fffff, 0xffffffffffffffff], &(0x7f0000000280)=[{0x1, 0x3, 0xf}, {0x2, 0x5, 0x0, 0x2}, {0x5, 0x2, 0x5, 0x4}, {0x1, 0x5, 0x7, 0x8}, {0x3, 0x3, 0xb, 0x7}, {0x4, 0x1, 0x8, 0x5}, {0x3, 0x4, 0x4, 0x9}, {0x2, 0x1, 0xf, 0x7}, {0x1, 0x5, 0xf, 0xa}, {0x4, 0x5, 0x5, 0x9}], 0x10, 0x10000}, 0x90)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r1, 0x0, 0x4}, 0x48)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000200), 0x8) (async)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000240)=r0, 0x4) (async)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4) (async)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0) (async)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3) (async)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0) (async)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4) (async)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0) (async)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r5) (async)
openat$cgroup_ro(r3, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0) (async)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18c25fd1f45e9059827d3f7423e3b5d69cce000000000000000000"], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r2, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r3, r4, r5, 0xffffffffffffffff, r6, r7]}, 0x80) (async)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000140)={0x0, 0x4}, 0xc) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000001440)={0x1, 0x9, &(0x7f0000000000)=@raw=[@map_idx={0x18, 0x6, 0x5, 0x0, 0xe}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x4}, @cb_func={0x18, 0x2, 0x4, 0x0, 0xfffffffffffffffc}, @map_idx_val={0x18, 0x6, 0x6, 0x0, 0xf, 0x0, 0x0, 0x0, 0x6}, @map_idx={0x18, 0x9, 0x5, 0x0, 0x4}], &(0x7f0000000080)='syzkaller\x00', 0x7, 0x1000, &(0x7f0000000440)=""/4096, 0x41100, 0x45, '\x00', 0x0, 0x2b, r6, 0x8, &(0x7f00000000c0)={0x0, 0x1}, 0x8, 0x10, &(0x7f0000000100)={0x0, 0x9, 0x7, 0x2cda}, 0x10, 0x0, 0xffffffffffffffff, 0xa, &(0x7f0000000180)=[0x1, 0xffffffffffffffff, r8, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000280)=[{0x1, 0x3, 0xf}, {0x2, 0x5, 0x0, 0x2}, {0x5, 0x2, 0x5, 0x4}, {0x1, 0x5, 0x7, 0x8}, {0x3, 0x3, 0xb, 0x7}, {0x4, 0x1, 0x8, 0x5}, {0x3, 0x4, 0x4, 0x9}, {0x2, 0x1, 0xf, 0x7}, {0x1, 0x5, 0xf, 0xa}, {0x4, 0x5, 0x5, 0x9}], 0x10, 0x10000}, 0x90) (async)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r1, 0x0, 0x4}, 0x48) (async)

01:15:49 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
r5 = openat$cgroup_ro(r2, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0)
r6 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18d20300000000000000d69cce00"/25], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r2, r3, r4, 0xffffffffffffffff, r5, r6]}, 0x80)
mkdirat$cgroup(r5, &(0x7f00000001c0)='syz1\x00', 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x40000020)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000))
r7 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r7)

01:15:49 executing program 5:
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000001c0)={0xffffffffffffffff, 0xe0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000000)=[0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x1, 0x2, &(0x7f0000000040)=[0x0], &(0x7f0000000380)=[0x0, 0x0], 0x0, 0x8, &(0x7f00000000c0)=[{}, {}], 0x10, 0x10, &(0x7f0000000100), &(0x7f0000000080), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000180)}}, 0x10)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000200)={0x0, <r0=>0x0}, 0x8)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000240)=r0, 0x4)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r1, 0x0, 0x4}, 0x48)

01:15:49 executing program 0:
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000002a0000"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00', r0}, 0x10)

[ 1114.401449][T26785] FAULT_INJECTION: forcing a failure.
[ 1114.401449][T26785] name failslab, interval 1, probability 0, space 0, times 0
[ 1114.437971][T26785] CPU: 1 PID: 26785 Comm: syz-executor.2 Tainted: G        W         5.15.132-syzkaller-01173-g754f8cc9b7de #0
[ 1114.449529][T26785] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023
[ 1114.459426][T26785] Call Trace:
[ 1114.462545][T26785]  <TASK>
[ 1114.465321][T26785]  dump_stack_lvl+0x151/0x1b7
[ 1114.469837][T26785]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 1114.475307][T26785]  dump_stack+0x15/0x17
[ 1114.479293][T26785]  should_fail+0x3c6/0x510
[ 1114.483548][T26785]  __should_failslab+0xa4/0xe0
[ 1114.488149][T26785]  ? copy_fs_struct+0x4e/0x230
[ 1114.492749][T26785]  should_failslab+0x9/0x20
[ 1114.497085][T26785]  slab_pre_alloc_hook+0x37/0xd0
[ 1114.501860][T26785]  ? copy_fs_struct+0x4e/0x230
[ 1114.506459][T26785]  kmem_cache_alloc+0x44/0x200
[ 1114.511062][T26785]  copy_fs_struct+0x4e/0x230
[ 1114.515489][T26785]  copy_fs+0x71/0x140
[ 1114.519308][T26785]  copy_process+0x121e/0x3260
[ 1114.523821][T26785]  ? proc_fail_nth_write+0x20b/0x290
[ 1114.528940][T26785]  ? fsnotify_perm+0x6a/0x5d0
[ 1114.533453][T26785]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1114.538402][T26785]  ? vfs_write+0x9ec/0x1110
[ 1114.542740][T26785]  kernel_clone+0x21e/0x9e0
[ 1114.547080][T26785]  ? file_end_write+0x1c0/0x1c0
[ 1114.551764][T26785]  ? create_io_thread+0x1e0/0x1e0
[ 1114.556627][T26785]  ? mutex_unlock+0xb2/0x260
[ 1114.561054][T26785]  ? __mutex_lock_slowpath+0x10/0x10
[ 1114.566176][T26785]  __x64_sys_clone+0x23f/0x290
[ 1114.570775][T26785]  ? __do_sys_vfork+0x130/0x130
[ 1114.575458][T26785]  ? ksys_write+0x260/0x2c0
[ 1114.579803][T26785]  ? debug_smp_processor_id+0x17/0x20
[ 1114.585009][T26785]  ? fpregs_assert_state_consistent+0xb6/0xe0
[ 1114.590910][T26785]  ? exit_to_user_mode_prepare+0x39/0xa0
[ 1114.596381][T26785]  do_syscall_64+0x3d/0xb0
01:15:49 executing program 1:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000ec0)={0x1d, 0x0, 0x0, &(0x7f0000000280)='syzkaller\x00', 0x8e07, 0x9a, &(0x7f0000000d80)=""/154, 0x41100, 0x5, '\x00', 0x0, 0x12, 0xffffffffffffffff, 0x8, &(0x7f0000000c80), 0x8, 0x10, 0xfffffffffffffffc, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, &(0x7f0000000e40)=[0xffffffffffffffff], &(0x7f0000000e80)=[{0x0, 0x4, 0x7, 0x8}], 0x10, 0x5}, 0x90)

01:15:49 executing program 4:
syz_clone(0x75848400, 0x0, 0x80000, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

[ 1114.600634][T26785]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1114.606357][T26785] RIP: 0033:0x7f7962f04ae9
[ 1114.610614][T26785] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 1114.630054][T26785] RSP: 002b:00007f7961c87078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1114.638300][T26785] RAX: ffffffffffffffda RBX: 00007f7963023f80 RCX: 00007f7962f04ae9
01:15:49 executing program 2:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00'}, 0x10)

01:15:49 executing program 5:
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000001c0)={0xffffffffffffffff, 0xe0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000000)=[0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x1, 0x2, &(0x7f0000000040)=[0x0], &(0x7f0000000380)=[0x0, 0x0], 0x0, 0x8, &(0x7f00000000c0)=[{}, {}], 0x10, 0x10, &(0x7f0000000100), &(0x7f0000000080), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000180)}}, 0x10)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000200)={0x0, <r0=>0x0}, 0x8)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000240)=r0, 0x4)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r1, 0x0, 0x4}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000001c0)={0xffffffffffffffff, 0xe0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000000)=[0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x1, 0x2, &(0x7f0000000040)=[0x0], &(0x7f0000000380)=[0x0, 0x0], 0x0, 0x8, &(0x7f00000000c0)=[{}, {}], 0x10, 0x10, &(0x7f0000000100), &(0x7f0000000080), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000180)}}, 0x10) (async)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000200), 0x8) (async)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000240)=r0, 0x4) (async)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r1, 0x0, 0x4}, 0x48) (async)

01:15:49 executing program 0:
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000002a0000"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00', r0}, 0x10)

01:15:49 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
r5 = openat$cgroup_ro(r2, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0)
r6 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18d20300000000000000d69cce00"/25], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r2, r3, r4, 0xffffffffffffffff, r5, r6]}, 0x80)
mkdirat$cgroup(r5, &(0x7f00000001c0)='syz1\x00', 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x40000020)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000))
r7 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r7)

01:15:49 executing program 5:
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000001c0)={0xffffffffffffffff, 0xe0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000000)=[0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x1, 0x2, &(0x7f0000000040)=[0x0], &(0x7f0000000380)=[0x0, 0x0], 0x0, 0x8, &(0x7f00000000c0)=[{}, {}], 0x10, 0x10, &(0x7f0000000100), &(0x7f0000000080), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000180)}}, 0x10) (async)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000200)={0x0, <r0=>0x0}, 0x8)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000240)=r0, 0x4)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r1, 0x0, 0x4}, 0x48)

[ 1114.646111][T26785] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000075848400
[ 1114.653917][T26785] RBP: 00007f7961c87120 R08: 0000000000000000 R09: 0000000000000000
[ 1114.661730][T26785] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001
[ 1114.669544][T26785] R13: 000000000000000b R14: 00007f7963023f80 R15: 00007ffde0e39ef8
[ 1114.677361][T26785]  </TASK>
01:15:49 executing program 1:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000ec0)={0x1d, 0x0, 0x0, &(0x7f0000000280)='syzkaller\x00', 0x8e07, 0x9a, &(0x7f0000000d80)=""/154, 0x41100, 0x5, '\x00', 0x0, 0x12, 0xffffffffffffffff, 0x8, &(0x7f0000000c80), 0x8, 0x10, 0xfffffffffffffffc, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, &(0x7f0000000e40)=[0xffffffffffffffff], &(0x7f0000000e80)=[{0x0, 0x4, 0x7, 0x8}], 0x10, 0x5}, 0x90)

01:15:49 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
r5 = openat$cgroup_ro(r2, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0)
r6 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18d20300000000000000d69cce00"/25], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r2, r3, r4, 0xffffffffffffffff, r5, r6]}, 0x80)
mkdirat$cgroup(r5, &(0x7f00000001c0)='syz1\x00', 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x40000020)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000))
r7 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r7)

01:15:49 executing program 0:
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000002a000000"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00', r0}, 0x10)

01:15:49 executing program 5:
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000002c0)={0x1, 0x58, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r0=>0x0}}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xe, &(0x7f0000000580)=@raw=[@map_val={0x18, 0x9, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x7}, @map_idx_val={0x18, 0x5, 0x6, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1}, @printk={@integer, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x3}}, @map_fd={0x18, 0x0, 0x1, 0x0, 0x1}], &(0x7f00000000c0)='syzkaller\x00', 0x8, 0xd6, &(0x7f0000000100)=""/214, 0x41000, 0xe, '\x00', r0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000300)={0x4, 0x5}, 0x8, 0x10, &(0x7f0000000340)={0x1, 0x8, 0x80, 0x3f}, 0x10, 0x0, 0x0, 0x8, 0x0, &(0x7f0000000440)=[{0x0, 0x1, 0xf, 0x1}, {0x1, 0x5, 0xa, 0x3}, {0x1, 0x3, 0x5, 0xa}, {0x4, 0x1, 0xb}, {0x1, 0x3, 0x2, 0xc}, {0x1, 0x4, 0x7, 0x2}, {0x5, 0x1, 0xb, 0x8}, {0x2, 0x4, 0x7, 0x4}], 0x10, 0x7f}, 0x90)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000200)={0x0, <r1=>0x0}, 0x8)
r2 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000000)=r1, 0xfffffffffffffe94)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r2, 0x0, 0x4}, 0x48)

01:15:49 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
r5 = openat$cgroup_ro(r2, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0)
r6 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18d20300000000000000d69cce00"/25], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r2, r3, r4, 0xffffffffffffffff, r5, r6]}, 0x80)
mkdirat$cgroup(r5, &(0x7f00000001c0)='syz1\x00', 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x40000020)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000))
r7 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r7)

[ 1114.745323][T26814] FAULT_INJECTION: forcing a failure.
[ 1114.745323][T26814] name fail_page_alloc, interval 1, probability 0, space 0, times 0
01:15:49 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
r5 = openat$cgroup_ro(r2, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0)
r6 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18d20300000000000000d69cce00"/25], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r2, r3, r4, 0xffffffffffffffff, r5, r6]}, 0x80)
mkdirat$cgroup(r5, &(0x7f00000001c0)='syz1\x00', 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x40000020)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000))
r7 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r7)

01:15:50 executing program 4:
syz_clone(0x75848400, 0x0, 0x101000, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

[ 1114.826450][T26814] CPU: 1 PID: 26814 Comm: syz-executor.2 Tainted: G        W         5.15.132-syzkaller-01173-g754f8cc9b7de #0
[ 1114.838007][T26814] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023
[ 1114.847902][T26814] Call Trace:
[ 1114.851024][T26814]  <TASK>
[ 1114.853803][T26814]  dump_stack_lvl+0x151/0x1b7
[ 1114.858317][T26814]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 1114.863785][T26814]  ? __stack_depot_save+0x34/0x470
[ 1114.868732][T26814]  dump_stack+0x15/0x17
[ 1114.872725][T26814]  should_fail+0x3c6/0x510
[ 1114.876976][T26814]  should_fail_alloc_page+0x5a/0x80
[ 1114.882010][T26814]  prepare_alloc_pages+0x15c/0x700
[ 1114.886956][T26814]  ? __alloc_pages+0x5e0/0x5e0
[ 1114.891557][T26814]  ? __alloc_pages_bulk+0xe60/0xe60
[ 1114.896595][T26814]  __alloc_pages+0x138/0x5e0
[ 1114.901011][T26814]  ? prep_new_page+0x110/0x110
[ 1114.905612][T26814]  ? __kasan_kmalloc+0x9/0x10
[ 1114.910124][T26814]  ? __kmalloc+0x13a/0x270
[ 1114.914384][T26814]  ? __vmalloc_node_range+0x2d6/0x8d0
[ 1114.919588][T26814]  __vmalloc_node_range+0x482/0x8d0
[ 1114.924622][T26814]  dup_task_struct+0x416/0xc60
[ 1114.929222][T26814]  ? copy_process+0x5c4/0x3260
[ 1114.933821][T26814]  ? __kasan_check_write+0x14/0x20
[ 1114.938768][T26814]  copy_process+0x5c4/0x3260
[ 1114.943194][T26814]  ? __kasan_check_write+0x14/0x20
[ 1114.948140][T26814]  ? proc_fail_nth_write+0x20b/0x290
[ 1114.953259][T26814]  ? selinux_file_permission+0x2c4/0x570
[ 1114.958731][T26814]  ? fsnotify_perm+0x6a/0x5d0
[ 1114.963243][T26814]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1114.968188][T26814]  ? vfs_write+0x9ec/0x1110
[ 1114.972529][T26814]  kernel_clone+0x21e/0x9e0
[ 1114.976868][T26814]  ? file_end_write+0x1c0/0x1c0
[ 1114.981553][T26814]  ? create_io_thread+0x1e0/0x1e0
[ 1114.986416][T26814]  ? mutex_unlock+0xb2/0x260
[ 1114.990842][T26814]  ? __mutex_lock_slowpath+0x10/0x10
[ 1114.995962][T26814]  __x64_sys_clone+0x23f/0x290
[ 1115.000564][T26814]  ? __do_sys_vfork+0x130/0x130
[ 1115.005248][T26814]  ? ksys_write+0x260/0x2c0
[ 1115.009588][T26814]  ? debug_smp_processor_id+0x17/0x20
[ 1115.014794][T26814]  ? fpregs_assert_state_consistent+0xb6/0xe0
[ 1115.020701][T26814]  ? exit_to_user_mode_prepare+0x39/0xa0
[ 1115.026170][T26814]  do_syscall_64+0x3d/0xb0
[ 1115.030420][T26814]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1115.036146][T26814] RIP: 0033:0x7f7962f04ae9
[ 1115.040402][T26814] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 1115.059841][T26814] RSP: 002b:00007f7961c87078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1115.068084][T26814] RAX: ffffffffffffffda RBX: 00007f7963023f80 RCX: 00007f7962f04ae9
[ 1115.075895][T26814] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000075848400
[ 1115.083710][T26814] RBP: 00007f7961c87120 R08: 0000000000000000 R09: 0000000000000000
[ 1115.091519][T26814] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1115.099330][T26814] R13: 000000000000000b R14: 00007f7963023f80 R15: 00007ffde0e39ef8
[ 1115.107144][T26814]  </TASK>
01:15:50 executing program 2:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 11)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00'}, 0x10)

01:15:50 executing program 5:
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000002c0)={0x1, 0x58, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r0=>0x0}}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xe, &(0x7f0000000580)=@raw=[@map_val={0x18, 0x9, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x7}, @map_idx_val={0x18, 0x5, 0x6, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1}, @printk={@integer, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x3}}, @map_fd={0x18, 0x0, 0x1, 0x0, 0x1}], &(0x7f00000000c0)='syzkaller\x00', 0x8, 0xd6, &(0x7f0000000100)=""/214, 0x41000, 0xe, '\x00', r0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000300)={0x4, 0x5}, 0x8, 0x10, &(0x7f0000000340)={0x1, 0x8, 0x80, 0x3f}, 0x10, 0x0, 0x0, 0x8, 0x0, &(0x7f0000000440)=[{0x0, 0x1, 0xf, 0x1}, {0x1, 0x5, 0xa, 0x3}, {0x1, 0x3, 0x5, 0xa}, {0x4, 0x1, 0xb}, {0x1, 0x3, 0x2, 0xc}, {0x1, 0x4, 0x7, 0x2}, {0x5, 0x1, 0xb, 0x8}, {0x2, 0x4, 0x7, 0x4}], 0x10, 0x7f}, 0x90)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000200), 0x8) (async)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000200)={0x0, <r1=>0x0}, 0x8)
r2 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000000)=r1, 0xfffffffffffffe94)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r2, 0x0, 0x4}, 0x48)

01:15:50 executing program 0:
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000002a000000"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00', r0}, 0x10)

01:15:50 executing program 1:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000ec0)={0x1d, 0x0, 0x0, &(0x7f0000000280)='syzkaller\x00', 0x8e07, 0x9a, &(0x7f0000000d80)=""/154, 0x41100, 0x5, '\x00', 0x0, 0x12, 0xffffffffffffffff, 0x8, &(0x7f0000000c80), 0x8, 0x10, 0xfffffffffffffffc, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, &(0x7f0000000e40)=[0xffffffffffffffff], &(0x7f0000000e80)=[{0x0, 0x4, 0x7, 0x8}], 0x10, 0x5}, 0x90)

01:15:50 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
r5 = openat$cgroup_ro(r2, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0)
r6 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18d20300000000000000d69cce00"/25], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r2, r3, r4, 0xffffffffffffffff, r5, r6]}, 0x80)
mkdirat$cgroup(r5, &(0x7f00000001c0)='syz1\x00', 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x40000020)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000))
r7 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r7)

01:15:50 executing program 5:
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000002c0)={0x1, 0x58, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r0=>0x0}}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xe, &(0x7f0000000580)=@raw=[@map_val={0x18, 0x9, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x7}, @map_idx_val={0x18, 0x5, 0x6, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1}, @printk={@integer, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x3}}, @map_fd={0x18, 0x0, 0x1, 0x0, 0x1}], &(0x7f00000000c0)='syzkaller\x00', 0x8, 0xd6, &(0x7f0000000100)=""/214, 0x41000, 0xe, '\x00', r0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000300)={0x4, 0x5}, 0x8, 0x10, &(0x7f0000000340)={0x1, 0x8, 0x80, 0x3f}, 0x10, 0x0, 0x0, 0x8, 0x0, &(0x7f0000000440)=[{0x0, 0x1, 0xf, 0x1}, {0x1, 0x5, 0xa, 0x3}, {0x1, 0x3, 0x5, 0xa}, {0x4, 0x1, 0xb}, {0x1, 0x3, 0x2, 0xc}, {0x1, 0x4, 0x7, 0x2}, {0x5, 0x1, 0xb, 0x8}, {0x2, 0x4, 0x7, 0x4}], 0x10, 0x7f}, 0x90)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000200)={0x0, <r1=>0x0}, 0x8)
r2 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000000)=r1, 0xfffffffffffffe94)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r2, 0x0, 0x4}, 0x48)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000002c0)={0x1, 0x58, &(0x7f0000000240)}, 0x10) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xe, &(0x7f0000000580)=@raw=[@map_val={0x18, 0x9, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x7}, @map_idx_val={0x18, 0x5, 0x6, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1}, @printk={@integer, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x3}}, @map_fd={0x18, 0x0, 0x1, 0x0, 0x1}], &(0x7f00000000c0)='syzkaller\x00', 0x8, 0xd6, &(0x7f0000000100)=""/214, 0x41000, 0xe, '\x00', r0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000300)={0x4, 0x5}, 0x8, 0x10, &(0x7f0000000340)={0x1, 0x8, 0x80, 0x3f}, 0x10, 0x0, 0x0, 0x8, 0x0, &(0x7f0000000440)=[{0x0, 0x1, 0xf, 0x1}, {0x1, 0x5, 0xa, 0x3}, {0x1, 0x3, 0x5, 0xa}, {0x4, 0x1, 0xb}, {0x1, 0x3, 0x2, 0xc}, {0x1, 0x4, 0x7, 0x2}, {0x5, 0x1, 0xb, 0x8}, {0x2, 0x4, 0x7, 0x4}], 0x10, 0x7f}, 0x90) (async)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000200), 0x8) (async)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000000)=r1, 0xfffffffffffffe94) (async)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r2, 0x0, 0x4}, 0x48) (async)

[ 1115.252470][T26851] FAULT_INJECTION: forcing a failure.
[ 1115.252470][T26851] name failslab, interval 1, probability 0, space 0, times 0
[ 1115.287814][T26851] CPU: 0 PID: 26851 Comm: syz-executor.2 Tainted: G        W         5.15.132-syzkaller-01173-g754f8cc9b7de #0
[ 1115.299363][T26851] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023
[ 1115.309261][T26851] Call Trace:
[ 1115.312383][T26851]  <TASK>
[ 1115.315156][T26851]  dump_stack_lvl+0x151/0x1b7
[ 1115.319671][T26851]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 1115.325140][T26851]  dump_stack+0x15/0x17
[ 1115.329127][T26851]  should_fail+0x3c6/0x510
[ 1115.333382][T26851]  __should_failslab+0xa4/0xe0
[ 1115.337978][T26851]  ? copy_signal+0x55/0x610
[ 1115.342317][T26851]  should_failslab+0x9/0x20
[ 1115.346659][T26851]  slab_pre_alloc_hook+0x37/0xd0
[ 1115.351432][T26851]  ? copy_signal+0x55/0x610
[ 1115.355770][T26851]  kmem_cache_alloc+0x44/0x200
[ 1115.360372][T26851]  copy_signal+0x55/0x610
[ 1115.364536][T26851]  copy_process+0x1274/0x3260
[ 1115.369052][T26851]  ? proc_fail_nth_write+0x20b/0x290
[ 1115.374173][T26851]  ? fsnotify_perm+0x6a/0x5d0
[ 1115.378684][T26851]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1115.383636][T26851]  ? vfs_write+0x9ec/0x1110
[ 1115.387971][T26851]  kernel_clone+0x21e/0x9e0
[ 1115.392310][T26851]  ? file_end_write+0x1c0/0x1c0
[ 1115.396998][T26851]  ? create_io_thread+0x1e0/0x1e0
[ 1115.401857][T26851]  ? mutex_unlock+0xb2/0x260
[ 1115.406285][T26851]  ? __mutex_lock_slowpath+0x10/0x10
[ 1115.411406][T26851]  __x64_sys_clone+0x23f/0x290
[ 1115.416005][T26851]  ? __do_sys_vfork+0x130/0x130
[ 1115.420691][T26851]  ? ksys_write+0x260/0x2c0
[ 1115.425031][T26851]  ? debug_smp_processor_id+0x17/0x20
[ 1115.430237][T26851]  ? fpregs_assert_state_consistent+0xb6/0xe0
[ 1115.436140][T26851]  ? exit_to_user_mode_prepare+0x39/0xa0
[ 1115.441609][T26851]  do_syscall_64+0x3d/0xb0
[ 1115.445861][T26851]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1115.451589][T26851] RIP: 0033:0x7f7962f04ae9
[ 1115.455844][T26851] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 1115.475294][T26851] RSP: 002b:00007f7961c87078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1115.483527][T26851] RAX: ffffffffffffffda RBX: 00007f7963023f80 RCX: 00007f7962f04ae9
[ 1115.491338][T26851] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000075848400
01:15:50 executing program 1:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000ec0)={0x1d, 0x0, 0x0, &(0x7f0000000280)='syzkaller\x00', 0x8e07, 0x9a, &(0x7f0000000d80)=""/154, 0x41100, 0x5, '\x00', 0x0, 0x12, 0xffffffffffffffff, 0x8, &(0x7f0000000c80), 0x8, 0x10, 0xfffffffffffffffc, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, &(0x7f0000000e40)=[0xffffffffffffffff], &(0x7f0000000e80)=[{0x0, 0x4, 0x7, 0x8}], 0x10, 0x5}, 0x90)

01:15:50 executing program 5:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000200)={0x0, <r0=>0x0}, 0x8)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000240)=r0, 0x4)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r1, 0x0, 0x4, 0x3}, 0x48)

[ 1115.499150][T26851] RBP: 00007f7961c87120 R08: 0000000000000000 R09: 0000000000000000
[ 1115.506960][T26851] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1115.515032][T26851] R13: 000000000000000b R14: 00007f7963023f80 R15: 00007ffde0e39ef8
[ 1115.522847][T26851]  </TASK>
01:15:50 executing program 1:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000ec0)={0x1d, 0x0, 0x0, &(0x7f0000000280)='syzkaller\x00', 0x8e07, 0x9a, &(0x7f0000000d80)=""/154, 0x41100, 0x5, '\x00', 0x0, 0x12, 0xffffffffffffffff, 0x8, &(0x7f0000000c80), 0x8, 0x10, 0xfffffffffffffffc, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, &(0x7f0000000e40)=[0xffffffffffffffff], &(0x7f0000000e80)=[{0x0, 0x4, 0x7, 0x8}], 0x10, 0x5}, 0x90)

01:15:50 executing program 5:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000200), 0x8) (async)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000200)={0x0, <r0=>0x0}, 0x8)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000240)=r0, 0x4)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r1, 0x0, 0x4, 0x3}, 0x48)

01:15:50 executing program 0:
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000002a000000"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00', r0}, 0x10)

01:15:50 executing program 4:
syz_clone(0x75848400, 0x0, 0xa002a0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

01:15:50 executing program 2:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 12)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00'}, 0x10)

01:15:50 executing program 5:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000200)={0x0, <r0=>0x0}, 0x8)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000240)=r0, 0x4) (async)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000240)=r0, 0x4)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r1, 0x0, 0x4, 0x3}, 0x48)

01:15:50 executing program 1:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)

01:15:50 executing program 0:
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000002a00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00', r0}, 0x10)

