x2f0
[ 2636.564716][T27790]  ? vm_area_dup+0x26/0x220
[ 2636.569056][T27790]  ? __kasan_check_read+0x11/0x20
[ 2636.573917][T27790]  vm_area_dup+0x26/0x220
[ 2636.578087][T27790]  dup_mmap+0x6c8/0xf10
[ 2636.582077][T27790]  ? __delayed_free_task+0x20/0x20
[ 2636.587020][T27790]  ? mm_init+0x807/0x960
[ 2636.591100][T27790]  dup_mm+0x8e/0x2e0
[ 2636.594831][T27790]  copy_mm+0x108/0x1b0
[ 2636.598739][T27790]  copy_process+0x1295/0x3250
[ 2636.603255][T27790]  ? proc_fail_nth_write+0x213/0x290
[ 2636.608370][T27790]  ? proc_fail_nth_read+0x220/0x220
[ 2636.613408][T27790]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2636.618357][T27790]  ? vfs_write+0xa37/0x1160
[ 2636.622696][T27790]  ? numa_migrate_prep+0xe0/0xe0
[ 2636.627465][T27790]  kernel_clone+0x21d/0x9c0
[ 2636.631807][T27790]  ? file_end_write+0x1b0/0x1b0
[ 2636.636492][T27790]  ? __kasan_check_write+0x14/0x20
[ 2636.641439][T27790]  ? create_io_thread+0x1e0/0x1e0
[ 2636.646305][T27790]  ? __mutex_lock_slowpath+0x10/0x10
[ 2636.651428][T27790]  __x64_sys_clone+0x289/0x310
[ 2636.656020][T27790]  ? __do_sys_vfork+0x130/0x130
[ 2636.660707][T27790]  ? debug_smp_processor_id+0x17/0x20
[ 2636.665916][T27790]  do_syscall_64+0x44/0xd0
[ 2636.670169][T27790]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2636.675896][T27790] RIP: 0033:0x7fdb204c00c9
[ 2636.680151][T27790] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2636.699591][T27790] RSP: 002b:00007fdb1f233118 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 2636.707833][T27790] RAX: ffffffffffffffda RBX: 00007fdb205dff80 RCX: 00007fdb204c00c9
[ 2636.715647][T27790] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000007c0ad480
[ 2636.723460][T27790] RBP: 00007fdb1f2331d0 R08: 0000000000000000 R09: 0000000000000000
[ 2636.731270][T27790] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000002
10:53:18 executing program 0:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
unlink(&(0x7f0000000000)='./file0/file0/file0\x00')
unlink(0x0)

10:53:18 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000080)={&(0x7f0000000000)='./file0\x00'}, 0x10)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r0, 0xffffffffffffffff, 0x24}, 0x10) (async)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000000c0)={r0, 0xffffffffffffffff, 0xa}, 0x10)

10:53:18 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
unlink(&(0x7f00000000c0)='./file0\x00')
r0 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000080)={0x0, 0x6, 0x10}, 0xc)
r1 = openat$cgroup_pressure(0xffffffffffffffff, &(0x7f0000000140)='memory.pressure\x00', 0x2, 0x0)
write$cgroup_pressure(r1, &(0x7f0000000180)={'some', 0x20, 0x1, 0x20, 0x9}, 0x2f)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000100)={&(0x7f0000000000)='./file1\x00', r0}, 0x10)

10:53:18 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f00000011c0)) (async)
ioctl$TUNGETDEVNETNS(r1, 0x54e3, 0x0) (async)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1}) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='devlink_trap_report\x00'}, 0x10) (async)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335)
ioctl$TUNSETSTEERINGEBPF(r0, 0x800454e0, &(0x7f00000000c0))

10:53:18 executing program 1:
ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x206)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r0, 0xffffffffffffffff, 0x24}, 0x10)
openat$cgroup_freezer_state(r0, &(0x7f00000000c0), 0x2, 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@map=r1, 0xffffffffffffffff, 0x24}, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r2, 0xffffffffffffffff, 0x24}, 0x10)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r3, 0xffffffffffffffff, 0x24}, 0x10)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000080)={r2, r3, 0x32}, 0x10)
ioctl$TUNSETSTEERINGEBPF(0xffffffffffffffff, 0x800454e0, &(0x7f0000000000)=r1)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0)

10:53:18 executing program 4:
syz_clone(0x7c0ad580, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 68)

10:53:18 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000080)={&(0x7f0000000000)='./file0\x00'}, 0x10)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r0, 0xffffffffffffffff, 0x24}, 0x10)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000000c0)={r0, 0xffffffffffffffff, 0xa}, 0x10)

[ 2636.739083][T27790] R13: 00007ffddc47e1af R14: 00007fdb1f233300 R15: 0000000000022000
[ 2636.746899][T27790]  </TASK>
10:53:18 executing program 1:
mkdir(0x0, 0x0)
unlink(&(0x7f0000000000)='./file0/file0/file0\x00')
unlink(&(0x7f00000000c0)='./file0\x00')

10:53:18 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
unlink(&(0x7f00000000c0)='./file0\x00') (async)
r0 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000080)={0x0, 0x6, 0x10}, 0xc)
r1 = openat$cgroup_pressure(0xffffffffffffffff, &(0x7f0000000140)='memory.pressure\x00', 0x2, 0x0)
write$cgroup_pressure(r1, &(0x7f0000000180)={'some', 0x20, 0x1, 0x20, 0x9}, 0x2f)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000100)={&(0x7f0000000000)='./file1\x00', r0}, 0x10)

10:53:18 executing program 0:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
unlink(&(0x7f0000000000)='./file0/file0/file0\x00')
unlink(0x0)

10:53:18 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335)
bpf$ITER_CREATE(0x21, &(0x7f0000000000), 0x8)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x30b)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f00000011c0))
ioctl$TUNSETQUEUE(r1, 0x400454d9, &(0x7f0000000040)={'dummy0\x00', 0x400})

10:53:18 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000080)={&(0x7f0000000000)='./file0/file0\x00', 0x0, 0x8}, 0x10)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0)

10:53:18 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
unlink(&(0x7f00000000c0)='./file0\x00')
r0 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000080)={0x0, 0x6, 0x10}, 0xc)
r1 = openat$cgroup_pressure(0xffffffffffffffff, &(0x7f0000000140)='memory.pressure\x00', 0x2, 0x0)
write$cgroup_pressure(r1, &(0x7f0000000180)={'some', 0x20, 0x1, 0x20, 0x9}, 0x2f)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000100)={&(0x7f0000000000)='./file1\x00', r0}, 0x10)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
unlink(&(0x7f00000000c0)='./file0\x00') (async)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000080)={0x0, 0x6, 0x10}, 0xc) (async)
openat$cgroup_pressure(0xffffffffffffffff, &(0x7f0000000140)='memory.pressure\x00', 0x2, 0x0) (async)
write$cgroup_pressure(r1, &(0x7f0000000180)={'some', 0x20, 0x1, 0x20, 0x9}, 0x2f) (async)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000100)={&(0x7f0000000000)='./file1\x00', r0}, 0x10) (async)

10:53:18 executing program 1:
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000080), 0xc)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
unlink(&(0x7f00000000c0)='./file0\x00')

10:53:18 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x337)

[ 2636.793092][T27822] FAULT_INJECTION: forcing a failure.
[ 2636.793092][T27822] name failslab, interval 1, probability 0, space 0, times 0
[ 2636.817066][T27822] CPU: 1 PID: 27822 Comm: syz-executor.4 Not tainted 5.15.91-syzkaller-02991-g7e0097918ff8 #0
[ 2636.827124][T27822] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 2636.837020][T27822] Call Trace:
[ 2636.840143][T27822]  <TASK>
10:53:18 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000080)={&(0x7f0000000000)='./file0/file0\x00', 0x0, 0x8}, 0x10) (async)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0)

10:53:18 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
unlink(&(0x7f00000000c0)='./file0\x00')
recvmsg(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000100)=@vsock={0x28, 0x0, 0x0, @my}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000180)=""/4096, 0x1000}, {&(0x7f0000001180)=""/103, 0x67}], 0x2}, 0x40002000)

[ 2636.842923][T27822]  dump_stack_lvl+0x151/0x1b7
[ 2636.847436][T27822]  ? io_uring_drop_tctx_refs+0x19a/0x19a
[ 2636.852906][T27822]  dump_stack+0x15/0x17
[ 2636.856894][T27822]  should_fail+0x3c0/0x510
[ 2636.861151][T27822]  __should_failslab+0x9f/0xe0
[ 2636.865747][T27822]  should_failslab+0x9/0x20
[ 2636.870086][T27822]  kmem_cache_alloc+0x4f/0x2f0
[ 2636.874689][T27822]  ? anon_vma_fork+0x1b9/0x4f0
[ 2636.879290][T27822]  anon_vma_fork+0x1b9/0x4f0
[ 2636.883712][T27822]  dup_mmap+0x760/0xf10
[ 2636.887704][T27822]  ? __delayed_free_task+0x20/0x20
[ 2636.892649][T27822]  ? mm_init+0x807/0x960
[ 2636.896732][T27822]  dup_mm+0x8e/0x2e0
[ 2636.900466][T27822]  copy_mm+0x108/0x1b0
[ 2636.904367][T27822]  copy_process+0x1295/0x3250
[ 2636.908885][T27822]  ? proc_fail_nth_write+0x213/0x290
[ 2636.916526][T27822]  ? proc_fail_nth_read+0x220/0x220
[ 2636.921578][T27822]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2636.926505][T27822]  ? vfs_write+0xa37/0x1160
[ 2636.930845][T27822]  ? numa_migrate_prep+0xe0/0xe0
[ 2636.935621][T27822]  kernel_clone+0x21d/0x9c0
[ 2636.939957][T27822]  ? file_end_write+0x1b0/0x1b0
[ 2636.944649][T27822]  ? __kasan_check_write+0x14/0x20
[ 2636.949594][T27822]  ? create_io_thread+0x1e0/0x1e0
[ 2636.954456][T27822]  ? __mutex_lock_slowpath+0x10/0x10
[ 2636.959674][T27822]  __x64_sys_clone+0x289/0x310
[ 2636.964277][T27822]  ? __do_sys_vfork+0x130/0x130
[ 2636.968962][T27822]  ? debug_smp_processor_id+0x17/0x20
[ 2636.974173][T27822]  do_syscall_64+0x44/0xd0
[ 2636.978423][T27822]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2636.984147][T27822] RIP: 0033:0x7fdb204c00c9
[ 2636.988401][T27822] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2637.007843][T27822] RSP: 002b:00007fdb1f233118 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 2637.016087][T27822] RAX: ffffffffffffffda RBX: 00007fdb205dff80 RCX: 00007fdb204c00c9
[ 2637.023904][T27822] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000007c0ad480
[ 2637.031712][T27822] RBP: 00007fdb1f2331d0 R08: 0000000000000000 R09: 0000000000000000
10:53:18 executing program 4:
syz_clone(0x7c0ad580, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 69)

10:53:18 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
unlink(&(0x7f00000000c0)='./file0\x00')
recvmsg(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000100)=@vsock={0x28, 0x0, 0x0, @my}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000180)=""/4096, 0x1000}, {&(0x7f0000001180)=""/103, 0x67}], 0x2}, 0x40002000)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
unlink(&(0x7f00000000c0)='./file0\x00') (async)
recvmsg(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000100)=@vsock={0x28, 0x0, 0x0, @my}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000180)=""/4096, 0x1000}, {&(0x7f0000001180)=""/103, 0x67}], 0x2}, 0x40002000) (async)

10:53:18 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000080)={&(0x7f0000000000)='./file0/file0\x00', 0x0, 0x8}, 0x10)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0)

10:53:18 executing program 0:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
unlink(&(0x7f0000000000)='./file0/file0/file0\x00')
unlink(0x0)

10:53:18 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335)
bpf$ITER_CREATE(0x21, &(0x7f0000000000), 0x8)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x30b)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f00000011c0))
ioctl$TUNSETQUEUE(r1, 0x400454d9, &(0x7f0000000040)={'dummy0\x00', 0x400})
openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) (async)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1}) (async)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335) (async)
bpf$ITER_CREATE(0x21, &(0x7f0000000000), 0x8) (async)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x30b) (async)
openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0) (async)
ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f00000011c0)) (async)
ioctl$TUNSETQUEUE(r1, 0x400454d9, &(0x7f0000000040)={'dummy0\x00', 0x400}) (async)

10:53:18 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335)
bpf$ITER_CREATE(0x21, &(0x7f0000000000), 0x8)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x30b)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f00000011c0))
ioctl$TUNSETQUEUE(r1, 0x400454d9, &(0x7f0000000040)={'dummy0\x00', 0x400})
openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) (async)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1}) (async)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335) (async)
bpf$ITER_CREATE(0x21, &(0x7f0000000000), 0x8) (async)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x30b) (async)
openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0) (async)
ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f00000011c0)) (async)
ioctl$TUNSETQUEUE(r1, 0x400454d9, &(0x7f0000000040)={'dummy0\x00', 0x400}) (async)

10:53:18 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x325)

10:53:18 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, &(0x7f0000000080)={0x4, 0x80, 0x3, 0x8, 0x4, 0x3, 0x0, 0x1000, 0x8000, 0x3, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x10000, 0x1, @perf_config_ext={0xffffffff93abf533, 0x7}, 0x60, 0x5, 0x2, 0x8, 0x400, 0x6, 0x685, 0x0, 0x6, 0x0, 0x2})

[ 2637.039521][T27822] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000002
[ 2637.047335][T27822] R13: 00007ffddc47e1af R14: 00007fdb1f233300 R15: 0000000000022000
[ 2637.055148][T27822]  </TASK>
10:53:18 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0) (async, rerun: 32)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, &(0x7f0000000080)={0x4, 0x80, 0x3, 0x8, 0x4, 0x3, 0x0, 0x1000, 0x8000, 0x3, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x10000, 0x1, @perf_config_ext={0xffffffff93abf533, 0x7}, 0x60, 0x5, 0x2, 0x8, 0x400, 0x6, 0x685, 0x0, 0x6, 0x0, 0x2}) (rerun: 32)

10:53:18 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x337)

10:53:18 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
unlink(&(0x7f00000000c0)='./file0\x00')
recvmsg(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000100)=@vsock={0x28, 0x0, 0x0, @my}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000180)=""/4096, 0x1000}, {&(0x7f0000001180)=""/103, 0x67}], 0x2}, 0x40002000)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
unlink(&(0x7f00000000c0)='./file0\x00') (async)
recvmsg(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000100)=@vsock={0x28, 0x0, 0x0, @my}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000180)=""/4096, 0x1000}, {&(0x7f0000001180)=""/103, 0x67}], 0x2}, 0x40002000) (async)

10:53:18 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, &(0x7f0000000080)={0x4, 0x80, 0x3, 0x8, 0x4, 0x3, 0x0, 0x1000, 0x8000, 0x3, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x10000, 0x1, @perf_config_ext={0xffffffff93abf533, 0x7}, 0x60, 0x5, 0x2, 0x8, 0x400, 0x6, 0x685, 0x0, 0x6, 0x0, 0x2})
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0) (async)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, &(0x7f0000000080)={0x4, 0x80, 0x3, 0x8, 0x4, 0x3, 0x0, 0x1000, 0x8000, 0x3, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x10000, 0x1, @perf_config_ext={0xffffffff93abf533, 0x7}, 0x60, 0x5, 0x2, 0x8, 0x400, 0x6, 0x685, 0x0, 0x6, 0x0, 0x2}) (async)