[ 1115.753246][T26891] FAULT_INJECTION: forcing a failure.
[ 1115.753246][T26891] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1115.779842][T26891] CPU: 1 PID: 26891 Comm: syz-executor.2 Tainted: G        W         5.15.132-syzkaller-01173-g754f8cc9b7de #0
[ 1115.791388][T26891] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023
[ 1115.801280][T26891] Call Trace:
[ 1115.804408][T26891]  <TASK>
[ 1115.807181][T26891]  dump_stack_lvl+0x151/0x1b7
[ 1115.811693][T26891]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 1115.817160][T26891]  ? __stack_depot_save+0x34/0x470
[ 1115.822108][T26891]  dump_stack+0x15/0x17
[ 1115.826100][T26891]  should_fail+0x3c6/0x510
[ 1115.830354][T26891]  should_fail_alloc_page+0x5a/0x80
[ 1115.835387][T26891]  prepare_alloc_pages+0x15c/0x700
[ 1115.840336][T26891]  ? __alloc_pages+0x5e0/0x5e0
[ 1115.844939][T26891]  ? __alloc_pages_bulk+0xe60/0xe60
[ 1115.849972][T26891]  __alloc_pages+0x138/0x5e0
[ 1115.854393][T26891]  ? prep_new_page+0x110/0x110
[ 1115.858994][T26891]  ? __kasan_kmalloc+0x9/0x10
[ 1115.863508][T26891]  ? __kmalloc+0x13a/0x270
[ 1115.867761][T26891]  ? __vmalloc_node_range+0x2d6/0x8d0
[ 1115.872967][T26891]  __vmalloc_node_range+0x482/0x8d0
[ 1115.878005][T26891]  dup_task_struct+0x416/0xc60
[ 1115.882600][T26891]  ? copy_process+0x5c4/0x3260
[ 1115.887202][T26891]  ? __kasan_check_write+0x14/0x20
[ 1115.892149][T26891]  copy_process+0x5c4/0x3260
[ 1115.896577][T26891]  ? __kasan_check_write+0x14/0x20
[ 1115.901523][T26891]  ? proc_fail_nth_write+0x20b/0x290
[ 1115.906642][T26891]  ? selinux_file_permission+0x2c4/0x570
[ 1115.912115][T26891]  ? fsnotify_perm+0x6a/0x5d0
[ 1115.916623][T26891]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1115.921571][T26891]  ? vfs_write+0x9ec/0x1110
[ 1115.925910][T26891]  kernel_clone+0x21e/0x9e0
[ 1115.930248][T26891]  ? file_end_write+0x1c0/0x1c0
[ 1115.934936][T26891]  ? create_io_thread+0x1e0/0x1e0
[ 1115.939800][T26891]  ? mutex_unlock+0xb2/0x260
[ 1115.944223][T26891]  ? __mutex_lock_slowpath+0x10/0x10
[ 1115.949347][T26891]  __x64_sys_clone+0x23f/0x290
[ 1115.953943][T26891]  ? __do_sys_vfork+0x130/0x130
[ 1115.958629][T26891]  ? ksys_write+0x260/0x2c0
[ 1115.962971][T26891]  ? debug_smp_processor_id+0x17/0x20
[ 1115.968177][T26891]  ? fpregs_assert_state_consistent+0xb6/0xe0
[ 1115.974083][T26891]  ? exit_to_user_mode_prepare+0x39/0xa0
[ 1115.979547][T26891]  do_syscall_64+0x3d/0xb0
[ 1115.983801][T26891]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1115.989527][T26891] RIP: 0033:0x7f7962f04ae9
[ 1115.993782][T26891] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 1116.013223][T26891] RSP: 002b:00007f7961c87078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1116.021465][T26891] RAX: ffffffffffffffda RBX: 00007f7963023f80 RCX: 00007f7962f04ae9
[ 1116.029277][T26891] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000075848400
[ 1116.037089][T26891] RBP: 00007f7961c87120 R08: 0000000000000000 R09: 0000000000000000
[ 1116.044900][T26891] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1116.052719][T26891] R13: 000000000000000b R14: 00007f7963023f80 R15: 00007ffde0e39ef8
[ 1116.060532][T26891]  </TASK>
01:15:51 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
r5 = openat$cgroup_ro(r2, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0)
r6 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18d20300000000000000d69cce00"/25], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r2, r3, r4, 0xffffffffffffffff, r5, r6]}, 0x80)
mkdirat$cgroup(r5, &(0x7f00000001c0)='syz1\x00', 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x40000020)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000))
r7 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r7)

01:15:51 executing program 4:
syz_clone(0x75848400, 0x0, 0xf0ff1f, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

01:15:51 executing program 5:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000200)={0x0, <r0=>0x0}, 0x8)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000300)={0xffffffffffffffff, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0xa, 0x7, &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000140)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], <r2=>0x0, 0x8, &(0x7f0000000180)=[{}, {}, {}, {}, {}, {}], 0x30, 0x10, &(0x7f00000001c0), &(0x7f0000000280), 0x8, 0x10, 0x8, 0x8, &(0x7f00000002c0)}}, 0x10)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x6, 0x7, &(0x7f0000000340)=@raw=[@alu={0x7, 0x1, 0x6, 0x3, 0x5, 0xfffffffffffffffe, 0xfffffffffffffff0}, @btf_id={0x18, 0x5, 0x3, 0x0, 0x1}, @map_idx={0x18, 0x9, 0x5, 0x0, 0xc}, @map_fd={0x18, 0x1}], &(0x7f0000000380)='GPL\x00', 0x9, 0x41, &(0x7f0000000540)=""/65, 0x40f00, 0x8, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f00000005c0)={0x1, 0x1, 0xe33, 0xffff}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000600)=[0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000640)=[{0x4, 0x5, 0x4, 0x6}, {0x1, 0x5, 0xe, 0x4}, {0x5, 0x5, 0x8, 0x5}, {0x1, 0x1, 0x7}, {0x4, 0x3, 0xb, 0x1}, {0x4, 0x3, 0xd, 0x3}, {0x0, 0x3, 0x6, 0x1}, {0x5, 0x3, 0x4, 0x4}], 0x10, 0x4e}, 0x90)
r4 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r5)
r6 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r6)
r7 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r7)
r8 = openat$cgroup_ro(r5, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0)
r9 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
r10 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000d40)={r10, 0xe0, &(0x7f0000000c40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r11=>0x0, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f0000000ac0), &(0x7f0000000600)=[0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000b40)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f0000000180), 0x0, 0x0, 0x10, 0x8, 0x8, &(0x7f0000000c00)}}, 0x10)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000bc0)={r6, 0x58, &(0x7f0000000d80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r12=>0x0}}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000fc0)={0x18, 0x3, &(0x7f0000000b80)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3103, 0x0, 0x0, 0x0, 0xe553}}, &(0x7f0000000b00)='syzkaller\x00', 0x10001, 0x24, &(0x7f0000000f40)=""/36, 0x41000, 0x1, '\x00', r12, 0x0, r7, 0x8, &(0x7f0000000e00)={0xa, 0x2}, 0x8, 0x10, &(0x7f0000000e40)={0x3, 0x4, 0x8}, 0x10, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e80), 0x10, 0x40}, 0x90)
r13 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000009c0)='memory.stat\x00', 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1e9327171b1bc20e, 0x46, '\x00', r11, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000980)={0x5, 0xd, 0x0, 0x3}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000f80)=[0xffffffffffffffff, r13], 0x0, 0x10, 0x7}, 0x90)
r14 = syz_clone(0x8041400, 0x0, 0x0, 0x0, &(0x7f0000000a40), 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x0, 0x40, 0x80, 0x4, 0x0, 0x6, 0x402, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, @perf_bp={&(0x7f0000000300), 0x4}, 0x8b1a1, 0x4, 0x7, 0x0, 0x7fffffffffffffff, 0x0, 0x3, 0x0, 0xcfb, 0x0, 0x1f}, r14, 0x7, 0xffffffffffffffff, 0x8)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r15=>0xffffffffffffffff})
recvmsg$unix(r15, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001100)=ANY=[@ANYRESOCT=r14, @ANYRES32=r14, @ANYBLOB="67090000664e1f3e070669334953398e90e3077dc8887c0f91f6ebe905ed81b6aec16cdbfc5425b2a2546bb70500000000000000de218383d30a53e44ef57228e8003011e786e9fe90000b77af6593c1b266f4ca9fc7a585961935b948778c8ed10b12e1ad107872fc341a221ba1b9a69707317459bd0965ad7f3dc5d3394d9a6594bfd58737bd0981ef821dd956ad875a56eedd6647046f21760eda3c4e1510b4ad44b77b0b4dde3ced371980d5674761b77b5eeb124008bdc3897aae53c2d47f01a606d22b763af3a0ca21a12bed810f0439b12f2d5def49830105958e2c46850062f75b69ba45c20e0ffe5d6eeaa4f48795585a385337edb11c3336a5468d54d05a160014af9b3c7a9caddca72d575d63b979f212d4a0debe84ceb3417e2dfccb058fa36210d8cc16d2b69bcf926e"], 0x18}, 0x0)
perf_event_open(&(0x7f0000001080)={0x0, 0x80, 0x0, 0x4, 0x1f, 0x3f, 0x0, 0x4, 0x162, 0x6, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x8001, 0x4, @perf_config_ext={0x2, 0x1}, 0x8, 0x8000, 0x8, 0x4, 0xf2f, 0x3f, 0x6, 0x0, 0x7f, 0x0, 0x9}, r14, 0xb, r6, 0xa)
r16 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000009c0)=r2, 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a00)={0x11, 0x5, &(0x7f0000000900)=@raw=[@btf_id={0x18, 0xa, 0x3, 0x0, 0x2}, @jmp={0x5, 0x0, 0x4, 0x0, 0x0, 0x50, 0xfffffffffffffffc}, @cb_func={0x18, 0x1, 0x4, 0x0, 0x4}], &(0x7f0000000940)='GPL\x00', 0x58c, 0x3d, &(0x7f0000000980)=""/61, 0x41000, 0x30, '\x00', r11, 0x0, r16, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x9ce3}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18c25fd1f45e9059827d3f7423e3b5d69cce000000000000000000"], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r4, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r5, r6, r7, 0xffffffffffffffff, r8, r9]}, 0x80)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000840)=@bpf_ext={0x1c, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x2}, [@generic={0x2, 0x7, 0x9, 0xfff}]}, &(0x7f0000000040)='GPL\x00', 0x5, 0x0, 0x0, 0x41000, 0x2, '\x00', r1, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x1d9c0, r3, 0x7, &(0x7f0000000780)=[0xffffffffffffffff, r8, 0x1, 0x1], &(0x7f00000007c0)=[{0x5, 0x2, 0x1, 0x5}, {0x5, 0x3, 0xc, 0x557eff9bfc08bdcd}, {0x1, 0x4, 0xa, 0x5}, {0x1, 0x4, 0x5, 0x7}, {0x5, 0x4, 0xc, 0xc}, {0x5, 0x4, 0x4, 0x9}, {0x2, 0x2, 0x8, 0x6}], 0x10, 0x3}, 0x90)
r17 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000240)=r0, 0x4)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r17, 0x0, 0x4}, 0x48)

01:15:51 executing program 0:
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000002a00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00', r0}, 0x10)

01:15:51 executing program 1:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)

01:15:51 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
r5 = openat$cgroup_ro(r2, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0)
r6 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18d20300000000000000d69cce00"/25], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r2, r3, r4, 0xffffffffffffffff, r5, r6]}, 0x80)
mkdirat$cgroup(r5, &(0x7f00000001c0)='syz1\x00', 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x40000020)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000))
r7 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r7)

01:15:51 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
r5 = openat$cgroup_ro(r2, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0)
r6 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18d20300000000000000d69cce00"/25], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r2, r3, r4, 0xffffffffffffffff, r5, r6]}, 0x80)
mkdirat$cgroup(r5, &(0x7f00000001c0)='syz1\x00', 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x40000020)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000))
r7 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r7)

01:15:51 executing program 0:
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000002a00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00', r0}, 0x10)

01:15:51 executing program 2:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 13)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00'}, 0x10)

01:15:51 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
r5 = openat$cgroup_ro(r2, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0)
r6 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18d20300000000000000d69cce00"/25], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r2, r3, r4, 0xffffffffffffffff, r5, r6]}, 0x80)
mkdirat$cgroup(r5, &(0x7f00000001c0)='syz1\x00', 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x40000020)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000))
r7 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r7)

01:15:51 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, 0x0, 0x0)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
r5 = openat$cgroup_ro(r2, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0)
r6 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18d20300000000000000d69cce00"/25], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r2, r3, r4, 0xffffffffffffffff, r5, r6]}, 0x80)
mkdirat$cgroup(r5, &(0x7f00000001c0)='syz1\x00', 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x40000020)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000))
r7 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r7)

[ 1116.297105][T26922] FAULT_INJECTION: forcing a failure.
[ 1116.297105][T26922] name failslab, interval 1, probability 0, space 0, times 0
[ 1116.335962][T26922] CPU: 1 PID: 26922 Comm: syz-executor.2 Tainted: G        W         5.15.132-syzkaller-01173-g754f8cc9b7de #0
[ 1116.347516][T26922] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023
[ 1116.357409][T26922] Call Trace:
[ 1116.360530][T26922]  <TASK>
[ 1116.363310][T26922]  dump_stack_lvl+0x151/0x1b7
[ 1116.367821][T26922]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 1116.373293][T26922]  dump_stack+0x15/0x17
[ 1116.377285][T26922]  should_fail+0x3c6/0x510
[ 1116.381535][T26922]  __should_failslab+0xa4/0xe0
[ 1116.386138][T26922]  should_failslab+0x9/0x20
[ 1116.390475][T26922]  slab_pre_alloc_hook+0x37/0xd0
[ 1116.395292][T26922]  kmem_cache_alloc_trace+0x48/0x210
[ 1116.400363][T26922]  ? mm_init+0x39a/0x970
[ 1116.404446][T26922]  mm_init+0x39a/0x970
[ 1116.408348][T26922]  copy_mm+0x1e3/0x13e0
[ 1116.412342][T26922]  ? _raw_spin_lock+0xa4/0x1b0
[ 1116.416940][T26922]  ? copy_signal+0x610/0x610
[ 1116.421365][T26922]  ? __kasan_check_write+0x14/0x20
[ 1116.426313][T26922]  ? __init_rwsem+0xd6/0x1c0
[ 1116.430739][T26922]  ? copy_signal+0x4e3/0x610
[ 1116.435167][T26922]  copy_process+0x12bc/0x3260
[ 1116.439681][T26922]  ? proc_fail_nth_write+0x20b/0x290
[ 1116.444799][T26922]  ? fsnotify_perm+0x6a/0x5d0
[ 1116.449316][T26922]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1116.454606][T26922]  ? vfs_write+0x9ec/0x1110
[ 1116.458946][T26922]  kernel_clone+0x21e/0x9e0
[ 1116.463284][T26922]  ? file_end_write+0x1c0/0x1c0
[ 1116.467972][T26922]  ? create_io_thread+0x1e0/0x1e0
[ 1116.472831][T26922]  ? mutex_unlock+0xb2/0x260
[ 1116.477261][T26922]  ? __mutex_lock_slowpath+0x10/0x10
[ 1116.482388][T26922]  __x64_sys_clone+0x23f/0x290
[ 1116.486981][T26922]  ? __do_sys_vfork+0x130/0x130
[ 1116.491665][T26922]  ? ksys_write+0x260/0x2c0
[ 1116.496008][T26922]  ? debug_smp_processor_id+0x17/0x20
[ 1116.501219][T26922]  ? fpregs_assert_state_consistent+0xb6/0xe0
[ 1116.507119][T26922]  ? exit_to_user_mode_prepare+0x39/0xa0
[ 1116.512583][T26922]  do_syscall_64+0x3d/0xb0
[ 1116.516835][T26922]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1116.522563][T26922] RIP: 0033:0x7f7962f04ae9
[ 1116.526820][T26922] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
01:15:51 executing program 1:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)

01:15:51 executing program 0:
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

01:15:51 executing program 4:
syz_clone(0x75848400, 0x0, 0x1000000, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

[ 1116.546259][T26922] RSP: 002b:00007f7961c87078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1116.554503][T26922] RAX: ffffffffffffffda RBX: 00007f7963023f80 RCX: 00007f7962f04ae9
[ 1116.562314][T26922] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000075848400
[ 1116.570125][T26922] RBP: 00007f7961c87120 R08: 0000000000000000 R09: 0000000000000000
[ 1116.577938][T26922] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1116.585749][T26922] R13: 000000000000000b R14: 00007f7963023f80 R15: 00007ffde0e39ef8
[ 1116.593564][T26922]  </TASK>
01:15:52 executing program 5:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000200)={0x0, <r0=>0x0}, 0x8)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000300)={0xffffffffffffffff, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0xa, 0x7, &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000140)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], <r2=>0x0, 0x8, &(0x7f0000000180)=[{}, {}, {}, {}, {}, {}], 0x30, 0x10, &(0x7f00000001c0), &(0x7f0000000280), 0x8, 0x10, 0x8, 0x8, &(0x7f00000002c0)}}, 0x10)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x6, 0x7, &(0x7f0000000340)=@raw=[@alu={0x7, 0x1, 0x6, 0x3, 0x5, 0xfffffffffffffffe, 0xfffffffffffffff0}, @btf_id={0x18, 0x5, 0x3, 0x0, 0x1}, @map_idx={0x18, 0x9, 0x5, 0x0, 0xc}, @map_fd={0x18, 0x1}], &(0x7f0000000380)='GPL\x00', 0x9, 0x41, &(0x7f0000000540)=""/65, 0x40f00, 0x8, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f00000005c0)={0x1, 0x1, 0xe33, 0xffff}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000600)=[0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000640)=[{0x4, 0x5, 0x4, 0x6}, {0x1, 0x5, 0xe, 0x4}, {0x5, 0x5, 0x8, 0x5}, {0x1, 0x1, 0x7}, {0x4, 0x3, 0xb, 0x1}, {0x4, 0x3, 0xd, 0x3}, {0x0, 0x3, 0x6, 0x1}, {0x5, 0x3, 0x4, 0x4}], 0x10, 0x4e}, 0x90)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4) (async)
r4 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r5)
r6 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r6) (async)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r6)
r7 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r7)
openat$cgroup_ro(r5, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0) (async)
r8 = openat$cgroup_ro(r5, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0)
r9 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
r10 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000d40)={r10, 0xe0, &(0x7f0000000c40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r11=>0x0, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f0000000ac0), &(0x7f0000000600)=[0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000b40)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f0000000180), 0x0, 0x0, 0x10, 0x8, 0x8, &(0x7f0000000c00)}}, 0x10)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000bc0)={r6, 0x58, &(0x7f0000000d80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r12=>0x0}}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000fc0)={0x18, 0x3, &(0x7f0000000b80)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3103, 0x0, 0x0, 0x0, 0xe553}}, &(0x7f0000000b00)='syzkaller\x00', 0x10001, 0x24, &(0x7f0000000f40)=""/36, 0x41000, 0x1, '\x00', r12, 0x0, r7, 0x8, &(0x7f0000000e00)={0xa, 0x2}, 0x8, 0x10, &(0x7f0000000e40)={0x3, 0x4, 0x8}, 0x10, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e80), 0x10, 0x40}, 0x90) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000fc0)={0x18, 0x3, &(0x7f0000000b80)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3103, 0x0, 0x0, 0x0, 0xe553}}, &(0x7f0000000b00)='syzkaller\x00', 0x10001, 0x24, &(0x7f0000000f40)=""/36, 0x41000, 0x1, '\x00', r12, 0x0, r7, 0x8, &(0x7f0000000e00)={0xa, 0x2}, 0x8, 0x10, &(0x7f0000000e40)={0x3, 0x4, 0x8}, 0x10, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e80), 0x10, 0x40}, 0x90)
r13 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000009c0)='memory.stat\x00', 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1e9327171b1bc20e, 0x46, '\x00', r11, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000980)={0x5, 0xd, 0x0, 0x3}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000f80)=[0xffffffffffffffff, r13], 0x0, 0x10, 0x7}, 0x90) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1e9327171b1bc20e, 0x46, '\x00', r11, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000980)={0x5, 0xd, 0x0, 0x3}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000f80)=[0xffffffffffffffff, r13], 0x0, 0x10, 0x7}, 0x90)
r14 = syz_clone(0x8041400, 0x0, 0x0, 0x0, &(0x7f0000000a40), 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x0, 0x40, 0x80, 0x4, 0x0, 0x6, 0x402, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, @perf_bp={&(0x7f0000000300), 0x4}, 0x8b1a1, 0x4, 0x7, 0x0, 0x7fffffffffffffff, 0x0, 0x3, 0x0, 0xcfb, 0x0, 0x1f}, r14, 0x7, 0xffffffffffffffff, 0x8) (async)
perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x0, 0x40, 0x80, 0x4, 0x0, 0x6, 0x402, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, @perf_bp={&(0x7f0000000300), 0x4}, 0x8b1a1, 0x4, 0x7, 0x0, 0x7fffffffffffffff, 0x0, 0x3, 0x0, 0xcfb, 0x0, 0x1f}, r14, 0x7, 0xffffffffffffffff, 0x8)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r15=>0xffffffffffffffff})
recvmsg$unix(r15, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001100)=ANY=[@ANYRESOCT=r14, @ANYRES32=r14, @ANYBLOB="67090000664e1f3e070669334953398e90e3077dc8887c0f91f6ebe905ed81b6aec16cdbfc5425b2a2546bb70500000000000000de218383d30a53e44ef57228e8003011e786e9fe90000b77af6593c1b266f4ca9fc7a585961935b948778c8ed10b12e1ad107872fc341a221ba1b9a69707317459bd0965ad7f3dc5d3394d9a6594bfd58737bd0981ef821dd956ad875a56eedd6647046f21760eda3c4e1510b4ad44b77b0b4dde3ced371980d5674761b77b5eeb124008bdc3897aae53c2d47f01a606d22b763af3a0ca21a12bed810f0439b12f2d5def49830105958e2c46850062f75b69ba45c20e0ffe5d6eeaa4f48795585a385337edb11c3336a5468d54d05a160014af9b3c7a9caddca72d575d63b979f212d4a0debe84ceb3417e2dfccb058fa36210d8cc16d2b69bcf926e"], 0x18}, 0x0) (async)
recvmsg$unix(r15, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001100)=ANY=[@ANYRESOCT=r14, @ANYRES32=r14, @ANYBLOB="67090000664e1f3e070669334953398e90e3077dc8887c0f91f6ebe905ed81b6aec16cdbfc5425b2a2546bb70500000000000000de218383d30a53e44ef57228e8003011e786e9fe90000b77af6593c1b266f4ca9fc7a585961935b948778c8ed10b12e1ad107872fc341a221ba1b9a69707317459bd0965ad7f3dc5d3394d9a6594bfd58737bd0981ef821dd956ad875a56eedd6647046f21760eda3c4e1510b4ad44b77b0b4dde3ced371980d5674761b77b5eeb124008bdc3897aae53c2d47f01a606d22b763af3a0ca21a12bed810f0439b12f2d5def49830105958e2c46850062f75b69ba45c20e0ffe5d6eeaa4f48795585a385337edb11c3336a5468d54d05a160014af9b3c7a9caddca72d575d63b979f212d4a0debe84ceb3417e2dfccb058fa36210d8cc16d2b69bcf926e"], 0x18}, 0x0)
perf_event_open(&(0x7f0000001080)={0x0, 0x80, 0x0, 0x4, 0x1f, 0x3f, 0x0, 0x4, 0x162, 0x6, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x8001, 0x4, @perf_config_ext={0x2, 0x1}, 0x8, 0x8000, 0x8, 0x4, 0xf2f, 0x3f, 0x6, 0x0, 0x7f, 0x0, 0x9}, r14, 0xb, r6, 0xa)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000009c0)=r2, 0x4) (async)
r16 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000009c0)=r2, 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a00)={0x11, 0x5, &(0x7f0000000900)=@raw=[@btf_id={0x18, 0xa, 0x3, 0x0, 0x2}, @jmp={0x5, 0x0, 0x4, 0x0, 0x0, 0x50, 0xfffffffffffffffc}, @cb_func={0x18, 0x1, 0x4, 0x0, 0x4}], &(0x7f0000000940)='GPL\x00', 0x58c, 0x3d, &(0x7f0000000980)=""/61, 0x41000, 0x30, '\x00', r11, 0x0, r16, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x9ce3}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18c25fd1f45e9059827d3f7423e3b5d69cce000000000000000000"], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r4, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r5, r6, r7, 0xffffffffffffffff, r8, r9]}, 0x80)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000840)=@bpf_ext={0x1c, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x2}, [@generic={0x2, 0x7, 0x9, 0xfff}]}, &(0x7f0000000040)='GPL\x00', 0x5, 0x0, 0x0, 0x41000, 0x2, '\x00', r1, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x1d9c0, r3, 0x7, &(0x7f0000000780)=[0xffffffffffffffff, r8, 0x1, 0x1], &(0x7f00000007c0)=[{0x5, 0x2, 0x1, 0x5}, {0x5, 0x3, 0xc, 0x557eff9bfc08bdcd}, {0x1, 0x4, 0xa, 0x5}, {0x1, 0x4, 0x5, 0x7}, {0x5, 0x4, 0xc, 0xc}, {0x5, 0x4, 0x4, 0x9}, {0x2, 0x2, 0x8, 0x6}], 0x10, 0x3}, 0x90)
r17 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000240)=r0, 0x4)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r17, 0x0, 0x4}, 0x48) (async)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r17, 0x0, 0x4}, 0x48)

01:15:52 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, 0x0, 0x0)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
r5 = openat$cgroup_ro(r2, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0)
r6 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18d20300000000000000d69cce00"/25], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r2, r3, r4, 0xffffffffffffffff, r5, r6]}, 0x80)
mkdirat$cgroup(r5, &(0x7f00000001c0)='syz1\x00', 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x40000020)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000))
r7 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r7)

01:15:52 executing program 0:
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

01:15:52 executing program 1:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000ec0)={0x0, 0x0, 0x0, &(0x7f0000000280)='syzkaller\x00', 0x8e07, 0x9a, &(0x7f0000000d80)=""/154, 0x41100, 0x5, '\x00', 0x0, 0x12, 0xffffffffffffffff, 0x8, &(0x7f0000000c80), 0x8, 0x10, 0xfffffffffffffffc, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, &(0x7f0000000e40)=[0xffffffffffffffff], &(0x7f0000000e80)=[{0x0, 0x4, 0x7, 0x8}], 0x10, 0x5}, 0x90)

01:15:52 executing program 2:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 14)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00'}, 0x10)

01:15:52 executing program 4:
syz_clone(0x75848400, 0x0, 0x2000000, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

[ 1116.979677][T26951] FAULT_INJECTION: forcing a failure.
[ 1116.979677][T26951] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1117.008227][T26951] CPU: 1 PID: 26951 Comm: syz-executor.2 Tainted: G        W         5.15.132-syzkaller-01173-g754f8cc9b7de #0
[ 1117.019787][T26951] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023
[ 1117.029683][T26951] Call Trace:
[ 1117.032801][T26951]  <TASK>
[ 1117.035579][T26951]  dump_stack_lvl+0x151/0x1b7
[ 1117.040096][T26951]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 1117.045559][T26951]  ? __stack_depot_save+0x34/0x470
[ 1117.050509][T26951]  dump_stack+0x15/0x17
[ 1117.054500][T26951]  should_fail+0x3c6/0x510
[ 1117.058753][T26951]  should_fail_alloc_page+0x5a/0x80
[ 1117.063787][T26951]  prepare_alloc_pages+0x15c/0x700
[ 1117.068732][T26951]  ? __alloc_pages+0x5e0/0x5e0
[ 1117.073463][T26951]  ? __alloc_pages_bulk+0xe60/0xe60
[ 1117.078495][T26951]  __alloc_pages+0x138/0x5e0
[ 1117.082923][T26951]  ? prep_new_page+0x110/0x110
[ 1117.087613][T26951]  ? __kasan_kmalloc+0x9/0x10
[ 1117.092121][T26951]  ? __kmalloc+0x13a/0x270
[ 1117.096372][T26951]  ? __vmalloc_node_range+0x2d6/0x8d0
[ 1117.101578][T26951]  __vmalloc_node_range+0x482/0x8d0
[ 1117.106617][T26951]  dup_task_struct+0x416/0xc60
[ 1117.111213][T26951]  ? copy_process+0x5c4/0x3260
[ 1117.115811][T26951]  ? __kasan_check_write+0x14/0x20
[ 1117.120758][T26951]  copy_process+0x5c4/0x3260
[ 1117.125186][T26951]  ? __kasan_check_write+0x14/0x20
[ 1117.130132][T26951]  ? proc_fail_nth_write+0x20b/0x290
[ 1117.135251][T26951]  ? selinux_file_permission+0x2c4/0x570
[ 1117.140717][T26951]  ? fsnotify_perm+0x6a/0x5d0
[ 1117.145233][T26951]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1117.150180][T26951]  ? vfs_write+0x9ec/0x1110
[ 1117.154527][T26951]  kernel_clone+0x21e/0x9e0
[ 1117.158859][T26951]  ? file_end_write+0x1c0/0x1c0
[ 1117.163547][T26951]  ? create_io_thread+0x1e0/0x1e0
[ 1117.168407][T26951]  ? mutex_unlock+0xb2/0x260
[ 1117.172832][T26951]  ? __mutex_lock_slowpath+0x10/0x10
[ 1117.177954][T26951]  __x64_sys_clone+0x23f/0x290
[ 1117.182553][T26951]  ? __do_sys_vfork+0x130/0x130
[ 1117.187237][T26951]  ? ksys_write+0x260/0x2c0
[ 1117.191581][T26951]  ? debug_smp_processor_id+0x17/0x20
[ 1117.196787][T26951]  ? fpregs_assert_state_consistent+0xb6/0xe0
[ 1117.202689][T26951]  ? exit_to_user_mode_prepare+0x39/0xa0
[ 1117.208163][T26951]  do_syscall_64+0x3d/0xb0
[ 1117.212416][T26951]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1117.218135][T26951] RIP: 0033:0x7f7962f04ae9
[ 1117.222388][T26951] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 1117.241833][T26951] RSP: 002b:00007f7961c87078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1117.250078][T26951] RAX: ffffffffffffffda RBX: 00007f7963023f80 RCX: 00007f7962f04ae9
[ 1117.257887][T26951] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000075848400
[ 1117.265702][T26951] RBP: 00007f7961c87120 R08: 0000000000000000 R09: 0000000000000000
01:15:52 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, 0x0, 0x0)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
r5 = openat$cgroup_ro(r2, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0)
r6 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18d20300000000000000d69cce00"/25], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r2, r3, r4, 0xffffffffffffffff, r5, r6]}, 0x80)
mkdirat$cgroup(r5, &(0x7f00000001c0)='syz1\x00', 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x40000020)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000))
r7 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r7)

01:15:52 executing program 2:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 15)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00'}, 0x10)