[ 2637.094531][T27872] FAULT_INJECTION: forcing a failure.
[ 2637.094531][T27872] name failslab, interval 1, probability 0, space 0, times 0
[ 2637.113650][T27872] CPU: 1 PID: 27872 Comm: syz-executor.4 Not tainted 5.15.91-syzkaller-02991-g7e0097918ff8 #0
[ 2637.123715][T27872] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 2637.133613][T27872] Call Trace:
[ 2637.136734][T27872]  <TASK>
[ 2637.139514][T27872]  dump_stack_lvl+0x151/0x1b7
[ 2637.144030][T27872]  ? io_uring_drop_tctx_refs+0x19a/0x19a
[ 2637.149631][T27872]  dump_stack+0x15/0x17
[ 2637.153618][T27872]  should_fail+0x3c0/0x510
[ 2637.157872][T27872]  __should_failslab+0x9f/0xe0
[ 2637.162468][T27872]  should_failslab+0x9/0x20
[ 2637.166807][T27872]  kmem_cache_alloc+0x4f/0x2f0
[ 2637.171406][T27872]  ? anon_vma_clone+0xa1/0x4f0
[ 2637.176016][T27872]  anon_vma_clone+0xa1/0x4f0
[ 2637.180439][T27872]  anon_vma_fork+0x91/0x4f0
[ 2637.184780][T27872]  ? anon_vma_name+0x4c/0x70
[ 2637.189204][T27872]  dup_mmap+0x760/0xf10
[ 2637.193193][T27872]  ? __delayed_free_task+0x20/0x20
[ 2637.198141][T27872]  ? mm_init+0x807/0x960
[ 2637.202220][T27872]  dup_mm+0x8e/0x2e0
[ 2637.205952][T27872]  copy_mm+0x108/0x1b0
[ 2637.210236][T27872]  copy_process+0x1295/0x3250
[ 2637.214748][T27872]  ? proc_fail_nth_write+0x213/0x290
[ 2637.219867][T27872]  ? proc_fail_nth_read+0x220/0x220
[ 2637.224905][T27872]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2637.229849][T27872]  ? vfs_write+0xa37/0x1160
[ 2637.234186][T27872]  ? numa_migrate_prep+0xe0/0xe0
[ 2637.238962][T27872]  kernel_clone+0x21d/0x9c0
[ 2637.243304][T27872]  ? file_end_write+0x1b0/0x1b0
[ 2637.247989][T27872]  ? __kasan_check_write+0x14/0x20
[ 2637.252936][T27872]  ? create_io_thread+0x1e0/0x1e0
[ 2637.257801][T27872]  ? __mutex_lock_slowpath+0x10/0x10
[ 2637.262916][T27872]  __x64_sys_clone+0x289/0x310
[ 2637.267519][T27872]  ? __do_sys_vfork+0x130/0x130
[ 2637.272209][T27872]  ? debug_smp_processor_id+0x17/0x20
[ 2637.277416][T27872]  do_syscall_64+0x44/0xd0
[ 2637.281666][T27872]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2637.287391][T27872] RIP: 0033:0x7fdb204c00c9
[ 2637.291644][T27872] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2637.311085][T27872] RSP: 002b:00007fdb1f233118 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 2637.319361][T27872] RAX: ffffffffffffffda RBX: 00007fdb205dff80 RCX: 00007fdb204c00c9
[ 2637.327145][T27872] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000007c0ad480
[ 2637.334954][T27872] RBP: 00007fdb1f2331d0 R08: 0000000000000000 R09: 0000000000000000
10:53:18 executing program 4:
syz_clone(0x7c0ad580, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 70)

10:53:18 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x111)
unlink(&(0x7f00000000c0)='./file0\x00')

10:53:18 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = bpf$OBJ_GET_MAP(0x7, &(0x7f00000000c0)={&(0x7f0000000080)='./file0\x00', 0x0, 0x18}, 0x10)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000140)={&(0x7f0000000000)='./file1\x00', r0}, 0x10)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001600)={<r1=>0xffffffffffffffff})
recvmsg$unix(r1, &(0x7f0000001c40)={&(0x7f0000001640), 0x6e, &(0x7f0000001ac0)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9, &(0x7f0000001b80)}, 0x40)
recvmsg$unix(r1, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000180)=""/117, 0x75}, {&(0x7f0000000200)=""/255, 0xff}, {&(0x7f0000000300)=""/12, 0xc}, {&(0x7f0000000340)=""/228, 0xe4}, {&(0x7f0000000440)=""/250, 0xfa}], 0x5, &(0x7f00000005c0)=[@rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xa0}, 0x40002022)

10:53:18 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r1, 0xffffffffffffffff, 0x24}, 0x10)
ioctl$TUNSETSTEERINGEBPF(r0, 0x800454e0, &(0x7f0000000000)=r1)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFINDEX(r2, 0x400454da, &(0x7f00000011c0))
ioctl$TUNSETLINK(r0, 0x400454cd, 0xfffe)

[ 2637.342766][T27872] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000002
[ 2637.350576][T27872] R13: 00007ffddc47e1af R14: 00007fdb1f233300 R15: 0000000000022000
[ 2637.358388][T27872]  </TASK>
10:53:18 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x111)
unlink(&(0x7f00000000c0)='./file0\x00')
mkdir(&(0x7f0000000040)='./file0\x00', 0x111) (async)
unlink(&(0x7f00000000c0)='./file0\x00') (async)

10:53:18 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x111)
unlink(&(0x7f00000000c0)='./file0\x00')
mkdir(&(0x7f0000000040)='./file0\x00', 0x111) (async)
unlink(&(0x7f00000000c0)='./file0\x00') (async)

[ 2637.385967][T27907] FAULT_INJECTION: forcing a failure.
[ 2637.385967][T27907] name failslab, interval 1, probability 0, space 0, times 0
[ 2637.398500][T27907] CPU: 1 PID: 27907 Comm: syz-executor.4 Not tainted 5.15.91-syzkaller-02991-g7e0097918ff8 #0
[ 2637.408556][T27907] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 2637.418453][T27907] Call Trace:
[ 2637.421574][T27907]  <TASK>
[ 2637.424350][T27907]  dump_stack_lvl+0x151/0x1b7
[ 2637.428863][T27907]  ? io_uring_drop_tctx_refs+0x19a/0x19a
[ 2637.434332][T27907]  dump_stack+0x15/0x17
[ 2637.438323][T27907]  should_fail+0x3c0/0x510
[ 2637.442578][T27907]  __should_failslab+0x9f/0xe0
[ 2637.447175][T27907]  should_failslab+0x9/0x20
[ 2637.451516][T27907]  kmem_cache_alloc+0x4f/0x2f0
[ 2637.456122][T27907]  ? vm_area_dup+0x26/0x220
[ 2637.460458][T27907]  ? __kasan_check_read+0x11/0x20
[ 2637.465332][T27907]  vm_area_dup+0x26/0x220
[ 2637.469484][T27907]  dup_mmap+0x6c8/0xf10
[ 2637.473479][T27907]  ? __delayed_free_task+0x20/0x20
[ 2637.478422][T27907]  ? mm_init+0x807/0x960
[ 2637.482506][T27907]  dup_mm+0x8e/0x2e0
[ 2637.486233][T27907]  copy_mm+0x108/0x1b0
[ 2637.490139][T27907]  copy_process+0x1295/0x3250
[ 2637.494651][T27907]  ? proc_fail_nth_write+0x213/0x290
[ 2637.499771][T27907]  ? proc_fail_nth_read+0x220/0x220
[ 2637.504809][T27907]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2637.509753][T27907]  ? vfs_write+0xa37/0x1160
[ 2637.514092][T27907]  ? numa_migrate_prep+0xe0/0xe0
[ 2637.518871][T27907]  kernel_clone+0x21d/0x9c0
[ 2637.523207][T27907]  ? file_end_write+0x1b0/0x1b0
[ 2637.527894][T27907]  ? __kasan_check_write+0x14/0x20
[ 2637.532839][T27907]  ? create_io_thread+0x1e0/0x1e0
[ 2637.537703][T27907]  ? __mutex_lock_slowpath+0x10/0x10
[ 2637.542820][T27907]  __x64_sys_clone+0x289/0x310
[ 2637.547424][T27907]  ? __do_sys_vfork+0x130/0x130
[ 2637.552107][T27907]  ? debug_smp_processor_id+0x17/0x20
[ 2637.557315][T27907]  do_syscall_64+0x44/0xd0
[ 2637.561569][T27907]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2637.567298][T27907] RIP: 0033:0x7fdb204c00c9
[ 2637.571550][T27907] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2637.591002][T27907] RSP: 002b:00007fdb1f233118 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 2637.599234][T27907] RAX: ffffffffffffffda RBX: 00007fdb205dff80 RCX: 00007fdb204c00c9
[ 2637.607048][T27907] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000007c0ad480
[ 2637.614860][T27907] RBP: 00007fdb1f2331d0 R08: 0000000000000000 R09: 0000000000000000
[ 2637.622672][T27907] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000002
10:53:19 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x325)

10:53:19 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r1, 0xffffffffffffffff, 0x24}, 0x10)
ioctl$TUNSETSTEERINGEBPF(r0, 0x800454e0, &(0x7f0000000000)=r1) (async)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFINDEX(r2, 0x400454da, &(0x7f00000011c0))
ioctl$TUNSETLINK(r0, 0x400454cd, 0xfffe)

10:53:19 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$TUNATTACHFILTER(0xffffffffffffffff, 0x401054d5, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x8, 0xd8, 0x5, 0xfffffff9}, {0xa288, 0x80, 0xff, 0x40000000}, {0x1ff, 0x2, 0x1, 0x1}]})
recvmsg(0xffffffffffffffff, &(0x7f0000001280)={&(0x7f0000000100)=@ax25={{}, [@netrom, @rose, @rose, @bcast, @rose, @netrom, @rose]}, 0x80, &(0x7f0000001240)=[{&(0x7f0000000180)=""/66, 0x42}, {&(0x7f0000000200)=""/46, 0x2e}, {&(0x7f0000000240)=""/4096, 0x1000}], 0x3}, 0x2000)
unlink(&(0x7f00000000c0)='./file0\x00')

10:53:19 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x337)

10:53:19 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$TUNATTACHFILTER(0xffffffffffffffff, 0x401054d5, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x8, 0xd8, 0x5, 0xfffffff9}, {0xa288, 0x80, 0xff, 0x40000000}, {0x1ff, 0x2, 0x1, 0x1}]})
recvmsg(0xffffffffffffffff, &(0x7f0000001280)={&(0x7f0000000100)=@ax25={{}, [@netrom, @rose, @rose, @bcast, @rose, @netrom, @rose]}, 0x80, &(0x7f0000001240)=[{&(0x7f0000000180)=""/66, 0x42}, {&(0x7f0000000200)=""/46, 0x2e}, {&(0x7f0000000240)=""/4096, 0x1000}], 0x3}, 0x2000)
unlink(&(0x7f00000000c0)='./file0\x00')
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
ioctl$TUNATTACHFILTER(0xffffffffffffffff, 0x401054d5, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x8, 0xd8, 0x5, 0xfffffff9}, {0xa288, 0x80, 0xff, 0x40000000}, {0x1ff, 0x2, 0x1, 0x1}]}) (async)
recvmsg(0xffffffffffffffff, &(0x7f0000001280)={&(0x7f0000000100)=@ax25={{}, [@netrom, @rose, @rose, @bcast, @rose, @netrom, @rose]}, 0x80, &(0x7f0000001240)=[{&(0x7f0000000180)=""/66, 0x42}, {&(0x7f0000000200)=""/46, 0x2e}, {&(0x7f0000000240)=""/4096, 0x1000}], 0x3}, 0x2000) (async)
unlink(&(0x7f00000000c0)='./file0\x00') (async)

[ 2637.630480][T27907] R13: 00007ffddc47e1af R14: 00007fdb1f233300 R15: 0000000000022000
[ 2637.638302][T27907]  </TASK>
10:53:19 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) (async)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={@cgroup=r1, 0xffffffffffffffff, 0x24}, 0x10) (async)
ioctl$TUNSETSTEERINGEBPF(r0, 0x800454e0, &(0x7f0000000000)=r1)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1}) (async)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFINDEX(r2, 0x400454da, &(0x7f00000011c0))
ioctl$TUNSETLINK(r0, 0x400454cd, 0xfffe)

10:53:19 executing program 4:
syz_clone(0x7c0ad580, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 71)

10:53:19 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
ioctl$TUNATTACHFILTER(0xffffffffffffffff, 0x401054d5, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x8, 0xd8, 0x5, 0xfffffff9}, {0xa288, 0x80, 0xff, 0x40000000}, {0x1ff, 0x2, 0x1, 0x1}]}) (async)
recvmsg(0xffffffffffffffff, &(0x7f0000001280)={&(0x7f0000000100)=@ax25={{}, [@netrom, @rose, @rose, @bcast, @rose, @netrom, @rose]}, 0x80, &(0x7f0000001240)=[{&(0x7f0000000180)=""/66, 0x42}, {&(0x7f0000000200)=""/46, 0x2e}, {&(0x7f0000000240)=""/4096, 0x1000}], 0x3}, 0x2000) (async)
unlink(&(0x7f00000000c0)='./file0\x00')

[ 2637.688780][T27932] FAULT_INJECTION: forcing a failure.
[ 2637.688780][T27932] name failslab, interval 1, probability 0, space 0, times 0
[ 2637.701435][T27932] CPU: 0 PID: 27932 Comm: syz-executor.4 Not tainted 5.15.91-syzkaller-02991-g7e0097918ff8 #0
[ 2637.711490][T27932] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 2637.721383][T27932] Call Trace:
[ 2637.724508][T27932]  <TASK>
[ 2637.727284][T27932]  dump_stack_lvl+0x151/0x1b7
[ 2637.731804][T27932]  ? io_uring_drop_tctx_refs+0x19a/0x19a
[ 2637.737265][T27932]  dump_stack+0x15/0x17
[ 2637.741261][T27932]  should_fail+0x3c0/0x510
[ 2637.745514][T27932]  __should_failslab+0x9f/0xe0
[ 2637.750118][T27932]  should_failslab+0x9/0x20
[ 2637.754452][T27932]  kmem_cache_alloc+0x4f/0x2f0
[ 2637.759052][T27932]  ? anon_vma_clone+0xa1/0x4f0
[ 2637.763649][T27932]  anon_vma_clone+0xa1/0x4f0
[ 2637.768078][T27932]  anon_vma_fork+0x91/0x4f0
[ 2637.772417][T27932]  ? anon_vma_name+0x4c/0x70
[ 2637.776842][T27932]  dup_mmap+0x760/0xf10
[ 2637.780835][T27932]  ? __delayed_free_task+0x20/0x20
[ 2637.785784][T27932]  ? mm_init+0x807/0x960
[ 2637.789862][T27932]  dup_mm+0x8e/0x2e0
[ 2637.793593][T27932]  copy_mm+0x108/0x1b0
[ 2637.797500][T27932]  copy_process+0x1295/0x3250
[ 2637.802014][T27932]  ? proc_fail_nth_write+0x213/0x290
[ 2637.807134][T27932]  ? proc_fail_nth_read+0x220/0x220
[ 2637.812167][T27932]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2637.817117][T27932]  ? vfs_write+0xa37/0x1160
[ 2637.821452][T27932]  ? numa_migrate_prep+0xe0/0xe0
[ 2637.826227][T27932]  kernel_clone+0x21d/0x9c0
[ 2637.830567][T27932]  ? file_end_write+0x1b0/0x1b0
[ 2637.835252][T27932]  ? __kasan_check_write+0x14/0x20
[ 2637.840355][T27932]  ? create_io_thread+0x1e0/0x1e0
[ 2637.845167][T27932]  ? __mutex_lock_slowpath+0x10/0x10
[ 2637.850295][T27932]  __x64_sys_clone+0x289/0x310
[ 2637.854892][T27932]  ? __do_sys_vfork+0x130/0x130
[ 2637.859581][T27932]  ? debug_smp_processor_id+0x17/0x20
[ 2637.864785][T27932]  do_syscall_64+0x44/0xd0
[ 2637.869042][T27932]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2637.874765][T27932] RIP: 0033:0x7fdb204c00c9
[ 2637.879016][T27932] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2637.898461][T27932] RSP: 002b:00007fdb1f233118 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 2637.906700][T27932] RAX: ffffffffffffffda RBX: 00007fdb205dff80 RCX: 00007fdb204c00c9
[ 2637.914512][T27932] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000007c0ad480
[ 2637.922338][T27932] RBP: 00007fdb1f2331d0 R08: 0000000000000000 R09: 0000000000000000
[ 2637.930139][T27932] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000002
[ 2637.937947][T27932] R13: 00007ffddc47e1af R14: 00007fdb1f233300 R15: 0000000000022000
[ 2637.945761][T27932]  </TASK>
10:53:19 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
r0 = bpf$OBJ_GET_MAP(0x7, &(0x7f00000000c0)={&(0x7f0000000080)='./file0\x00', 0x0, 0x18}, 0x10)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000140)={&(0x7f0000000000)='./file1\x00', r0}, 0x10)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001600)={<r1=>0xffffffffffffffff})
recvmsg$unix(r1, &(0x7f0000001c40)={&(0x7f0000001640), 0x6e, &(0x7f0000001ac0)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9, &(0x7f0000001b80)}, 0x40) (async)
recvmsg$unix(r1, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000180)=""/117, 0x75}, {&(0x7f0000000200)=""/255, 0xff}, {&(0x7f0000000300)=""/12, 0xc}, {&(0x7f0000000340)=""/228, 0xe4}, {&(0x7f0000000440)=""/250, 0xfa}], 0x5, &(0x7f00000005c0)=[@rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xa0}, 0x40002022)

10:53:19 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
unlink(&(0x7f00000000c0)='./file0\x00')
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000100)={&(0x7f0000000080)='./file0\x00', 0x0, 0x8}, 0x10)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000180)={&(0x7f0000000000)='./file0\x00'}, 0x10)

10:53:19 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f00000011c0))
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1001})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFINDEX(r2, 0x400454da, &(0x7f00000011c0))
ioctl$TUNGETFEATURES(r2, 0x800454cf, &(0x7f0000000000))
ioctl$TUNSETDEBUG(0xffffffffffffffff, 0x400454c9, &(0x7f0000000100)=0x4)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='hugetlb.1GB.usage_in_bytes\x00', 0x0, 0x0)
ioctl$TUNSETDEBUG(r3, 0x400454c9, &(0x7f00000000c0)=0x8000)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335)

10:53:19 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x325)

10:53:19 executing program 4:
syz_clone(0x7c0ad580, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 72)

10:53:19 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x337)

10:53:19 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) (async)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f00000011c0)) (async)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1001})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFINDEX(r2, 0x400454da, &(0x7f00000011c0)) (async)
ioctl$TUNGETFEATURES(r2, 0x800454cf, &(0x7f0000000000)) (async)
ioctl$TUNSETDEBUG(0xffffffffffffffff, 0x400454c9, &(0x7f0000000100)=0x4)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='hugetlb.1GB.usage_in_bytes\x00', 0x0, 0x0)
ioctl$TUNSETDEBUG(r3, 0x400454c9, &(0x7f00000000c0)=0x8000)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335)

10:53:19 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x337)

10:53:19 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) (async)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f00000011c0))
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1001}) (async)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFINDEX(r2, 0x400454da, &(0x7f00000011c0))
ioctl$TUNGETFEATURES(r2, 0x800454cf, &(0x7f0000000000))
ioctl$TUNSETDEBUG(0xffffffffffffffff, 0x400454c9, &(0x7f0000000100)=0x4) (async, rerun: 32)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='hugetlb.1GB.usage_in_bytes\x00', 0x0, 0x0) (rerun: 32)
ioctl$TUNSETDEBUG(r3, 0x400454c9, &(0x7f00000000c0)=0x8000) (async)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335)

10:53:19 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x337)

10:53:19 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async, rerun: 64)
unlink(&(0x7f00000000c0)='./file0\x00') (async, rerun: 64)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000100)={&(0x7f0000000080)='./file0\x00', 0x0, 0x8}, 0x10)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000180)={&(0x7f0000000000)='./file0\x00'}, 0x10)

[ 2638.237425][T27950] FAULT_INJECTION: forcing a failure.
[ 2638.237425][T27950] name failslab, interval 1, probability 0, space 0, times 0
[ 2638.260078][T27950] CPU: 0 PID: 27950 Comm: syz-executor.4 Not tainted 5.15.91-syzkaller-02991-g7e0097918ff8 #0
[ 2638.270144][T27950] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 2638.280037][T27950] Call Trace:
[ 2638.283161][T27950]  <TASK>
[ 2638.285940][T27950]  dump_stack_lvl+0x151/0x1b7
[ 2638.290453][T27950]  ? io_uring_drop_tctx_refs+0x19a/0x19a
[ 2638.295920][T27950]  dump_stack+0x15/0x17
[ 2638.299912][T27950]  should_fail+0x3c0/0x510
[ 2638.304165][T27950]  __should_failslab+0x9f/0xe0
[ 2638.308764][T27950]  should_failslab+0x9/0x20
[ 2638.313105][T27950]  kmem_cache_alloc+0x4f/0x2f0
[ 2638.317705][T27950]  ? anon_vma_fork+0x1b9/0x4f0
[ 2638.322303][T27950]  anon_vma_fork+0x1b9/0x4f0
[ 2638.326730][T27950]  dup_mmap+0x760/0xf10
[ 2638.330724][T27950]  ? __delayed_free_task+0x20/0x20
[ 2638.335670][T27950]  ? mm_init+0x807/0x960
[ 2638.339748][T27950]  dup_mm+0x8e/0x2e0
[ 2638.343483][T27950]  copy_mm+0x108/0x1b0
[ 2638.347389][T27950]  copy_process+0x1295/0x3250
[ 2638.351901][T27950]  ? proc_fail_nth_write+0x213/0x290
[ 2638.357024][T27950]  ? proc_fail_nth_read+0x220/0x220
[ 2638.362058][T27950]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2638.367001][T27950]  ? vfs_write+0xa37/0x1160
[ 2638.371344][T27950]  ? numa_migrate_prep+0xe0/0xe0
[ 2638.376116][T27950]  kernel_clone+0x21d/0x9c0
[ 2638.380453][T27950]  ? file_end_write+0x1b0/0x1b0
[ 2638.385141][T27950]  ? __kasan_check_write+0x14/0x20
[ 2638.390088][T27950]  ? create_io_thread+0x1e0/0x1e0
[ 2638.394950][T27950]  ? __mutex_lock_slowpath+0x10/0x10
[ 2638.400073][T27950]  __x64_sys_clone+0x289/0x310
[ 2638.404669][T27950]  ? __do_sys_vfork+0x130/0x130
[ 2638.409357][T27950]  ? debug_smp_processor_id+0x17/0x20
[ 2638.414563][T27950]  do_syscall_64+0x44/0xd0
[ 2638.418818][T27950]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2638.424546][T27950] RIP: 0033:0x7fdb204c00c9
[ 2638.428799][T27950] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2638.448240][T27950] RSP: 002b:00007fdb1f233118 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 2638.456482][T27950] RAX: ffffffffffffffda RBX: 00007fdb205dff80 RCX: 00007fdb204c00c9
[ 2638.464295][T27950] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000007c0ad480
[ 2638.472107][T27950] RBP: 00007fdb1f2331d0 R08: 0000000000000000 R09: 0000000000000000
[ 2638.479917][T27950] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000002
10:53:20 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNATTACHFILTER(r0, 0x401054d5, &(0x7f0000000040)={0x7, &(0x7f0000000000)=[{0xc61, 0x4, 0x8, 0x1ff}, {0x9, 0x5, 0xfe, 0xfe89}, {0x1, 0x6, 0xa1, 0x8}, {0x7ff, 0x81, 0x0, 0x16c9}, {0x9, 0x80, 0x2, 0x2}, {0x400, 0x4, 0x1, 0x7f}, {0x1, 0x1, 0x0, 0x3}]})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335)

[ 2638.487728][T27950] R13: 00007ffddc47e1af R14: 00007fdb1f233300 R15: 0000000000022000
[ 2638.495544][T27950]  </TASK>
10:53:20 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
r0 = bpf$OBJ_GET_MAP(0x7, &(0x7f00000000c0)={&(0x7f0000000080)='./file0\x00', 0x0, 0x18}, 0x10)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000140)={&(0x7f0000000000)='./file1\x00', r0}, 0x10) (async, rerun: 32)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001600)={<r1=>0xffffffffffffffff}) (rerun: 32)
recvmsg$unix(r1, &(0x7f0000001c40)={&(0x7f0000001640), 0x6e, &(0x7f0000001ac0)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9, &(0x7f0000001b80)}, 0x40) (async)
recvmsg$unix(r1, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000180)=""/117, 0x75}, {&(0x7f0000000200)=""/255, 0xff}, {&(0x7f0000000300)=""/12, 0xc}, {&(0x7f0000000340)=""/228, 0xe4}, {&(0x7f0000000440)=""/250, 0xfa}], 0x5, &(0x7f00000005c0)=[@rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xa0}, 0x40002022)

10:53:20 executing program 1:
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x337)

10:53:20 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
unlink(&(0x7f00000000c0)='./file0\x00') (async)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000100)={&(0x7f0000000080)='./file0\x00', 0x0, 0x8}, 0x10) (async)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000180)={&(0x7f0000000000)='./file0\x00'}, 0x10)

10:53:20 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x325)

10:53:20 executing program 4:
syz_clone(0x7c0ad580, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 73)

10:53:20 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNATTACHFILTER(r0, 0x401054d5, &(0x7f0000000040)={0x7, &(0x7f0000000000)=[{0xc61, 0x4, 0x8, 0x1ff}, {0x9, 0x5, 0xfe, 0xfe89}, {0x1, 0x6, 0xa1, 0x8}, {0x7ff, 0x81, 0x0, 0x16c9}, {0x9, 0x80, 0x2, 0x2}, {0x400, 0x4, 0x1, 0x7f}, {0x1, 0x1, 0x0, 0x3}]})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335)
openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) (async)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1}) (async)
ioctl$TUNATTACHFILTER(r0, 0x401054d5, &(0x7f0000000040)={0x7, &(0x7f0000000000)=[{0xc61, 0x4, 0x8, 0x1ff}, {0x9, 0x5, 0xfe, 0xfe89}, {0x1, 0x6, 0xa1, 0x8}, {0x7ff, 0x81, 0x0, 0x16c9}, {0x9, 0x80, 0x2, 0x2}, {0x400, 0x4, 0x1, 0x7f}, {0x1, 0x1, 0x0, 0x3}]}) (async)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335) (async)

10:53:20 executing program 1:
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x337)

10:53:20 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x325)

10:53:20 executing program 1:
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x337)

10:53:20 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x325)

10:53:20 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x337)

[ 2639.070850][T27974] FAULT_INJECTION: forcing a failure.
[ 2639.070850][T27974] name failslab, interval 1, probability 0, space 0, times 0
[ 2639.089499][T27974] CPU: 1 PID: 27974 Comm: syz-executor.4 Not tainted 5.15.91-syzkaller-02991-g7e0097918ff8 #0
[ 2639.099561][T27974] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 2639.109459][T27974] Call Trace:
[ 2639.112583][T27974]  <TASK>
[ 2639.115359][T27974]  dump_stack_lvl+0x151/0x1b7
10:53:20 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x337)

[ 2639.119874][T27974]  ? io_uring_drop_tctx_refs+0x19a/0x19a
[ 2639.125342][T27974]  dump_stack+0x15/0x17
[ 2639.129336][T27974]  should_fail+0x3c0/0x510
[ 2639.133589][T27974]  __should_failslab+0x9f/0xe0
[ 2639.138181][T27974]  should_failslab+0x9/0x20
[ 2639.142521][T27974]  kmem_cache_alloc+0x4f/0x2f0
[ 2639.147120][T27974]  ? anon_vma_fork+0x1b9/0x4f0
[ 2639.151720][T27974]  anon_vma_fork+0x1b9/0x4f0
[ 2639.156154][T27974]  dup_mmap+0x760/0xf10
[ 2639.160142][T27974]  ? __delayed_free_task+0x20/0x20
[ 2639.165089][T27974]  ? mm_init+0x807/0x960
[ 2639.169166][T27974]  dup_mm+0x8e/0x2e0
[ 2639.172898][T27974]  copy_mm+0x108/0x1b0
[ 2639.176806][T27974]  copy_process+0x1295/0x3250
[ 2639.181321][T27974]  ? proc_fail_nth_write+0x213/0x290
[ 2639.186437][T27974]  ? proc_fail_nth_read+0x220/0x220
[ 2639.191477][T27974]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2639.196422][T27974]  ? vfs_write+0xa37/0x1160
[ 2639.200758][T27974]  ? numa_migrate_prep+0xe0/0xe0
[ 2639.205531][T27974]  kernel_clone+0x21d/0x9c0
[ 2639.209870][T27974]  ? file_end_write+0x1b0/0x1b0
[ 2639.214557][T27974]  ? __kasan_check_write+0x14/0x20
[ 2639.219507][T27974]  ? create_io_thread+0x1e0/0x1e0
[ 2639.224365][T27974]  ? __mutex_lock_slowpath+0x10/0x10
[ 2639.229486][T27974]  __x64_sys_clone+0x289/0x310
[ 2639.234087][T27974]  ? __do_sys_vfork+0x130/0x130
[ 2639.238774][T27974]  ? debug_smp_processor_id+0x17/0x20
[ 2639.243980][T27974]  do_syscall_64+0x44/0xd0
[ 2639.248238][T27974]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2639.253962][T27974] RIP: 0033:0x7fdb204c00c9
[ 2639.258215][T27974] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2639.277654][T27974] RSP: 002b:00007fdb1f233118 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 2639.285904][T27974] RAX: ffffffffffffffda RBX: 00007fdb205dff80 RCX: 00007fdb204c00c9
[ 2639.293711][T27974] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000007c0ad480
[ 2639.301522][T27974] RBP: 00007fdb1f2331d0 R08: 0000000000000000 R09: 0000000000000000
[ 2639.309333][T27974] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000002
[ 2639.317147][T27974] R13: 00007ffddc47e1af R14: 00007fdb1f233300 R15: 0000000000022000
[ 2639.324968][T27974]  </TASK>
10:53:21 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, &(0x7f0000000000), 0x4)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0)

10:53:21 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x337)

10:53:21 executing program 3:
openat$tun(0xffffffffffffff9c, &(0x7f0000001580), 0x101000, 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000000)={&(0x7f00000000c0)=@abs, 0x6e, &(0x7f0000001440)=[{&(0x7f0000000140)=""/81, 0x51}, {&(0x7f00000001c0)=""/136, 0x88}, {&(0x7f0000000280)=""/4096, 0x1000}, {&(0x7f0000001280)=""/156, 0x9c}, {&(0x7f0000001340)=""/195, 0xc3}], 0x5, &(0x7f00000014c0)=[@rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0xc0}, 0x40012041)
unlink(&(0x7f0000000080)='./file0\x00')

10:53:21 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1}) (async)
ioctl$TUNATTACHFILTER(r0, 0x401054d5, &(0x7f0000000040)={0x7, &(0x7f0000000000)=[{0xc61, 0x4, 0x8, 0x1ff}, {0x9, 0x5, 0xfe, 0xfe89}, {0x1, 0x6, 0xa1, 0x8}, {0x7ff, 0x81, 0x0, 0x16c9}, {0x9, 0x80, 0x2, 0x2}, {0x400, 0x4, 0x1, 0x7f}, {0x1, 0x1, 0x0, 0x3}]})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335)

10:53:21 executing program 0:
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x325)

10:53:21 executing program 4:
syz_clone(0x7c0ad580, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 74)