[ 1117.273514][T26951] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1117.281843][T26951] R13: 000000000000000b R14: 00007f7963023f80 R15: 00007ffde0e39ef8
[ 1117.289655][T26951]  </TASK>
01:15:52 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r0 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r1)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(r1, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0)
r5 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18d20300000000000000d69cce00"/25], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r0, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r1, r2, r3, 0xffffffffffffffff, r4, r5]}, 0x80)
mkdirat$cgroup(r4, &(0x7f00000001c0)='syz1\x00', 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x40000020)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000))
r6 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r6)

[ 1117.347955][T26966] FAULT_INJECTION: forcing a failure.
[ 1117.347955][T26966] name failslab, interval 1, probability 0, space 0, times 0
01:15:52 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r0 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r1)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(r1, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0)
r5 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18d20300000000000000d69cce00"/25], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r0, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r1, r2, r3, 0xffffffffffffffff, r4, r5]}, 0x80)
mkdirat$cgroup(r4, &(0x7f00000001c0)='syz1\x00', 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x40000020)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000))
r6 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r6)

[ 1117.442242][T26966] CPU: 1 PID: 26966 Comm: syz-executor.2 Tainted: G        W         5.15.132-syzkaller-01173-g754f8cc9b7de #0
[ 1117.453791][T26966] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023
[ 1117.463686][T26966] Call Trace:
[ 1117.466809][T26966]  <TASK>
[ 1117.469585][T26966]  dump_stack_lvl+0x151/0x1b7
[ 1117.474097][T26966]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 1117.479567][T26966]  ? __alloc_pages+0x206/0x5e0
[ 1117.484166][T26966]  dump_stack+0x15/0x17
[ 1117.488158][T26966]  should_fail+0x3c6/0x510
01:15:52 executing program 4:
syz_clone(0x75848400, 0x0, 0x4000000, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

01:15:52 executing program 0:
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

[ 1117.492414][T26966]  __should_failslab+0xa4/0xe0
[ 1117.497011][T26966]  ? vm_area_dup+0x26/0x230
[ 1117.501350][T26966]  should_failslab+0x9/0x20
[ 1117.505686][T26966]  slab_pre_alloc_hook+0x37/0xd0
[ 1117.510461][T26966]  ? vm_area_dup+0x26/0x230
[ 1117.514802][T26966]  kmem_cache_alloc+0x44/0x200
[ 1117.519404][T26966]  vm_area_dup+0x26/0x230
[ 1117.523568][T26966]  copy_mm+0x9a1/0x13e0
[ 1117.527566][T26966]  ? copy_signal+0x610/0x610
[ 1117.531988][T26966]  ? __init_rwsem+0xd6/0x1c0
[ 1117.536414][T26966]  ? copy_signal+0x4e3/0x610
[ 1117.540840][T26966]  copy_process+0x12bc/0x3260
[ 1117.545356][T26966]  ? proc_fail_nth_write+0x20b/0x290
[ 1117.550472][T26966]  ? fsnotify_perm+0x6a/0x5d0
[ 1117.554991][T26966]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1117.559934][T26966]  ? vfs_write+0x9ec/0x1110
[ 1117.564275][T26966]  kernel_clone+0x21e/0x9e0
[ 1117.568613][T26966]  ? file_end_write+0x1c0/0x1c0
[ 1117.573302][T26966]  ? create_io_thread+0x1e0/0x1e0
[ 1117.578159][T26966]  ? mutex_unlock+0xb2/0x260
[ 1117.582588][T26966]  ? __mutex_lock_slowpath+0x10/0x10
[ 1117.587708][T26966]  __x64_sys_clone+0x23f/0x290
[ 1117.592307][T26966]  ? __do_sys_vfork+0x130/0x130
[ 1117.596993][T26966]  ? ksys_write+0x260/0x2c0
[ 1117.601336][T26966]  ? debug_smp_processor_id+0x17/0x20
[ 1117.606540][T26966]  ? fpregs_assert_state_consistent+0xb6/0xe0
[ 1117.612446][T26966]  ? exit_to_user_mode_prepare+0x39/0xa0
[ 1117.617914][T26966]  do_syscall_64+0x3d/0xb0
[ 1117.622163][T26966]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1117.627890][T26966] RIP: 0033:0x7f7962f04ae9
[ 1117.632146][T26966] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 1117.651586][T26966] RSP: 002b:00007f7961c87078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1117.659831][T26966] RAX: ffffffffffffffda RBX: 00007f7963023f80 RCX: 00007f7962f04ae9
[ 1117.667642][T26966] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000075848400
[ 1117.675456][T26966] RBP: 00007f7961c87120 R08: 0000000000000000 R09: 0000000000000000
[ 1117.683265][T26966] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1117.691078][T26966] R13: 000000000000000b R14: 00007f7963023f80 R15: 00007ffde0e39ef8
[ 1117.698893][T26966]  </TASK>
01:15:53 executing program 5:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000200)={0x0, <r0=>0x0}, 0x8)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000300)={0xffffffffffffffff, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0xa, 0x7, &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000140)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], <r2=>0x0, 0x8, &(0x7f0000000180)=[{}, {}, {}, {}, {}, {}], 0x30, 0x10, &(0x7f00000001c0), &(0x7f0000000280), 0x8, 0x10, 0x8, 0x8, &(0x7f00000002c0)}}, 0x10)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x6, 0x7, &(0x7f0000000340)=@raw=[@alu={0x7, 0x1, 0x6, 0x3, 0x5, 0xfffffffffffffffe, 0xfffffffffffffff0}, @btf_id={0x18, 0x5, 0x3, 0x0, 0x1}, @map_idx={0x18, 0x9, 0x5, 0x0, 0xc}, @map_fd={0x18, 0x1}], &(0x7f0000000380)='GPL\x00', 0x9, 0x41, &(0x7f0000000540)=""/65, 0x40f00, 0x8, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f00000005c0)={0x1, 0x1, 0xe33, 0xffff}, 0x10, 0x0, 0x0, 0x8, &(0x7f0000000600)=[0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000640)=[{0x4, 0x5, 0x4, 0x6}, {0x1, 0x5, 0xe, 0x4}, {0x5, 0x5, 0x8, 0x5}, {0x1, 0x1, 0x7}, {0x4, 0x3, 0xb, 0x1}, {0x4, 0x3, 0xd, 0x3}, {0x0, 0x3, 0x6, 0x1}, {0x5, 0x3, 0x4, 0x4}], 0x10, 0x4e}, 0x90) (async)
r4 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r5) (async)
r6 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r6) (async)
r7 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r7) (async)
r8 = openat$cgroup_ro(r5, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0) (async)
r9 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc) (async)
r10 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000d40)={r10, 0xe0, &(0x7f0000000c40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r11=>0x0, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f0000000ac0), &(0x7f0000000600)=[0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000b40)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f0000000180), 0x0, 0x0, 0x10, 0x8, 0x8, &(0x7f0000000c00)}}, 0x10) (async)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000bc0)={r6, 0x58, &(0x7f0000000d80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r12=>0x0}}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000fc0)={0x18, 0x3, &(0x7f0000000b80)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3103, 0x0, 0x0, 0x0, 0xe553}}, &(0x7f0000000b00)='syzkaller\x00', 0x10001, 0x24, &(0x7f0000000f40)=""/36, 0x41000, 0x1, '\x00', r12, 0x0, r7, 0x8, &(0x7f0000000e00)={0xa, 0x2}, 0x8, 0x10, &(0x7f0000000e40)={0x3, 0x4, 0x8}, 0x10, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e80), 0x10, 0x40}, 0x90)
r13 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000009c0)='memory.stat\x00', 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1e9327171b1bc20e, 0x46, '\x00', r11, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000980)={0x5, 0xd, 0x0, 0x3}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000f80)=[0xffffffffffffffff, r13], 0x0, 0x10, 0x7}, 0x90)
r14 = syz_clone(0x8041400, 0x0, 0x0, 0x0, &(0x7f0000000a40), 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x0, 0x40, 0x80, 0x4, 0x0, 0x6, 0x402, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, @perf_bp={&(0x7f0000000300), 0x4}, 0x8b1a1, 0x4, 0x7, 0x0, 0x7fffffffffffffff, 0x0, 0x3, 0x0, 0xcfb, 0x0, 0x1f}, r14, 0x7, 0xffffffffffffffff, 0x8) (async)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r15=>0xffffffffffffffff})
recvmsg$unix(r15, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001100)=ANY=[@ANYRESOCT=r14, @ANYRES32=r14, @ANYBLOB="67090000664e1f3e070669334953398e90e3077dc8887c0f91f6ebe905ed81b6aec16cdbfc5425b2a2546bb70500000000000000de218383d30a53e44ef57228e8003011e786e9fe90000b77af6593c1b266f4ca9fc7a585961935b948778c8ed10b12e1ad107872fc341a221ba1b9a69707317459bd0965ad7f3dc5d3394d9a6594bfd58737bd0981ef821dd956ad875a56eedd6647046f21760eda3c4e1510b4ad44b77b0b4dde3ced371980d5674761b77b5eeb124008bdc3897aae53c2d47f01a606d22b763af3a0ca21a12bed810f0439b12f2d5def49830105958e2c46850062f75b69ba45c20e0ffe5d6eeaa4f48795585a385337edb11c3336a5468d54d05a160014af9b3c7a9caddca72d575d63b979f212d4a0debe84ceb3417e2dfccb058fa36210d8cc16d2b69bcf926e"], 0x18}, 0x0) (async)
perf_event_open(&(0x7f0000001080)={0x0, 0x80, 0x0, 0x4, 0x1f, 0x3f, 0x0, 0x4, 0x162, 0x6, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x8001, 0x4, @perf_config_ext={0x2, 0x1}, 0x8, 0x8000, 0x8, 0x4, 0xf2f, 0x3f, 0x6, 0x0, 0x7f, 0x0, 0x9}, r14, 0xb, r6, 0xa) (async)
r16 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000009c0)=r2, 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a00)={0x11, 0x5, &(0x7f0000000900)=@raw=[@btf_id={0x18, 0xa, 0x3, 0x0, 0x2}, @jmp={0x5, 0x0, 0x4, 0x0, 0x0, 0x50, 0xfffffffffffffffc}, @cb_func={0x18, 0x1, 0x4, 0x0, 0x4}], &(0x7f0000000940)='GPL\x00', 0x58c, 0x3d, &(0x7f0000000980)=""/61, 0x41000, 0x30, '\x00', r11, 0x0, r16, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x9ce3}, 0x90) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18c25fd1f45e9059827d3f7423e3b5d69cce000000000000000000"], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r4, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r5, r6, r7, 0xffffffffffffffff, r8, r9]}, 0x80)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000840)=@bpf_ext={0x1c, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x2}, [@generic={0x2, 0x7, 0x9, 0xfff}]}, &(0x7f0000000040)='GPL\x00', 0x5, 0x0, 0x0, 0x41000, 0x2, '\x00', r1, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x1d9c0, r3, 0x7, &(0x7f0000000780)=[0xffffffffffffffff, r8, 0x1, 0x1], &(0x7f00000007c0)=[{0x5, 0x2, 0x1, 0x5}, {0x5, 0x3, 0xc, 0x557eff9bfc08bdcd}, {0x1, 0x4, 0xa, 0x5}, {0x1, 0x4, 0x5, 0x7}, {0x5, 0x4, 0xc, 0xc}, {0x5, 0x4, 0x4, 0x9}, {0x2, 0x2, 0x8, 0x6}], 0x10, 0x3}, 0x90) (async)
r17 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000240)=r0, 0x4)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r17, 0x0, 0x4}, 0x48)

01:15:53 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r0 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r1)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(r1, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0)
r5 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18d20300000000000000d69cce00"/25], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r0, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r1, r2, r3, 0xffffffffffffffff, r4, r5]}, 0x80)
mkdirat$cgroup(r4, &(0x7f00000001c0)='syz1\x00', 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x40000020)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000))
r6 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r6)

01:15:53 executing program 0:
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={0x0, r0}, 0x10)

01:15:53 executing program 1:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000ec0)={0x0, 0x0, 0x0, &(0x7f0000000280)='syzkaller\x00', 0x8e07, 0x9a, &(0x7f0000000d80)=""/154, 0x41100, 0x5, '\x00', 0x0, 0x12, 0xffffffffffffffff, 0x8, &(0x7f0000000c80), 0x8, 0x10, 0xfffffffffffffffc, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, &(0x7f0000000e40)=[0xffffffffffffffff], &(0x7f0000000e80)=[{0x0, 0x4, 0x7, 0x8}], 0x10, 0x5}, 0x90)

01:15:53 executing program 4:
syz_clone(0x75848400, 0x0, 0x7000000, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

01:15:53 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, 0x0, 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
r5 = openat$cgroup_ro(r2, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0)
r6 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18d20300000000000000d69cce00"/25], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r2, r3, r4, 0xffffffffffffffff, r5, r6]}, 0x80)
mkdirat$cgroup(r5, &(0x7f00000001c0)='syz1\x00', 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x40000020)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000))
r7 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r7)

01:15:53 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, 0x0, 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
r5 = openat$cgroup_ro(r2, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0)
r6 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18d20300000000000000d69cce00"/25], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r2, r3, r4, 0xffffffffffffffff, r5, r6]}, 0x80)
mkdirat$cgroup(r5, &(0x7f00000001c0)='syz1\x00', 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x40000020)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000))
r7 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r7)

01:15:53 executing program 2:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 16)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00'}, 0x10)

01:15:53 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, 0x0, 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
r5 = openat$cgroup_ro(r2, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0)
r6 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18d20300000000000000d69cce00"/25], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r2, r3, r4, 0xffffffffffffffff, r5, r6]}, 0x80)
mkdirat$cgroup(r5, &(0x7f00000001c0)='syz1\x00', 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x40000020)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000))
r7 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r7)

01:15:53 executing program 0:
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={0x0, r0}, 0x10)

01:15:53 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
r5 = openat$cgroup_ro(r2, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0)
r6 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18d20300000000000000d69cce00"/25], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r2, r3, r4, 0xffffffffffffffff, r5, r6]}, 0x80)
mkdirat$cgroup(r5, &(0x7f00000001c0)='syz1\x00', 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x40000020)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000))
r7 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r7)

01:15:53 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
r5 = openat$cgroup_ro(r2, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0)
r6 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18d20300000000000000d69cce00"/25], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r2, r3, r4, 0xffffffffffffffff, r5, r6]}, 0x80)
mkdirat$cgroup(r5, &(0x7f00000001c0)='syz1\x00', 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x40000020)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000))
r7 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r7)

[ 1118.060235][T27013] FAULT_INJECTION: forcing a failure.
[ 1118.060235][T27013] name failslab, interval 1, probability 0, space 0, times 0
[ 1118.091116][T27013] CPU: 0 PID: 27013 Comm: syz-executor.2 Tainted: G        W         5.15.132-syzkaller-01173-g754f8cc9b7de #0
[ 1118.102671][T27013] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023
[ 1118.112559][T27013] Call Trace:
[ 1118.115680][T27013]  <TASK>
[ 1118.118463][T27013]  dump_stack_lvl+0x151/0x1b7
[ 1118.122974][T27013]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 1118.128438][T27013]  ? vmap_pages_range_noflush+0x7d5/0x800
[ 1118.134002][T27013]  dump_stack+0x15/0x17
[ 1118.137986][T27013]  should_fail+0x3c6/0x510
[ 1118.142243][T27013]  __should_failslab+0xa4/0xe0
[ 1118.146843][T27013]  ? prepare_creds+0x2f/0x6a0
[ 1118.151356][T27013]  should_failslab+0x9/0x20
[ 1118.155693][T27013]  slab_pre_alloc_hook+0x37/0xd0
[ 1118.160469][T27013]  ? prepare_creds+0x2f/0x6a0
[ 1118.164984][T27013]  kmem_cache_alloc+0x44/0x200
[ 1118.169581][T27013]  ? _raw_spin_lock_irqsave+0xf9/0x210
[ 1118.174877][T27013]  prepare_creds+0x2f/0x6a0
[ 1118.179215][T27013]  copy_creds+0xf0/0x630
[ 1118.183291][T27013]  ? dup_task_struct+0x7e6/0xc60
[ 1118.188066][T27013]  copy_process+0x7c3/0x3260
[ 1118.192496][T27013]  ? __kasan_check_write+0x14/0x20
[ 1118.197438][T27013]  ? proc_fail_nth_write+0x20b/0x290
[ 1118.202559][T27013]  ? selinux_file_permission+0x2c4/0x570
[ 1118.208028][T27013]  ? fsnotify_perm+0x6a/0x5d0
[ 1118.212540][T27013]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1118.217513][T27013]  ? vfs_write+0x9ec/0x1110
[ 1118.221836][T27013]  kernel_clone+0x21e/0x9e0
[ 1118.226174][T27013]  ? file_end_write+0x1c0/0x1c0
[ 1118.230856][T27013]  ? create_io_thread+0x1e0/0x1e0
[ 1118.235718][T27013]  ? mutex_unlock+0xb2/0x260
[ 1118.240143][T27013]  ? __mutex_lock_slowpath+0x10/0x10
[ 1118.245266][T27013]  __x64_sys_clone+0x23f/0x290
[ 1118.249862][T27013]  ? __do_sys_vfork+0x130/0x130
[ 1118.254551][T27013]  ? ksys_write+0x260/0x2c0
[ 1118.258890][T27013]  ? debug_smp_processor_id+0x17/0x20
[ 1118.264102][T27013]  ? fpregs_assert_state_consistent+0xb6/0xe0
[ 1118.269999][T27013]  ? exit_to_user_mode_prepare+0x39/0xa0
[ 1118.275469][T27013]  do_syscall_64+0x3d/0xb0
[ 1118.279718][T27013]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1118.285451][T27013] RIP: 0033:0x7f7962f04ae9
[ 1118.289702][T27013] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 1118.309143][T27013] RSP: 002b:00007f7961c66078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1118.317388][T27013] RAX: ffffffffffffffda RBX: 00007f7963024050 RCX: 00007f7962f04ae9
[ 1118.325202][T27013] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000075848400
[ 1118.333011][T27013] RBP: 00007f7961c66120 R08: 0000000000000000 R09: 0000000000000000
[ 1118.340824][T27013] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1118.348628][T27013] R13: 000000000000006e R14: 00007f7963024050 R15: 00007ffde0e39ef8
[ 1118.356439][T27013]  </TASK>
01:15:53 executing program 0:
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={0x0, r0}, 0x10)

01:15:53 executing program 5:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000200)={0x0, <r0=>0x0}, 0x8)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000240)=r0, 0x4)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r1, 0x4, 0x4}, 0x48)

01:15:53 executing program 4:
syz_clone(0x75848400, 0x0, 0x8000000, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

01:15:53 executing program 1:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000ec0)={0x0, 0x0, 0x0, &(0x7f0000000280)='syzkaller\x00', 0x8e07, 0x9a, &(0x7f0000000d80)=""/154, 0x41100, 0x5, '\x00', 0x0, 0x12, 0xffffffffffffffff, 0x8, &(0x7f0000000c80), 0x8, 0x10, 0xfffffffffffffffc, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, &(0x7f0000000e40)=[0xffffffffffffffff], &(0x7f0000000e80)=[{0x0, 0x4, 0x7, 0x8}], 0x10, 0x5}, 0x90)

01:15:53 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
r5 = openat$cgroup_ro(r2, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0)
r6 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18d20300000000000000d69cce00"/25], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r2, r3, r4, 0xffffffffffffffff, r5, r6]}, 0x80)
mkdirat$cgroup(r5, &(0x7f00000001c0)='syz1\x00', 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x40000020)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000))
r7 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r7)

01:15:53 executing program 2:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 17)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00'}, 0x10)

[ 1118.696849][T27024] FAULT_INJECTION: forcing a failure.
[ 1118.696849][T27024] name failslab, interval 1, probability 0, space 0, times 0
[ 1118.736128][T27024] CPU: 0 PID: 27024 Comm: syz-executor.2 Tainted: G        W         5.15.132-syzkaller-01173-g754f8cc9b7de #0
[ 1118.747682][T27024] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023
[ 1118.757576][T27024] Call Trace:
[ 1118.760700][T27024]  <TASK>
[ 1118.763474][T27024]  dump_stack_lvl+0x151/0x1b7
[ 1118.767991][T27024]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 1118.773459][T27024]  dump_stack+0x15/0x17
[ 1118.777447][T27024]  should_fail+0x3c6/0x510
[ 1118.781700][T27024]  __should_failslab+0xa4/0xe0
[ 1118.786300][T27024]  should_failslab+0x9/0x20
[ 1118.790642][T27024]  slab_pre_alloc_hook+0x37/0xd0
[ 1118.795413][T27024]  __kmalloc+0x6d/0x270
[ 1118.799407][T27024]  ? prepare_creds+0x2f/0x6a0
[ 1118.803917][T27024]  ? security_prepare_creds+0x4d/0x140
[ 1118.809214][T27024]  security_prepare_creds+0x4d/0x140
[ 1118.814334][T27024]  prepare_creds+0x472/0x6a0
[ 1118.818759][T27024]  copy_creds+0xf0/0x630
[ 1118.822837][T27024]  ? dup_task_struct+0x7e6/0xc60
[ 1118.827612][T27024]  copy_process+0x7c3/0x3260
[ 1118.832039][T27024]  ? __kasan_check_write+0x14/0x20
[ 1118.836985][T27024]  ? proc_fail_nth_write+0x20b/0x290
[ 1118.842107][T27024]  ? selinux_file_permission+0x2c4/0x570
[ 1118.847576][T27024]  ? fsnotify_perm+0x6a/0x5d0
[ 1118.852089][T27024]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1118.857036][T27024]  ? vfs_write+0x9ec/0x1110
[ 1118.861375][T27024]  kernel_clone+0x21e/0x9e0
[ 1118.865714][T27024]  ? file_end_write+0x1c0/0x1c0
[ 1118.870402][T27024]  ? create_io_thread+0x1e0/0x1e0
[ 1118.875259][T27024]  ? mutex_unlock+0xb2/0x260
[ 1118.879685][T27024]  ? __mutex_lock_slowpath+0x10/0x10
[ 1118.884816][T27024]  __x64_sys_clone+0x23f/0x290
[ 1118.889411][T27024]  ? __do_sys_vfork+0x130/0x130
[ 1118.894094][T27024]  ? ksys_write+0x260/0x2c0
[ 1118.898435][T27024]  ? debug_smp_processor_id+0x17/0x20
[ 1118.903641][T27024]  ? fpregs_assert_state_consistent+0xb6/0xe0
[ 1118.909544][T27024]  ? exit_to_user_mode_prepare+0x39/0xa0
[ 1118.915015][T27024]  do_syscall_64+0x3d/0xb0
[ 1118.919265][T27024]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1118.924993][T27024] RIP: 0033:0x7f7962f04ae9
[ 1118.929246][T27024] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 1118.948686][T27024] RSP: 002b:00007f7961c87078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1118.956931][T27024] RAX: ffffffffffffffda RBX: 00007f7963023f80 RCX: 00007f7962f04ae9
[ 1118.964741][T27024] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000075848400
[ 1118.972553][T27024] RBP: 00007f7961c87120 R08: 0000000000000000 R09: 0000000000000000
[ 1118.980364][T27024] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1118.988176][T27024] R13: 000000000000000b R14: 00007f7963023f80 R15: 00007ffde0e39ef8
01:15:54 executing program 5:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000200)={0x0, <r0=>0x0}, 0x8)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000240)=r0, 0x4)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r1, 0x4, 0x4}, 0x48)

01:15:54 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
r5 = openat$cgroup_ro(r2, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0)
r6 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18d20300000000000000d69cce00"/25], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r2, r3, r4, 0xffffffffffffffff, r5, r6]}, 0x80)
mkdirat$cgroup(r5, &(0x7f00000001c0)='syz1\x00', 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x40000020)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000))
r7 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r7)

01:15:54 executing program 5:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000200)={0x0, <r0=>0x0}, 0x8)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000240)=r0, 0x4)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r1, 0x4, 0x4}, 0x48)

01:15:54 executing program 5:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000200)={0x0, <r0=>0x0}, 0x8)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000000)=r0, 0x4)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000240)=r0, 0x4)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r1, 0x0, 0x5}, 0x48)

[ 1118.995991][T27024]  </TASK>
01:15:54 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
r5 = openat$cgroup_ro(r2, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0)
r6 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18d20300000000000000d69cce00"/25], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r2, r3, r4, 0xffffffffffffffff, r5, r6]}, 0x80)
mkdirat$cgroup(r5, &(0x7f00000001c0)='syz1\x00', 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x40000020)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000))
r7 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r7)

01:15:54 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
r5 = openat$cgroup_ro(r2, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0)
r6 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18d20300000000000000d69cce00"/25], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r2, r3, r4, 0xffffffffffffffff, r5, r6]}, 0x80)
mkdirat$cgroup(r5, &(0x7f00000001c0)='syz1\x00', 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x40000020)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000))
r7 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r7)

01:15:54 executing program 0:
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00'}, 0x10)

01:15:54 executing program 2:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00'}, 0x10)

01:15:54 executing program 5:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000200)={0x0, <r0=>0x0}, 0x8)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000000)=r0, 0x4)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000240)=r0, 0x4)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r1, 0x0, 0x5}, 0x48) (async)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r1, 0x0, 0x5}, 0x48)

[ 1119.177694][T27052] FAULT_INJECTION: forcing a failure.
[ 1119.177694][T27052] name failslab, interval 1, probability 0, space 0, times 0
[ 1119.202452][T27052] CPU: 1 PID: 27052 Comm: syz-executor.2 Tainted: G        W         5.15.132-syzkaller-01173-g754f8cc9b7de #0
[ 1119.214002][T27052] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023
[ 1119.223983][T27052] Call Trace:
[ 1119.227102][T27052]  <TASK>
[ 1119.229881][T27052]  dump_stack_lvl+0x151/0x1b7
[ 1119.234391][T27052]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 1119.239857][T27052]  ? _find_next_bit+0x1b9/0x200
[ 1119.244545][T27052]  ? xas_nomem+0x19a/0x1d0
[ 1119.248802][T27052]  dump_stack+0x15/0x17
[ 1119.252791][T27052]  should_fail+0x3c6/0x510
[ 1119.257048][T27052]  __should_failslab+0xa4/0xe0
[ 1119.261642][T27052]  should_failslab+0x9/0x20
[ 1119.265981][T27052]  slab_pre_alloc_hook+0x37/0xd0
[ 1119.270758][T27052]  ? setup_userns_sysctls+0x55/0x340
[ 1119.275878][T27052]  __kmalloc_track_caller+0x6c/0x260
[ 1119.280996][T27052]  ? setup_userns_sysctls+0x55/0x340
[ 1119.286119][T27052]  kmemdup+0x24/0x50
[ 1119.289849][T27052]  setup_userns_sysctls+0x55/0x340
[ 1119.294798][T27052]  create_user_ns+0x1230/0x19d0
[ 1119.299495][T27052]  ? utsns_owner+0x40/0x40
[ 1119.303735][T27052]  ? security_prepare_creds+0x102/0x140
[ 1119.309118][T27052]  ? prepare_creds+0x486/0x6a0
[ 1119.313721][T27052]  copy_creds+0x20e/0x630
[ 1119.317884][T27052]  ? dup_task_struct+0x7e6/0xc60
[ 1119.322660][T27052]  copy_process+0x7c3/0x3260
[ 1119.327086][T27052]  ? __kasan_check_write+0x14/0x20
[ 1119.332031][T27052]  ? proc_fail_nth_write+0x20b/0x290
[ 1119.337151][T27052]  ? selinux_file_permission+0x2c4/0x570
[ 1119.342618][T27052]  ? fsnotify_perm+0x6a/0x5d0
[ 1119.347133][T27052]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1119.352080][T27052]  ? vfs_write+0x9ec/0x1110
[ 1119.356420][T27052]  kernel_clone+0x21e/0x9e0
[ 1119.360760][T27052]  ? file_end_write+0x1c0/0x1c0
[ 1119.365446][T27052]  ? create_io_thread+0x1e0/0x1e0
[ 1119.370305][T27052]  ? mutex_unlock+0xb2/0x260
[ 1119.374733][T27052]  ? __mutex_lock_slowpath+0x10/0x10
[ 1119.379855][T27052]  __x64_sys_clone+0x23f/0x290
[ 1119.384455][T27052]  ? __do_sys_vfork+0x130/0x130
[ 1119.389139][T27052]  ? ksys_write+0x260/0x2c0
[ 1119.393479][T27052]  ? debug_smp_processor_id+0x17/0x20
[ 1119.398689][T27052]  ? fpregs_assert_state_consistent+0xb6/0xe0
[ 1119.404588][T27052]  ? exit_to_user_mode_prepare+0x39/0xa0
[ 1119.410059][T27052]  do_syscall_64+0x3d/0xb0
[ 1119.414311][T27052]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1119.420042][T27052] RIP: 0033:0x7f7962f04ae9
[ 1119.424296][T27052] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 1119.443732][T27052] RSP: 002b:00007f7961c87078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1119.451985][T27052] RAX: ffffffffffffffda RBX: 00007f7963023f80 RCX: 00007f7962f04ae9
[ 1119.459786][T27052] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000075848400
[ 1119.467600][T27052] RBP: 00007f7961c87120 R08: 0000000000000000 R09: 0000000000000000
[ 1119.475410][T27052] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1119.483222][T27052] R13: 000000000000000b R14: 00007f7963023f80 R15: 00007ffde0e39ef8
[ 1119.491037][T27052]  </TASK>
01:15:54 executing program 4:
syz_clone(0x75848400, 0x0, 0x9000000, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