10:53:21 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETCARRIER(r0, 0x400454e2, &(0x7f0000000b40))
socketpair(0x3, 0x2, 0x7, &(0x7f00000004c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
recvmsg$unix(r1, &(0x7f0000000840)={&(0x7f0000000500)=@abs, 0x6e, &(0x7f00000007c0)=[{&(0x7f0000000580)=""/229, 0xe5}, {&(0x7f0000001200)=""/4096, 0x1000}, {&(0x7f0000000680)=""/124, 0x7c}, {&(0x7f0000000700)=""/163, 0xa3}], 0x4, &(0x7f0000000800)=[@rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, <r2=>0xffffffffffffffff]}}], 0x18}, 0x40010100)
ioctl$SIOCSIFHWADDR(r0, 0x8924, &(0x7f0000000400)={'veth1_to_bridge\x00', @dev={'\xaa\xaa\xaa\xaa\xaa', 0x2f}})
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='cpuset.effective_cpus\x00', 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000380)={0xffffffffffffffff, 0xe0, &(0x7f0000000280)={0x0, <r4=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, &(0x7f0000000040)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, <r5=>0x0, 0x0, 0x0, 0x0, 0x1, 0x3, &(0x7f00000000c0)=[0x0], &(0x7f0000000100)=[0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000140)=[{}, {}, {}, {}, {}, {}, {}, {}], 0x40, 0x10, &(0x7f00000001c0), &(0x7f0000000200), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000240)}}, 0x10)
ioctl$TUNSETIFINDEX(r3, 0x400454da, &(0x7f00000003c0)=r5)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFINDEX(r6, 0x400454da, &(0x7f00000011c0))
r7 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000440)={r4}, 0x4)
ioctl$TUNSETFILTEREBPF(r6, 0x800454e1, &(0x7f0000000480)=r7)
r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFINDEX(r8, 0x400454da, &(0x7f00000011c0))
ioctl$TUNGETVNETHDRSZ(r8, 0x800454d7, &(0x7f0000000b80))
recvmsg(r2, &(0x7f0000000b00)={&(0x7f0000000880)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @private}}}, 0x80, &(0x7f00000009c0)=[{&(0x7f0000000900)=""/12, 0xc}, {&(0x7f0000000940)=""/88, 0x58}], 0x2, &(0x7f0000000a00)=""/223, 0xdf}, 0x10140)

10:53:21 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x337)

10:53:21 executing program 0:
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x325)

10:53:21 executing program 3:
openat$tun(0xffffffffffffff9c, &(0x7f0000001580), 0x101000, 0x0) (async)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000000)={&(0x7f00000000c0)=@abs, 0x6e, &(0x7f0000001440)=[{&(0x7f0000000140)=""/81, 0x51}, {&(0x7f00000001c0)=""/136, 0x88}, {&(0x7f0000000280)=""/4096, 0x1000}, {&(0x7f0000001280)=""/156, 0x9c}, {&(0x7f0000001340)=""/195, 0xc3}], 0x5, &(0x7f00000014c0)=[@rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0xc0}, 0x40012041) (async, rerun: 64)
unlink(&(0x7f0000000080)='./file0\x00') (rerun: 64)

10:53:21 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, &(0x7f0000000000), 0x4)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, &(0x7f0000000000), 0x4) (async)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0) (async)

10:53:21 executing program 0:
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x325)

10:53:21 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x325)

10:53:21 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x325)

[ 2639.947868][T28015] FAULT_INJECTION: forcing a failure.
[ 2639.947868][T28015] name failslab, interval 1, probability 0, space 0, times 0
[ 2639.961271][T28015] CPU: 0 PID: 28015 Comm: syz-executor.4 Not tainted 5.15.91-syzkaller-02991-g7e0097918ff8 #0
[ 2639.971334][T28015] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 2639.981230][T28015] Call Trace:
[ 2639.984350][T28015]  <TASK>
[ 2639.987128][T28015]  dump_stack_lvl+0x151/0x1b7
[ 2639.991643][T28015]  ? io_uring_drop_tctx_refs+0x19a/0x19a
10:53:21 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x325)

10:53:21 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async, rerun: 64)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, &(0x7f0000000000), 0x4) (async, rerun: 64)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0)

10:53:21 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x325)

[ 2639.997117][T28015]  dump_stack+0x15/0x17
[ 2640.001103][T28015]  should_fail+0x3c0/0x510
[ 2640.005356][T28015]  __should_failslab+0x9f/0xe0
[ 2640.009960][T28015]  should_failslab+0x9/0x20
[ 2640.014293][T28015]  kmem_cache_alloc+0x4f/0x2f0
[ 2640.018894][T28015]  ? vm_area_dup+0x26/0x220
[ 2640.023233][T28015]  ? __kasan_check_read+0x11/0x20
[ 2640.028095][T28015]  vm_area_dup+0x26/0x220
[ 2640.032264][T28015]  dup_mmap+0x6c8/0xf10
[ 2640.036251][T28015]  ? __delayed_free_task+0x20/0x20
[ 2640.041196][T28015]  ? mm_init+0x807/0x960
[ 2640.045275][T28015]  dup_mm+0x8e/0x2e0
[ 2640.049007][T28015]  copy_mm+0x108/0x1b0
[ 2640.052915][T28015]  copy_process+0x1295/0x3250
[ 2640.057461][T28015]  ? proc_fail_nth_write+0x213/0x290
[ 2640.062546][T28015]  ? proc_fail_nth_read+0x220/0x220
[ 2640.067583][T28015]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2640.072527][T28015]  ? vfs_write+0xa37/0x1160
[ 2640.076870][T28015]  ? numa_migrate_prep+0xe0/0xe0
[ 2640.081647][T28015]  kernel_clone+0x21d/0x9c0
[ 2640.085982][T28015]  ? file_end_write+0x1b0/0x1b0
[ 2640.090666][T28015]  ? __kasan_check_write+0x14/0x20
[ 2640.095624][T28015]  ? create_io_thread+0x1e0/0x1e0
[ 2640.100474][T28015]  ? __mutex_lock_slowpath+0x10/0x10
[ 2640.105597][T28015]  __x64_sys_clone+0x289/0x310
[ 2640.110197][T28015]  ? __do_sys_vfork+0x130/0x130
[ 2640.114884][T28015]  ? debug_smp_processor_id+0x17/0x20
[ 2640.120093][T28015]  do_syscall_64+0x44/0xd0
[ 2640.124345][T28015]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2640.130080][T28015] RIP: 0033:0x7fdb204c00c9
[ 2640.134328][T28015] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2640.153770][T28015] RSP: 002b:00007fdb1f233118 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 2640.162012][T28015] RAX: ffffffffffffffda RBX: 00007fdb205dff80 RCX: 00007fdb204c00c9
[ 2640.169821][T28015] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000007c0ad480
[ 2640.177633][T28015] RBP: 00007fdb1f2331d0 R08: 0000000000000000 R09: 0000000000000000
[ 2640.185443][T28015] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000002
10:53:21 executing program 4:
syz_clone(0x7c0ad580, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 75)

10:53:21 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000080)={&(0x7f0000000000)='./file0/file0\x00', 0x0, 0x10}, 0x10)

10:53:21 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1}) (async)
ioctl$TUNSETCARRIER(r0, 0x400454e2, &(0x7f0000000b40)) (async)
socketpair(0x3, 0x2, 0x7, &(0x7f00000004c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
recvmsg$unix(r1, &(0x7f0000000840)={&(0x7f0000000500)=@abs, 0x6e, &(0x7f00000007c0)=[{&(0x7f0000000580)=""/229, 0xe5}, {&(0x7f0000001200)=""/4096, 0x1000}, {&(0x7f0000000680)=""/124, 0x7c}, {&(0x7f0000000700)=""/163, 0xa3}], 0x4, &(0x7f0000000800)=[@rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, <r2=>0xffffffffffffffff]}}], 0x18}, 0x40010100) (async)
ioctl$SIOCSIFHWADDR(r0, 0x8924, &(0x7f0000000400)={'veth1_to_bridge\x00', @dev={'\xaa\xaa\xaa\xaa\xaa', 0x2f}}) (async)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='cpuset.effective_cpus\x00', 0x0, 0x0) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000380)={0xffffffffffffffff, 0xe0, &(0x7f0000000280)={0x0, <r4=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, &(0x7f0000000040)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, <r5=>0x0, 0x0, 0x0, 0x0, 0x1, 0x3, &(0x7f00000000c0)=[0x0], &(0x7f0000000100)=[0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000140)=[{}, {}, {}, {}, {}, {}, {}, {}], 0x40, 0x10, &(0x7f00000001c0), &(0x7f0000000200), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000240)}}, 0x10)
ioctl$TUNSETIFINDEX(r3, 0x400454da, &(0x7f00000003c0)=r5) (async)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335) (async)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFINDEX(r6, 0x400454da, &(0x7f00000011c0))
r7 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000440)={r4}, 0x4)
ioctl$TUNSETFILTEREBPF(r6, 0x800454e1, &(0x7f0000000480)=r7)
r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFINDEX(r8, 0x400454da, &(0x7f00000011c0))
ioctl$TUNGETVNETHDRSZ(r8, 0x800454d7, &(0x7f0000000b80)) (async)
recvmsg(r2, &(0x7f0000000b00)={&(0x7f0000000880)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @private}}}, 0x80, &(0x7f00000009c0)=[{&(0x7f0000000900)=""/12, 0xc}, {&(0x7f0000000940)=""/88, 0x58}], 0x2, &(0x7f0000000a00)=""/223, 0xdf}, 0x10140)

10:53:21 executing program 3:
openat$tun(0xffffffffffffff9c, &(0x7f0000001580), 0x101000, 0x0) (async)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000000)={&(0x7f00000000c0)=@abs, 0x6e, &(0x7f0000001440)=[{&(0x7f0000000140)=""/81, 0x51}, {&(0x7f00000001c0)=""/136, 0x88}, {&(0x7f0000000280)=""/4096, 0x1000}, {&(0x7f0000001280)=""/156, 0x9c}, {&(0x7f0000001340)=""/195, 0xc3}], 0x5, &(0x7f00000014c0)=[@rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0xc0}, 0x40012041)
unlink(&(0x7f0000000080)='./file0\x00')

10:53:21 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x337)

10:53:21 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x325)

[ 2640.193257][T28015] R13: 00007ffddc47e1af R14: 00007fdb1f233300 R15: 0000000000022000
[ 2640.201070][T28015]  </TASK>
10:53:21 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x337)

10:53:21 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$PERF_EVENT_IOC_REFRESH(0xffffffffffffffff, 0x2402, 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0xb0)
unlink(&(0x7f00000000c0)='./file0\x00')

10:53:21 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async, rerun: 32)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0) (async, rerun: 32)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000080)={&(0x7f0000000000)='./file0/file0\x00', 0x0, 0x10}, 0x10)

10:53:21 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, 0x0)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x337)

10:53:21 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x325)

10:53:21 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
ioctl$PERF_EVENT_IOC_REFRESH(0xffffffffffffffff, 0x2402, 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0xb0) (async)
unlink(&(0x7f00000000c0)='./file0\x00')

[ 2640.249506][T28060] FAULT_INJECTION: forcing a failure.
[ 2640.249506][T28060] name failslab, interval 1, probability 0, space 0, times 0
[ 2640.279062][T28060] CPU: 1 PID: 28060 Comm: syz-executor.4 Not tainted 5.15.91-syzkaller-02991-g7e0097918ff8 #0
[ 2640.289125][T28060] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 2640.299020][T28060] Call Trace:
[ 2640.302145][T28060]  <TASK>
[ 2640.304924][T28060]  dump_stack_lvl+0x151/0x1b7
[ 2640.309434][T28060]  ? io_uring_drop_tctx_refs+0x19a/0x19a
[ 2640.314902][T28060]  dump_stack+0x15/0x17
[ 2640.318895][T28060]  should_fail+0x3c0/0x510
[ 2640.323147][T28060]  __should_failslab+0x9f/0xe0
[ 2640.327749][T28060]  should_failslab+0x9/0x20
[ 2640.332087][T28060]  kmem_cache_alloc+0x4f/0x2f0
[ 2640.336689][T28060]  ? vm_area_dup+0x26/0x220
[ 2640.341026][T28060]  ? __kasan_check_read+0x11/0x20
[ 2640.345889][T28060]  vm_area_dup+0x26/0x220
[ 2640.350055][T28060]  dup_mmap+0x6c8/0xf10
[ 2640.354050][T28060]  ? __delayed_free_task+0x20/0x20
[ 2640.358991][T28060]  ? mm_init+0x807/0x960
[ 2640.363076][T28060]  dup_mm+0x8e/0x2e0
[ 2640.366829][T28060]  copy_mm+0x108/0x1b0
[ 2640.370709][T28060]  copy_process+0x1295/0x3250
[ 2640.375224][T28060]  ? proc_fail_nth_write+0x213/0x290
[ 2640.380342][T28060]  ? proc_fail_nth_read+0x220/0x220
[ 2640.385378][T28060]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2640.390327][T28060]  ? vfs_write+0xa37/0x1160
[ 2640.394663][T28060]  ? numa_migrate_prep+0xe0/0xe0
[ 2640.399445][T28060]  kernel_clone+0x21d/0x9c0
[ 2640.403776][T28060]  ? file_end_write+0x1b0/0x1b0
[ 2640.408465][T28060]  ? __kasan_check_write+0x14/0x20
[ 2640.413410][T28060]  ? create_io_thread+0x1e0/0x1e0
[ 2640.418270][T28060]  ? __mutex_lock_slowpath+0x10/0x10
[ 2640.423393][T28060]  __x64_sys_clone+0x289/0x310
[ 2640.427998][T28060]  ? __do_sys_vfork+0x130/0x130
[ 2640.432682][T28060]  ? debug_smp_processor_id+0x17/0x20
[ 2640.437888][T28060]  do_syscall_64+0x44/0xd0
[ 2640.442138][T28060]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2640.447867][T28060] RIP: 0033:0x7fdb204c00c9
[ 2640.452120][T28060] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2640.471564][T28060] RSP: 002b:00007fdb1f233118 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 2640.479807][T28060] RAX: ffffffffffffffda RBX: 00007fdb205dff80 RCX: 00007fdb204c00c9
[ 2640.487617][T28060] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000007c0ad480
10:53:22 executing program 4:
syz_clone(0x7c0ad580, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 76)

10:53:22 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0) (async, rerun: 64)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000080)={&(0x7f0000000000)='./file0/file0\x00', 0x0, 0x10}, 0x10) (rerun: 64)

10:53:22 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, 0x0)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x325)

10:53:22 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, 0x0)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x337)

10:53:22 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1}) (async)
ioctl$TUNSETCARRIER(r0, 0x400454e2, &(0x7f0000000b40)) (async)
socketpair(0x3, 0x2, 0x7, &(0x7f00000004c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
recvmsg$unix(r1, &(0x7f0000000840)={&(0x7f0000000500)=@abs, 0x6e, &(0x7f00000007c0)=[{&(0x7f0000000580)=""/229, 0xe5}, {&(0x7f0000001200)=""/4096, 0x1000}, {&(0x7f0000000680)=""/124, 0x7c}, {&(0x7f0000000700)=""/163, 0xa3}], 0x4, &(0x7f0000000800)=[@rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, <r2=>0xffffffffffffffff]}}], 0x18}, 0x40010100) (async)
ioctl$SIOCSIFHWADDR(r0, 0x8924, &(0x7f0000000400)={'veth1_to_bridge\x00', @dev={'\xaa\xaa\xaa\xaa\xaa', 0x2f}}) (async)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='cpuset.effective_cpus\x00', 0x0, 0x0) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000380)={0xffffffffffffffff, 0xe0, &(0x7f0000000280)={0x0, <r4=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, &(0x7f0000000040)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, <r5=>0x0, 0x0, 0x0, 0x0, 0x1, 0x3, &(0x7f00000000c0)=[0x0], &(0x7f0000000100)=[0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000140)=[{}, {}, {}, {}, {}, {}, {}, {}], 0x40, 0x10, &(0x7f00000001c0), &(0x7f0000000200), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000240)}}, 0x10)
ioctl$TUNSETIFINDEX(r3, 0x400454da, &(0x7f00000003c0)=r5)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFINDEX(r6, 0x400454da, &(0x7f00000011c0))
r7 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000440)={r4}, 0x4)
ioctl$TUNSETFILTEREBPF(r6, 0x800454e1, &(0x7f0000000480)=r7) (async, rerun: 32)
r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0) (rerun: 32)
ioctl$TUNSETIFINDEX(r8, 0x400454da, &(0x7f00000011c0)) (async)
ioctl$TUNGETVNETHDRSZ(r8, 0x800454d7, &(0x7f0000000b80)) (async)
recvmsg(r2, &(0x7f0000000b00)={&(0x7f0000000880)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @private}}}, 0x80, &(0x7f00000009c0)=[{&(0x7f0000000900)=""/12, 0xc}, {&(0x7f0000000940)=""/88, 0x58}], 0x2, &(0x7f0000000a00)=""/223, 0xdf}, 0x10140)

10:53:22 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
ioctl$PERF_EVENT_IOC_REFRESH(0xffffffffffffffff, 0x2402, 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0xb0) (async)
unlink(&(0x7f00000000c0)='./file0\x00')

[ 2640.495428][T28060] RBP: 00007fdb1f2331d0 R08: 0000000000000000 R09: 0000000000000000
[ 2640.503239][T28060] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000002
[ 2640.511050][T28060] R13: 00007ffddc47e1af R14: 00007fdb1f233300 R15: 0000000000022000
[ 2640.518868][T28060]  </TASK>
[ 2640.537511][T28079] FAULT_INJECTION: forcing a failure.
[ 2640.537511][T28079] name failslab, interval 1, probability 0, space 0, times 0
[ 2640.550483][T28079] CPU: 1 PID: 28079 Comm: syz-executor.4 Not tainted 5.15.91-syzkaller-02991-g7e0097918ff8 #0
[ 2640.560555][T28079] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 2640.570448][T28079] Call Trace:
[ 2640.573568][T28079]  <TASK>
[ 2640.576345][T28079]  dump_stack_lvl+0x151/0x1b7
[ 2640.580862][T28079]  ? io_uring_drop_tctx_refs+0x19a/0x19a
[ 2640.586329][T28079]  dump_stack+0x15/0x17
[ 2640.590317][T28079]  should_fail+0x3c0/0x510
[ 2640.594570][T28079]  __should_failslab+0x9f/0xe0
10:53:22 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, 0x0)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x325)

10:53:22 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x1eb)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0)

10:53:22 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, 0x0)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x325)

10:53:22 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x1eb)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x1eb) (async)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0) (async)

10:53:22 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x325)

10:53:22 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, 0x0)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x337)

[ 2640.599170][T28079]  should_failslab+0x9/0x20
[ 2640.603509][T28079]  kmem_cache_alloc+0x4f/0x2f0
[ 2640.608112][T28079]  ? anon_vma_clone+0xa1/0x4f0
[ 2640.612710][T28079]  anon_vma_clone+0xa1/0x4f0
[ 2640.617140][T28079]  anon_vma_fork+0x91/0x4f0
[ 2640.621475][T28079]  ? anon_vma_name+0x43/0x70
[ 2640.625899][T28079]  dup_mmap+0x760/0xf10
[ 2640.629893][T28079]  ? __delayed_free_task+0x20/0x20
[ 2640.634839][T28079]  ? mm_init+0x807/0x960
[ 2640.638919][T28079]  dup_mm+0x8e/0x2e0
[ 2640.642651][T28079]  copy_mm+0x108/0x1b0
[ 2640.646561][T28079]  copy_process+0x1295/0x3250
[ 2640.651070][T28079]  ? proc_fail_nth_write+0x213/0x290
[ 2640.656188][T28079]  ? proc_fail_nth_read+0x220/0x220
[ 2640.661223][T28079]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2640.666169][T28079]  ? vfs_write+0xa37/0x1160
[ 2640.670510][T28079]  ? numa_migrate_prep+0xe0/0xe0
[ 2640.675281][T28079]  kernel_clone+0x21d/0x9c0
[ 2640.679622][T28079]  ? file_end_write+0x1b0/0x1b0
[ 2640.684308][T28079]  ? __kasan_check_write+0x14/0x20
[ 2640.689290][T28079]  ? create_io_thread+0x1e0/0x1e0
[ 2640.694118][T28079]  ? __mutex_lock_slowpath+0x10/0x10
[ 2640.699239][T28079]  __x64_sys_clone+0x289/0x310
[ 2640.703839][T28079]  ? __do_sys_vfork+0x130/0x130
[ 2640.708524][T28079]  ? debug_smp_processor_id+0x17/0x20
[ 2640.713823][T28079]  do_syscall_64+0x44/0xd0
[ 2640.718073][T28079]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2640.723799][T28079] RIP: 0033:0x7fdb204c00c9
[ 2640.728054][T28079] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
10:53:22 executing program 4:
syz_clone(0x7c0ad580, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 77)

10:53:22 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x1eb) (async, rerun: 32)
mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0) (rerun: 32)

10:53:22 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x337)

10:53:22 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x325)

10:53:22 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
write$cgroup_pressure(0xffffffffffffffff, &(0x7f0000000000)={'some', 0x20, 0x2, 0x20, 0x364}, 0x2f)
unlink(&(0x7f00000000c0)='./file0\x00')
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000100)={&(0x7f0000000080)='./file0\x00', 0x0, 0x8}, 0x10)

10:53:22 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x4a6400, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335)

10:53:22 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x4a6400, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x4a6400, 0x0) (async)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1}) (async)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335) (async)

10:53:22 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x325)

[ 2640.747496][T28079] RSP: 002b:00007fdb1f233118 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 2640.755738][T28079] RAX: ffffffffffffffda RBX: 00007fdb205dff80 RCX: 00007fdb204c00c9
[ 2640.763548][T28079] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000007c0ad480
[ 2640.771361][T28079] RBP: 00007fdb1f2331d0 R08: 0000000000000000 R09: 0000000000000000
[ 2640.779170][T28079] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000002
[ 2640.786985][T28079] R13: 00007ffddc47e1af R14: 00007fdb1f233300 R15: 0000000000022000
[ 2640.794801][T28079]  </TASK>
10:53:22 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x337)

10:53:22 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
write$cgroup_pressure(0xffffffffffffffff, &(0x7f0000000000)={'some', 0x20, 0x2, 0x20, 0x364}, 0x2f)
unlink(&(0x7f00000000c0)='./file0\x00')
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000100)={&(0x7f0000000080)='./file0\x00', 0x0, 0x8}, 0x10)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
write$cgroup_pressure(0xffffffffffffffff, &(0x7f0000000000)={'some', 0x20, 0x2, 0x20, 0x364}, 0x2f) (async)
unlink(&(0x7f00000000c0)='./file0\x00') (async)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000100)={&(0x7f0000000080)='./file0\x00', 0x0, 0x8}, 0x10) (async)

10:53:22 executing program 2:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000))
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file1\x00', 0x0)
ioctl$TUNSETTXFILTER(0xffffffffffffffff, 0x400454d1, &(0x7f0000000080)={0x1, 0x9, [@remote, @random="3cdc886c7cd5", @remote, @local, @broadcast, @local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x39}, @multicast, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x20}]})

10:53:22 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x337)

[ 2640.855378][T28126] FAULT_INJECTION: forcing a failure.
[ 2640.855378][T28126] name failslab, interval 1, probability 0, space 0, times 0
[ 2640.867833][T28126] CPU: 0 PID: 28126 Comm: syz-executor.4 Not tainted 5.15.91-syzkaller-02991-g7e0097918ff8 #0
[ 2640.877860][T28126] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 2640.887754][T28126] Call Trace:
[ 2640.890885][T28126]  <TASK>
[ 2640.893653][T28126]  dump_stack_lvl+0x151/0x1b7
[ 2640.898169][T28126]  ? io_uring_drop_tctx_refs+0x19a/0x19a
[ 2640.903640][T28126]  dump_stack+0x15/0x17
[ 2640.907628][T28126]  should_fail+0x3c0/0x510
[ 2640.911884][T28126]  __should_failslab+0x9f/0xe0
[ 2640.916480][T28126]  should_failslab+0x9/0x20
[ 2640.920819][T28126]  kmem_cache_alloc+0x4f/0x2f0
[ 2640.925419][T28126]  ? anon_vma_clone+0xa1/0x4f0
[ 2640.930020][T28126]  anon_vma_clone+0xa1/0x4f0
[ 2640.934447][T28126]  anon_vma_fork+0x91/0x4f0
[ 2640.938790][T28126]  ? anon_vma_name+0x43/0x70
[ 2640.943215][T28126]  dup_mmap+0x760/0xf10
[ 2640.947206][T28126]  ? __delayed_free_task+0x20/0x20
[ 2640.952152][T28126]  ? mm_init+0x807/0x960
[ 2640.956231][T28126]  dup_mm+0x8e/0x2e0
[ 2640.959964][T28126]  copy_mm+0x108/0x1b0
[ 2640.963877][T28126]  copy_process+0x1295/0x3250
[ 2640.968384][T28126]  ? proc_fail_nth_write+0x213/0x290
[ 2640.973509][T28126]  ? proc_fail_nth_read+0x220/0x220
[ 2640.978537][T28126]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2640.983488][T28126]  ? vfs_write+0xa37/0x1160
[ 2640.987827][T28126]  ? numa_migrate_prep+0xe0/0xe0
[ 2640.992599][T28126]  kernel_clone+0x21d/0x9c0
[ 2640.996937][T28126]  ? file_end_write+0x1b0/0x1b0
[ 2641.001623][T28126]  ? __kasan_check_write+0x14/0x20
[ 2641.006572][T28126]  ? create_io_thread+0x1e0/0x1e0
[ 2641.011432][T28126]  ? __mutex_lock_slowpath+0x10/0x10
[ 2641.016551][T28126]  __x64_sys_clone+0x289/0x310
[ 2641.021150][T28126]  ? __do_sys_vfork+0x130/0x130
[ 2641.025841][T28126]  ? debug_smp_processor_id+0x17/0x20
[ 2641.031047][T28126]  do_syscall_64+0x44/0xd0
[ 2641.035299][T28126]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2641.041026][T28126] RIP: 0033:0x7fdb204c00c9
[ 2641.045280][T28126] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2641.064721][T28126] RSP: 002b:00007fdb1f233118 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 2641.072966][T28126] RAX: ffffffffffffffda RBX: 00007fdb205dff80 RCX: 00007fdb204c00c9
[ 2641.080775][T28126] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000007c0ad480
[ 2641.088589][T28126] RBP: 00007fdb1f2331d0 R08: 0000000000000000 R09: 0000000000000000
[ 2641.096400][T28126] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000002
10:53:22 executing program 4:
syz_clone(0x7c0ad580, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 78)

10:53:22 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x325)

10:53:22 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async, rerun: 64)
write$cgroup_pressure(0xffffffffffffffff, &(0x7f0000000000)={'some', 0x20, 0x2, 0x20, 0x364}, 0x2f) (rerun: 64)
unlink(&(0x7f00000000c0)='./file0\x00') (async)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000100)={&(0x7f0000000080)='./file0\x00', 0x0, 0x8}, 0x10)

10:53:22 executing program 2:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000))
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
mkdir(&(0x7f0000000100)='./file1\x00', 0x0) (async)
ioctl$TUNSETTXFILTER(0xffffffffffffffff, 0x400454d1, &(0x7f0000000080)={0x1, 0x9, [@remote, @random="3cdc886c7cd5", @remote, @local, @broadcast, @local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x39}, @multicast, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x20}]})

10:53:22 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x4a6400, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335)

10:53:22 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x337)

[ 2641.104210][T28126] R13: 00007ffddc47e1af R14: 00007fdb1f233300 R15: 0000000000022000
[ 2641.112023][T28126]  </TASK>
[ 2641.130177][T28142] FAULT_INJECTION: forcing a failure.
[ 2641.130177][T28142] name failslab, interval 1, probability 0, space 0, times 0
[ 2641.146423][T28142] CPU: 1 PID: 28142 Comm: syz-executor.4 Not tainted 5.15.91-syzkaller-02991-g7e0097918ff8 #0
[ 2641.156481][T28142] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 2641.166373][T28142] Call Trace:
[ 2641.169500][T28142]  <TASK>
[ 2641.172275][T28142]  dump_stack_lvl+0x151/0x1b7
[ 2641.176789][T28142]  ? io_uring_drop_tctx_refs+0x19a/0x19a
[ 2641.182256][T28142]  ? vma_interval_tree_augment_rotate+0x210/0x210
[ 2641.188508][T28142]  dump_stack+0x15/0x17
[ 2641.192497][T28142]  should_fail+0x3c0/0x510
[ 2641.196752][T28142]  __should_failslab+0x9f/0xe0
[ 2641.201351][T28142]  should_failslab+0x9/0x20
[ 2641.205691][T28142]  kmem_cache_alloc+0x4f/0x2f0
[ 2641.210293][T28142]  ? anon_vma_fork+0xf7/0x4f0
[ 2641.214804][T28142]  anon_vma_fork+0xf7/0x4f0
[ 2641.219141][T28142]  ? anon_vma_name+0x43/0x70
[ 2641.223569][T28142]  dup_mmap+0x760/0xf10
[ 2641.227562][T28142]  ? __delayed_free_task+0x20/0x20
[ 2641.232512][T28142]  ? mm_init+0x807/0x960
[ 2641.236587][T28142]  dup_mm+0x8e/0x2e0
[ 2641.240320][T28142]  copy_mm+0x108/0x1b0
[ 2641.244226][T28142]  copy_process+0x1295/0x3250
[ 2641.248741][T28142]  ? proc_fail_nth_write+0x213/0x290
[ 2641.253866][T28142]  ? proc_fail_nth_read+0x220/0x220
[ 2641.258894][T28142]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2641.263843][T28142]  ? vfs_write+0xa37/0x1160
[ 2641.268183][T28142]  ? numa_migrate_prep+0xe0/0xe0
[ 2641.272955][T28142]  kernel_clone+0x21d/0x9c0
[ 2641.277294][T28142]  ? file_end_write+0x1b0/0x1b0
[ 2641.281992][T28142]  ? __kasan_check_write+0x14/0x20
[ 2641.286927][T28142]  ? create_io_thread+0x1e0/0x1e0
[ 2641.291786][T28142]  ? __mutex_lock_slowpath+0x10/0x10
[ 2641.296910][T28142]  __x64_sys_clone+0x289/0x310
[ 2641.301509][T28142]  ? __do_sys_vfork+0x130/0x130
[ 2641.306197][T28142]  ? debug_smp_processor_id+0x17/0x20
[ 2641.311404][T28142]  do_syscall_64+0x44/0xd0
[ 2641.315657][T28142]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2641.321383][T28142] RIP: 0033:0x7fdb204c00c9
[ 2641.325637][T28142] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2641.345077][T28142] RSP: 002b:00007fdb1f233118 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
10:53:22 executing program 3:
unlink(&(0x7f00000000c0)='./file0\x00')
r0 = bpf$ITER_CREATE(0x21, &(0x7f0000000000), 0x8)
recvmsg$unix(r0, &(0x7f0000000340)={&(0x7f0000000380)=@abs, 0x6e, &(0x7f0000000200)=[{&(0x7f0000000100)=""/210, 0xd2}], 0x1, &(0x7f0000000240)=[@rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x10}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}], 0xf0}, 0x0)

10:53:22 executing program 2:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000))
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file1\x00', 0x0)
ioctl$TUNSETTXFILTER(0xffffffffffffffff, 0x400454d1, &(0x7f0000000080)={0x1, 0x9, [@remote, @random="3cdc886c7cd5", @remote, @local, @broadcast, @local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x39}, @multicast, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x20}]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)) (async)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
mkdir(&(0x7f0000000100)='./file1\x00', 0x0) (async)
ioctl$TUNSETTXFILTER(0xffffffffffffffff, 0x400454d1, &(0x7f0000000080)={0x1, 0x9, [@remote, @random="3cdc886c7cd5", @remote, @local, @broadcast, @local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x39}, @multicast, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x20}]}) (async)

10:53:22 executing program 5:
ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x309)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x202000, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000480)={0xffffffffffffffff, 0xe0, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f00000001c0)=[0x0], ""/16, <r2=>0x0, 0x0, 0x0, 0x0, 0x7, 0x2, &(0x7f0000000200)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000240)=[0x0, 0x0], 0x0, 0x8, &(0x7f0000000280)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f00000002c0), &(0x7f0000000300), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000340)}}, 0x10)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000004c0)='blkio.bfq.sectors_recursive\x00', 0x0, 0x0)
ioctl$TUNSETIFINDEX(r3, 0x400454da, &(0x7f00000011c0)=r2)
ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f00000000c0))
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFINDEX(r4, 0x400454da, &(0x7f00000011c0))
ioctl$TUNGETFEATURES(r4, 0x800454cf, &(0x7f0000000500))
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETDEBUG(r1, 0x400454c9, &(0x7f0000000100)=0x40)
ioctl$TUNSETIFINDEX(r5, 0x400454da, &(0x7f00000011c0))
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFINDEX(r6, 0x400454da, &(0x7f00000011c0))
ioctl$TUNSETLINK(r6, 0x400454cd, 0x2)
ioctl$TUNGETFEATURES(r0, 0x800454cf, &(0x7f0000000000))
ioctl$TUNGETVNETLE(r0, 0x800454dd, &(0x7f0000000040))
r7 = openat$cgroup_ro(r3, &(0x7f0000000580)='blkio.bfq.io_wait_time_recursive\x00', 0x0, 0x0)
bpf$OBJ_PIN_PROG(0x6, &(0x7f00000005c0)={&(0x7f0000000540)='./file0\x00', r7}, 0x10)