01:15:54 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, 0xffffffffffffffff)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
r5 = openat$cgroup_ro(r2, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0)
r6 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18d20300000000000000d69cce00"/25], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r2, r3, r4, 0xffffffffffffffff, r5, r6]}, 0x80)
mkdirat$cgroup(r5, &(0x7f00000001c0)='syz1\x00', 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x40000020)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000))
r7 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r7)

01:15:54 executing program 5:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000200)={0x0, <r0=>0x0}, 0x8)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000000)=r0, 0x4)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000240)=r0, 0x4)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r1, 0x0, 0x5}, 0x48)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000200), 0x8) (async)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000000)=r0, 0x4) (async)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000240)=r0, 0x4) (async)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r1, 0x0, 0x5}, 0x48) (async)

01:15:54 executing program 1:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000ec0)={0x1d, 0x0, 0x0, 0x0, 0x8e07, 0x9a, &(0x7f0000000d80)=""/154, 0x41100, 0x5, '\x00', 0x0, 0x12, 0xffffffffffffffff, 0x8, &(0x7f0000000c80), 0x8, 0x10, 0xfffffffffffffffc, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, &(0x7f0000000e40)=[0xffffffffffffffff], &(0x7f0000000e80)=[{0x0, 0x4, 0x7, 0x8}], 0x10, 0x5}, 0x90)

01:15:54 executing program 0:
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00'}, 0x10)

01:15:54 executing program 5:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000200)={0x0, <r0=>0x0}, 0x8)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000240)=r0, 0x4)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r1, 0x0, 0x4}, 0x48)
r3 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r5)
r6 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r6)
r7 = openat$cgroup_ro(r4, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0)
r8 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000540)={r8, <r9=>0xffffffffffffffff}, 0x4)
r10 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000740)=@generic={&(0x7f0000000700)='./file0\x00', 0x0, 0x18}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0xa, 0x11, &(0x7f00000005c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x2ce27857, 0x0, 0x0, 0x0, 0x1}, [@jmp={0x5, 0x1, 0x0, 0x8, 0xfd347050e0e24de4, 0xfffffffffffffff4, 0x1}, @printk={@integer, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x20}}, @map_fd={0x18, 0x1, 0x1, 0x0, r9}, @generic={0x30, 0x0, 0x1, 0x8, 0x35e9}, @map_idx={0x18, 0x2, 0x5, 0x0, 0xb}]}, &(0x7f0000000680)='GPL\x00', 0x400, 0x0, 0x0, 0x40f00, 0x42, '\x00', 0x0, 0x2, r6, 0x8, 0x0, 0x0, 0x10, &(0x7f00000006c0)={0x3, 0xc, 0x9, 0x3}, 0x10, r0, 0xffffffffffffffff, 0x4, &(0x7f0000000780)=[r10], &(0x7f00000007c0)=[{0x0, 0x2, 0x6, 0x9}, {0x2, 0x5, 0x10, 0x8}, {0x1, 0x5, 0x5}, {0x3, 0x4, 0x9, 0xa}], 0x10, 0xbf0c}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18c25fd1f45e9059827d3f7423e3b5d69cce000000000000000000"], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r3, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r4, r5, r6, 0xffffffffffffffff, r7, r8]}, 0x80)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x12, 0x17, &(0x7f0000000000)=@raw=[@exit, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r2}}, @func={0x85, 0x0, 0x1, 0x0, 0x6}, @exit, @initr0={0x18, 0x0, 0x0, 0x0, 0x56, 0x0, 0x0, 0x0, 0x8}, @map_fd={0x18, 0x5, 0x1, 0x0, r2}, @cb_func={0x18, 0x5, 0x4, 0x0, 0xfffffffffffffffa}, @exit], &(0x7f00000000c0)='GPL\x00', 0x3, 0xc1, &(0x7f0000000100)=""/193, 0x41000, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000280)={0x5, 0xc, 0x4, 0x7fffffff}, 0x10, r0, r5, 0x4, 0x0, &(0x7f00000002c0)=[{0x4, 0x2, 0x8, 0xc}, {0x1, 0x4, 0x5, 0x8}, {0x1, 0x2, 0xa, 0xa}, {0x3, 0x5, 0x0, 0x7}], 0x10, 0xa0b}, 0x90)

01:15:54 executing program 5:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000200)={0x0, <r0=>0x0}, 0x8)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000240)=r0, 0x4)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r1, 0x0, 0x4}, 0x48) (async, rerun: 64)
r3 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4) (async, rerun: 64)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r5)
r6 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r6) (async, rerun: 32)
r7 = openat$cgroup_ro(r4, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0) (rerun: 32)
r8 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000540)={r8, <r9=>0xffffffffffffffff}, 0x4) (async, rerun: 32)
r10 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000740)=@generic={&(0x7f0000000700)='./file0\x00', 0x0, 0x18}, 0x18) (rerun: 32)
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0xa, 0x11, &(0x7f00000005c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x2ce27857, 0x0, 0x0, 0x0, 0x1}, [@jmp={0x5, 0x1, 0x0, 0x8, 0xfd347050e0e24de4, 0xfffffffffffffff4, 0x1}, @printk={@integer, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x20}}, @map_fd={0x18, 0x1, 0x1, 0x0, r9}, @generic={0x30, 0x0, 0x1, 0x8, 0x35e9}, @map_idx={0x18, 0x2, 0x5, 0x0, 0xb}]}, &(0x7f0000000680)='GPL\x00', 0x400, 0x0, 0x0, 0x40f00, 0x42, '\x00', 0x0, 0x2, r6, 0x8, 0x0, 0x0, 0x10, &(0x7f00000006c0)={0x3, 0xc, 0x9, 0x3}, 0x10, r0, 0xffffffffffffffff, 0x4, &(0x7f0000000780)=[r10], &(0x7f00000007c0)=[{0x0, 0x2, 0x6, 0x9}, {0x2, 0x5, 0x10, 0x8}, {0x1, 0x5, 0x5}, {0x3, 0x4, 0x9, 0xa}], 0x10, 0xbf0c}, 0x90) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18c25fd1f45e9059827d3f7423e3b5d69cce000000000000000000"], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r3, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r4, r5, r6, 0xffffffffffffffff, r7, r8]}, 0x80) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x12, 0x17, &(0x7f0000000000)=@raw=[@exit, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r2}}, @func={0x85, 0x0, 0x1, 0x0, 0x6}, @exit, @initr0={0x18, 0x0, 0x0, 0x0, 0x56, 0x0, 0x0, 0x0, 0x8}, @map_fd={0x18, 0x5, 0x1, 0x0, r2}, @cb_func={0x18, 0x5, 0x4, 0x0, 0xfffffffffffffffa}, @exit], &(0x7f00000000c0)='GPL\x00', 0x3, 0xc1, &(0x7f0000000100)=""/193, 0x41000, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000280)={0x5, 0xc, 0x4, 0x7fffffff}, 0x10, r0, r5, 0x4, 0x0, &(0x7f00000002c0)=[{0x4, 0x2, 0x8, 0xc}, {0x1, 0x4, 0x5, 0x8}, {0x1, 0x2, 0xa, 0xa}, {0x3, 0x5, 0x0, 0x7}], 0x10, 0xa0b}, 0x90)

01:15:54 executing program 5:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000200)={0x0, <r0=>0x0}, 0x8)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000240)=r0, 0x4)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r1, 0x0, 0x4}, 0x48)
r3 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4) (async)
r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r5)
r6 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r6) (async)
r7 = openat$cgroup_ro(r4, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0) (async)
r8 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000540)={r8, <r9=>0xffffffffffffffff}, 0x4) (async)
r10 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000740)=@generic={&(0x7f0000000700)='./file0\x00', 0x0, 0x18}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0xa, 0x11, &(0x7f00000005c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x2ce27857, 0x0, 0x0, 0x0, 0x1}, [@jmp={0x5, 0x1, 0x0, 0x8, 0xfd347050e0e24de4, 0xfffffffffffffff4, 0x1}, @printk={@integer, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x20}}, @map_fd={0x18, 0x1, 0x1, 0x0, r9}, @generic={0x30, 0x0, 0x1, 0x8, 0x35e9}, @map_idx={0x18, 0x2, 0x5, 0x0, 0xb}]}, &(0x7f0000000680)='GPL\x00', 0x400, 0x0, 0x0, 0x40f00, 0x42, '\x00', 0x0, 0x2, r6, 0x8, 0x0, 0x0, 0x10, &(0x7f00000006c0)={0x3, 0xc, 0x9, 0x3}, 0x10, r0, 0xffffffffffffffff, 0x4, &(0x7f0000000780)=[r10], &(0x7f00000007c0)=[{0x0, 0x2, 0x6, 0x9}, {0x2, 0x5, 0x10, 0x8}, {0x1, 0x5, 0x5}, {0x3, 0x4, 0x9, 0xa}], 0x10, 0xbf0c}, 0x90) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18c25fd1f45e9059827d3f7423e3b5d69cce000000000000000000"], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r3, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r4, r5, r6, 0xffffffffffffffff, r7, r8]}, 0x80) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x12, 0x17, &(0x7f0000000000)=@raw=[@exit, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r2}}, @func={0x85, 0x0, 0x1, 0x0, 0x6}, @exit, @initr0={0x18, 0x0, 0x0, 0x0, 0x56, 0x0, 0x0, 0x0, 0x8}, @map_fd={0x18, 0x5, 0x1, 0x0, r2}, @cb_func={0x18, 0x5, 0x4, 0x0, 0xfffffffffffffffa}, @exit], &(0x7f00000000c0)='GPL\x00', 0x3, 0xc1, &(0x7f0000000100)=""/193, 0x41000, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000280)={0x5, 0xc, 0x4, 0x7fffffff}, 0x10, r0, r5, 0x4, 0x0, &(0x7f00000002c0)=[{0x4, 0x2, 0x8, 0xc}, {0x1, 0x4, 0x5, 0x8}, {0x1, 0x2, 0xa, 0xa}, {0x3, 0x5, 0x0, 0x7}], 0x10, 0xa0b}, 0x90)

01:15:54 executing program 5:
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='f2fs_fallocate\x00'}, 0x10)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000200)={0x0, <r0=>0x0}, 0x8)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
r5 = openat$cgroup_ro(r2, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0)
r6 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18c25fd1f45e9059827d3f7423e3b5d69cce000000000000000000"], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r2, r3, r4, 0xffffffffffffffff, r5, r6]}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN_UNNAMED(0x11, &(0x7f0000000080)={0x0, r3}, 0x10)
r7 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000240)=r0, 0x4)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r7, 0x0, 0x4}, 0x48)

01:15:54 executing program 5:
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='f2fs_fallocate\x00'}, 0x10) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='f2fs_fallocate\x00'}, 0x10)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000200)={0x0, <r0=>0x0}, 0x8)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0) (async)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2) (async)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
openat$cgroup_ro(r2, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0) (async)
r5 = openat$cgroup_ro(r2, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0)
r6 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18c25fd1f45e9059827d3f7423e3b5d69cce000000000000000000"], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r2, r3, r4, 0xffffffffffffffff, r5, r6]}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN_UNNAMED(0x11, &(0x7f0000000080)={0x0, r3}, 0x10)
r7 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000240)=r0, 0x4)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r7, 0x0, 0x4}, 0x48) (async)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r7, 0x0, 0x4}, 0x48)

01:15:54 executing program 2:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 19)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00'}, 0x10)

01:15:54 executing program 0:
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00'}, 0x10)

01:15:55 executing program 4:
syz_clone(0x75848400, 0x0, 0xf000000, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

01:15:55 executing program 5:
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='f2fs_fallocate\x00'}, 0x10)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000200)={0x0, <r0=>0x0}, 0x8)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
r5 = openat$cgroup_ro(r2, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0)
r6 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18c25fd1f45e9059827d3f7423e3b5d69cce000000000000000000"], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r2, r3, r4, 0xffffffffffffffff, r5, r6]}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN_UNNAMED(0x11, &(0x7f0000000080)={0x0, r3}, 0x10)
r7 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000240)=r0, 0x4)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r7, 0x0, 0x4}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='f2fs_fallocate\x00'}, 0x10) (async)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000200), 0x8) (async)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4) (async)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0) (async)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2) (async)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0) (async)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3) (async)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0) (async)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4) (async)
openat$cgroup_ro(r2, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0) (async)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18c25fd1f45e9059827d3f7423e3b5d69cce000000000000000000"], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r2, r3, r4, 0xffffffffffffffff, r5, r6]}, 0x80) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN_UNNAMED(0x11, &(0x7f0000000080)={0x0, r3}, 0x10) (async)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000240)=r0, 0x4) (async)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r7, 0x0, 0x4}, 0x48) (async)

01:15:55 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, 0xffffffffffffffff)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
r5 = openat$cgroup_ro(r2, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0)
r6 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18d20300000000000000d69cce00"/25], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r2, r3, r4, 0xffffffffffffffff, r5, r6]}, 0x80)
mkdirat$cgroup(r5, &(0x7f00000001c0)='syz1\x00', 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x40000020)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000))
r7 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r7)

01:15:55 executing program 1:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000ec0)={0x1d, 0x0, 0x0, 0x0, 0x8e07, 0x9a, &(0x7f0000000d80)=""/154, 0x41100, 0x5, '\x00', 0x0, 0x12, 0xffffffffffffffff, 0x8, &(0x7f0000000c80), 0x8, 0x10, 0xfffffffffffffffc, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, &(0x7f0000000e40)=[0xffffffffffffffff], &(0x7f0000000e80)=[{0x0, 0x4, 0x7, 0x8}], 0x10, 0x5}, 0x90)

01:15:55 executing program 0:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
r5 = openat$cgroup_ro(r2, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0)
r6 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18d20300000000000000d69cce00"/25], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r2, r3, r4, 0xffffffffffffffff, r5, r6]}, 0x80)
mkdirat$cgroup(r5, &(0x7f00000001c0)='syz1\x00', 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x40000020)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000))
r7 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r7)

01:15:55 executing program 5:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000200)={0x0, <r0=>0x0}, 0x8)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000240)=r0, 0x4)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r1, 0x0, 0x4}, 0x48)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb01001800000000000000d0000000d0000000060000000f0000000000000c010000000000000000000003000000000300000004000000000400000f00000000000008020000000000000000000003000000000100000002000000fcffffff000000000200000d0000000003000000030000000f00000000000000e4ffffff08000084ff03000000000000050000003f0000000200000004000000991600000200000002000000050000000000000000000000070000000c00000003000000060000000400000002000000040000000e0000000300000004000000100000000400000051010000006100003000"], &(0x7f0000000100)=""/19, 0xee, 0x13, 0x1, 0x2}, 0x20)

01:15:55 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, 0xffffffffffffffff)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
r5 = openat$cgroup_ro(r2, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0)
r6 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18d20300000000000000d69cce00"/25], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r2, r3, r4, 0xffffffffffffffff, r5, r6]}, 0x80)
mkdirat$cgroup(r5, &(0x7f00000001c0)='syz1\x00', 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x40000020)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000))
r7 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r7)

01:15:55 executing program 5:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000200)={0x0, <r0=>0x0}, 0x8)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000240)=r0, 0x4)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r1, 0x0, 0x4}, 0x48) (async)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb01001800000000000000d0000000d0000000060000000f0000000000000c010000000000000000000003000000000300000004000000000400000f00000000000008020000000000000000000003000000000100000002000000fcffffff000000000200000d0000000003000000030000000f00000000000000e4ffffff08000084ff03000000000000050000003f0000000200000004000000991600000200000002000000050000000000000000000000070000000c00000003000000060000000400000002000000040000000e0000000300000004000000100000000400000051010000006100003000"], &(0x7f0000000100)=""/19, 0xee, 0x13, 0x1, 0x2}, 0x20)

[ 1119.917285][T27125] FAULT_INJECTION: forcing a failure.
[ 1119.917285][T27125] name failslab, interval 1, probability 0, space 0, times 0
[ 1119.955266][T27125] CPU: 0 PID: 27125 Comm: syz-executor.2 Tainted: G        W         5.15.132-syzkaller-01173-g754f8cc9b7de #0
[ 1119.966820][T27125] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023
[ 1119.976800][T27125] Call Trace:
[ 1119.979923][T27125]  <TASK>
[ 1119.982702][T27125]  dump_stack_lvl+0x151/0x1b7
[ 1119.987215][T27125]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 1119.992704][T27125]  ? _find_next_bit+0x1b9/0x200
[ 1119.997544][T27125]  ? xas_nomem+0x19a/0x1d0
[ 1120.001794][T27125]  dump_stack+0x15/0x17
[ 1120.005787][T27125]  should_fail+0x3c6/0x510
[ 1120.010047][T27125]  __should_failslab+0xa4/0xe0
[ 1120.014639][T27125]  should_failslab+0x9/0x20
[ 1120.018983][T27125]  slab_pre_alloc_hook+0x37/0xd0
[ 1120.023754][T27125]  ? setup_userns_sysctls+0x55/0x340
[ 1120.029047][T27125]  __kmalloc_track_caller+0x6c/0x260
[ 1120.034177][T27125]  ? setup_userns_sysctls+0x55/0x340
[ 1120.039288][T27125]  kmemdup+0x24/0x50
[ 1120.043021][T27125]  setup_userns_sysctls+0x55/0x340
[ 1120.047968][T27125]  create_user_ns+0x1230/0x19d0
[ 1120.052656][T27125]  ? utsns_owner+0x40/0x40
[ 1120.056910][T27125]  ? security_prepare_creds+0x102/0x140
[ 1120.062286][T27125]  ? prepare_creds+0x486/0x6a0
[ 1120.066889][T27125]  copy_creds+0x20e/0x630
[ 1120.071068][T27125]  ? dup_task_struct+0x7e6/0xc60
[ 1120.075831][T27125]  copy_process+0x7c3/0x3260
[ 1120.080259][T27125]  ? __kasan_check_write+0x14/0x20
[ 1120.085206][T27125]  ? proc_fail_nth_write+0x20b/0x290
[ 1120.090327][T27125]  ? selinux_file_permission+0x2c4/0x570
[ 1120.095789][T27125]  ? fsnotify_perm+0x6a/0x5d0
[ 1120.100305][T27125]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1120.105252][T27125]  ? vfs_write+0x9ec/0x1110
[ 1120.109599][T27125]  kernel_clone+0x21e/0x9e0
[ 1120.113928][T27125]  ? file_end_write+0x1c0/0x1c0
[ 1120.118618][T27125]  ? create_io_thread+0x1e0/0x1e0
[ 1120.123474][T27125]  ? mutex_unlock+0xb2/0x260
[ 1120.127903][T27125]  ? __mutex_lock_slowpath+0x10/0x10
[ 1120.133022][T27125]  __x64_sys_clone+0x23f/0x290
[ 1120.137628][T27125]  ? __do_sys_vfork+0x130/0x130
[ 1120.142310][T27125]  ? ksys_write+0x260/0x2c0
[ 1120.146653][T27125]  ? debug_smp_processor_id+0x17/0x20
[ 1120.151862][T27125]  ? fpregs_assert_state_consistent+0xb6/0xe0
[ 1120.157761][T27125]  ? exit_to_user_mode_prepare+0x39/0xa0
[ 1120.163237][T27125]  do_syscall_64+0x3d/0xb0
01:15:55 executing program 4:
syz_clone(0x75848400, 0x0, 0x1f000000, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

[ 1120.167480][T27125]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1120.173209][T27125] RIP: 0033:0x7f7962f04ae9
[ 1120.177458][T27125] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 1120.197333][T27125] RSP: 002b:00007f7961c66078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1120.205584][T27125] RAX: ffffffffffffffda RBX: 00007f7963024050 RCX: 00007f7962f04ae9
01:15:55 executing program 1:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000ec0)={0x1d, 0x0, 0x0, 0x0, 0x8e07, 0x9a, &(0x7f0000000d80)=""/154, 0x41100, 0x5, '\x00', 0x0, 0x12, 0xffffffffffffffff, 0x8, &(0x7f0000000c80), 0x8, 0x10, 0xfffffffffffffffc, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, &(0x7f0000000e40)=[0xffffffffffffffff], &(0x7f0000000e80)=[{0x0, 0x4, 0x7, 0x8}], 0x10, 0x5}, 0x90)

[ 1120.213484][T27125] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000075848400
[ 1120.221289][T27125] RBP: 00007f7961c66120 R08: 0000000000000000 R09: 0000000000000000
[ 1120.229101][T27125] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1120.236922][T27125] R13: 000000000000006e R14: 00007f7963024050 R15: 00007ffde0e39ef8
[ 1120.244741][T27125]  </TASK>
01:15:55 executing program 2:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00'}, 0x10)

01:15:55 executing program 5:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000200)={0x0, <r0=>0x0}, 0x8)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000240)=r0, 0x4)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r1, 0x0, 0x4}, 0x48)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb01001800000000000000d0000000d0000000060000000f0000000000000c010000000000000000000003000000000300000004000000000400000f00000000000008020000000000000000000003000000000100000002000000fcffffff000000000200000d0000000003000000030000000f00000000000000e4ffffff08000084ff03000000000000050000003f0000000200000004000000991600000200000002000000050000000000000000000000070000000c00000003000000060000000400000002000000040000000e0000000300000004000000100000000400000051010000006100003000"], &(0x7f0000000100)=""/19, 0xee, 0x13, 0x1, 0x2}, 0x20)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000200), 0x8) (async)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000240)=r0, 0x4) (async)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r1, 0x0, 0x4}, 0x48) (async)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb01001800000000000000d0000000d0000000060000000f0000000000000c010000000000000000000003000000000300000004000000000400000f00000000000008020000000000000000000003000000000100000002000000fcffffff000000000200000d0000000003000000030000000f00000000000000e4ffffff08000084ff03000000000000050000003f0000000200000004000000991600000200000002000000050000000000000000000000070000000c00000003000000060000000400000002000000040000000e0000000300000004000000100000000400000051010000006100003000"], &(0x7f0000000100)=""/19, 0xee, 0x13, 0x1, 0x2}, 0x20) (async)

01:15:55 executing program 0:
syz_clone(0x75848400, 0x0, 0x20200, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

01:15:55 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
r5 = openat$cgroup_ro(r2, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0)
r6 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18d20300000000000000d69cce00"/25], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r2, r3, r4, 0xffffffffffffffff, r5, r6]}, 0x80)
mkdirat$cgroup(r5, &(0x7f00000001c0)='syz1\x00', 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x40000020)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000))
r7 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r7)

01:15:55 executing program 1:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000ec0)={0x1d, 0x0, 0x0, &(0x7f0000000280)='syzkaller\x00', 0x0, 0x9a, &(0x7f0000000d80)=""/154, 0x41100, 0x5, '\x00', 0x0, 0x12, 0xffffffffffffffff, 0x8, &(0x7f0000000c80), 0x8, 0x10, 0xfffffffffffffffc, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, &(0x7f0000000e40)=[0xffffffffffffffff], &(0x7f0000000e80)=[{0x0, 0x4, 0x7, 0x8}], 0x10, 0x5}, 0x90)

01:15:55 executing program 5:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000200)={0xffffffff, <r0=>0x0}, 0x8)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000240)=r0, 0x4)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000000)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x7fffffff, '\x00', 0x0, r1, 0x101, 0x4}, 0x48)

[ 1120.427502][T27156] FAULT_INJECTION: forcing a failure.
[ 1120.427502][T27156] name failslab, interval 1, probability 0, space 0, times 0
[ 1120.465747][T27156] CPU: 1 PID: 27156 Comm: syz-executor.2 Tainted: G        W         5.15.132-syzkaller-01173-g754f8cc9b7de #0
01:15:55 executing program 5:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000200)={0xffffffff, <r0=>0x0}, 0x8)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000240)=r0, 0x4)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000000)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x7fffffff, '\x00', 0x0, r1, 0x101, 0x4}, 0x48)

01:15:55 executing program 5:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000200)={0xffffffff, <r0=>0x0}, 0x8)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000240)=r0, 0x4)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000000)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x7fffffff, '\x00', 0x0, r1, 0x101, 0x4}, 0x48)

[ 1120.477292][T27156] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023
[ 1120.487191][T27156] Call Trace:
[ 1120.490315][T27156]  <TASK>
[ 1120.493089][T27156]  dump_stack_lvl+0x151/0x1b7
[ 1120.497609][T27156]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 1120.503084][T27156]  dump_stack+0x15/0x17
[ 1120.507079][T27156]  should_fail+0x3c6/0x510
[ 1120.511319][T27156]  __should_failslab+0xa4/0xe0
[ 1120.515915][T27156]  should_failslab+0x9/0x20
[ 1120.520261][T27156]  slab_pre_alloc_hook+0x37/0xd0
[ 1120.525032][T27156]  __kmalloc+0x6d/0x270
[ 1120.529022][T27156]  ? __register_sysctl_table+0xea/0x1240
[ 1120.534500][T27156]  __register_sysctl_table+0xea/0x1240
[ 1120.539787][T27156]  ? memcpy+0x56/0x70
[ 1120.543601][T27156]  setup_userns_sysctls+0x2b1/0x340
[ 1120.548648][T27156]  create_user_ns+0x1230/0x19d0
[ 1120.553329][T27156]  ? utsns_owner+0x40/0x40
[ 1120.557578][T27156]  ? security_prepare_creds+0x102/0x140
[ 1120.562960][T27156]  ? prepare_creds+0x486/0x6a0
[ 1120.567642][T27156]  copy_creds+0x20e/0x630
[ 1120.571808][T27156]  ? dup_task_struct+0x7e6/0xc60
[ 1120.576586][T27156]  copy_process+0x7c3/0x3260
[ 1120.581008][T27156]  ? __kasan_check_write+0x14/0x20
[ 1120.585953][T27156]  ? proc_fail_nth_write+0x20b/0x290
[ 1120.591077][T27156]  ? selinux_file_permission+0x2c4/0x570
[ 1120.596544][T27156]  ? fsnotify_perm+0x6a/0x5d0
[ 1120.601058][T27156]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1120.606003][T27156]  ? vfs_write+0x9ec/0x1110
[ 1120.610345][T27156]  kernel_clone+0x21e/0x9e0
[ 1120.614686][T27156]  ? file_end_write+0x1c0/0x1c0
[ 1120.619369][T27156]  ? create_io_thread+0x1e0/0x1e0
[ 1120.624231][T27156]  ? mutex_unlock+0xb2/0x260
[ 1120.628661][T27156]  ? __mutex_lock_slowpath+0x10/0x10
[ 1120.633780][T27156]  __x64_sys_clone+0x23f/0x290
[ 1120.638380][T27156]  ? __do_sys_vfork+0x130/0x130
[ 1120.643063][T27156]  ? ksys_write+0x260/0x2c0
[ 1120.647405][T27156]  ? debug_smp_processor_id+0x17/0x20
[ 1120.652612][T27156]  ? fpregs_assert_state_consistent+0xb6/0xe0
[ 1120.658511][T27156]  ? exit_to_user_mode_prepare+0x39/0xa0
[ 1120.663980][T27156]  do_syscall_64+0x3d/0xb0
[ 1120.668238][T27156]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1120.673960][T27156] RIP: 0033:0x7f7962f04ae9
[ 1120.678212][T27156] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 1120.697656][T27156] RSP: 002b:00007f7961c87078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1120.705903][T27156] RAX: ffffffffffffffda RBX: 00007f7963023f80 RCX: 00007f7962f04ae9
[ 1120.713714][T27156] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000075848400
01:15:55 executing program 1:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000ec0)={0x1d, 0x0, 0x0, &(0x7f0000000280)='syzkaller\x00', 0x0, 0x9a, &(0x7f0000000d80)=""/154, 0x41100, 0x5, '\x00', 0x0, 0x12, 0xffffffffffffffff, 0x8, &(0x7f0000000c80), 0x8, 0x10, 0xfffffffffffffffc, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, &(0x7f0000000e40)=[0xffffffffffffffff], &(0x7f0000000e80)=[{0x0, 0x4, 0x7, 0x8}], 0x10, 0x5}, 0x90)

01:15:55 executing program 0:
syz_clone(0x75848400, 0x0, 0x4100, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

[ 1120.721523][T27156] RBP: 00007f7961c87120 R08: 0000000000000000 R09: 0000000000000000
[ 1120.729423][T27156] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1120.737235][T27156] R13: 000000000000000b R14: 00007f7963023f80 R15: 00007ffde0e39ef8
[ 1120.745049][T27156]  </TASK>
01:15:55 executing program 4:
syz_clone(0x75848400, 0x0, 0x1ffff000, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

01:15:55 executing program 5:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000200)={0x80010001}, 0x8)
r0 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000240), 0x4)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r0, 0x0, 0x4}, 0x48)

01:15:56 executing program 2:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 21)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00'}, 0x10)

01:15:56 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
r5 = openat$cgroup_ro(r2, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0)
r6 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18d20300000000000000d69cce00"/25], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r2, r3, r4, 0xffffffffffffffff, r5, r6]}, 0x80)
mkdirat$cgroup(r5, &(0x7f00000001c0)='syz1\x00', 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x40000020)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000))
r7 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r7)

01:15:56 executing program 5:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000200)={0x80010001}, 0x8)
r0 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000240), 0x4)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r0, 0x0, 0x4}, 0x48)

01:15:56 executing program 5:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000200)={0x80010001}, 0x8)
r0 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000240), 0x4)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r0, 0x0, 0x4}, 0x48)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000200)={0x80010001}, 0x8) (async)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000240), 0x4) (async)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r0, 0x0, 0x4}, 0x48) (async)

01:15:56 executing program 1:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000ec0)={0x1d, 0x0, 0x0, &(0x7f0000000280)='syzkaller\x00', 0x0, 0x9a, &(0x7f0000000d80)=""/154, 0x41100, 0x5, '\x00', 0x0, 0x12, 0xffffffffffffffff, 0x8, &(0x7f0000000c80), 0x8, 0x10, 0xfffffffffffffffc, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, &(0x7f0000000e40)=[0xffffffffffffffff], &(0x7f0000000e80)=[{0x0, 0x4, 0x7, 0x8}], 0x10, 0x5}, 0x90)

01:15:56 executing program 0:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000ec0)={0x1d, 0x0, 0x0, &(0x7f0000000280)='syzkaller\x00', 0x0, 0x9a, &(0x7f0000000d80)=""/154, 0x41100, 0x5, '\x00', 0x0, 0x12, 0xffffffffffffffff, 0x8, &(0x7f0000000c80), 0x8, 0x10, 0xfffffffffffffffc, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, &(0x7f0000000e40)=[0xffffffffffffffff], &(0x7f0000000e80)=[{0x0, 0x4, 0x7, 0x8}], 0x10, 0x5}, 0x90)

01:15:56 executing program 5:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000200)={0x0, <r0=>0x0}, 0x8)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000240)=r0, 0x4)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r1, 0x0, 0x4}, 0x48)

01:15:56 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
r5 = openat$cgroup_ro(r2, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0)
r6 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18d20300000000000000d69cce00"/25], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r2, r3, r4, 0xffffffffffffffff, r5, r6]}, 0x80)
mkdirat$cgroup(r5, &(0x7f00000001c0)='syz1\x00', 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x40000020)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000))
r7 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r7)

01:15:56 executing program 5:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000200)={0x0, <r0=>0x0}, 0x8)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000240)=r0, 0x4)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r1, 0x0, 0x4}, 0x48)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000200), 0x8) (async)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000240)=r0, 0x4) (async)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r1, 0x0, 0x4}, 0x48) (async)

[ 1120.927108][T27187] FAULT_INJECTION: forcing a failure.
[ 1120.927108][T27187] name failslab, interval 1, probability 0, space 0, times 0
01:15:56 executing program 5:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000200)={0x0, <r0=>0x0}, 0x8)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000240)=r0, 0x4)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r1, 0x0, 0x4}, 0x48)

[ 1121.042489][T27187] CPU: 1 PID: 27187 Comm: syz-executor.2 Tainted: G        W         5.15.132-syzkaller-01173-g754f8cc9b7de #0
[ 1121.054051][T27187] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023
[ 1121.064028][T27187] Call Trace:
[ 1121.067148][T27187]  <TASK>
[ 1121.069921][T27187]  dump_stack_lvl+0x151/0x1b7
[ 1121.074456][T27187]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 1121.079908][T27187]  dump_stack+0x15/0x17
[ 1121.083986][T27187]  should_fail+0x3c6/0x510
[ 1121.088241][T27187]  __should_failslab+0xa4/0xe0
[ 1121.092851][T27187]  ? anon_vma_clone+0x9a/0x500
[ 1121.097439][T27187]  should_failslab+0x9/0x20
[ 1121.101776][T27187]  slab_pre_alloc_hook+0x37/0xd0
[ 1121.106553][T27187]  ? anon_vma_clone+0x9a/0x500
[ 1121.111324][T27187]  kmem_cache_alloc+0x44/0x200
[ 1121.115926][T27187]  anon_vma_clone+0x9a/0x500
[ 1121.120354][T27187]  anon_vma_fork+0x91/0x4e0
[ 1121.124689][T27187]  ? anon_vma_name+0x4c/0x70
[ 1121.129123][T27187]  ? vm_area_dup+0x17a/0x230
[ 1121.133541][T27187]  copy_mm+0xa3a/0x13e0
[ 1121.137536][T27187]  ? copy_signal+0x610/0x610
[ 1121.141966][T27187]  ? __init_rwsem+0xd6/0x1c0
[ 1121.146386][T27187]  ? copy_signal+0x4e3/0x610
[ 1121.150814][T27187]  copy_process+0x12bc/0x3260
[ 1121.155336][T27187]  ? proc_fail_nth_write+0x20b/0x290
[ 1121.160447][T27187]  ? fsnotify_perm+0x6a/0x5d0
[ 1121.164962][T27187]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1121.170033][T27187]  ? vfs_write+0x9ec/0x1110
[ 1121.174372][T27187]  kernel_clone+0x21e/0x9e0
[ 1121.178710][T27187]  ? file_end_write+0x1c0/0x1c0
[ 1121.183416][T27187]  ? create_io_thread+0x1e0/0x1e0
[ 1121.188257][T27187]  ? mutex_unlock+0xb2/0x260
[ 1121.192684][T27187]  ? __mutex_lock_slowpath+0x10/0x10
[ 1121.197806][T27187]  __x64_sys_clone+0x23f/0x290
[ 1121.202403][T27187]  ? __do_sys_vfork+0x130/0x130
[ 1121.207089][T27187]  ? ksys_write+0x260/0x2c0
[ 1121.211435][T27187]  ? debug_smp_processor_id+0x17/0x20
[ 1121.216637][T27187]  ? fpregs_assert_state_consistent+0xb6/0xe0
[ 1121.222543][T27187]  ? exit_to_user_mode_prepare+0x39/0xa0
[ 1121.228009][T27187]  do_syscall_64+0x3d/0xb0
[ 1121.232265][T27187]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1121.237990][T27187] RIP: 0033:0x7f7962f04ae9
01:15:56 executing program 4:
syz_clone(0x75848400, 0x0, 0x20000000, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

01:15:56 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, 0xffffffffffffffff)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
r5 = openat$cgroup_ro(r2, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0)
r6 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18d20300000000000000d69cce00"/25], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r2, r3, r4, 0xffffffffffffffff, r5, r6]}, 0x80)
mkdirat$cgroup(r5, &(0x7f00000001c0)='syz1\x00', 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x40000020)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000))
r7 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r7)

[ 1121.242243][T27187] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 1121.261691][T27187] RSP: 002b:00007f7961c87078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1121.269927][T27187] RAX: ffffffffffffffda RBX: 00007f7963023f80 RCX: 00007f7962f04ae9
[ 1121.277742][T27187] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000075848400
[ 1121.285633][T27187] RBP: 00007f7961c87120 R08: 0000000000000000 R09: 0000000000000000
[ 1121.293445][T27187] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1121.301267][T27187] R13: 000000000000000b R14: 00007f7963023f80 R15: 00007ffde0e39ef8
[ 1121.309069][T27187]  </TASK>
01:15:57 executing program 2:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 22)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00'}, 0x10)

01:15:57 executing program 5:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000200)={0x0, <r0=>0x0}, 0x8)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000240)=r0, 0x4)
r2 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
socketpair(0x10, 0x0, 0xc, &(0x7f0000000100))
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r5)
bpf$PROG_LOAD(0x5, &(0x7f0000001680)={0x19, 0x5, &(0x7f0000000540)=@framed={{0x18, 0x0, 0x0, 0x0, 0xebf}, [@map_idx={0x18, 0x7, 0x5, 0x0, 0x8}]}, &(0x7f00000005c0)='GPL\x00', 0x2, 0x1000, &(0x7f0000000600)=""/4096, 0x41100, 0xb, '\x00', 0x0, 0x18, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000001600)={0x2, 0xd, 0x7f, 0x1000}, 0x10, r0, r3, 0x1, 0x0, &(0x7f0000001640)=[{0x1, 0x3, 0x6, 0x6}], 0x10, 0x10001}, 0x90)
r6 = openat$cgroup_ro(r5, &(0x7f0000000000)='cpu.stat\x00', 0x0, 0x0)
r7 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000001980)=@bpf_ext={0x1c, 0x1e, &(0x7f00000017c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, [@ldst={0x2, 0x0, 0x1, 0xb, 0x4, 0x10e, 0xfffffffffffffff0}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x5}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, 0x1}}, @map_idx={0x18, 0x7, 0x5, 0x0, 0xf}, @printk={@integer, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x8}}, @map_idx_val={0x18, 0x5, 0x6, 0x0, 0x9, 0x0, 0x0, 0x0, 0x6}, @jmp={0x5, 0x0, 0x6, 0x9, 0xa, 0x18, 0xffffffffffffffff}]}, &(0x7f00000018c0)='syzkaller\x00', 0x0, 0x0, &(0x7f0000001900), 0x41100, 0x0, '\x00', 0x0, 0x0, r2, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x20522, r5, 0x0, &(0x7f0000001940)=[r4]}, 0x90)
ioctl$TUNSETFILTEREBPF(r6, 0x800454e1, &(0x7f0000001a40)=r7)
r8 = openat$cgroup_ro(r3, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0)
r9 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18c25fd1f45e9059827d3f7423e3b5d69cce000000000000000000"], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r2, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r3, r4, r5, 0xffffffffffffffff, r8, r9]}, 0x80)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000280)={{0x1, <r10=>0xffffffffffffffff}, &(0x7f0000000180), &(0x7f00000001c0)='%p     \x00'}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x1e, 0x3, &(0x7f0000001740)=ANY=[@ANYBLOB="18b421deaeb6f6e0b9480000f9ffffff000000000000000085000000a4000000c0a00cc3d5651e50874b960d1d33fbef3315aa24217d16ee87fa9dc2521b593a19d9900019aa30753ed4e2324b2a24a1d9577405b63526b6b26f47efeacb2c1f9cf6984b544ac2f078b5"], &(0x7f0000000040)='GPL\x00', 0x3, 0x89, &(0x7f0000000080)=""/137, 0x40f00, 0x24, '\x00', 0x0, 0x12, r8, 0x8, &(0x7f0000000140)={0x7, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xa, &(0x7f00000002c0)=[0xffffffffffffffff, r10], &(0x7f0000000300)=[{0x1, 0x1, 0xc, 0xa}, {0x2, 0x1, 0xa, 0xc}, {0x0, 0x2, 0x2, 0x5}, {0x3, 0x1, 0x8, 0x7}, {0x1, 0x2, 0x1, 0x4}, {0x2, 0x5, 0x3, 0x4}, {0x4, 0x3, 0x2, 0x5}, {0x5, 0x5, 0xa, 0x3}, {0x4, 0x4, 0x7, 0x5}, {0x0, 0x1, 0xc, 0x2}], 0x10, 0x1ff}, 0x90)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r1, 0x0, 0x4}, 0x48)

01:15:57 executing program 1:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000ec0)={0x1d, 0x0, 0x0, &(0x7f0000000280)='syzkaller\x00', 0x8e07, 0x0, 0x0, 0x41100, 0x5, '\x00', 0x0, 0x12, 0xffffffffffffffff, 0x8, &(0x7f0000000c80), 0x8, 0x10, 0xfffffffffffffffc, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, &(0x7f0000000e40)=[0xffffffffffffffff], &(0x7f0000000e80)=[{0x0, 0x4, 0x7, 0x8}], 0x10, 0x5}, 0x90)

01:15:57 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, 0xffffffffffffffff)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
r5 = openat$cgroup_ro(r2, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0)
r6 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18d20300000000000000d69cce00"/25], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r2, r3, r4, 0xffffffffffffffff, r5, r6]}, 0x80)
mkdirat$cgroup(r5, &(0x7f00000001c0)='syz1\x00', 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x40000020)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000))
r7 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r7)

01:15:57 executing program 0:
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
r5 = openat$cgroup_ro(r2, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0)
r6 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18d20300000000000000d69cce00"/25], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r2, r3, r4, 0xffffffffffffffff, r5, r6]}, 0x80)
mkdirat$cgroup(r5, &(0x7f00000001c0)='syz1\x00', 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x40000020)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000))
r7 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r7)

01:15:57 executing program 4:
syz_clone(0x75848400, 0x0, 0x3f000000, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

01:15:57 executing program 5:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000200)={0x0, <r0=>0x0}, 0x8)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000240)=r0, 0x4) (async)
r2 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4) (async, rerun: 64)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0) (rerun: 64)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3) (async)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4) (async, rerun: 64)
r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0) (rerun: 64)
socketpair(0x10, 0x0, 0xc, &(0x7f0000000100)) (async)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r5)
bpf$PROG_LOAD(0x5, &(0x7f0000001680)={0x19, 0x5, &(0x7f0000000540)=@framed={{0x18, 0x0, 0x0, 0x0, 0xebf}, [@map_idx={0x18, 0x7, 0x5, 0x0, 0x8}]}, &(0x7f00000005c0)='GPL\x00', 0x2, 0x1000, &(0x7f0000000600)=""/4096, 0x41100, 0xb, '\x00', 0x0, 0x18, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000001600)={0x2, 0xd, 0x7f, 0x1000}, 0x10, r0, r3, 0x1, 0x0, &(0x7f0000001640)=[{0x1, 0x3, 0x6, 0x6}], 0x10, 0x10001}, 0x90) (async)
r6 = openat$cgroup_ro(r5, &(0x7f0000000000)='cpu.stat\x00', 0x0, 0x0) (async)
r7 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000001980)=@bpf_ext={0x1c, 0x1e, &(0x7f00000017c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, [@ldst={0x2, 0x0, 0x1, 0xb, 0x4, 0x10e, 0xfffffffffffffff0}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x5}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, 0x1}}, @map_idx={0x18, 0x7, 0x5, 0x0, 0xf}, @printk={@integer, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x8}}, @map_idx_val={0x18, 0x5, 0x6, 0x0, 0x9, 0x0, 0x0, 0x0, 0x6}, @jmp={0x5, 0x0, 0x6, 0x9, 0xa, 0x18, 0xffffffffffffffff}]}, &(0x7f00000018c0)='syzkaller\x00', 0x0, 0x0, &(0x7f0000001900), 0x41100, 0x0, '\x00', 0x0, 0x0, r2, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x20522, r5, 0x0, &(0x7f0000001940)=[r4]}, 0x90)
ioctl$TUNSETFILTEREBPF(r6, 0x800454e1, &(0x7f0000001a40)=r7) (async)
r8 = openat$cgroup_ro(r3, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0)
r9 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18c25fd1f45e9059827d3f7423e3b5d69cce000000000000000000"], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r2, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r3, r4, r5, 0xffffffffffffffff, r8, r9]}, 0x80) (async)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000280)={{0x1, <r10=>0xffffffffffffffff}, &(0x7f0000000180), &(0x7f00000001c0)='%p     \x00'}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x1e, 0x3, &(0x7f0000001740)=ANY=[@ANYBLOB="18b421deaeb6f6e0b9480000f9ffffff000000000000000085000000a4000000c0a00cc3d5651e50874b960d1d33fbef3315aa24217d16ee87fa9dc2521b593a19d9900019aa30753ed4e2324b2a24a1d9577405b63526b6b26f47efeacb2c1f9cf6984b544ac2f078b5"], &(0x7f0000000040)='GPL\x00', 0x3, 0x89, &(0x7f0000000080)=""/137, 0x40f00, 0x24, '\x00', 0x0, 0x12, r8, 0x8, &(0x7f0000000140)={0x7, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xa, &(0x7f00000002c0)=[0xffffffffffffffff, r10], &(0x7f0000000300)=[{0x1, 0x1, 0xc, 0xa}, {0x2, 0x1, 0xa, 0xc}, {0x0, 0x2, 0x2, 0x5}, {0x3, 0x1, 0x8, 0x7}, {0x1, 0x2, 0x1, 0x4}, {0x2, 0x5, 0x3, 0x4}, {0x4, 0x3, 0x2, 0x5}, {0x5, 0x5, 0xa, 0x3}, {0x4, 0x4, 0x7, 0x5}, {0x0, 0x1, 0xc, 0x2}], 0x10, 0x1ff}, 0x90) (async)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r1, 0x0, 0x4}, 0x48)

[ 1121.877588][   T30] audit: type=1400 audit(1697505357.047:162): avc:  denied  { create } for  pid=27220 comm="syz-executor.5" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[ 1121.915480][T27227] FAULT_INJECTION: forcing a failure.
[ 1121.915480][T27227] name failslab, interval 1, probability 0, space 0, times 0
[ 1121.953601][T27227] CPU: 0 PID: 27227 Comm: syz-executor.2 Tainted: G        W         5.15.132-syzkaller-01173-g754f8cc9b7de #0
[ 1121.965154][T27227] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023
[ 1121.975045][T27227] Call Trace:
[ 1121.978169][T27227]  <TASK>
[ 1121.980948][T27227]  dump_stack_lvl+0x151/0x1b7
[ 1121.985460][T27227]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 1121.990932][T27227]  dump_stack+0x15/0x17
[ 1121.994920][T27227]  should_fail+0x3c6/0x510
[ 1121.999170][T27227]  __should_failslab+0xa4/0xe0
[ 1122.003771][T27227]  ? copy_fs_struct+0x4e/0x230
[ 1122.008370][T27227]  should_failslab+0x9/0x20
[ 1122.012709][T27227]  slab_pre_alloc_hook+0x37/0xd0
[ 1122.017483][T27227]  ? copy_fs_struct+0x4e/0x230
[ 1122.022083][T27227]  kmem_cache_alloc+0x44/0x200
[ 1122.026693][T27227]  copy_fs_struct+0x4e/0x230
[ 1122.031112][T27227]  copy_fs+0x71/0x140
[ 1122.034956][T27227]  copy_process+0x121e/0x3260
[ 1122.039450][T27227]  ? proc_fail_nth_write+0x20b/0x290
[ 1122.044562][T27227]  ? fsnotify_perm+0x6a/0x5d0
[ 1122.049079][T27227]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1122.054022][T27227]  ? vfs_write+0x9ec/0x1110
[ 1122.058361][T27227]  kernel_clone+0x21e/0x9e0
[ 1122.062700][T27227]  ? file_end_write+0x1c0/0x1c0
[ 1122.067391][T27227]  ? create_io_thread+0x1e0/0x1e0
[ 1122.072334][T27227]  ? mutex_unlock+0xb2/0x260
[ 1122.076762][T27227]  ? __mutex_lock_slowpath+0x10/0x10
[ 1122.081885][T27227]  __x64_sys_clone+0x23f/0x290
[ 1122.086501][T27227]  ? __do_sys_vfork+0x130/0x130
[ 1122.091168][T27227]  ? ksys_write+0x260/0x2c0
[ 1122.095510][T27227]  ? debug_smp_processor_id+0x17/0x20
[ 1122.100714][T27227]  ? fpregs_assert_state_consistent+0xb6/0xe0
[ 1122.106792][T27227]  ? exit_to_user_mode_prepare+0x39/0xa0
[ 1122.112257][T27227]  do_syscall_64+0x3d/0xb0
[ 1122.116513][T27227]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1122.122246][T27227] RIP: 0033:0x7f7962f04ae9
[ 1122.126492][T27227] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 1122.146024][T27227] RSP: 002b:00007f7961c87078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
01:15:57 executing program 5:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000200), 0x8) (async)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000200)={0x0, <r0=>0x0}, 0x8)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000240)=r0, 0x4)
r2 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0) (async)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
socketpair(0x10, 0x0, 0xc, &(0x7f0000000100)) (async)
socketpair(0x10, 0x0, 0xc, &(0x7f0000000100))
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r5) (async)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r5)
bpf$PROG_LOAD(0x5, &(0x7f0000001680)={0x19, 0x5, &(0x7f0000000540)=@framed={{0x18, 0x0, 0x0, 0x0, 0xebf}, [@map_idx={0x18, 0x7, 0x5, 0x0, 0x8}]}, &(0x7f00000005c0)='GPL\x00', 0x2, 0x1000, &(0x7f0000000600)=""/4096, 0x41100, 0xb, '\x00', 0x0, 0x18, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000001600)={0x2, 0xd, 0x7f, 0x1000}, 0x10, r0, r3, 0x1, 0x0, &(0x7f0000001640)=[{0x1, 0x3, 0x6, 0x6}], 0x10, 0x10001}, 0x90)
r6 = openat$cgroup_ro(r5, &(0x7f0000000000)='cpu.stat\x00', 0x0, 0x0)
r7 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000001980)=@bpf_ext={0x1c, 0x1e, &(0x7f00000017c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, [@ldst={0x2, 0x0, 0x1, 0xb, 0x4, 0x10e, 0xfffffffffffffff0}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x5}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, 0x1}}, @map_idx={0x18, 0x7, 0x5, 0x0, 0xf}, @printk={@integer, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x8}}, @map_idx_val={0x18, 0x5, 0x6, 0x0, 0x9, 0x0, 0x0, 0x0, 0x6}, @jmp={0x5, 0x0, 0x6, 0x9, 0xa, 0x18, 0xffffffffffffffff}]}, &(0x7f00000018c0)='syzkaller\x00', 0x0, 0x0, &(0x7f0000001900), 0x41100, 0x0, '\x00', 0x0, 0x0, r2, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x20522, r5, 0x0, &(0x7f0000001940)=[r4]}, 0x90)
ioctl$TUNSETFILTEREBPF(r6, 0x800454e1, &(0x7f0000001a40)=r7)
openat$cgroup_ro(r3, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0) (async)
r8 = openat$cgroup_ro(r3, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0)
r9 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18c25fd1f45e9059827d3f7423e3b5d69cce000000000000000000"], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r2, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r3, r4, r5, 0xffffffffffffffff, r8, r9]}, 0x80)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000280)={{0x1, <r10=>0xffffffffffffffff}, &(0x7f0000000180), &(0x7f00000001c0)='%p     \x00'}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x1e, 0x3, &(0x7f0000001740)=ANY=[@ANYBLOB="18b421deaeb6f6e0b9480000f9ffffff000000000000000085000000a4000000c0a00cc3d5651e50874b960d1d33fbef3315aa24217d16ee87fa9dc2521b593a19d9900019aa30753ed4e2324b2a24a1d9577405b63526b6b26f47efeacb2c1f9cf6984b544ac2f078b5"], &(0x7f0000000040)='GPL\x00', 0x3, 0x89, &(0x7f0000000080)=""/137, 0x40f00, 0x24, '\x00', 0x0, 0x12, r8, 0x8, &(0x7f0000000140)={0x7, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xa, &(0x7f00000002c0)=[0xffffffffffffffff, r10], &(0x7f0000000300)=[{0x1, 0x1, 0xc, 0xa}, {0x2, 0x1, 0xa, 0xc}, {0x0, 0x2, 0x2, 0x5}, {0x3, 0x1, 0x8, 0x7}, {0x1, 0x2, 0x1, 0x4}, {0x2, 0x5, 0x3, 0x4}, {0x4, 0x3, 0x2, 0x5}, {0x5, 0x5, 0xa, 0x3}, {0x4, 0x4, 0x7, 0x5}, {0x0, 0x1, 0xc, 0x2}], 0x10, 0x1ff}, 0x90) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x1e, 0x3, &(0x7f0000001740)=ANY=[@ANYBLOB="18b421deaeb6f6e0b9480000f9ffffff000000000000000085000000a4000000c0a00cc3d5651e50874b960d1d33fbef3315aa24217d16ee87fa9dc2521b593a19d9900019aa30753ed4e2324b2a24a1d9577405b63526b6b26f47efeacb2c1f9cf6984b544ac2f078b5"], &(0x7f0000000040)='GPL\x00', 0x3, 0x89, &(0x7f0000000080)=""/137, 0x40f00, 0x24, '\x00', 0x0, 0x12, r8, 0x8, &(0x7f0000000140)={0x7, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xa, &(0x7f00000002c0)=[0xffffffffffffffff, r10], &(0x7f0000000300)=[{0x1, 0x1, 0xc, 0xa}, {0x2, 0x1, 0xa, 0xc}, {0x0, 0x2, 0x2, 0x5}, {0x3, 0x1, 0x8, 0x7}, {0x1, 0x2, 0x1, 0x4}, {0x2, 0x5, 0x3, 0x4}, {0x4, 0x3, 0x2, 0x5}, {0x5, 0x5, 0xa, 0x3}, {0x4, 0x4, 0x7, 0x5}, {0x0, 0x1, 0xc, 0x2}], 0x10, 0x1ff}, 0x90)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r1, 0x0, 0x4}, 0x48)

[ 1122.154265][T27227] RAX: ffffffffffffffda RBX: 00007f7963023f80 RCX: 00007f7962f04ae9
[ 1122.162080][T27227] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000075848400
[ 1122.169892][T27227] RBP: 00007f7961c87120 R08: 0000000000000000 R09: 0000000000000000
[ 1122.177701][T27227] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1122.185513][T27227] R13: 000000000000000b R14: 00007f7963023f80 R15: 00007ffde0e39ef8
[ 1122.193415][T27227]  </TASK>
01:15:57 executing program 1:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000ec0)={0x1d, 0x0, 0x0, &(0x7f0000000280)='syzkaller\x00', 0x8e07, 0x0, 0x0, 0x41100, 0x5, '\x00', 0x0, 0x12, 0xffffffffffffffff, 0x8, &(0x7f0000000c80), 0x8, 0x10, 0xfffffffffffffffc, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, &(0x7f0000000e40)=[0xffffffffffffffff], &(0x7f0000000e80)=[{0x0, 0x4, 0x7, 0x8}], 0x10, 0x5}, 0x90)

01:15:57 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, 0xffffffffffffffff)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
r5 = openat$cgroup_ro(r2, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0)
r6 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18d20300000000000000d69cce00"/25], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r2, r3, r4, 0xffffffffffffffff, r5, r6]}, 0x80)
mkdirat$cgroup(r5, &(0x7f00000001c0)='syz1\x00', 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x40000020)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000))
r7 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r7)

01:15:57 executing program 5:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000200)={0x0, <r0=>0x0}, 0x8)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000240)=r0, 0x4)
r2 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000540)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x4)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000005c0)='cpuset.effective_mems\x00', 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000d40)={r5, 0xe0, &(0x7f0000000c40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r6=>0x0, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f0000000ac0), &(0x7f0000000600)=[0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000b40)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f0000000180), 0x0, 0x0, 0x10, 0x8, 0x8, &(0x7f0000000c00)}}, 0x10)
r7 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000009c0)='memory.stat\x00', 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1e9327171b1bc20e, 0x46, '\x00', r6, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000980)={0x5, 0xd, 0x0, 0x3}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000f80)=[0xffffffffffffffff, r7], 0x0, 0x10, 0x7}, 0x90)
r8 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000980)={&(0x7f0000000800)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x63, 0x63, 0x6, [@func={0x9, 0x0, 0x0, 0xc, 0x2}, @fwd={0x7}, @union={0x3, 0x2, 0x0, 0x5, 0x0, 0x7ff, [{0x6, 0x0, 0x2}, {0xa, 0x4, 0x7}]}, @datasec={0x5, 0x1, 0x0, 0xf, 0x3, [{0x5, 0x8, 0x7fff}], "144113"}, @const={0xa, 0x0, 0x0, 0xa, 0x4}]}, {0x0, [0x2e, 0x5f, 0x61, 0x5f]}}, &(0x7f00000008c0)=""/167, 0x82, 0xa7, 0x0, 0x3}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000ac0)={0x53b95dbac69bee1f, 0x11, &(0x7f0000000600)=@raw=[@map_val={0x18, 0x7, 0x2, 0x0, r3, 0x0, 0x0, 0x0, 0x1}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r4}}, @map_idx={0x18, 0x0, 0x5, 0x0, 0x8}], &(0x7f00000006c0)='GPL\x00', 0x4, 0xe8, &(0x7f0000000700)=""/232, 0x7c746bbf64a53a18, 0x60, '\x00', r6, 0x0, r8, 0x8, &(0x7f00000009c0)={0xa, 0x3}, 0x8, 0x10, &(0x7f0000000a00)={0x0, 0x9, 0x8, 0x77}, 0x10, 0x0, 0x0, 0x6, 0x0, &(0x7f0000000a40)=[{0x4, 0x3, 0xf, 0x4}, {0x5, 0x5, 0xf, 0x7}, {0x0, 0x3, 0x5, 0x6}, {0x1, 0x5, 0xb, 0xb}, {0x0, 0x1, 0x6, 0xa}, {0x5, 0x1, 0xf, 0xa}], 0x10, 0x7}, 0x90)
r9 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r9)
r10 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r10)
r11 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
write$cgroup_int(r10, &(0x7f0000000b80)=0x3, 0x12)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r11)
r12 = openat$cgroup_ro(r9, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0)
r13 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000bc0)='./cgroup/syz1\x00', 0x200002, 0x0)
perf_event_open$cgroup(&(0x7f0000000d80)={0x3, 0x80, 0x0, 0xbc, 0x40, 0x3, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x9, 0x2, @perf_config_ext={0x8001, 0x2}, 0x8800, 0x4, 0xfffffff8, 0x8, 0x1000000000000, 0x400, 0x9, 0x0, 0x3, 0x0, 0x7}, r13, 0x3, r11, 0x0)
r14 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18c25fd1f45e9059827d3f7423e3b5d69cce000000000000000000"], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r2, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x4, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r9, r3, r11, 0xffffffffffffffff, r12, r14]}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x1f, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000b08b000000000000020000009540000000000000"], &(0x7f0000000040)='syzkaller\x00', 0x1f, 0xd4, &(0x7f0000000080)=""/212, 0x40f00, 0x0, '\x00', 0x0, 0x21, r1, 0x8, &(0x7f0000000180)={0x8, 0x2}, 0x8, 0x10, &(0x7f00000001c0)={0x4, 0xf, 0xfffffff9, 0x3f}, 0x10, r0, r10, 0x2, 0x0, &(0x7f0000000280)=[{0x4, 0x2, 0x3, 0xa}, {0x4, 0x1, 0x8, 0x7}], 0x10, 0x9}, 0x90)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r1, 0x0, 0x4}, 0x48)