10:53:22 executing program 3:
unlink(&(0x7f00000000c0)='./file0\x00')
r0 = bpf$ITER_CREATE(0x21, &(0x7f0000000000), 0x8)
recvmsg$unix(r0, &(0x7f0000000340)={&(0x7f0000000380)=@abs, 0x6e, &(0x7f0000000200)=[{&(0x7f0000000100)=""/210, 0xd2}], 0x1, &(0x7f0000000240)=[@rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x10}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}], 0xf0}, 0x0)
unlink(&(0x7f00000000c0)='./file0\x00') (async)
bpf$ITER_CREATE(0x21, &(0x7f0000000000), 0x8) (async)
recvmsg$unix(r0, &(0x7f0000000340)={&(0x7f0000000380)=@abs, 0x6e, &(0x7f0000000200)=[{&(0x7f0000000100)=""/210, 0xd2}], 0x1, &(0x7f0000000240)=[@rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x10}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}], 0xf0}, 0x0) (async)

10:53:22 executing program 4:
syz_clone(0x7c0ad580, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 79)

10:53:22 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0/file0/file0\x00', 0x2)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000001600)={<r0=>0xffffffffffffffff})
recvmsg$unix(r0, &(0x7f0000001c40)={&(0x7f0000001640), 0x6e, &(0x7f0000001ac0)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9, &(0x7f0000001b80)}, 0x40)
recvmsg$unix(r0, &(0x7f00000025c0)={&(0x7f0000000080)=@abs, 0x6e, &(0x7f0000002540)=[{&(0x7f0000000140)=""/4096, 0x1000}, {&(0x7f0000001140)=""/132, 0x84}, {&(0x7f0000001200)=""/210, 0xd2}, {&(0x7f0000001300)=""/4096, 0x1000}, {&(0x7f0000002300)=""/161, 0xa1}, {&(0x7f00000023c0)=""/146, 0x92}, {&(0x7f0000002480)=""/179, 0xb3}], 0x7, &(0x7f0000000000)=[@cred={{0x1c}}, @cred={{0x1c}}], 0x40}, 0x2)

10:53:22 executing program 5:
ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x309) (async)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1}) (async)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x202000, 0x0) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000480)={0xffffffffffffffff, 0xe0, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f00000001c0)=[0x0], ""/16, <r2=>0x0, 0x0, 0x0, 0x0, 0x7, 0x2, &(0x7f0000000200)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000240)=[0x0, 0x0], 0x0, 0x8, &(0x7f0000000280)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f00000002c0), &(0x7f0000000300), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000340)}}, 0x10) (async)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000004c0)='blkio.bfq.sectors_recursive\x00', 0x0, 0x0)
ioctl$TUNSETIFINDEX(r3, 0x400454da, &(0x7f00000011c0)=r2) (async)
ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f00000000c0)) (async)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFINDEX(r4, 0x400454da, &(0x7f00000011c0)) (async)
ioctl$TUNGETFEATURES(r4, 0x800454cf, &(0x7f0000000500))
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETDEBUG(r1, 0x400454c9, &(0x7f0000000100)=0x40) (async)
ioctl$TUNSETIFINDEX(r5, 0x400454da, &(0x7f00000011c0)) (async)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFINDEX(r6, 0x400454da, &(0x7f00000011c0))
ioctl$TUNSETLINK(r6, 0x400454cd, 0x2) (async)
ioctl$TUNGETFEATURES(r0, 0x800454cf, &(0x7f0000000000)) (async)
ioctl$TUNGETVNETLE(r0, 0x800454dd, &(0x7f0000000040)) (async)
r7 = openat$cgroup_ro(r3, &(0x7f0000000580)='blkio.bfq.io_wait_time_recursive\x00', 0x0, 0x0)
bpf$OBJ_PIN_PROG(0x6, &(0x7f00000005c0)={&(0x7f0000000540)='./file0\x00', r7}, 0x10)

[ 2641.353325][T28142] RAX: ffffffffffffffda RBX: 00007fdb205dff80 RCX: 00007fdb204c00c9
[ 2641.361133][T28142] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000007c0ad480
[ 2641.368958][T28142] RBP: 00007fdb1f2331d0 R08: 0000000000000000 R09: 0000000000000000
[ 2641.376758][T28142] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000002
[ 2641.384568][T28142] R13: 00007ffddc47e1af R14: 00007fdb1f233300 R15: 0000000000022000
[ 2641.392383][T28142]  </TASK>
10:53:22 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x325)

10:53:22 executing program 3:
unlink(&(0x7f00000000c0)='./file0\x00')
r0 = bpf$ITER_CREATE(0x21, &(0x7f0000000000), 0x8)
recvmsg$unix(r0, &(0x7f0000000340)={&(0x7f0000000380)=@abs, 0x6e, &(0x7f0000000200)=[{&(0x7f0000000100)=""/210, 0xd2}], 0x1, &(0x7f0000000240)=[@rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x10}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}], 0xf0}, 0x0)
unlink(&(0x7f00000000c0)='./file0\x00') (async)
bpf$ITER_CREATE(0x21, &(0x7f0000000000), 0x8) (async)
recvmsg$unix(r0, &(0x7f0000000340)={&(0x7f0000000380)=@abs, 0x6e, &(0x7f0000000200)=[{&(0x7f0000000100)=""/210, 0xd2}], 0x1, &(0x7f0000000240)=[@rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x10}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}], 0xf0}, 0x0) (async)

10:53:22 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
bpf$OBJ_GET_MAP(0x7, &(0x7f00000002c0)={&(0x7f0000000280)='./file0/file0\x00'}, 0x10)
unlink(&(0x7f00000000c0)='./file0\x00')
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
recvmsg(r0, &(0x7f0000000080)={&(0x7f0000000100)=@x25={0x9, @remote}, 0x80, &(0x7f00000015c0)=[{&(0x7f0000000180)=""/96, 0x60}, {&(0x7f0000000200)=""/87, 0x57}, {&(0x7f00000003c0)=""/77, 0x4d}, {&(0x7f0000000300)=""/139, 0x8b}, {&(0x7f00000016c0)=""/198, 0xc6}, {&(0x7f00000004c0)=""/4096, 0x1000}, {&(0x7f00000014c0)=""/195, 0xc3}], 0x7, &(0x7f0000001640)=""/122, 0x7a}, 0x122)

[ 2641.440590][T28172] FAULT_INJECTION: forcing a failure.
[ 2641.440590][T28172] name failslab, interval 1, probability 0, space 0, times 0
[ 2641.453093][T28172] CPU: 1 PID: 28172 Comm: syz-executor.4 Not tainted 5.15.91-syzkaller-02991-g7e0097918ff8 #0
[ 2641.463071][T28172] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 2641.472967][T28172] Call Trace:
[ 2641.476084][T28172]  <TASK>
[ 2641.478861][T28172]  dump_stack_lvl+0x151/0x1b7
[ 2641.483376][T28172]  ? io_uring_drop_tctx_refs+0x19a/0x19a
[ 2641.488844][T28172]  dump_stack+0x15/0x17
[ 2641.492839][T28172]  should_fail+0x3c0/0x510
[ 2641.497090][T28172]  __should_failslab+0x9f/0xe0
[ 2641.501688][T28172]  should_failslab+0x9/0x20
[ 2641.506029][T28172]  kmem_cache_alloc+0x4f/0x2f0
[ 2641.510629][T28172]  ? anon_vma_fork+0x1b9/0x4f0
[ 2641.515235][T28172]  anon_vma_fork+0x1b9/0x4f0
[ 2641.519656][T28172]  dup_mmap+0x760/0xf10
[ 2641.523649][T28172]  ? __delayed_free_task+0x20/0x20
[ 2641.528598][T28172]  ? mm_init+0x807/0x960
[ 2641.532676][T28172]  dup_mm+0x8e/0x2e0
[ 2641.536404][T28172]  copy_mm+0x108/0x1b0
[ 2641.540309][T28172]  copy_process+0x1295/0x3250
[ 2641.544825][T28172]  ? proc_fail_nth_write+0x213/0x290
[ 2641.549953][T28172]  ? proc_fail_nth_read+0x220/0x220
[ 2641.554981][T28172]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2641.559948][T28172]  ? vfs_write+0xa37/0x1160
[ 2641.564267][T28172]  ? numa_migrate_prep+0xe0/0xe0
[ 2641.569044][T28172]  kernel_clone+0x21d/0x9c0
[ 2641.573379][T28172]  ? file_end_write+0x1b0/0x1b0
[ 2641.578064][T28172]  ? __kasan_check_write+0x14/0x20
[ 2641.583012][T28172]  ? create_io_thread+0x1e0/0x1e0
[ 2641.587877][T28172]  ? __mutex_lock_slowpath+0x10/0x10
[ 2641.592994][T28172]  __x64_sys_clone+0x289/0x310
[ 2641.597595][T28172]  ? __do_sys_vfork+0x130/0x130
[ 2641.602281][T28172]  ? debug_smp_processor_id+0x17/0x20
[ 2641.607488][T28172]  do_syscall_64+0x44/0xd0
[ 2641.611743][T28172]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2641.617469][T28172] RIP: 0033:0x7fdb204c00c9
[ 2641.621722][T28172] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
10:53:23 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x337)

10:53:23 executing program 4:
syz_clone(0x7c0ad580, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 80)

10:53:23 executing program 5:
ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x309)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1}) (async)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0) (async)
openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x202000, 0x0) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000480)={0xffffffffffffffff, 0xe0, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f00000001c0)=[0x0], ""/16, <r2=>0x0, 0x0, 0x0, 0x0, 0x7, 0x2, &(0x7f0000000200)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000240)=[0x0, 0x0], 0x0, 0x8, &(0x7f0000000280)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f00000002c0), &(0x7f0000000300), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000340)}}, 0x10) (async)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000004c0)='blkio.bfq.sectors_recursive\x00', 0x0, 0x0)
ioctl$TUNSETIFINDEX(r3, 0x400454da, &(0x7f00000011c0)=r2) (async)
ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f00000000c0)) (async)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFINDEX(r4, 0x400454da, &(0x7f00000011c0)) (async)
ioctl$TUNGETFEATURES(r4, 0x800454cf, &(0x7f0000000500))
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETDEBUG(r1, 0x400454c9, &(0x7f0000000100)=0x40) (async)
ioctl$TUNSETIFINDEX(r5, 0x400454da, &(0x7f00000011c0)) (async)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFINDEX(r6, 0x400454da, &(0x7f00000011c0)) (async)
ioctl$TUNSETLINK(r6, 0x400454cd, 0x2) (async)
ioctl$TUNGETFEATURES(r0, 0x800454cf, &(0x7f0000000000)) (async)
ioctl$TUNGETVNETLE(r0, 0x800454dd, &(0x7f0000000040))
r7 = openat$cgroup_ro(r3, &(0x7f0000000580)='blkio.bfq.io_wait_time_recursive\x00', 0x0, 0x0)
bpf$OBJ_PIN_PROG(0x6, &(0x7f00000005c0)={&(0x7f0000000540)='./file0\x00', r7}, 0x10)

[ 2641.641161][T28172] RSP: 002b:00007fdb1f233118 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 2641.649407][T28172] RAX: ffffffffffffffda RBX: 00007fdb205dff80 RCX: 00007fdb204c00c9
[ 2641.657219][T28172] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000007c0ad480
[ 2641.665032][T28172] RBP: 00007fdb1f2331d0 R08: 0000000000000000 R09: 0000000000000000
[ 2641.672843][T28172] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000002
[ 2641.680655][T28172] R13: 00007ffddc47e1af R14: 00007fdb1f233300 R15: 0000000000022000
[ 2641.688468][T28172]  </TASK>
[ 2641.710920][T28189] FAULT_INJECTION: forcing a failure.
[ 2641.710920][T28189] name failslab, interval 1, probability 0, space 0, times 0
[ 2641.723508][T28189] CPU: 0 PID: 28189 Comm: syz-executor.4 Not tainted 5.15.91-syzkaller-02991-g7e0097918ff8 #0
[ 2641.733558][T28189] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 2641.743453][T28189] Call Trace:
[ 2641.746577][T28189]  <TASK>
[ 2641.749354][T28189]  dump_stack_lvl+0x151/0x1b7
[ 2641.753866][T28189]  ? io_uring_drop_tctx_refs+0x19a/0x19a
[ 2641.759337][T28189]  dump_stack+0x15/0x17
[ 2641.763325][T28189]  should_fail+0x3c0/0x510
[ 2641.767578][T28189]  __should_failslab+0x9f/0xe0
[ 2641.772178][T28189]  should_failslab+0x9/0x20
[ 2641.776520][T28189]  kmem_cache_alloc+0x4f/0x2f0
[ 2641.781120][T28189]  ? anon_vma_fork+0x1b9/0x4f0
[ 2641.785719][T28189]  anon_vma_fork+0x1b9/0x4f0
[ 2641.790146][T28189]  dup_mmap+0x760/0xf10
[ 2641.794138][T28189]  ? __delayed_free_task+0x20/0x20
[ 2641.799084][T28189]  ? mm_init+0x807/0x960
[ 2641.803164][T28189]  dup_mm+0x8e/0x2e0
[ 2641.806901][T28189]  copy_mm+0x108/0x1b0
[ 2641.810801][T28189]  copy_process+0x1295/0x3250
[ 2641.815315][T28189]  ? proc_fail_nth_write+0x213/0x290
[ 2641.820436][T28189]  ? proc_fail_nth_read+0x220/0x220
[ 2641.825470][T28189]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2641.830418][T28189]  ? vfs_write+0xa37/0x1160
[ 2641.834865][T28189]  ? numa_migrate_prep+0xe0/0xe0
[ 2641.839640][T28189]  kernel_clone+0x21d/0x9c0
[ 2641.843976][T28189]  ? file_end_write+0x1b0/0x1b0
[ 2641.848667][T28189]  ? __kasan_check_write+0x14/0x20
[ 2641.853610][T28189]  ? create_io_thread+0x1e0/0x1e0
[ 2641.858472][T28189]  ? __mutex_lock_slowpath+0x10/0x10
[ 2641.863590][T28189]  __x64_sys_clone+0x289/0x310
[ 2641.868191][T28189]  ? __do_sys_vfork+0x130/0x130
[ 2641.872877][T28189]  ? debug_smp_processor_id+0x17/0x20
[ 2641.878086][T28189]  do_syscall_64+0x44/0xd0
[ 2641.882337][T28189]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2641.888064][T28189] RIP: 0033:0x7fdb204c00c9
[ 2641.892318][T28189] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
10:53:23 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x325)

10:53:23 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFINDEX(r0, 0x400454da, &(0x7f00000011c0))
ioctl$TUNSETVNETBE(r0, 0x400454de, &(0x7f00000000c0))
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454d9, &(0x7f0000000080)={'tunl0\x00'})
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, &(0x7f0000000100))
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'pim6reg\x00', 0x1})
r1 = getpid()
r2 = syz_clone(0x6191080, &(0x7f00000001c0)="09f0b92c8f36187960faf50974514cfd954715590506a3371890e82cf3d3b6178da5a8689051a47674502f60c35ab95f8852b14e1ae73b8f00156f881f0aa6ac7a54df2aef29704efcbaa0d75b3b8377ad5d305de00d014e96c71320063df77bf8bbf131eb6f12a47a97c408af2f001853", 0x71, &(0x7f0000000040), &(0x7f0000000240), &(0x7f0000000280)="1bb4811e5d95b48593207d140106d33416e35776f3e34ada8d2af620260f")
perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4400c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x100000003, 0x1ad}, 0x804, 0x5, 0x0, 0x4, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x8}, r2, 0xe, 0xffffffffffffffff, 0x0)
ioctl$SIOCSIFHWADDR(r0, 0x8924, &(0x7f00000002c0)={'pim6reg1\x00', @local})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000480)={r1, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='}^-.\x00'}, 0x30)
ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x304)

10:53:23 executing program 4:
syz_clone(0x7c0ad580, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 81)

10:53:23 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFINDEX(r0, 0x400454da, &(0x7f00000011c0))
ioctl$TUNSETVNETBE(r0, 0x400454de, &(0x7f00000000c0))
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454d9, &(0x7f0000000080)={'tunl0\x00'})
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, &(0x7f0000000100))
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'pim6reg\x00', 0x1})
r1 = getpid()
r2 = syz_clone(0x6191080, &(0x7f00000001c0)="09f0b92c8f36187960faf50974514cfd954715590506a3371890e82cf3d3b6178da5a8689051a47674502f60c35ab95f8852b14e1ae73b8f00156f881f0aa6ac7a54df2aef29704efcbaa0d75b3b8377ad5d305de00d014e96c71320063df77bf8bbf131eb6f12a47a97c408af2f001853", 0x71, &(0x7f0000000040), &(0x7f0000000240), &(0x7f0000000280)="1bb4811e5d95b48593207d140106d33416e35776f3e34ada8d2af620260f")
perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4400c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x100000003, 0x1ad}, 0x804, 0x5, 0x0, 0x4, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x8}, r2, 0xe, 0xffffffffffffffff, 0x0)
ioctl$SIOCSIFHWADDR(r0, 0x8924, &(0x7f00000002c0)={'pim6reg1\x00', @local})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000480)={r1, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='}^-.\x00'}, 0x30)
ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x304)
openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0) (async)
ioctl$TUNSETIFINDEX(r0, 0x400454da, &(0x7f00000011c0)) (async)
ioctl$TUNSETVNETBE(r0, 0x400454de, &(0x7f00000000c0)) (async)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454d9, &(0x7f0000000080)={'tunl0\x00'}) (async)
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, &(0x7f0000000100)) (async)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'pim6reg\x00', 0x1}) (async)
getpid() (async)
syz_clone(0x6191080, &(0x7f00000001c0)="09f0b92c8f36187960faf50974514cfd954715590506a3371890e82cf3d3b6178da5a8689051a47674502f60c35ab95f8852b14e1ae73b8f00156f881f0aa6ac7a54df2aef29704efcbaa0d75b3b8377ad5d305de00d014e96c71320063df77bf8bbf131eb6f12a47a97c408af2f001853", 0x71, &(0x7f0000000040), &(0x7f0000000240), &(0x7f0000000280)="1bb4811e5d95b48593207d140106d33416e35776f3e34ada8d2af620260f") (async)
perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4400c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x100000003, 0x1ad}, 0x804, 0x5, 0x0, 0x4, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x8}, r2, 0xe, 0xffffffffffffffff, 0x0) (async)
ioctl$SIOCSIFHWADDR(r0, 0x8924, &(0x7f00000002c0)={'pim6reg1\x00', @local}) (async)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000480)={r1, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='}^-.\x00'}, 0x30) (async)
ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x304) (async)

[ 2641.911760][T28189] RSP: 002b:00007fdb1f233118 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 2641.920004][T28189] RAX: ffffffffffffffda RBX: 00007fdb205dff80 RCX: 00007fdb204c00c9
[ 2641.927818][T28189] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000007c0ad480
[ 2641.935628][T28189] RBP: 00007fdb1f2331d0 R08: 0000000000000000 R09: 0000000000000000
[ 2641.943440][T28189] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000002
[ 2641.951253][T28189] R13: 00007ffddc47e1af R14: 00007fdb1f233300 R15: 0000000000022000
[ 2641.959065][T28189]  </TASK>
[ 2641.989584][T28202] FAULT_INJECTION: forcing a failure.
[ 2641.989584][T28202] name failslab, interval 1, probability 0, space 0, times 0
[ 2642.002103][T28202] CPU: 0 PID: 28202 Comm: syz-executor.4 Not tainted 5.15.91-syzkaller-02991-g7e0097918ff8 #0
[ 2642.012063][T28202] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 2642.021956][T28202] Call Trace:
[ 2642.025079][T28202]  <TASK>
[ 2642.027912][T28202]  dump_stack_lvl+0x151/0x1b7
[ 2642.032369][T28202]  ? io_uring_drop_tctx_refs+0x19a/0x19a
[ 2642.037844][T28202]  ? vma_interval_tree_augment_rotate+0x210/0x210
[ 2642.044088][T28202]  dump_stack+0x15/0x17
[ 2642.048080][T28202]  should_fail+0x3c0/0x510
[ 2642.052329][T28202]  __should_failslab+0x9f/0xe0
[ 2642.056934][T28202]  should_failslab+0x9/0x20
[ 2642.061273][T28202]  kmem_cache_alloc+0x4f/0x2f0
[ 2642.065870][T28202]  ? anon_vma_fork+0xf7/0x4f0
[ 2642.070383][T28202]  anon_vma_fork+0xf7/0x4f0
[ 2642.074729][T28202]  ? anon_vma_name+0x43/0x70
[ 2642.079149][T28202]  dup_mmap+0x760/0xf10
[ 2642.083141][T28202]  ? __delayed_free_task+0x20/0x20
[ 2642.088091][T28202]  ? mm_init+0x807/0x960
[ 2642.092170][T28202]  dup_mm+0x8e/0x2e0
[ 2642.095906][T28202]  copy_mm+0x108/0x1b0
[ 2642.099805][T28202]  copy_process+0x1295/0x3250
[ 2642.104320][T28202]  ? proc_fail_nth_write+0x213/0x290
[ 2642.109439][T28202]  ? proc_fail_nth_read+0x220/0x220
[ 2642.114480][T28202]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2642.119419][T28202]  ? vfs_write+0xa37/0x1160
[ 2642.123761][T28202]  ? numa_migrate_prep+0xe0/0xe0
[ 2642.128534][T28202]  kernel_clone+0x21d/0x9c0
[ 2642.132874][T28202]  ? file_end_write+0x1b0/0x1b0
[ 2642.137562][T28202]  ? __kasan_check_write+0x14/0x20
[ 2642.142511][T28202]  ? create_io_thread+0x1e0/0x1e0
[ 2642.147369][T28202]  ? __mutex_lock_slowpath+0x10/0x10
[ 2642.152493][T28202]  __x64_sys_clone+0x289/0x310
[ 2642.157089][T28202]  ? __do_sys_vfork+0x130/0x130
[ 2642.161776][T28202]  ? debug_smp_processor_id+0x17/0x20
[ 2642.166985][T28202]  do_syscall_64+0x44/0xd0
[ 2642.171236][T28202]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2642.176965][T28202] RIP: 0033:0x7fdb204c00c9
[ 2642.181216][T28202] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2642.200659][T28202] RSP: 002b:00007fdb1f233118 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 2642.208902][T28202] RAX: ffffffffffffffda RBX: 00007fdb205dff80 RCX: 00007fdb204c00c9
[ 2642.216716][T28202] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000007c0ad480
[ 2642.224526][T28202] RBP: 00007fdb1f2331d0 R08: 0000000000000000 R09: 0000000000000000
[ 2642.232339][T28202] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000002
[ 2642.240148][T28202] R13: 00007ffddc47e1af R14: 00007fdb1f233300 R15: 0000000000022000
[ 2642.247961][T28202]  </TASK>
[ 2642.251824][T28202] ==================================================================
[ 2642.259700][T28202] BUG: KASAN: double-free or invalid-free in kfree+0xc8/0x210
[ 2642.266986][T28202] 
[ 2642.269153][T28202] CPU: 0 PID: 28202 Comm: syz-executor.4 Not tainted 5.15.91-syzkaller-02991-g7e0097918ff8 #0
[ 2642.279220][T28202] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 2642.289116][T28202] Call Trace:
[ 2642.292241][T28202]  <TASK>
[ 2642.295016][T28202]  dump_stack_lvl+0x151/0x1b7
[ 2642.299531][T28202]  ? io_uring_drop_tctx_refs+0x19a/0x19a
[ 2642.304998][T28202]  ? panic+0x750/0x750
[ 2642.308908][T28202]  ? debug_smp_processor_id+0x17/0x20
[ 2642.314112][T28202]  ? kmem_cache_free+0x11a/0x2e0
[ 2642.318886][T28202]  ? kfree+0xc8/0x210
[ 2642.322706][T28202]  print_address_description+0x87/0x3d0
[ 2642.328083][T28202]  ? kfree+0xc8/0x210
[ 2642.331904][T28202]  ? kfree+0xc8/0x210
[ 2642.335722][T28202]  kasan_report_invalid_free+0x72/0xa0
[ 2642.341018][T28202]  ____kasan_slab_free+0x13e/0x160
[ 2642.345964][T28202]  __kasan_slab_free+0x11/0x20
[ 2642.350563][T28202]  slab_free_freelist_hook+0xc9/0x1a0
[ 2642.355773][T28202]  ? anon_vma_name_free+0x15/0x20
[ 2642.360632][T28202]  kfree+0xc8/0x210
[ 2642.364277][T28202]  anon_vma_name_free+0x15/0x20
[ 2642.368964][T28202]  vm_area_free_no_check+0xaa/0x150
[ 2642.373997][T28202]  ? dup_mmap+0xc38/0xf10
[ 2642.378163][T28202]  dup_mmap+0xc40/0xf10
[ 2642.382159][T28202]  ? __delayed_free_task+0x20/0x20
[ 2642.387121][T28202]  ? mm_init+0x807/0x960
[ 2642.391182][T28202]  dup_mm+0x8e/0x2e0
[ 2642.394913][T28202]  copy_mm+0x108/0x1b0
[ 2642.398819][T28202]  copy_process+0x1295/0x3250
[ 2642.403335][T28202]  ? proc_fail_nth_write+0x213/0x290
[ 2642.408454][T28202]  ? proc_fail_nth_read+0x220/0x220
[ 2642.413488][T28202]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2642.418436][T28202]  ? vfs_write+0xa37/0x1160
[ 2642.422775][T28202]  ? numa_migrate_prep+0xe0/0xe0
[ 2642.427548][T28202]  kernel_clone+0x21d/0x9c0
[ 2642.431888][T28202]  ? file_end_write+0x1b0/0x1b0
[ 2642.436573][T28202]  ? __kasan_check_write+0x14/0x20
[ 2642.441521][T28202]  ? create_io_thread+0x1e0/0x1e0
[ 2642.446383][T28202]  ? __mutex_lock_slowpath+0x10/0x10
[ 2642.451501][T28202]  __x64_sys_clone+0x289/0x310
[ 2642.456103][T28202]  ? __do_sys_vfork+0x130/0x130
[ 2642.460789][T28202]  ? debug_smp_processor_id+0x17/0x20
[ 2642.465998][T28202]  do_syscall_64+0x44/0xd0
[ 2642.470249][T28202]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2642.475983][T28202] RIP: 0033:0x7fdb204c00c9
[ 2642.480234][T28202] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[ 2642.499673][T28202] RSP: 002b:00007fdb1f233118 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 2642.507919][T28202] RAX: ffffffffffffffda RBX: 00007fdb205dff80 RCX: 00007fdb204c00c9
[ 2642.515729][T28202] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000007c0ad480
[ 2642.523538][T28202] RBP: 00007fdb1f2331d0 R08: 0000000000000000 R09: 0000000000000000
[ 2642.531353][T28202] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000002
[ 2642.539161][T28202] R13: 00007ffddc47e1af R14: 00007fdb1f233300 R15: 0000000000022000
[ 2642.546979][T28202]  </TASK>
[ 2642.549837][T28202] 
[ 2642.552009][T28202] Allocated by task 27291:
[ 2642.556260][T28202]  __kasan_slab_alloc+0xb2/0xe0
[ 2642.560946][T28202]  kmem_cache_alloc+0x189/0x2f0
[ 2642.565637][T28202]  vm_area_dup+0x26/0x220
[ 2642.569801][T28202]  dup_mmap+0x6c8/0xf10
[ 2642.573793][T28202]  dup_mm+0x8e/0x2e0
[ 2642.577523][T28202]  copy_mm+0x108/0x1b0
[ 2642.581430][T28202]  copy_process+0x1295/0x3250
[ 2642.585943][T28202]  kernel_clone+0x21d/0x9c0
[ 2642.590283][T28202]  __x64_sys_clone+0x289/0x310
[ 2642.594882][T28202]  do_syscall_64+0x44/0xd0
[ 2642.599134][T28202]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2642.604863][T28202] 
[ 2642.607039][T28202] Last potentially related work creation:
[ 2642.612587][T28202]  kasan_save_stack+0x3b/0x60
[ 2642.617104][T28202]  __kasan_record_aux_stack+0xd3/0xf0
[ 2642.622308][T28202]  kasan_record_aux_stack_noalloc+0xb/0x10
[ 2642.627949][T28202]  call_rcu+0x140/0x1400
[ 2642.632031][T28202]  vm_area_free_no_check+0x119/0x150
[ 2642.637151][T28202]  vm_area_free+0x53/0x60
[ 2642.641315][T28202]  exit_mmap+0x52d/0x700
[ 2642.645396][T28202]  __mmput+0x95/0x300
[ 2642.649213][T28202]  mmput+0x52/0x140
[ 2642.652861][T28202]  exit_mm+0x54b/0x7a0
[ 2642.656765][T28202]  do_exit+0x63c/0x24d0
[ 2642.660763][T28202]  do_group_exit+0x13a/0x300
[ 2642.665185][T28202]  get_signal+0x77e/0x1600
[ 2642.669437][T28202]  arch_do_signal_or_restart+0x9f/0x670
[ 2642.674822][T28202]  exit_to_user_mode_loop+0xd4/0x110
[ 2642.679937][T28202]  exit_to_user_mode_prepare+0x3b/0x40
[ 2642.685231][T28202]  irqentry_exit_to_user_mode+0x9/0x20
[ 2642.690527][T28202]  irqentry_exit+0x12/0x40
[ 2642.694780][T28202]  exc_page_fault+0x75/0x1a0
[ 2642.699205][T28202]  asm_exc_page_fault+0x27/0x30
[ 2642.703892][T28202] 
[ 2642.706064][T28202] Second to last potentially related work creation:
[ 2642.712489][T28202]  kasan_save_stack+0x3b/0x60
[ 2642.716998][T28202]  __kasan_record_aux_stack+0xd3/0xf0
[ 2642.722208][T28202]  kasan_record_aux_stack_noalloc+0xb/0x10
[ 2642.727849][T28202]  call_rcu+0x140/0x1400
[ 2642.731927][T28202]  vm_area_free_no_check+0x119/0x150
[ 2642.737048][T28202]  vm_area_free+0x53/0x60
[ 2642.741213][T28202]  exit_mmap+0x52d/0x700
[ 2642.745295][T28202]  __mmput+0x95/0x300
[ 2642.749111][T28202]  mmput+0x52/0x140
[ 2642.752757][T28202]  exit_mm+0x54b/0x7a0
[ 2642.756662][T28202]  do_exit+0x63c/0x24d0
[ 2642.760660][T28202]  do_group_exit+0x13a/0x300
[ 2642.765083][T28202]  get_signal+0x77e/0x1600
[ 2642.769334][T28202]  arch_do_signal_or_restart+0x9f/0x670
[ 2642.774717][T28202]  exit_to_user_mode_loop+0xd4/0x110
[ 2642.779839][T28202]  syscall_exit_to_user_mode+0x79/0xc0
[ 2642.785134][T28202]  do_syscall_64+0x50/0xd0
[ 2642.789401][T28202]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2642.795113][T28202] 
[ 2642.797282][T28202] The buggy address belongs to the object at ffff88812f59d818
[ 2642.797282][T28202]  which belongs to the cache vm_area_struct of size 232
[ 2642.811431][T28202] The buggy address is located 88 bytes inside of
[ 2642.811431][T28202]  232-byte region [ffff88812f59d818, ffff88812f59d900)
[ 2642.824452][T28202] The buggy address belongs to the page:
[ 2642.829917][T28202] page:ffffea0004bd6740 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x12f59d
[ 2642.839985][T28202] flags: 0x4000000000000200(slab|zone=1)
[ 2642.845459][T28202] raw: 4000000000000200 ffffea0004ab3e80 0000000500000002 ffff8881001b5c80
[ 2642.853876][T28202] raw: 0000000000000000 00000000000d000d 00000001ffffffff 0000000000000000
[ 2642.862291][T28202] page dumped because: kasan: bad access detected
[ 2642.868540][T28202] page_owner tracks the page as allocated
[ 2642.874091][T28202] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x112cc0(GFP_USER|__GFP_NOWARN|__GFP_NORETRY), pid 813, ts 513667705815, free_ts 513200048688
[ 2642.889976][T28202]  post_alloc_hook+0x1ab/0x1b0
[ 2642.894574][T28202]  get_page_from_freelist+0x3e5/0x460
[ 2642.899781][T28202]  __alloc_pages+0x3a8/0x7c0
[ 2642.904209][T28202]  allocate_slab+0x62/0x580
[ 2642.908549][T28202]  ___slab_alloc+0x2e2/0x6f0
[ 2642.912975][T28202]  __slab_alloc+0x4a/0x90
[ 2642.917141][T28202]  kmem_cache_alloc+0x205/0x2f0
[ 2642.921831][T28202]  vm_area_dup+0x26/0x220
[ 2642.925996][T28202]  dup_mmap+0x6c8/0xf10
[ 2642.929986][T28202]  dup_mm+0x8e/0x2e0
[ 2642.933720][T28202]  copy_mm+0x108/0x1b0
[ 2642.937623][T28202]  copy_process+0x1295/0x3250
[ 2642.942139][T28202]  kernel_clone+0x21d/0x9c0
[ 2642.946482][T28202]  __x64_sys_clone+0x289/0x310
[ 2642.951077][T28202]  do_syscall_64+0x44/0xd0
[ 2642.955328][T28202]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2642.961056][T28202] page last free stack trace:
[ 2642.965575][T28202]  free_pcp_prepare+0x448/0x450
[ 2642.970256][T28202]  free_unref_page_list+0x16a/0xad0
[ 2642.975295][T28202]  release_pages+0x135f/0x13b0
[ 2642.979891][T28202]  free_pages_and_swap_cache+0x97/0xb0
[ 2642.985184][T28202]  tlb_flush_mmu+0x860/0xa00
[ 2642.989616][T28202]  tlb_finish_mmu+0xd2/0x1f0
[ 2642.994040][T28202]  exit_mmap+0x3f6/0x700
[ 2642.998118][T28202]  __mmput+0x95/0x300
[ 2643.001937][T28202]  mmput+0x52/0x140
[ 2643.005582][T28202]  exit_mm+0x54b/0x7a0
[ 2643.009488][T28202]  do_exit+0x63c/0x24d0
[ 2643.013478][T28202]  do_group_exit+0x13a/0x300
[ 2643.017905][T28202]  get_signal+0x77e/0x1600
[ 2643.022159][T28202]  arch_do_signal_or_restart+0x9f/0x670
[ 2643.027538][T28202]  exit_to_user_mode_loop+0xd4/0x110
[ 2643.032661][T28202]  syscall_exit_to_user_mode+0x79/0xc0
[ 2643.037956][T28202] 
[ 2643.040126][T28202] Memory state around the buggy address:
[ 2643.045597][T28202]  ffff88812f59d700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2643.053495][T28202]  ffff88812f59d780: 00 00 00 00 00 00 00 00 00 00 00 fc fc fc fc fc
[ 2643.061393][T28202] >ffff88812f59d800: fc fc fc 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2643.069290][T28202]                                                              ^
[ 2643.076843][T28202]  ffff88812f59d880: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 2643.084740][T28202]  ffff88812f59d900: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb
10:53:24 executing program 2:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
mkdir(&(0x7f0000000100)='./file0/file0/file0\x00', 0x2) (async)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000001600)={<r0=>0xffffffffffffffff})
recvmsg$unix(r0, &(0x7f0000001c40)={&(0x7f0000001640), 0x6e, &(0x7f0000001ac0)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9, &(0x7f0000001b80)}, 0x40) (async)
recvmsg$unix(r0, &(0x7f00000025c0)={&(0x7f0000000080)=@abs, 0x6e, &(0x7f0000002540)=[{&(0x7f0000000140)=""/4096, 0x1000}, {&(0x7f0000001140)=""/132, 0x84}, {&(0x7f0000001200)=""/210, 0xd2}, {&(0x7f0000001300)=""/4096, 0x1000}, {&(0x7f0000002300)=""/161, 0xa1}, {&(0x7f00000023c0)=""/146, 0x92}, {&(0x7f0000002480)=""/179, 0xb3}], 0x7, &(0x7f0000000000)=[@cred={{0x1c}}, @cred={{0x1c}}], 0x40}, 0x2)