[ 1122.199640][   T30] audit: type=1400 audit(1697505357.367:163): avc:  denied  { rename } for  pid=82 comm="syslogd" name="messages" dev="tmpfs" ino=12 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
01:15:57 executing program 5:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000200), 0x8) (async)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000200)={0x0, <r0=>0x0}, 0x8)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000240)=r0, 0x4)
r2 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000540), 0x4) (async)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000540)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x4)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000005c0)='cpuset.effective_mems\x00', 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000d40)={r5, 0xe0, &(0x7f0000000c40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r6=>0x0, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f0000000ac0), &(0x7f0000000600)=[0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000b40)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f0000000180), 0x0, 0x0, 0x10, 0x8, 0x8, &(0x7f0000000c00)}}, 0x10)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000009c0)='memory.stat\x00', 0x0, 0x0) (async)
r7 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000009c0)='memory.stat\x00', 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1e9327171b1bc20e, 0x46, '\x00', r6, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000980)={0x5, 0xd, 0x0, 0x3}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000f80)=[0xffffffffffffffff, r7], 0x0, 0x10, 0x7}, 0x90)
r8 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000980)={&(0x7f0000000800)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x63, 0x63, 0x6, [@func={0x9, 0x0, 0x0, 0xc, 0x2}, @fwd={0x7}, @union={0x3, 0x2, 0x0, 0x5, 0x0, 0x7ff, [{0x6, 0x0, 0x2}, {0xa, 0x4, 0x7}]}, @datasec={0x5, 0x1, 0x0, 0xf, 0x3, [{0x5, 0x8, 0x7fff}], "144113"}, @const={0xa, 0x0, 0x0, 0xa, 0x4}]}, {0x0, [0x2e, 0x5f, 0x61, 0x5f]}}, &(0x7f00000008c0)=""/167, 0x82, 0xa7, 0x0, 0x3}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000ac0)={0x53b95dbac69bee1f, 0x11, &(0x7f0000000600)=@raw=[@map_val={0x18, 0x7, 0x2, 0x0, r3, 0x0, 0x0, 0x0, 0x1}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r4}}, @map_idx={0x18, 0x0, 0x5, 0x0, 0x8}], &(0x7f00000006c0)='GPL\x00', 0x4, 0xe8, &(0x7f0000000700)=""/232, 0x7c746bbf64a53a18, 0x60, '\x00', r6, 0x0, r8, 0x8, &(0x7f00000009c0)={0xa, 0x3}, 0x8, 0x10, &(0x7f0000000a00)={0x0, 0x9, 0x8, 0x77}, 0x10, 0x0, 0x0, 0x6, 0x0, &(0x7f0000000a40)=[{0x4, 0x3, 0xf, 0x4}, {0x5, 0x5, 0xf, 0x7}, {0x0, 0x3, 0x5, 0x6}, {0x1, 0x5, 0xb, 0xb}, {0x0, 0x1, 0x6, 0xa}, {0x5, 0x1, 0xf, 0xa}], 0x10, 0x7}, 0x90)
r9 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r9)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0) (async)
r10 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r10)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0) (async)
r11 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
write$cgroup_int(r10, &(0x7f0000000b80)=0x3, 0x12) (async)
write$cgroup_int(r10, &(0x7f0000000b80)=0x3, 0x12)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r11)
openat$cgroup_ro(r9, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0) (async)
r12 = openat$cgroup_ro(r9, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0)
r13 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000bc0)='./cgroup/syz1\x00', 0x200002, 0x0)
perf_event_open$cgroup(&(0x7f0000000d80)={0x3, 0x80, 0x0, 0xbc, 0x40, 0x3, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x9, 0x2, @perf_config_ext={0x8001, 0x2}, 0x8800, 0x4, 0xfffffff8, 0x8, 0x1000000000000, 0x400, 0x9, 0x0, 0x3, 0x0, 0x7}, r13, 0x3, r11, 0x0)
r14 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18c25fd1f45e9059827d3f7423e3b5d69cce000000000000000000"], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r2, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x4, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r9, r3, r11, 0xffffffffffffffff, r12, r14]}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x1f, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000b08b000000000000020000009540000000000000"], &(0x7f0000000040)='syzkaller\x00', 0x1f, 0xd4, &(0x7f0000000080)=""/212, 0x40f00, 0x0, '\x00', 0x0, 0x21, r1, 0x8, &(0x7f0000000180)={0x8, 0x2}, 0x8, 0x10, &(0x7f00000001c0)={0x4, 0xf, 0xfffffff9, 0x3f}, 0x10, r0, r10, 0x2, 0x0, &(0x7f0000000280)=[{0x4, 0x2, 0x3, 0xa}, {0x4, 0x1, 0x8, 0x7}], 0x10, 0x9}, 0x90) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x1f, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000b08b000000000000020000009540000000000000"], &(0x7f0000000040)='syzkaller\x00', 0x1f, 0xd4, &(0x7f0000000080)=""/212, 0x40f00, 0x0, '\x00', 0x0, 0x21, r1, 0x8, &(0x7f0000000180)={0x8, 0x2}, 0x8, 0x10, &(0x7f00000001c0)={0x4, 0xf, 0xfffffff9, 0x3f}, 0x10, r0, r10, 0x2, 0x0, &(0x7f0000000280)=[{0x4, 0x2, 0x3, 0xa}, {0x4, 0x1, 0x8, 0x7}], 0x10, 0x9}, 0x90)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r1, 0x0, 0x4}, 0x48)

[ 1122.264150][   T30] audit: type=1400 audit(1697505357.367:164): avc:  denied  { unlink } for  pid=82 comm="syslogd" name="messages.0" dev="tmpfs" ino=11 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[ 1122.357683][   T30] audit: type=1400 audit(1697505357.367:165): avc:  denied  { create } for  pid=82 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
01:15:57 executing program 2:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 23)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00'}, 0x10)

01:15:57 executing program 0:
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
r5 = openat$cgroup_ro(r2, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0)
r6 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18d20300000000000000d69cce00"/25], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r2, r3, r4, 0xffffffffffffffff, r5, r6]}, 0x80)
mkdirat$cgroup(r5, &(0x7f00000001c0)='syz1\x00', 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x40000020)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000))
r7 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r7)

01:15:57 executing program 5:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000200)={0x0, <r0=>0x0}, 0x8)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000240)=r0, 0x4) (async, rerun: 32)
r2 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4) (async, rerun: 32)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000540)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x4) (async)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000005c0)='cpuset.effective_mems\x00', 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000d40)={r5, 0xe0, &(0x7f0000000c40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r6=>0x0, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f0000000ac0), &(0x7f0000000600)=[0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000b40)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f0000000180), 0x0, 0x0, 0x10, 0x8, 0x8, &(0x7f0000000c00)}}, 0x10) (async)
r7 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000009c0)='memory.stat\x00', 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1e9327171b1bc20e, 0x46, '\x00', r6, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000980)={0x5, 0xd, 0x0, 0x3}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000f80)=[0xffffffffffffffff, r7], 0x0, 0x10, 0x7}, 0x90) (async)
r8 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000980)={&(0x7f0000000800)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x63, 0x63, 0x6, [@func={0x9, 0x0, 0x0, 0xc, 0x2}, @fwd={0x7}, @union={0x3, 0x2, 0x0, 0x5, 0x0, 0x7ff, [{0x6, 0x0, 0x2}, {0xa, 0x4, 0x7}]}, @datasec={0x5, 0x1, 0x0, 0xf, 0x3, [{0x5, 0x8, 0x7fff}], "144113"}, @const={0xa, 0x0, 0x0, 0xa, 0x4}]}, {0x0, [0x2e, 0x5f, 0x61, 0x5f]}}, &(0x7f00000008c0)=""/167, 0x82, 0xa7, 0x0, 0x3}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000ac0)={0x53b95dbac69bee1f, 0x11, &(0x7f0000000600)=@raw=[@map_val={0x18, 0x7, 0x2, 0x0, r3, 0x0, 0x0, 0x0, 0x1}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r4}}, @map_idx={0x18, 0x0, 0x5, 0x0, 0x8}], &(0x7f00000006c0)='GPL\x00', 0x4, 0xe8, &(0x7f0000000700)=""/232, 0x7c746bbf64a53a18, 0x60, '\x00', r6, 0x0, r8, 0x8, &(0x7f00000009c0)={0xa, 0x3}, 0x8, 0x10, &(0x7f0000000a00)={0x0, 0x9, 0x8, 0x77}, 0x10, 0x0, 0x0, 0x6, 0x0, &(0x7f0000000a40)=[{0x4, 0x3, 0xf, 0x4}, {0x5, 0x5, 0xf, 0x7}, {0x0, 0x3, 0x5, 0x6}, {0x1, 0x5, 0xb, 0xb}, {0x0, 0x1, 0x6, 0xa}, {0x5, 0x1, 0xf, 0xa}], 0x10, 0x7}, 0x90) (async)
r9 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r9)
r10 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r10)
r11 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
write$cgroup_int(r10, &(0x7f0000000b80)=0x3, 0x12) (async)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r11) (async)
r12 = openat$cgroup_ro(r9, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0)
r13 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000bc0)='./cgroup/syz1\x00', 0x200002, 0x0)
perf_event_open$cgroup(&(0x7f0000000d80)={0x3, 0x80, 0x0, 0xbc, 0x40, 0x3, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x9, 0x2, @perf_config_ext={0x8001, 0x2}, 0x8800, 0x4, 0xfffffff8, 0x8, 0x1000000000000, 0x400, 0x9, 0x0, 0x3, 0x0, 0x7}, r13, 0x3, r11, 0x0) (async)
r14 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18c25fd1f45e9059827d3f7423e3b5d69cce000000000000000000"], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r2, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x4, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r9, r3, r11, 0xffffffffffffffff, r12, r14]}, 0x90) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x1f, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000b08b000000000000020000009540000000000000"], &(0x7f0000000040)='syzkaller\x00', 0x1f, 0xd4, &(0x7f0000000080)=""/212, 0x40f00, 0x0, '\x00', 0x0, 0x21, r1, 0x8, &(0x7f0000000180)={0x8, 0x2}, 0x8, 0x10, &(0x7f00000001c0)={0x4, 0xf, 0xfffffff9, 0x3f}, 0x10, r0, r10, 0x2, 0x0, &(0x7f0000000280)=[{0x4, 0x2, 0x3, 0xa}, {0x4, 0x1, 0x8, 0x7}], 0x10, 0x9}, 0x90) (async)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r1, 0x0, 0x4}, 0x48)

01:15:57 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
r5 = openat$cgroup_ro(r2, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0)
r6 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18d20300000000000000d69cce00"/25], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r2, r3, r4, 0xffffffffffffffff, r5, r6]}, 0x80)
mkdirat$cgroup(r5, &(0x7f00000001c0)='syz1\x00', 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x40000020)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000))
r7 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r7)

01:15:57 executing program 1:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000ec0)={0x1d, 0x0, 0x0, &(0x7f0000000280)='syzkaller\x00', 0x8e07, 0x0, 0x0, 0x41100, 0x5, '\x00', 0x0, 0x12, 0xffffffffffffffff, 0x8, &(0x7f0000000c80), 0x8, 0x10, 0xfffffffffffffffc, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, &(0x7f0000000e40)=[0xffffffffffffffff], &(0x7f0000000e80)=[{0x0, 0x4, 0x7, 0x8}], 0x10, 0x5}, 0x90)

01:15:57 executing program 4:
syz_clone(0x75848400, 0x0, 0x40000000, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

01:15:57 executing program 5:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000200)={0x0, <r0=>0x0}, 0x8)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000240)=r0, 0x4)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r1, 0x0, 0x4}, 0x48)
r2 = bpf$OBJ_GET_MAP(0x7, 0x0, 0xf859bb1f38cb9205)
r3 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r5)
r6 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r6)
r7 = openat$cgroup_ro(r4, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0)
r8 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18c25fd1f45e9059827d3f7423e3b5d69cce000000000000000000"], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r3, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r4, r5, r6, 0xffffffffffffffff, r7, r8]}, 0x80)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a80)={0x18, 0xa, &(0x7f00000005c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x80800000, 0x0, 0x0, 0x0, 0xca}, [@jmp={0x5, 0x0, 0x1, 0x6, 0x6, 0xffffffffffffffe0, 0x4}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffb}, @call={0x85, 0x0, 0x0, 0x89}, @map_fd={0x18, 0x3, 0x1, 0x0, r2}, @map_idx={0x18, 0x7, 0x5, 0x0, 0x4}]}, &(0x7f00000002c0)='GPL\x00', 0x3f, 0x86, &(0x7f0000000700)=""/134, 0x41100, 0x56, '\x00', 0x0, 0x0, r6, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000880)={0x1, 0x2, 0x2, 0x1f}, 0x10, 0x0, 0x0, 0x7, &(0x7f0000000940)=[0xffffffffffffffff], &(0x7f0000000980)=[{0x3, 0x3, 0xc, 0xc}, {0x0, 0x5, 0xd, 0x6}, {0x4, 0x2, 0xf, 0xa}, {0x4, 0x4, 0x0, 0x5}, {0x5, 0x3, 0x6, 0x5}, {0x3, 0x5, 0x10, 0x5}, {0x0, 0x3, 0x8, 0x2}], 0x10, 0x3}, 0x90)
r9 = perf_event_open$cgroup(&(0x7f0000000040)={0x0, 0x80, 0x8, 0x1, 0x1, 0x2, 0x0, 0x1, 0x800, 0x3, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x20, 0x4, @perf_config_ext={0x7, 0x6}, 0x200, 0x8, 0x5, 0x2, 0x0, 0xad, 0x3f, 0x0, 0x1}, 0xffffffffffffffff, 0x5, 0xffffffffffffffff, 0x2)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r6, 0x2405, r9)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000000)=r0, 0x4)

01:15:57 executing program 0:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
r5 = openat$cgroup_ro(r2, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0)
r6 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18d20300000000000000d69cce00"/25], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r2, r3, r4, 0xffffffffffffffff, r5, r6]}, 0x80)
mkdirat$cgroup(r5, &(0x7f00000001c0)='syz1\x00', 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x40000020)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000))
r7 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r7)

01:15:57 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
r5 = openat$cgroup_ro(r2, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0)
r6 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18d20300000000000000d69cce00"/25], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r2, r3, r4, 0xffffffffffffffff, r5, r6]}, 0x80)
mkdirat$cgroup(r5, &(0x7f00000001c0)='syz1\x00', 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x40000020)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000))
r7 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r7)

01:15:57 executing program 5:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000200)={0x0, <r0=>0x0}, 0x8)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000240)=r0, 0x4)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r1, 0x0, 0x4}, 0x48)
r2 = bpf$OBJ_GET_MAP(0x7, 0x0, 0xf859bb1f38cb9205) (async)
r3 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4) (async)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4) (async, rerun: 32)
r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0) (rerun: 32)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r5)
r6 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r6) (async)
r7 = openat$cgroup_ro(r4, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0) (async, rerun: 64)
r8 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc) (rerun: 64)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18c25fd1f45e9059827d3f7423e3b5d69cce000000000000000000"], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r3, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r4, r5, r6, 0xffffffffffffffff, r7, r8]}, 0x80) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a80)={0x18, 0xa, &(0x7f00000005c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x80800000, 0x0, 0x0, 0x0, 0xca}, [@jmp={0x5, 0x0, 0x1, 0x6, 0x6, 0xffffffffffffffe0, 0x4}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffb}, @call={0x85, 0x0, 0x0, 0x89}, @map_fd={0x18, 0x3, 0x1, 0x0, r2}, @map_idx={0x18, 0x7, 0x5, 0x0, 0x4}]}, &(0x7f00000002c0)='GPL\x00', 0x3f, 0x86, &(0x7f0000000700)=""/134, 0x41100, 0x56, '\x00', 0x0, 0x0, r6, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000880)={0x1, 0x2, 0x2, 0x1f}, 0x10, 0x0, 0x0, 0x7, &(0x7f0000000940)=[0xffffffffffffffff], &(0x7f0000000980)=[{0x3, 0x3, 0xc, 0xc}, {0x0, 0x5, 0xd, 0x6}, {0x4, 0x2, 0xf, 0xa}, {0x4, 0x4, 0x0, 0x5}, {0x5, 0x3, 0x6, 0x5}, {0x3, 0x5, 0x10, 0x5}, {0x0, 0x3, 0x8, 0x2}], 0x10, 0x3}, 0x90) (async)
r9 = perf_event_open$cgroup(&(0x7f0000000040)={0x0, 0x80, 0x8, 0x1, 0x1, 0x2, 0x0, 0x1, 0x800, 0x3, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x20, 0x4, @perf_config_ext={0x7, 0x6}, 0x200, 0x8, 0x5, 0x2, 0x0, 0xad, 0x3f, 0x0, 0x1}, 0xffffffffffffffff, 0x5, 0xffffffffffffffff, 0x2)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r6, 0x2405, r9) (async)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000000)=r0, 0x4)

[ 1122.631403][T27275] FAULT_INJECTION: forcing a failure.
[ 1122.631403][T27275] name failslab, interval 1, probability 0, space 0, times 0
[ 1122.683387][T27275] CPU: 1 PID: 27275 Comm: syz-executor.2 Tainted: G        W         5.15.132-syzkaller-01173-g754f8cc9b7de #0
[ 1122.695814][T27275] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023
[ 1122.705710][T27275] Call Trace:
[ 1122.708923][T27275]  <TASK>
[ 1122.711693][T27275]  dump_stack_lvl+0x151/0x1b7
[ 1122.716211][T27275]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 1122.721769][T27275]  dump_stack+0x15/0x17
[ 1122.725759][T27275]  should_fail+0x3c6/0x510
[ 1122.730010][T27275]  __should_failslab+0xa4/0xe0
[ 1122.734607][T27275]  ? anon_vma_fork+0xf7/0x4e0
[ 1122.739123][T27275]  should_failslab+0x9/0x20
[ 1122.743468][T27275]  slab_pre_alloc_hook+0x37/0xd0
[ 1122.748238][T27275]  ? anon_vma_fork+0xf7/0x4e0
[ 1122.752747][T27275]  kmem_cache_alloc+0x44/0x200
[ 1122.757348][T27275]  anon_vma_fork+0xf7/0x4e0
[ 1122.761689][T27275]  ? anon_vma_name+0x4c/0x70
[ 1122.766123][T27275]  ? vm_area_dup+0x17a/0x230
[ 1122.770541][T27275]  copy_mm+0xa3a/0x13e0
[ 1122.774535][T27275]  ? copy_signal+0x610/0x610
[ 1122.778960][T27275]  ? __init_rwsem+0xd6/0x1c0
[ 1122.783383][T27275]  ? copy_signal+0x4e3/0x610
[ 1122.787822][T27275]  copy_process+0x12bc/0x3260
[ 1122.792329][T27275]  ? proc_fail_nth_write+0x20b/0x290
[ 1122.797447][T27275]  ? fsnotify_perm+0x6a/0x5d0
[ 1122.802138][T27275]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1122.807081][T27275]  ? vfs_write+0x9ec/0x1110
[ 1122.811597][T27275]  kernel_clone+0x21e/0x9e0
[ 1122.815934][T27275]  ? file_end_write+0x1c0/0x1c0
[ 1122.820623][T27275]  ? create_io_thread+0x1e0/0x1e0
[ 1122.825482][T27275]  ? mutex_unlock+0xb2/0x260
[ 1122.829915][T27275]  ? __mutex_lock_slowpath+0x10/0x10
[ 1122.835029][T27275]  __x64_sys_clone+0x23f/0x290
[ 1122.839631][T27275]  ? __do_sys_vfork+0x130/0x130
[ 1122.844311][T27275]  ? ksys_write+0x260/0x2c0
[ 1122.848659][T27275]  ? debug_smp_processor_id+0x17/0x20
[ 1122.853862][T27275]  ? fpregs_assert_state_consistent+0xb6/0xe0
[ 1122.859764][T27275]  ? exit_to_user_mode_prepare+0x39/0xa0
[ 1122.865231][T27275]  do_syscall_64+0x3d/0xb0
[ 1122.869484][T27275]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1122.875211][T27275] RIP: 0033:0x7f7962f04ae9
[ 1122.879462][T27275] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 1122.898910][T27275] RSP: 002b:00007f7961c66078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1122.907153][T27275] RAX: ffffffffffffffda RBX: 00007f7963024050 RCX: 00007f7962f04ae9
[ 1122.914964][T27275] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000075848400
[ 1122.922774][T27275] RBP: 00007f7961c66120 R08: 0000000000000000 R09: 0000000000000000
01:15:58 executing program 5:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000200)={0x0, <r0=>0x0}, 0x8)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000240)=r0, 0x4)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r1, 0x0, 0x4}, 0x48)
r2 = bpf$OBJ_GET_MAP(0x7, 0x0, 0xf859bb1f38cb9205) (async, rerun: 64)
r3 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4) (async, rerun: 64)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r5)
r6 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r6)
r7 = openat$cgroup_ro(r4, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0) (async)
r8 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18c25fd1f45e9059827d3f7423e3b5d69cce000000000000000000"], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r3, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r4, r5, r6, 0xffffffffffffffff, r7, r8]}, 0x80) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a80)={0x18, 0xa, &(0x7f00000005c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x80800000, 0x0, 0x0, 0x0, 0xca}, [@jmp={0x5, 0x0, 0x1, 0x6, 0x6, 0xffffffffffffffe0, 0x4}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffb}, @call={0x85, 0x0, 0x0, 0x89}, @map_fd={0x18, 0x3, 0x1, 0x0, r2}, @map_idx={0x18, 0x7, 0x5, 0x0, 0x4}]}, &(0x7f00000002c0)='GPL\x00', 0x3f, 0x86, &(0x7f0000000700)=""/134, 0x41100, 0x56, '\x00', 0x0, 0x0, r6, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000880)={0x1, 0x2, 0x2, 0x1f}, 0x10, 0x0, 0x0, 0x7, &(0x7f0000000940)=[0xffffffffffffffff], &(0x7f0000000980)=[{0x3, 0x3, 0xc, 0xc}, {0x0, 0x5, 0xd, 0x6}, {0x4, 0x2, 0xf, 0xa}, {0x4, 0x4, 0x0, 0x5}, {0x5, 0x3, 0x6, 0x5}, {0x3, 0x5, 0x10, 0x5}, {0x0, 0x3, 0x8, 0x2}], 0x10, 0x3}, 0x90) (async)
r9 = perf_event_open$cgroup(&(0x7f0000000040)={0x0, 0x80, 0x8, 0x1, 0x1, 0x2, 0x0, 0x1, 0x800, 0x3, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x20, 0x4, @perf_config_ext={0x7, 0x6}, 0x200, 0x8, 0x5, 0x2, 0x0, 0xad, 0x3f, 0x0, 0x1}, 0xffffffffffffffff, 0x5, 0xffffffffffffffff, 0x2)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r6, 0x2405, r9)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000000)=r0, 0x4)

01:15:58 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
r5 = openat$cgroup_ro(r2, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0)
r6 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18d20300000000000000d69cce00"/25], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r2, r3, r4, 0xffffffffffffffff, r5, r6]}, 0x80)
mkdirat$cgroup(r5, &(0x7f00000001c0)='syz1\x00', 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x40000020)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000))
r7 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r7)

[ 1122.930595][T27275] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1122.938397][T27275] R13: 000000000000006e R14: 00007f7963024050 R15: 00007ffde0e39ef8
[ 1122.946214][T27275]  </TASK>
01:15:58 executing program 2:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 24)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00'}, 0x10)

01:15:58 executing program 4:
syz_clone(0x75848400, 0x0, 0x41000000, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

01:15:58 executing program 5:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000200)={0x0, <r0=>0x0}, 0x8)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000240)=r0, 0x4)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r1, 0x0, 0x4}, 0x48)

01:15:58 executing program 1:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000ec0)={0x1d, 0x0, 0x0, &(0x7f0000000280)='syzkaller\x00', 0x8e07, 0x9a, &(0x7f0000000d80)=""/154, 0x0, 0x5, '\x00', 0x0, 0x12, 0xffffffffffffffff, 0x8, &(0x7f0000000c80), 0x8, 0x10, 0xfffffffffffffffc, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, &(0x7f0000000e40)=[0xffffffffffffffff], &(0x7f0000000e80)=[{0x0, 0x4, 0x7, 0x8}], 0x10, 0x5}, 0x90)

01:15:58 executing program 0:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
r5 = openat$cgroup_ro(r2, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0)
r6 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18d20300000000000000d69cce00"/25], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r2, r3, r4, 0xffffffffffffffff, r5, r6]}, 0x80)
mkdirat$cgroup(r5, &(0x7f00000001c0)='syz1\x00', 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x40000020)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000))
r7 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r7)

01:15:58 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, 0xffffffffffffffff)
r5 = openat$cgroup_ro(r2, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0)
r6 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18d20300000000000000d69cce00"/25], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r2, r3, r4, 0xffffffffffffffff, r5, r6]}, 0x80)
mkdirat$cgroup(r5, &(0x7f00000001c0)='syz1\x00', 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x40000020)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000))
r7 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r7)

01:15:58 executing program 5:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000200), 0x8) (async)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000200)={0x0, <r0=>0x0}, 0x8)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000240)=r0, 0x4)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r1, 0x0, 0x4}, 0x48)

01:15:58 executing program 0:
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 1)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00', r0}, 0x10)

01:15:58 executing program 5:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000200)={0x0, <r0=>0x0}, 0x8)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000240)=r0, 0x4)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r1, 0x0, 0x4}, 0x48)

01:15:58 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, 0xffffffffffffffff)
r5 = openat$cgroup_ro(r2, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0)
r6 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18d20300000000000000d69cce00"/25], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r2, r3, r4, 0xffffffffffffffff, r5, r6]}, 0x80)
mkdirat$cgroup(r5, &(0x7f00000001c0)='syz1\x00', 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x40000020)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000))
r7 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r7)

[ 1123.058740][T27308] FAULT_INJECTION: forcing a failure.
[ 1123.058740][T27308] name failslab, interval 1, probability 0, space 0, times 0
[ 1123.082406][T27314] FAULT_INJECTION: forcing a failure.
[ 1123.082406][T27314] name failslab, interval 1, probability 0, space 0, times 0
[ 1123.111915][T27314] CPU: 1 PID: 27314 Comm: syz-executor.0 Tainted: G        W         5.15.132-syzkaller-01173-g754f8cc9b7de #0
[ 1123.123472][T27314] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023
[ 1123.133367][T27314] Call Trace:
[ 1123.136493][T27314]  <TASK>
[ 1123.139269][T27314]  dump_stack_lvl+0x151/0x1b7
[ 1123.143779][T27314]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 1123.149250][T27314]  dump_stack+0x15/0x17
[ 1123.153239][T27314]  should_fail+0x3c6/0x510
[ 1123.157493][T27314]  __should_failslab+0xa4/0xe0
[ 1123.162091][T27314]  ? dup_task_struct+0x53/0xc60
[ 1123.166778][T27314]  should_failslab+0x9/0x20
[ 1123.171118][T27314]  slab_pre_alloc_hook+0x37/0xd0
[ 1123.175895][T27314]  ? dup_task_struct+0x53/0xc60
[ 1123.180588][T27314]  kmem_cache_alloc+0x44/0x200
[ 1123.185175][T27314]  dup_task_struct+0x53/0xc60
[ 1123.189686][T27314]  ? __kasan_check_write+0x14/0x20
[ 1123.194636][T27314]  copy_process+0x5c4/0x3260
[ 1123.199061][T27314]  ? __kasan_check_write+0x14/0x20
[ 1123.204006][T27314]  ? proc_fail_nth_write+0x20b/0x290
[ 1123.209127][T27314]  ? selinux_file_permission+0x2c4/0x570
[ 1123.214610][T27314]  ? fsnotify_perm+0x6a/0x5d0
[ 1123.219109][T27314]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1123.224054][T27314]  ? vfs_write+0x9ec/0x1110
[ 1123.228400][T27314]  kernel_clone+0x21e/0x9e0
[ 1123.232736][T27314]  ? file_end_write+0x1c0/0x1c0
[ 1123.237421][T27314]  ? create_io_thread+0x1e0/0x1e0
[ 1123.242281][T27314]  ? mutex_unlock+0xb2/0x260
[ 1123.246709][T27314]  ? __mutex_lock_slowpath+0x10/0x10
[ 1123.251830][T27314]  __x64_sys_clone+0x23f/0x290
[ 1123.256431][T27314]  ? __do_sys_vfork+0x130/0x130
[ 1123.261116][T27314]  ? ksys_write+0x260/0x2c0
[ 1123.265457][T27314]  ? debug_smp_processor_id+0x17/0x20
[ 1123.270665][T27314]  ? fpregs_assert_state_consistent+0xb6/0xe0
[ 1123.276565][T27314]  ? exit_to_user_mode_prepare+0x39/0xa0
[ 1123.282032][T27314]  do_syscall_64+0x3d/0xb0
[ 1123.286286][T27314]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1123.292013][T27314] RIP: 0033:0x7f7ad5c66ae9
[ 1123.296267][T27314] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 1123.315710][T27314] RSP: 002b:00007f7ad49e9078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1123.323954][T27314] RAX: ffffffffffffffda RBX: 00007f7ad5d85f80 RCX: 00007f7ad5c66ae9
[ 1123.331763][T27314] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000075848400
[ 1123.339576][T27314] RBP: 00007f7ad49e9120 R08: 0000000000000000 R09: 0000000000000000
[ 1123.347385][T27314] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001
[ 1123.355196][T27314] R13: 000000000000000b R14: 00007f7ad5d85f80 R15: 00007ffc6c85e9c8
01:15:58 executing program 5:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000200)={0x0, <r0=>0x0}, 0x8)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000240)=r0, 0x4)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r1, 0x0, 0x4}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000680)={0xffffffffffffffff, 0xe0, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0), ""/16, <r3=>0x0, 0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000380)=[0x0], &(0x7f0000000440), <r4=>0x0, 0x8, &(0x7f0000000480)=[{}, {}, {}, {}, {}, {}], 0x30, 0x10, &(0x7f00000004c0), &(0x7f0000000500), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000540)}}, 0x10)
r5 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r6 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000800)='blkio.bfq.io_service_bytes\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r6)
r7 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r7)
r8 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r8)
r9 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000840)={0x2, 0x4, 0x8, 0x1, 0x80, r8, 0x100, '\x00', r3, 0xffffffffffffffff, 0x0, 0x4}, 0x48)
r10 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000cc0)={&(0x7f0000000a40)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x133, 0x133, 0x5, [@const={0xe}, @volatile={0xe, 0x0, 0x0, 0x9, 0x2}, @func_proto={0x0, 0xa, 0x0, 0xd, 0x0, [{0xd, 0x4}, {0x1, 0x5}, {0x5, 0x2}, {0x10}, {0xe, 0x2}, {0x4, 0x1}, {0x4, 0x5}, {0xe, 0x4}, {0x2, 0x3}, {0x6, 0x3}]}, @union={0x8, 0x1, 0x0, 0x5, 0x1, 0x7, [{0x2, 0x3, 0x100}]}, @union={0x0, 0x1, 0x0, 0x5, 0x0, 0x60, [{0x1, 0x3, 0x40}]}, @int={0x6, 0x0, 0x0, 0x1, 0x0, 0x7c, 0x0, 0x9, 0x2}, @var={0x5, 0x0, 0x0, 0xe, 0x4}, @fwd={0xa}, @datasec={0xe, 0x7, 0x0, 0xf, 0x3, [{0x1, 0x377a}, {0x5, 0x3, 0x2}, {0x1, 0x2, 0x7fff}, {0x3, 0x7ff, 0x2}, {0x4, 0xd5bc, 0x3}, {0x3, 0x3, 0x555297a5}, {0x3, 0xfffffff9, 0x1}], "a26aae"}]}, {0x0, [0xa93d6c7ccd7e9446, 0x2e, 0x5f]}}, &(0x7f0000000bc0)=""/224, 0x151, 0xe0, 0x0, 0xcc}, 0x20)
r11 = bpf$OBJ_GET_MAP(0x7, 0x0, 0xf859bb1f38cb9205)
r12 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r13 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r13)
r14 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r14)
r15 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r15)
r16 = openat$cgroup_ro(r13, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0)
r17 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r12, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r13, r14, r15, 0xffffffffffffffff, r16, r17]}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a80)={0x18, 0xa, &(0x7f00000005c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x80800000, 0x0, 0x0, 0x0, 0xca}, [@jmp={0x5, 0x0, 0x1, 0x6, 0x6, 0xffffffffffffffe0, 0x4}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffb}, @call={0x85, 0x0, 0x0, 0x89}, @map_fd={0x18, 0x3, 0x1, 0x0, r11}, @map_idx={0x18, 0x7, 0x5, 0x0, 0x4}]}, &(0x7f00000002c0)='GPL\x00', 0x3f, 0x86, &(0x7f0000000700)=""/134, 0x41100, 0x56, '\x00', 0x0, 0x0, r15, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000880)={0x1, 0x2, 0x2, 0x1f}, 0x10, 0x0, 0x0, 0x7, &(0x7f0000000940)=[0xffffffffffffffff], &(0x7f0000000980)=[{0x3, 0x3, 0xc, 0xc}, {0x0, 0x5, 0xd, 0x6}, {0x4, 0x2, 0xf, 0xa}, {0x4, 0x4, 0x0, 0x5}, {0x5, 0x3, 0x6, 0x5}, {0x3, 0x5, 0x10, 0x5}, {0x0, 0x3, 0x8, 0x2}], 0x10, 0x3}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000d80)={0x6, 0xa, &(0x7f00000008c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x2}, [@jmp={0x5, 0x0, 0xb, 0xe, 0x8, 0x4, 0xffffffffffffffff}, @initr0={0x18, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x2}, @map_val={0x18, 0x7, 0x2, 0x0, r9, 0x0, 0x0, 0x0, 0x7ff}, @map_idx={0x18, 0x9, 0x5, 0x0, 0xb}]}, &(0x7f0000000940)='GPL\x00', 0x1, 0x99, &(0x7f0000000980)=""/153, 0x41100, 0x20, '\x00', 0x0, 0x2e, r10, 0x8, &(0x7f0000000d00)={0x9, 0x3}, 0x8, 0x10, 0x0, 0x0, r4, r15, 0x0, 0x0, &(0x7f0000000d40), 0x10, 0x7}, 0x90)
r18 = openat$cgroup_ro(r6, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0)
r19 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18c25fd1f45e9059827d3f7423e3b5d69cce000000000000000000"], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r5, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r6, r7, r8, 0xffffffffffffffff, r18, r19]}, 0x80)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0xe, 0x1c, &(0x7f0000000000)=@raw=[@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x80000001}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r2}}, @printk={@pointer, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xbee5}}, @initr0={0x18, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x4}, @generic={0x4, 0x2, 0xe, 0x0, 0xda}, @func={0x85, 0x0, 0x1, 0x0, 0x3}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x4}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffc}, @generic={0x8, 0x4, 0x9, 0x5, 0x10001}], &(0x7f0000000100)='GPL\x00', 0x80000000, 0xe5, &(0x7f0000000280)=""/229, 0x40f00, 0x10, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000140)={0x0, 0x5}, 0x8, 0x10, &(0x7f0000000180)={0x3, 0x10, 0xbb3, 0xffffffff}, 0x10, r4, r6, 0x1, &(0x7f00000006c0)=[r2], &(0x7f0000000700)=[{0x3, 0x3, 0x4, 0x8}], 0x10, 0x8001}, 0x90)

[ 1123.363012][T27314]  </TASK>
[ 1123.366583][T27308] CPU: 1 PID: 27308 Comm: syz-executor.2 Tainted: G        W         5.15.132-syzkaller-01173-g754f8cc9b7de #0
[ 1123.378122][T27308] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023
[ 1123.388015][T27308] Call Trace:
[ 1123.391139][T27308]  <TASK>
[ 1123.393913][T27308]  dump_stack_lvl+0x151/0x1b7
[ 1123.398426][T27308]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 1123.403895][T27308]  dump_stack+0x15/0x17
[ 1123.407882][T27308]  should_fail+0x3c6/0x510
[ 1123.412141][T27308]  __should_failslab+0xa4/0xe0
[ 1123.416738][T27308]  ? anon_vma_fork+0x1df/0x4e0
[ 1123.421334][T27308]  should_failslab+0x9/0x20
[ 1123.425676][T27308]  slab_pre_alloc_hook+0x37/0xd0
[ 1123.430448][T27308]  ? anon_vma_fork+0x1df/0x4e0
[ 1123.435049][T27308]  kmem_cache_alloc+0x44/0x200
[ 1123.439651][T27308]  anon_vma_fork+0x1df/0x4e0
[ 1123.444074][T27308]  copy_mm+0xa3a/0x13e0
[ 1123.448069][T27308]  ? copy_signal+0x610/0x610
[ 1123.452495][T27308]  ? __init_rwsem+0xd6/0x1c0
[ 1123.456920][T27308]  ? copy_signal+0x4e3/0x610
[ 1123.461346][T27308]  copy_process+0x12bc/0x3260
[ 1123.465861][T27308]  ? proc_fail_nth_write+0x20b/0x290
[ 1123.470980][T27308]  ? fsnotify_perm+0x6a/0x5d0
[ 1123.475493][T27308]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1123.480439][T27308]  ? vfs_write+0x9ec/0x1110
[ 1123.484780][T27308]  kernel_clone+0x21e/0x9e0
[ 1123.489121][T27308]  ? file_end_write+0x1c0/0x1c0
[ 1123.493808][T27308]  ? create_io_thread+0x1e0/0x1e0
[ 1123.498666][T27308]  ? mutex_unlock+0xb2/0x260
[ 1123.503093][T27308]  ? __mutex_lock_slowpath+0x10/0x10
[ 1123.508213][T27308]  __x64_sys_clone+0x23f/0x290
[ 1123.512814][T27308]  ? __do_sys_vfork+0x130/0x130
[ 1123.517501][T27308]  ? ksys_write+0x260/0x2c0
[ 1123.521842][T27308]  ? debug_smp_processor_id+0x17/0x20
[ 1123.527046][T27308]  ? fpregs_assert_state_consistent+0xb6/0xe0
[ 1123.532952][T27308]  ? exit_to_user_mode_prepare+0x39/0xa0
[ 1123.538417][T27308]  do_syscall_64+0x3d/0xb0
[ 1123.542671][T27308]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1123.548398][T27308] RIP: 0033:0x7f7962f04ae9
[ 1123.552654][T27308] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 1123.572094][T27308] RSP: 002b:00007f7961c87078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1123.580340][T27308] RAX: ffffffffffffffda RBX: 00007f7963023f80 RCX: 00007f7962f04ae9
[ 1123.588148][T27308] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000075848400
[ 1123.595960][T27308] RBP: 00007f7961c87120 R08: 0000000000000000 R09: 0000000000000000
[ 1123.603772][T27308] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
01:15:58 executing program 2:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 25)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00'}, 0x10)

01:15:58 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, 0xffffffffffffffff)
r5 = openat$cgroup_ro(r2, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0)
r6 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18d20300000000000000d69cce00"/25], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r2, r3, r4, 0xffffffffffffffff, r5, r6]}, 0x80)
mkdirat$cgroup(r5, &(0x7f00000001c0)='syz1\x00', 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x40000020)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000))
r7 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r7)

[ 1123.611580][T27308] R13: 000000000000000b R14: 00007f7963023f80 R15: 00007ffde0e39ef8
[ 1123.619398][T27308]  </TASK>
[ 1123.691643][T27330] FAULT_INJECTION: forcing a failure.
[ 1123.691643][T27330] name failslab, interval 1, probability 0, space 0, times 0
[ 1123.731744][T27330] CPU: 0 PID: 27330 Comm: syz-executor.2 Tainted: G        W         5.15.132-syzkaller-01173-g754f8cc9b7de #0
[ 1123.743294][T27330] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023
[ 1123.753188][T27330] Call Trace:
[ 1123.756309][T27330]  <TASK>
[ 1123.759082][T27330]  dump_stack_lvl+0x151/0x1b7
[ 1123.763597][T27330]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 1123.769065][T27330]  dump_stack+0x15/0x17
[ 1123.773055][T27330]  should_fail+0x3c6/0x510
[ 1123.777315][T27330]  __should_failslab+0xa4/0xe0
[ 1123.781908][T27330]  ? anon_vma_fork+0x1df/0x4e0
[ 1123.786512][T27330]  should_failslab+0x9/0x20
[ 1123.790849][T27330]  slab_pre_alloc_hook+0x37/0xd0
[ 1123.795622][T27330]  ? anon_vma_fork+0x1df/0x4e0
[ 1123.800224][T27330]  kmem_cache_alloc+0x44/0x200
[ 1123.804822][T27330]  anon_vma_fork+0x1df/0x4e0
[ 1123.809251][T27330]  copy_mm+0xa3a/0x13e0
[ 1123.813242][T27330]  ? copy_signal+0x610/0x610
[ 1123.817669][T27330]  ? __init_rwsem+0xd6/0x1c0
[ 1123.822096][T27330]  ? copy_signal+0x4e3/0x610
[ 1123.826522][T27330]  copy_process+0x12bc/0x3260
[ 1123.831042][T27330]  ? proc_fail_nth_write+0x20b/0x290
[ 1123.836154][T27330]  ? fsnotify_perm+0x6a/0x5d0
[ 1123.840670][T27330]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1123.845622][T27330]  ? vfs_write+0x9ec/0x1110
[ 1123.849954][T27330]  kernel_clone+0x21e/0x9e0
[ 1123.854297][T27330]  ? file_end_write+0x1c0/0x1c0
[ 1123.858979][T27330]  ? create_io_thread+0x1e0/0x1e0
[ 1123.863839][T27330]  ? mutex_unlock+0xb2/0x260
[ 1123.868270][T27330]  ? __mutex_lock_slowpath+0x10/0x10
[ 1123.873390][T27330]  __x64_sys_clone+0x23f/0x290
[ 1123.877988][T27330]  ? __do_sys_vfork+0x130/0x130
[ 1123.882674][T27330]  ? ksys_write+0x260/0x2c0
[ 1123.887015][T27330]  ? debug_smp_processor_id+0x17/0x20
[ 1123.892221][T27330]  ? fpregs_assert_state_consistent+0xb6/0xe0
[ 1123.898123][T27330]  ? exit_to_user_mode_prepare+0x39/0xa0
[ 1123.903592][T27330]  do_syscall_64+0x3d/0xb0
[ 1123.907843][T27330]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1123.913572][T27330] RIP: 0033:0x7f7962f04ae9
[ 1123.917825][T27330] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 1123.937268][T27330] RSP: 002b:00007f7961c87078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1123.945510][T27330] RAX: ffffffffffffffda RBX: 00007f7963023f80 RCX: 00007f7962f04ae9
[ 1123.953326][T27330] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000075848400
[ 1123.961132][T27330] RBP: 00007f7961c87120 R08: 0000000000000000 R09: 0000000000000000
[ 1123.968944][T27330] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1123.976756][T27330] R13: 000000000000000b R14: 00007f7963023f80 R15: 00007ffde0e39ef8
[ 1123.984570][T27330]  </TASK>
01:15:59 executing program 4:
syz_clone(0x75848400, 0x0, 0xa002a000, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

01:15:59 executing program 5:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000200)={0x0, <r0=>0x0}, 0x8)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000240)=r0, 0x4)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r1, 0x0, 0x4}, 0x48) (async)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r1, 0x0, 0x4}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000680)={0xffffffffffffffff, 0xe0, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0), ""/16, <r3=>0x0, 0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000380)=[0x0], &(0x7f0000000440), <r4=>0x0, 0x8, &(0x7f0000000480)=[{}, {}, {}, {}, {}, {}], 0x30, 0x10, &(0x7f00000004c0), &(0x7f0000000500), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000540)}}, 0x10)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4) (async)
r5 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000800)='blkio.bfq.io_service_bytes\x00', 0x0, 0x0) (async)
r6 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000800)='blkio.bfq.io_service_bytes\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r6)
r7 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r7)
r8 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r8) (async)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r8)
r9 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000840)={0x2, 0x4, 0x8, 0x1, 0x80, r8, 0x100, '\x00', r3, 0xffffffffffffffff, 0x0, 0x4}, 0x48)
r10 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000cc0)={&(0x7f0000000a40)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x133, 0x133, 0x5, [@const={0xe}, @volatile={0xe, 0x0, 0x0, 0x9, 0x2}, @func_proto={0x0, 0xa, 0x0, 0xd, 0x0, [{0xd, 0x4}, {0x1, 0x5}, {0x5, 0x2}, {0x10}, {0xe, 0x2}, {0x4, 0x1}, {0x4, 0x5}, {0xe, 0x4}, {0x2, 0x3}, {0x6, 0x3}]}, @union={0x8, 0x1, 0x0, 0x5, 0x1, 0x7, [{0x2, 0x3, 0x100}]}, @union={0x0, 0x1, 0x0, 0x5, 0x0, 0x60, [{0x1, 0x3, 0x40}]}, @int={0x6, 0x0, 0x0, 0x1, 0x0, 0x7c, 0x0, 0x9, 0x2}, @var={0x5, 0x0, 0x0, 0xe, 0x4}, @fwd={0xa}, @datasec={0xe, 0x7, 0x0, 0xf, 0x3, [{0x1, 0x377a}, {0x5, 0x3, 0x2}, {0x1, 0x2, 0x7fff}, {0x3, 0x7ff, 0x2}, {0x4, 0xd5bc, 0x3}, {0x3, 0x3, 0x555297a5}, {0x3, 0xfffffff9, 0x1}], "a26aae"}]}, {0x0, [0xa93d6c7ccd7e9446, 0x2e, 0x5f]}}, &(0x7f0000000bc0)=""/224, 0x151, 0xe0, 0x0, 0xcc}, 0x20)
r11 = bpf$OBJ_GET_MAP(0x7, 0x0, 0xf859bb1f38cb9205)
r12 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0) (async)
r13 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r13)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0) (async)
r14 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r14)
r15 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r15)
r16 = openat$cgroup_ro(r13, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc) (async)
r17 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r12, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r13, r14, r15, 0xffffffffffffffff, r16, r17]}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a80)={0x18, 0xa, &(0x7f00000005c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x80800000, 0x0, 0x0, 0x0, 0xca}, [@jmp={0x5, 0x0, 0x1, 0x6, 0x6, 0xffffffffffffffe0, 0x4}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffb}, @call={0x85, 0x0, 0x0, 0x89}, @map_fd={0x18, 0x3, 0x1, 0x0, r11}, @map_idx={0x18, 0x7, 0x5, 0x0, 0x4}]}, &(0x7f00000002c0)='GPL\x00', 0x3f, 0x86, &(0x7f0000000700)=""/134, 0x41100, 0x56, '\x00', 0x0, 0x0, r15, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000880)={0x1, 0x2, 0x2, 0x1f}, 0x10, 0x0, 0x0, 0x7, &(0x7f0000000940)=[0xffffffffffffffff], &(0x7f0000000980)=[{0x3, 0x3, 0xc, 0xc}, {0x0, 0x5, 0xd, 0x6}, {0x4, 0x2, 0xf, 0xa}, {0x4, 0x4, 0x0, 0x5}, {0x5, 0x3, 0x6, 0x5}, {0x3, 0x5, 0x10, 0x5}, {0x0, 0x3, 0x8, 0x2}], 0x10, 0x3}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000d80)={0x6, 0xa, &(0x7f00000008c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x2}, [@jmp={0x5, 0x0, 0xb, 0xe, 0x8, 0x4, 0xffffffffffffffff}, @initr0={0x18, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x2}, @map_val={0x18, 0x7, 0x2, 0x0, r9, 0x0, 0x0, 0x0, 0x7ff}, @map_idx={0x18, 0x9, 0x5, 0x0, 0xb}]}, &(0x7f0000000940)='GPL\x00', 0x1, 0x99, &(0x7f0000000980)=""/153, 0x41100, 0x20, '\x00', 0x0, 0x2e, r10, 0x8, &(0x7f0000000d00)={0x9, 0x3}, 0x8, 0x10, 0x0, 0x0, r4, r15, 0x0, 0x0, &(0x7f0000000d40), 0x10, 0x7}, 0x90)
openat$cgroup_ro(r6, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0) (async)
r18 = openat$cgroup_ro(r6, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc) (async)
r19 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18c25fd1f45e9059827d3f7423e3b5d69cce000000000000000000"], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r5, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r6, r7, r8, 0xffffffffffffffff, r18, r19]}, 0x80) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18c25fd1f45e9059827d3f7423e3b5d69cce000000000000000000"], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r5, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r6, r7, r8, 0xffffffffffffffff, r18, r19]}, 0x80)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0xe, 0x1c, &(0x7f0000000000)=@raw=[@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x80000001}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r2}}, @printk={@pointer, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xbee5}}, @initr0={0x18, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x4}, @generic={0x4, 0x2, 0xe, 0x0, 0xda}, @func={0x85, 0x0, 0x1, 0x0, 0x3}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x4}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffc}, @generic={0x8, 0x4, 0x9, 0x5, 0x10001}], &(0x7f0000000100)='GPL\x00', 0x80000000, 0xe5, &(0x7f0000000280)=""/229, 0x40f00, 0x10, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000140)={0x0, 0x5}, 0x8, 0x10, &(0x7f0000000180)={0x3, 0x10, 0xbb3, 0xffffffff}, 0x10, r4, r6, 0x1, &(0x7f00000006c0)=[r2], &(0x7f0000000700)=[{0x3, 0x3, 0x4, 0x8}], 0x10, 0x8001}, 0x90)

01:15:59 executing program 1:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000ec0)={0x1d, 0x0, 0x0, &(0x7f0000000280)='syzkaller\x00', 0x8e07, 0x9a, &(0x7f0000000d80)=""/154, 0x0, 0x5, '\x00', 0x0, 0x12, 0xffffffffffffffff, 0x8, &(0x7f0000000c80), 0x8, 0x10, 0xfffffffffffffffc, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, &(0x7f0000000e40)=[0xffffffffffffffff], &(0x7f0000000e80)=[{0x0, 0x4, 0x7, 0x8}], 0x10, 0x5}, 0x90)

01:15:59 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0)
r6 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18d20300000000000000d69cce00"/25], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r2, r3, r4, 0xffffffffffffffff, r5, r6]}, 0x80)
mkdirat$cgroup(r5, &(0x7f00000001c0)='syz1\x00', 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x40000020)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000))
r7 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r7)

01:15:59 executing program 5:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000200)={0x0, <r0=>0x0}, 0x8)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000240)=r0, 0x4)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r1, 0x0, 0x4}, 0x48) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000680)={0xffffffffffffffff, 0xe0, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0), ""/16, <r3=>0x0, 0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000380)=[0x0], &(0x7f0000000440), <r4=>0x0, 0x8, &(0x7f0000000480)=[{}, {}, {}, {}, {}, {}], 0x30, 0x10, &(0x7f00000004c0), &(0x7f0000000500), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000540)}}, 0x10)
r5 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4) (async)
r6 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000800)='blkio.bfq.io_service_bytes\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r6) (async)
r7 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r7) (async)
r8 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r8) (async)
r9 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000840)={0x2, 0x4, 0x8, 0x1, 0x80, r8, 0x100, '\x00', r3, 0xffffffffffffffff, 0x0, 0x4}, 0x48) (async)
r10 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000cc0)={&(0x7f0000000a40)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x133, 0x133, 0x5, [@const={0xe}, @volatile={0xe, 0x0, 0x0, 0x9, 0x2}, @func_proto={0x0, 0xa, 0x0, 0xd, 0x0, [{0xd, 0x4}, {0x1, 0x5}, {0x5, 0x2}, {0x10}, {0xe, 0x2}, {0x4, 0x1}, {0x4, 0x5}, {0xe, 0x4}, {0x2, 0x3}, {0x6, 0x3}]}, @union={0x8, 0x1, 0x0, 0x5, 0x1, 0x7, [{0x2, 0x3, 0x100}]}, @union={0x0, 0x1, 0x0, 0x5, 0x0, 0x60, [{0x1, 0x3, 0x40}]}, @int={0x6, 0x0, 0x0, 0x1, 0x0, 0x7c, 0x0, 0x9, 0x2}, @var={0x5, 0x0, 0x0, 0xe, 0x4}, @fwd={0xa}, @datasec={0xe, 0x7, 0x0, 0xf, 0x3, [{0x1, 0x377a}, {0x5, 0x3, 0x2}, {0x1, 0x2, 0x7fff}, {0x3, 0x7ff, 0x2}, {0x4, 0xd5bc, 0x3}, {0x3, 0x3, 0x555297a5}, {0x3, 0xfffffff9, 0x1}], "a26aae"}]}, {0x0, [0xa93d6c7ccd7e9446, 0x2e, 0x5f]}}, &(0x7f0000000bc0)=""/224, 0x151, 0xe0, 0x0, 0xcc}, 0x20)
r11 = bpf$OBJ_GET_MAP(0x7, 0x0, 0xf859bb1f38cb9205) (async)
r12 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4) (async)
r13 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r13) (async)
r14 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r14) (async)
r15 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r15) (async)
r16 = openat$cgroup_ro(r13, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0) (async)
r17 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r12, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r13, r14, r15, 0xffffffffffffffff, r16, r17]}, 0x90) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a80)={0x18, 0xa, &(0x7f00000005c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x80800000, 0x0, 0x0, 0x0, 0xca}, [@jmp={0x5, 0x0, 0x1, 0x6, 0x6, 0xffffffffffffffe0, 0x4}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffb}, @call={0x85, 0x0, 0x0, 0x89}, @map_fd={0x18, 0x3, 0x1, 0x0, r11}, @map_idx={0x18, 0x7, 0x5, 0x0, 0x4}]}, &(0x7f00000002c0)='GPL\x00', 0x3f, 0x86, &(0x7f0000000700)=""/134, 0x41100, 0x56, '\x00', 0x0, 0x0, r15, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000880)={0x1, 0x2, 0x2, 0x1f}, 0x10, 0x0, 0x0, 0x7, &(0x7f0000000940)=[0xffffffffffffffff], &(0x7f0000000980)=[{0x3, 0x3, 0xc, 0xc}, {0x0, 0x5, 0xd, 0x6}, {0x4, 0x2, 0xf, 0xa}, {0x4, 0x4, 0x0, 0x5}, {0x5, 0x3, 0x6, 0x5}, {0x3, 0x5, 0x10, 0x5}, {0x0, 0x3, 0x8, 0x2}], 0x10, 0x3}, 0x90) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000d80)={0x6, 0xa, &(0x7f00000008c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x2}, [@jmp={0x5, 0x0, 0xb, 0xe, 0x8, 0x4, 0xffffffffffffffff}, @initr0={0x18, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x2}, @map_val={0x18, 0x7, 0x2, 0x0, r9, 0x0, 0x0, 0x0, 0x7ff}, @map_idx={0x18, 0x9, 0x5, 0x0, 0xb}]}, &(0x7f0000000940)='GPL\x00', 0x1, 0x99, &(0x7f0000000980)=""/153, 0x41100, 0x20, '\x00', 0x0, 0x2e, r10, 0x8, &(0x7f0000000d00)={0x9, 0x3}, 0x8, 0x10, 0x0, 0x0, r4, r15, 0x0, 0x0, &(0x7f0000000d40), 0x10, 0x7}, 0x90) (async)
r18 = openat$cgroup_ro(r6, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0) (async)
r19 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18c25fd1f45e9059827d3f7423e3b5d69cce000000000000000000"], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r5, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r6, r7, r8, 0xffffffffffffffff, r18, r19]}, 0x80) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0xe, 0x1c, &(0x7f0000000000)=@raw=[@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x80000001}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r2}}, @printk={@pointer, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xbee5}}, @initr0={0x18, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x4}, @generic={0x4, 0x2, 0xe, 0x0, 0xda}, @func={0x85, 0x0, 0x1, 0x0, 0x3}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x4}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffc}, @generic={0x8, 0x4, 0x9, 0x5, 0x10001}], &(0x7f0000000100)='GPL\x00', 0x80000000, 0xe5, &(0x7f0000000280)=""/229, 0x40f00, 0x10, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000140)={0x0, 0x5}, 0x8, 0x10, &(0x7f0000000180)={0x3, 0x10, 0xbb3, 0xffffffff}, 0x10, r4, r6, 0x1, &(0x7f00000006c0)=[r2], &(0x7f0000000700)=[{0x3, 0x3, 0x4, 0x8}], 0x10, 0x8001}, 0x90)

01:15:59 executing program 5:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000200)={0x0, <r0=>0x0}, 0x8)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, 0xffffffffffffffff)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0)
r2 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18c25fd1f45e9059827d3f7423e3b5d69cce000000000000000000"], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r1, r2]}, 0x80)
r3 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000000c0)=0xffffffffffffffff, 0x4)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000380)={0xffffffffffffffff, 0x20, &(0x7f00000001c0)={&(0x7f0000000280)=""/248, 0xf8, <r4=>0x0, &(0x7f0000000180)=""/5, 0x5}}, 0x10)
r5 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r6 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r6)
r7 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r7)
r8 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r8)
r9 = openat$cgroup_ro(r6, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0)
r10 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18c25fd1f45e9059827d3f7423e3b5d69cce000000000000000000"], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r5, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r6, r7, r8, 0xffffffffffffffff, r9, r10]}, 0x80)
r11 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r12 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r12)
r13 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r13)
r14 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r14)
r15 = openat$cgroup_ro(r12, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0)
r16 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18c25fd1f45e9059827d3f7423e3b5d69cce000000000000000000"], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r11, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r12, r13, r14, 0xffffffffffffffff, r15, r16]}, 0x80)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x1, 0x6, &(0x7f0000000000)=@raw=[@map_fd={0x18, 0x1, 0x1, 0x0, r2}, @jmp={0x5, 0x0, 0x3, 0x4, 0x9, 0x50, 0x1}, @call={0x85, 0x0, 0x0, 0x50}, @exit, @alu={0x4, 0x1, 0x9, 0x1, 0xb, 0xfffffffffffffffe, 0xfffffffffffffff4}], &(0x7f0000000040)='syzkaller\x00', 0xfffffffb, 0x2f, &(0x7f0000000080)=""/47, 0x40f00, 0x0, '\x00', 0x0, 0x8, r3, 0x8, &(0x7f0000000100)={0x2, 0x3}, 0x8, 0x10, &(0x7f0000000140)={0x1, 0xe, 0x800, 0x9}, 0x10, r4, 0xffffffffffffffff, 0x7, &(0x7f0000000440)=[r10, 0xffffffffffffffff, 0x1, r12], &(0x7f0000000480)=[{0x1, 0x4, 0xa, 0xa}, {0x0, 0x1, 0x7, 0x5}, {0x5, 0x5, 0xe, 0x1}, {0x2, 0x4, 0x0, 0x9}, {0x1, 0x4, 0x6, 0x3}, {0x2, 0x3, 0x0, 0x6}, {0x1, 0x2, 0x2, 0x7}], 0x10, 0x7}, 0x90)
r17 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000240)=r0, 0x4)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r17, 0x0, 0x4}, 0x48)