10:53:24 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x337)

10:53:24 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0)
ioctl$TUNSETIFINDEX(r0, 0x400454da, &(0x7f00000011c0))
ioctl$TUNSETVNETBE(r0, 0x400454de, &(0x7f00000000c0))
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454d9, &(0x7f0000000080)={'tunl0\x00'})
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, &(0x7f0000000100))
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'pim6reg\x00', 0x1})
r1 = getpid()
r2 = syz_clone(0x6191080, &(0x7f00000001c0)="09f0b92c8f36187960faf50974514cfd954715590506a3371890e82cf3d3b6178da5a8689051a47674502f60c35ab95f8852b14e1ae73b8f00156f881f0aa6ac7a54df2aef29704efcbaa0d75b3b8377ad5d305de00d014e96c71320063df77bf8bbf131eb6f12a47a97c408af2f001853", 0x71, &(0x7f0000000040), &(0x7f0000000240), &(0x7f0000000280)="1bb4811e5d95b48593207d140106d33416e35776f3e34ada8d2af620260f")
perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4400c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x100000003, 0x1ad}, 0x804, 0x5, 0x0, 0x4, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x8}, r2, 0xe, 0xffffffffffffffff, 0x0)
ioctl$SIOCSIFHWADDR(r0, 0x8924, &(0x7f00000002c0)={'pim6reg1\x00', @local})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000480)={r1, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='}^-.\x00'}, 0x30)
ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x304)
openat$tun(0xffffffffffffff9c, &(0x7f0000000e80), 0x0, 0x0) (async)
ioctl$TUNSETIFINDEX(r0, 0x400454da, &(0x7f00000011c0)) (async)
ioctl$TUNSETVNETBE(r0, 0x400454de, &(0x7f00000000c0)) (async)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454d9, &(0x7f0000000080)={'tunl0\x00'}) (async)
ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, &(0x7f0000000100)) (async)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'pim6reg\x00', 0x1}) (async)
getpid() (async)
syz_clone(0x6191080, &(0x7f00000001c0)="09f0b92c8f36187960faf50974514cfd954715590506a3371890e82cf3d3b6178da5a8689051a47674502f60c35ab95f8852b14e1ae73b8f00156f881f0aa6ac7a54df2aef29704efcbaa0d75b3b8377ad5d305de00d014e96c71320063df77bf8bbf131eb6f12a47a97c408af2f001853", 0x71, &(0x7f0000000040), &(0x7f0000000240), &(0x7f0000000280)="1bb4811e5d95b48593207d140106d33416e35776f3e34ada8d2af620260f") (async)
perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4400c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x100000003, 0x1ad}, 0x804, 0x5, 0x0, 0x4, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x8}, r2, 0xe, 0xffffffffffffffff, 0x0) (async)
ioctl$SIOCSIFHWADDR(r0, 0x8924, &(0x7f00000002c0)={'pim6reg1\x00', @local}) (async)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000480)={r1, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000440)='}^-.\x00'}, 0x30) (async)
ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x304) (async)

10:53:24 executing program 3:
mkdir(&(0x7f0000000040)='./file0\x00', 0x0) (async)
bpf$OBJ_GET_MAP(0x7, &(0x7f00000002c0)={&(0x7f0000000280)='./file0/file0\x00'}, 0x10) (async, rerun: 32)
unlink(&(0x7f00000000c0)='./file0\x00') (rerun: 32)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
recvmsg(r0, &(0x7f0000000080)={&(0x7f0000000100)=@x25={0x9, @remote}, 0x80, &(0x7f00000015c0)=[{&(0x7f0000000180)=""/96, 0x60}, {&(0x7f0000000200)=""/87, 0x57}, {&(0x7f00000003c0)=""/77, 0x4d}, {&(0x7f0000000300)=""/139, 0x8b}, {&(0x7f00000016c0)=""/198, 0xc6}, {&(0x7f00000004c0)=""/4096, 0x1000}, {&(0x7f00000014c0)=""/195, 0xc3}], 0x7, &(0x7f0000001640)=""/122, 0x7a}, 0x122)

10:53:24 executing program 5:
bpf$BPF_GET_BTF_INFO(0xf, 0xfffffffffffffffc, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x454883, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335)
ioctl$TUNSETSTEERINGEBPF(r0, 0x800454e0, &(0x7f0000000000))

10:53:24 executing program 0:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)

10:53:24 executing program 4:
syz_clone(0x7c0ad580, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 82)

[ 2643.092633][T28202] ==================================================================
[ 2643.100531][T28202] Disabling lock debugging due to kernel taint
10:53:24 executing program 5:
bpf$BPF_GET_BTF_INFO(0xf, 0xfffffffffffffffc, 0x0) (async)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x454883, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335) (async)
ioctl$TUNSETSTEERINGEBPF(r0, 0x800454e0, &(0x7f0000000000))

[ 2643.149655][T27292] general protection fault, probably for non-canonical address 0xdffffc0000000001: 0000 [#1] PREEMPT SMP KASAN
[ 2643.161200][T27292] KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f]
[ 2643.169444][T27292] CPU: 1 PID: 27292 Comm: syz-executor.4 Tainted: G    B             5.15.91-syzkaller-02991-g7e0097918ff8 #0
[ 2643.180900][T27292] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
[ 2643.190799][T27292] RIP: 0010:__rb_insert_augmented+0x9b/0x670
[ 2643.196609][T27292] Code: e8 fa 35 2c ff 4d 8b 27 41 f6 c4 01 0f 85 b5 05 00 00 48 89 5d a8 4c 89 75 b8 4c 89 7d d0 4d 8d 7c 24 08 4d 89 fe 49 c1 ee 03 <43> 80 3c 2e 00 74 08 4c 89 ff e8 c6 35 2c ff 49 8b 1f 48 3b 5d d0
[ 2643.216050][T27292] RSP: 0018:ffffc900010578a0 EFLAGS: 00010202
[ 2643.221951][T27292] RAX: 1ffff1102357d97d RBX: 1ffff11025eb3b0e RCX: dffffc0000000000
[ 2643.229771][T27292] RDX: ffffffff81a8b150 RSI: ffff88810f664f40 RDI: ffff88811abecbe8
[ 2643.237572][T27292] RBP: ffffc90001057908 R08: dffffc0000000000 R09: ffff88811abecbf0
[ 2643.245383][T27292] R10: ffffed102357d980 R11: 1ffff1102357d97e R12: 0000000000000000
[ 2643.253196][T27292] R13: dffffc0000000000 R14: 0000000000000001 R15: 0000000000000008
[ 2643.261007][T27292] FS:  000055555721f400(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[ 2643.269774][T27292] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2643.276196][T27292] CR2: 00007fdb211096be CR3: 00000001262f7000 CR4: 00000000003506a0
[ 2643.284008][T27292] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 2643.291817][T27292] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 2643.299632][T27292] Call Trace:
[ 2643.302754][T27292]  <TASK>
[ 2643.305533][T27292]  ? anon_vma_interval_tree_iter_next+0x3b0/0x3b0
[ 2643.311779][T27292]  vma_interval_tree_insert_after+0x2cd/0x2e0
[ 2643.317685][T27292]  dup_mmap+0x8cd/0xf10
[ 2643.321676][T27292]  ? __delayed_free_task+0x20/0x20
[ 2643.326626][T27292]  ? mm_init+0x807/0x960
[ 2643.330700][T27292]  dup_mm+0x8e/0x2e0
[ 2643.334435][T27292]  copy_mm+0x108/0x1b0
[ 2643.338339][T27292]  copy_process+0x1295/0x3250
[ 2643.342857][T27292]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 2643.347798][T27292]  ? numa_migrate_prep+0xe0/0xe0
[ 2643.352577][T27292]  ? vfs_read+0x676/0xd80
[ 2643.356738][T27292]  kernel_clone+0x21d/0x9c0
[ 2643.361077][T27292]  ? create_io_thread+0x1e0/0x1e0
[ 2643.365943][T27292]  __x64_sys_clone+0x289/0x310
[ 2643.370542][T27292]  ? __do_sys_vfork+0x130/0x130
[ 2643.375227][T27292]  ? fpregs_assert_state_consistent+0xb6/0xe0
[ 2643.381127][T27292]  ? exit_to_user_mode_prepare+0x2b/0x40
[ 2643.386597][T27292]  do_syscall_64+0x44/0xd0
[ 2643.390855][T27292]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 2643.396580][T27292] RIP: 0033:0x7fdb204bddfb
[ 2643.400831][T27292] Code: ed 0f 85 60 01 00 00 64 4c 8b 0c 25 10 00 00 00 45 31 c0 4d 8d 91 d0 02 00 00 31 d2 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 89 00 00 00 41 89 c5 85 c0 0f 85 90 00 00
[ 2643.420272][T27292] RSP: 002b:00007ffddc47e3f0 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 2643.428513][T27292] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fdb204bddfb
[ 2643.436328][T27292] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
[ 2643.444136][T27292] RBP: 0000000000000000 R08: 0000000000000000 R09: 000055555721f400
[ 2643.451947][T27292] R10: 000055555721f6d0 R11: 0000000000000246 R12: 0000000000000000
[ 2643.459760][T27292] R13: 0000000000000000 R14: 0000000000000001 R15: 00007ffddc47e4d0
[ 2643.467576][T27292]  </TASK>
[ 2643.470443][T27292] Modules linked in:
[ 2643.474367][T27292] ---[ end trace 47d3c089397249cd ]---
[ 2643.479762][T27292] RIP: 0010:__rb_insert_augmented+0x9b/0x670
[ 2643.485819][T27292] Code: e8 fa 35 2c ff 4d 8b 27 41 f6 c4 01 0f 85 b5 05 00 00 48 89 5d a8 4c 89 75 b8 4c 89 7d d0 4d 8d 7c 24 08 4d 89 fe 49 c1 ee 03 <43> 80 3c 2e 00 74 08 4c 89 ff e8 c6 35 2c ff 49 8b 1f 48 3b 5d d0
[ 2643.505493][T27292] RSP: 0018:ffffc900010578a0 EFLAGS: 00010202
[ 2643.511442][T27292] RAX: 1ffff1102357d97d RBX: 1ffff11025eb3b0e RCX: dffffc0000000000
[ 2643.519255][T27292] RDX: ffffffff81a8b150 RSI: ffff88810f664f40 RDI: ffff88811abecbe8
[ 2643.527021][T27292] RBP: ffffc90001057908 R08: dffffc0000000000 R09: ffff88811abecbf0
[ 2643.534855][T27292] R10: ffffed102357d980 R11: 1ffff1102357d97e R12: 0000000000000000
[ 2643.542621][T27292] R13: dffffc0000000000 R14: 0000000000000001 R15: 0000000000000008
[ 2643.550488][T27292] FS:  000055555721f400(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[ 2643.560857][T27292] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2643.567279][T27292] CR2: 00007fdb211096be CR3: 00000001262f7000 CR4: 00000000003506a0
[ 2643.575108][T27292] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 2643.582936][T27292] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 2643.590689][T27292] Kernel panic - not syncing: Fatal exception
[ 2643.596841][T27292] Kernel Offset: disabled
[ 2643.600994][T27292] Rebooting in 86400 seconds..