01:15:59 executing program 0:
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 2)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00', r0}, 0x10)

01:15:59 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0)
r6 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18d20300000000000000d69cce00"/25], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r2, r3, r4, 0xffffffffffffffff, r5, r6]}, 0x80)
mkdirat$cgroup(r5, &(0x7f00000001c0)='syz1\x00', 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x40000020)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000))
r7 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r7)

01:15:59 executing program 5:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000200)={0x0, <r0=>0x0}, 0x8) (async)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, 0xffffffffffffffff) (async)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0) (async)
r2 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18c25fd1f45e9059827d3f7423e3b5d69cce000000000000000000"], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r1, r2]}, 0x80) (async)
r3 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000000c0)=0xffffffffffffffff, 0x4) (async)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000380)={0xffffffffffffffff, 0x20, &(0x7f00000001c0)={&(0x7f0000000280)=""/248, 0xf8, <r4=>0x0, &(0x7f0000000180)=""/5, 0x5}}, 0x10) (async)
r5 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4) (async)
r6 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r6)
r7 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r7) (async)
r8 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r8) (async)
r9 = openat$cgroup_ro(r6, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0) (async)
r10 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18c25fd1f45e9059827d3f7423e3b5d69cce000000000000000000"], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r5, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r6, r7, r8, 0xffffffffffffffff, r9, r10]}, 0x80) (async)
r11 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4) (async)
r12 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r12) (async)
r13 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r13)
r14 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r14)
r15 = openat$cgroup_ro(r12, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0)
r16 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18c25fd1f45e9059827d3f7423e3b5d69cce000000000000000000"], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r11, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r12, r13, r14, 0xffffffffffffffff, r15, r16]}, 0x80) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x1, 0x6, &(0x7f0000000000)=@raw=[@map_fd={0x18, 0x1, 0x1, 0x0, r2}, @jmp={0x5, 0x0, 0x3, 0x4, 0x9, 0x50, 0x1}, @call={0x85, 0x0, 0x0, 0x50}, @exit, @alu={0x4, 0x1, 0x9, 0x1, 0xb, 0xfffffffffffffffe, 0xfffffffffffffff4}], &(0x7f0000000040)='syzkaller\x00', 0xfffffffb, 0x2f, &(0x7f0000000080)=""/47, 0x40f00, 0x0, '\x00', 0x0, 0x8, r3, 0x8, &(0x7f0000000100)={0x2, 0x3}, 0x8, 0x10, &(0x7f0000000140)={0x1, 0xe, 0x800, 0x9}, 0x10, r4, 0xffffffffffffffff, 0x7, &(0x7f0000000440)=[r10, 0xffffffffffffffff, 0x1, r12], &(0x7f0000000480)=[{0x1, 0x4, 0xa, 0xa}, {0x0, 0x1, 0x7, 0x5}, {0x5, 0x5, 0xe, 0x1}, {0x2, 0x4, 0x0, 0x9}, {0x1, 0x4, 0x6, 0x3}, {0x2, 0x3, 0x0, 0x6}, {0x1, 0x2, 0x2, 0x7}], 0x10, 0x7}, 0x90) (async)
r17 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000240)=r0, 0x4)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r17, 0x0, 0x4}, 0x48)

01:15:59 executing program 2:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 26)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00'}, 0x10)

01:15:59 executing program 1:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000ec0)={0x1d, 0x0, 0x0, &(0x7f0000000280)='syzkaller\x00', 0x8e07, 0x9a, &(0x7f0000000d80)=""/154, 0x0, 0x5, '\x00', 0x0, 0x12, 0xffffffffffffffff, 0x8, &(0x7f0000000c80), 0x8, 0x10, 0xfffffffffffffffc, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, &(0x7f0000000e40)=[0xffffffffffffffff], &(0x7f0000000e80)=[{0x0, 0x4, 0x7, 0x8}], 0x10, 0x5}, 0x90)

01:15:59 executing program 4:
syz_clone(0x75848400, 0x0, 0xf5ffffff, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

[ 1124.205039][T27366] FAULT_INJECTION: forcing a failure.
[ 1124.205039][T27366] name failslab, interval 1, probability 0, space 0, times 0
[ 1124.220336][T27370] FAULT_INJECTION: forcing a failure.
[ 1124.220336][T27370] name failslab, interval 1, probability 0, space 0, times 0
[ 1124.230380][T27366] CPU: 1 PID: 27366 Comm: syz-executor.2 Tainted: G        W         5.15.132-syzkaller-01173-g754f8cc9b7de #0
[ 1124.244296][T27366] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023
[ 1124.254280][T27366] Call Trace:
[ 1124.257394][T27366]  <TASK>
[ 1124.260172][T27366]  dump_stack_lvl+0x151/0x1b7
[ 1124.264692][T27366]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 1124.270156][T27366]  ? slab_post_alloc_hook+0x53/0x2c0
[ 1124.275276][T27366]  ? kernel_clone+0x21e/0x9e0
[ 1124.279790][T27366]  ? do_syscall_64+0x3d/0xb0
[ 1124.284213][T27366]  ? entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1124.290116][T27366]  dump_stack+0x15/0x17
[ 1124.294105][T27366]  should_fail+0x3c6/0x510
[ 1124.298359][T27366]  __should_failslab+0xa4/0xe0
[ 1124.302959][T27366]  ? copy_mm+0x192/0x13e0
[ 1124.307123][T27366]  should_failslab+0x9/0x20
[ 1124.311469][T27366]  slab_pre_alloc_hook+0x37/0xd0
[ 1124.316240][T27366]  ? copy_mm+0x192/0x13e0
[ 1124.320404][T27366]  kmem_cache_alloc+0x44/0x200
[ 1124.325003][T27366]  copy_mm+0x192/0x13e0
[ 1124.328999][T27366]  ? _raw_spin_lock+0xa4/0x1b0
[ 1124.333598][T27366]  ? copy_signal+0x610/0x610
[ 1124.338020][T27366]  ? __kasan_check_write+0x14/0x20
[ 1124.342970][T27366]  ? __init_rwsem+0xd6/0x1c0
[ 1124.347396][T27366]  ? copy_signal+0x4e3/0x610
[ 1124.351824][T27366]  copy_process+0x12bc/0x3260
[ 1124.356339][T27366]  ? proc_fail_nth_write+0x20b/0x290
[ 1124.361456][T27366]  ? fsnotify_perm+0x6a/0x5d0
[ 1124.365967][T27366]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1124.370915][T27366]  ? vfs_write+0x9ec/0x1110
[ 1124.375266][T27366]  kernel_clone+0x21e/0x9e0
[ 1124.379594][T27366]  ? file_end_write+0x1c0/0x1c0
[ 1124.384281][T27366]  ? create_io_thread+0x1e0/0x1e0
[ 1124.389141][T27366]  ? mutex_unlock+0xb2/0x260
[ 1124.393568][T27366]  ? __mutex_lock_slowpath+0x10/0x10
[ 1124.398691][T27366]  __x64_sys_clone+0x23f/0x290
[ 1124.403289][T27366]  ? __do_sys_vfork+0x130/0x130
[ 1124.407974][T27366]  ? ksys_write+0x260/0x2c0
[ 1124.412317][T27366]  ? debug_smp_processor_id+0x17/0x20
[ 1124.417522][T27366]  ? fpregs_assert_state_consistent+0xb6/0xe0
[ 1124.423427][T27366]  ? exit_to_user_mode_prepare+0x39/0xa0
[ 1124.428898][T27366]  do_syscall_64+0x3d/0xb0
[ 1124.433147][T27366]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1124.438873][T27366] RIP: 0033:0x7f7962f04ae9
[ 1124.443125][T27366] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 1124.462567][T27366] RSP: 002b:00007f7961c87078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1124.470811][T27366] RAX: ffffffffffffffda RBX: 00007f7963023f80 RCX: 00007f7962f04ae9
[ 1124.478624][T27366] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000075848400
[ 1124.486445][T27366] RBP: 00007f7961c87120 R08: 0000000000000000 R09: 0000000000000000
[ 1124.494247][T27366] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1124.502056][T27366] R13: 000000000000000b R14: 00007f7963023f80 R15: 00007ffde0e39ef8
[ 1124.509872][T27366]  </TASK>
[ 1124.513485][T27370] CPU: 0 PID: 27370 Comm: syz-executor.0 Tainted: G        W         5.15.132-syzkaller-01173-g754f8cc9b7de #0
[ 1124.525028][T27370] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023
[ 1124.534921][T27370] Call Trace:
[ 1124.538044][T27370]  <TASK>
[ 1124.540824][T27370]  dump_stack_lvl+0x151/0x1b7
[ 1124.545336][T27370]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 1124.550810][T27370]  ? __kasan_slab_alloc+0xc3/0xe0
[ 1124.555666][T27370]  ? __kasan_slab_alloc+0xb1/0xe0
[ 1124.560527][T27370]  ? slab_post_alloc_hook+0x53/0x2c0
[ 1124.565648][T27370]  ? dup_task_struct+0x53/0xc60
[ 1124.570328][T27370]  ? copy_process+0x5c4/0x3260
[ 1124.574928][T27370]  ? kernel_clone+0x21e/0x9e0
[ 1124.579452][T27370]  dump_stack+0x15/0x17
[ 1124.583436][T27370]  should_fail+0x3c6/0x510
[ 1124.587692][T27370]  __should_failslab+0xa4/0xe0
[ 1124.592289][T27370]  should_failslab+0x9/0x20
[ 1124.596626][T27370]  slab_pre_alloc_hook+0x37/0xd0
[ 1124.601401][T27370]  kmem_cache_alloc_trace+0x48/0x210
[ 1124.606520][T27370]  ? __get_vm_area_node+0x117/0x360
[ 1124.611556][T27370]  __get_vm_area_node+0x117/0x360
[ 1124.616418][T27370]  __vmalloc_node_range+0xe2/0x8d0
[ 1124.621361][T27370]  ? copy_process+0x5c4/0x3260
[ 1124.625960][T27370]  ? slab_post_alloc_hook+0x72/0x2c0
[ 1124.631091][T27370]  ? dup_task_struct+0x53/0xc60
[ 1124.635769][T27370]  ? dup_task_struct+0x53/0xc60
[ 1124.640458][T27370]  dup_task_struct+0x416/0xc60
[ 1124.645057][T27370]  ? copy_process+0x5c4/0x3260
[ 1124.649659][T27370]  ? __kasan_check_write+0x14/0x20
[ 1124.654604][T27370]  copy_process+0x5c4/0x3260
[ 1124.659032][T27370]  ? __kasan_check_write+0x14/0x20
[ 1124.663975][T27370]  ? proc_fail_nth_write+0x20b/0x290
[ 1124.669098][T27370]  ? selinux_file_permission+0x2c4/0x570
[ 1124.674567][T27370]  ? fsnotify_perm+0x6a/0x5d0
[ 1124.679078][T27370]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1124.684027][T27370]  ? vfs_write+0x9ec/0x1110
[ 1124.688371][T27370]  kernel_clone+0x21e/0x9e0
[ 1124.692704][T27370]  ? file_end_write+0x1c0/0x1c0
[ 1124.697389][T27370]  ? create_io_thread+0x1e0/0x1e0
[ 1124.702252][T27370]  ? mutex_unlock+0xb2/0x260
[ 1124.706686][T27370]  ? __mutex_lock_slowpath+0x10/0x10
[ 1124.711802][T27370]  __x64_sys_clone+0x23f/0x290
[ 1124.716399][T27370]  ? __do_sys_vfork+0x130/0x130
[ 1124.721087][T27370]  ? ksys_write+0x260/0x2c0
[ 1124.725426][T27370]  ? debug_smp_processor_id+0x17/0x20
[ 1124.730632][T27370]  ? fpregs_assert_state_consistent+0xb6/0xe0
[ 1124.736539][T27370]  ? exit_to_user_mode_prepare+0x39/0xa0
[ 1124.742001][T27370]  do_syscall_64+0x3d/0xb0
[ 1124.746253][T27370]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1124.751982][T27370] RIP: 0033:0x7f7ad5c66ae9
[ 1124.756240][T27370] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 1124.775683][T27370] RSP: 002b:00007f7ad49e9078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1124.783920][T27370] RAX: ffffffffffffffda RBX: 00007f7ad5d85f80 RCX: 00007f7ad5c66ae9
[ 1124.791734][T27370] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000075848400
[ 1124.799543][T27370] RBP: 00007f7ad49e9120 R08: 0000000000000000 R09: 0000000000000000
[ 1124.807359][T27370] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001
[ 1124.815168][T27370] R13: 000000000000000b R14: 00007f7ad5d85f80 R15: 00007ffc6c85e9c8
[ 1124.822982][T27370]  </TASK>
[ 1124.827272][T27370] warn_alloc: 3 callbacks suppressed
[ 1124.827289][T27370] syz-executor.0: vmalloc error: size 32768, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz0,mems_allowed=0
[ 1124.847571][T27370] CPU: 1 PID: 27370 Comm: syz-executor.0 Tainted: G        W         5.15.132-syzkaller-01173-g754f8cc9b7de #0
[ 1124.859048][T27370] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023
[ 1124.868945][T27370] Call Trace:
[ 1124.872069][T27370]  <TASK>
[ 1124.874845][T27370]  dump_stack_lvl+0x151/0x1b7
[ 1124.879358][T27370]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 1124.884827][T27370]  ? pr_cont_kernfs_name+0xf0/0x100
[ 1124.889860][T27370]  dump_stack+0x15/0x17
[ 1124.893850][T27370]  warn_alloc+0x21a/0x390
[ 1124.898025][T27370]  ? should_failslab+0x9/0x20
[ 1124.902530][T27370]  ? zone_watermark_ok_safe+0x270/0x270
[ 1124.907913][T27370]  ? __get_vm_area_node+0x347/0x360
[ 1124.912947][T27370]  __vmalloc_node_range+0x2c1/0x8d0
[ 1124.917982][T27370]  ? slab_post_alloc_hook+0x72/0x2c0
[ 1124.923099][T27370]  ? dup_task_struct+0x53/0xc60
[ 1124.927786][T27370]  ? dup_task_struct+0x53/0xc60
[ 1124.932476][T27370]  dup_task_struct+0x416/0xc60
[ 1124.937072][T27370]  ? copy_process+0x5c4/0x3260
[ 1124.941679][T27370]  ? __kasan_check_write+0x14/0x20
[ 1124.946632][T27370]  copy_process+0x5c4/0x3260
[ 1124.951056][T27370]  ? __kasan_check_write+0x14/0x20
[ 1124.955999][T27370]  ? proc_fail_nth_write+0x20b/0x290
[ 1124.961114][T27370]  ? selinux_file_permission+0x2c4/0x570
[ 1124.966585][T27370]  ? fsnotify_perm+0x6a/0x5d0
[ 1124.971097][T27370]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1124.976045][T27370]  ? vfs_write+0x9ec/0x1110
[ 1124.980384][T27370]  kernel_clone+0x21e/0x9e0
[ 1124.984721][T27370]  ? file_end_write+0x1c0/0x1c0
[ 1124.989411][T27370]  ? create_io_thread+0x1e0/0x1e0
[ 1124.994356][T27370]  ? mutex_unlock+0xb2/0x260
[ 1124.998785][T27370]  ? __mutex_lock_slowpath+0x10/0x10
[ 1125.003904][T27370]  __x64_sys_clone+0x23f/0x290
[ 1125.008504][T27370]  ? __do_sys_vfork+0x130/0x130
[ 1125.013192][T27370]  ? ksys_write+0x260/0x2c0
[ 1125.017532][T27370]  ? debug_smp_processor_id+0x17/0x20
[ 1125.022739][T27370]  ? fpregs_assert_state_consistent+0xb6/0xe0
[ 1125.028639][T27370]  ? exit_to_user_mode_prepare+0x39/0xa0
[ 1125.034107][T27370]  do_syscall_64+0x3d/0xb0
[ 1125.038446][T27370]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1125.044174][T27370] RIP: 0033:0x7f7ad5c66ae9
[ 1125.048430][T27370] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 1125.067868][T27370] RSP: 002b:00007f7ad49e9078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1125.076114][T27370] RAX: ffffffffffffffda RBX: 00007f7ad5d85f80 RCX: 00007f7ad5c66ae9
[ 1125.083928][T27370] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000075848400
[ 1125.091735][T27370] RBP: 00007f7ad49e9120 R08: 0000000000000000 R09: 0000000000000000
[ 1125.099546][T27370] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001
01:16:00 executing program 2:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 27)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00'}, 0x10)

01:16:00 executing program 5:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000200), 0x8) (async)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000200)={0x0, <r0=>0x0}, 0x8)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, 0xffffffffffffffff)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0) (async)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc) (async)
r2 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18c25fd1f45e9059827d3f7423e3b5d69cce000000000000000000"], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r1, r2]}, 0x80) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18c25fd1f45e9059827d3f7423e3b5d69cce000000000000000000"], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r1, r2]}, 0x80)
r3 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000000c0)=0xffffffffffffffff, 0x4)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000380)={0xffffffffffffffff, 0x20, &(0x7f00000001c0)={&(0x7f0000000280)=""/248, 0xf8, <r4=>0x0, &(0x7f0000000180)=""/5, 0x5}}, 0x10)
r5 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r6 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r6)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0) (async)
r7 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r7)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0) (async)
r8 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r8)
r9 = openat$cgroup_ro(r6, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0)
r10 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18c25fd1f45e9059827d3f7423e3b5d69cce000000000000000000"], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r5, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r6, r7, r8, 0xffffffffffffffff, r9, r10]}, 0x80)
r11 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r12 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r12) (async)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r12)
r13 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r13) (async)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r13)
r14 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r14)
r15 = openat$cgroup_ro(r12, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0)
r16 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18c25fd1f45e9059827d3f7423e3b5d69cce000000000000000000"], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r11, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r12, r13, r14, 0xffffffffffffffff, r15, r16]}, 0x80)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x1, 0x6, &(0x7f0000000000)=@raw=[@map_fd={0x18, 0x1, 0x1, 0x0, r2}, @jmp={0x5, 0x0, 0x3, 0x4, 0x9, 0x50, 0x1}, @call={0x85, 0x0, 0x0, 0x50}, @exit, @alu={0x4, 0x1, 0x9, 0x1, 0xb, 0xfffffffffffffffe, 0xfffffffffffffff4}], &(0x7f0000000040)='syzkaller\x00', 0xfffffffb, 0x2f, &(0x7f0000000080)=""/47, 0x40f00, 0x0, '\x00', 0x0, 0x8, r3, 0x8, &(0x7f0000000100)={0x2, 0x3}, 0x8, 0x10, &(0x7f0000000140)={0x1, 0xe, 0x800, 0x9}, 0x10, r4, 0xffffffffffffffff, 0x7, &(0x7f0000000440)=[r10, 0xffffffffffffffff, 0x1, r12], &(0x7f0000000480)=[{0x1, 0x4, 0xa, 0xa}, {0x0, 0x1, 0x7, 0x5}, {0x5, 0x5, 0xe, 0x1}, {0x2, 0x4, 0x0, 0x9}, {0x1, 0x4, 0x6, 0x3}, {0x2, 0x3, 0x0, 0x6}, {0x1, 0x2, 0x2, 0x7}], 0x10, 0x7}, 0x90) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x1, 0x6, &(0x7f0000000000)=@raw=[@map_fd={0x18, 0x1, 0x1, 0x0, r2}, @jmp={0x5, 0x0, 0x3, 0x4, 0x9, 0x50, 0x1}, @call={0x85, 0x0, 0x0, 0x50}, @exit, @alu={0x4, 0x1, 0x9, 0x1, 0xb, 0xfffffffffffffffe, 0xfffffffffffffff4}], &(0x7f0000000040)='syzkaller\x00', 0xfffffffb, 0x2f, &(0x7f0000000080)=""/47, 0x40f00, 0x0, '\x00', 0x0, 0x8, r3, 0x8, &(0x7f0000000100)={0x2, 0x3}, 0x8, 0x10, &(0x7f0000000140)={0x1, 0xe, 0x800, 0x9}, 0x10, r4, 0xffffffffffffffff, 0x7, &(0x7f0000000440)=[r10, 0xffffffffffffffff, 0x1, r12], &(0x7f0000000480)=[{0x1, 0x4, 0xa, 0xa}, {0x0, 0x1, 0x7, 0x5}, {0x5, 0x5, 0xe, 0x1}, {0x2, 0x4, 0x0, 0x9}, {0x1, 0x4, 0x6, 0x3}, {0x2, 0x3, 0x0, 0x6}, {0x1, 0x2, 0x2, 0x7}], 0x10, 0x7}, 0x90)
r17 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000240)=r0, 0x4)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r17, 0x0, 0x4}, 0x48) (async)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r17, 0x0, 0x4}, 0x48)

[ 1125.107359][T27370] R13: 000000000000000b R14: 00007f7ad5d85f80 R15: 00007ffc6c85e9c8
[ 1125.115176][T27370]  </TASK>
[ 1125.140176][T27378] FAULT_INJECTION: forcing a failure.
[ 1125.140176][T27378] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1125.161237][T27378] CPU: 0 PID: 27378 Comm: syz-executor.2 Tainted: G        W         5.15.132-syzkaller-01173-g754f8cc9b7de #0
[ 1125.172789][T27378] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023
[ 1125.182678][T27378] Call Trace:
[ 1125.185798][T27378]  <TASK>
[ 1125.188577][T27378]  dump_stack_lvl+0x151/0x1b7
[ 1125.193088][T27378]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 1125.198555][T27378]  ? stack_trace_save+0x113/0x1c0
[ 1125.203426][T27378]  ? stack_trace_snprint+0xf0/0xf0
[ 1125.208371][T27378]  ? stack_trace_snprint+0xf0/0xf0
[ 1125.213325][T27378]  dump_stack+0x15/0x17
[ 1125.217304][T27378]  should_fail+0x3c6/0x510
[ 1125.221561][T27378]  should_fail_alloc_page+0x5a/0x80
[ 1125.226593][T27378]  prepare_alloc_pages+0x15c/0x700
[ 1125.231540][T27378]  ? __alloc_pages_bulk+0xe60/0xe60
[ 1125.236572][T27378]  ? __kasan_check_write+0x14/0x20
[ 1125.241520][T27378]  ? pcpu_memcg_post_alloc_hook+0x1b1/0x260
[ 1125.247250][T27378]  __alloc_pages+0x138/0x5e0
[ 1125.251677][T27378]  ? prep_new_page+0x110/0x110
[ 1125.256275][T27378]  ? pcpu_alloc+0xda0/0x13e0
[ 1125.260706][T27378]  __get_free_pages+0xe/0x30
[ 1125.265128][T27378]  pgd_alloc+0x21/0x2c0
[ 1125.269123][T27378]  mm_init+0x5c7/0x970
[ 1125.273024][T27378]  copy_mm+0x1e3/0x13e0
[ 1125.277020][T27378]  ? _raw_spin_lock+0xa4/0x1b0
[ 1125.281617][T27378]  ? copy_signal+0x610/0x610
[ 1125.286042][T27378]  ? __kasan_check_write+0x14/0x20
[ 1125.290990][T27378]  ? __init_rwsem+0xd6/0x1c0
[ 1125.295417][T27378]  ? copy_signal+0x4e3/0x610
[ 1125.299844][T27378]  copy_process+0x12bc/0x3260
[ 1125.304358][T27378]  ? proc_fail_nth_write+0x20b/0x290
[ 1125.309495][T27378]  ? fsnotify_perm+0x6a/0x5d0
[ 1125.313989][T27378]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1125.318937][T27378]  ? vfs_write+0x9ec/0x1110
[ 1125.323276][T27378]  kernel_clone+0x21e/0x9e0
[ 1125.327615][T27378]  ? file_end_write+0x1c0/0x1c0
[ 1125.332307][T27378]  ? create_io_thread+0x1e0/0x1e0
[ 1125.337168][T27378]  ? mutex_unlock+0xb2/0x260
[ 1125.341588][T27378]  ? __mutex_lock_slowpath+0x10/0x10
[ 1125.346711][T27378]  __x64_sys_clone+0x23f/0x290
[ 1125.351311][T27378]  ? __do_sys_vfork+0x130/0x130
[ 1125.355996][T27378]  ? ksys_write+0x260/0x2c0
[ 1125.360340][T27378]  ? debug_smp_processor_id+0x17/0x20
[ 1125.365543][T27378]  ? fpregs_assert_state_consistent+0xb6/0xe0
[ 1125.371445][T27378]  ? exit_to_user_mode_prepare+0x39/0xa0
[ 1125.376913][T27378]  do_syscall_64+0x3d/0xb0
[ 1125.381169][T27378]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1125.386896][T27378] RIP: 0033:0x7f7962f04ae9
[ 1125.391149][T27378] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
01:16:00 executing program 5:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000200)={0x0, <r0=>0x0}, 0x8)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000240)=r0, 0x4)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r1, 0x0, 0x4}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x7, 0xa, &(0x7f00000004c0)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0x6}, @ldst={0x0, 0x3, 0x1, 0x4, 0x7, 0xc, 0x1}, @map_fd, @btf_id={0x18, 0x9, 0x3, 0x0, 0x5}, @map_val={0x18, 0x0, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1ff}, @map_idx={0x18, 0x0, 0x5, 0x0, 0x2}], &(0x7f0000000580)='syzkaller\x00', 0xb99d, 0x1f, &(0x7f00000005c0)=""/31, 0x41000, 0x2, '\x00', 0x0, 0x5, 0xffffffffffffffff, 0x8, &(0x7f0000000600)={0xa, 0x5}, 0x8, 0x10, &(0x7f0000000680)={0x4, 0xe, 0x8, 0xfa}, 0x10}, 0x80)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@bloom_filter={0x1e, 0xfffff6be, 0x21, 0x7, 0x684, 0xffffffffffffffff, 0x4906, '\x00', 0x0, r1, 0x1, 0x0, 0x0, 0x5}, 0x48)
r4 = bpf$OBJ_GET_MAP(0x7, 0x0, 0xf859bb1f38cb9205)
r5 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r6 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r6)
r7 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r7)
r8 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r8)
r9 = openat$cgroup_ro(r6, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0)
r10 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18c25fd1f45e9059827d3f7423e3b5d69cce000000000000000000"], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r5, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r6, r7, r8, 0xffffffffffffffff, r9, r10]}, 0x80)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a80)={0x18, 0xa, &(0x7f0000001440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x80800000, 0x0, 0x0, 0x0, 0xca}, [@alu={0x4, 0x1, 0x4, 0x8, 0xa, 0x100, 0x8}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffb}, @call={0x85, 0x0, 0x0, 0x88}, @map_fd={0x18, 0x3, 0x1, 0x0, r4}, @map_idx={0x18, 0x7, 0x5, 0x0, 0x4}]}, &(0x7f00000002c0)='GPL\x00', 0x3f, 0x86, &(0x7f0000000700)=""/134, 0x41100, 0x56, '\x00', 0x0, 0x0, r8, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000880)={0x1, 0x2, 0x2, 0x1f}, 0x10, 0x0, 0x0, 0x7, &(0x7f0000000940)=[0xffffffffffffffff], &(0x7f0000000980)=[{0x3, 0x3, 0xc, 0xc}, {0x0, 0x5, 0xd, 0x6}, {0x4, 0x2, 0xf, 0xa}, {0x4, 0x4, 0x0, 0x5}, {0x5, 0x3, 0x6, 0x5}, {0x3, 0x5, 0x10, 0x5}, {0x0, 0x3, 0x8, 0x2}], 0x10, 0x3}, 0x90)
r11 = bpf$OBJ_GET_MAP(0x7, 0x0, 0xf859bb1f38cb9205)
r12 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r13 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r13)
r14 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r14)
r15 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r15)
r16 = openat$cgroup_ro(r13, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0)
r17 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f00000014c0)=ANY=[@ANYBLOB="18c239cbf45efb106b097fd6fab518da86699059827d3f7423e3b5d6a8ac0000"], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r12, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r13, r14, r15, 0xffffffffffffffff, r16, r17]}, 0x80)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a80)={0x18, 0xa, &(0x7f00000005c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x80800000, 0x0, 0x0, 0x0, 0xca}, [@jmp={0x5, 0x0, 0x1, 0x6, 0x6, 0xffffffffffffffe0, 0x4}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffb}, @call={0x85, 0x0, 0x0, 0x89}, @map_fd={0x18, 0x3, 0x1, 0x0, r11}, @map_idx={0x18, 0x7, 0x5, 0x0, 0x4}]}, &(0x7f00000002c0)='GPL\x00', 0x3f, 0x86, &(0x7f0000000700)=""/134, 0x41100, 0x56, '\x00', 0x0, 0x0, r15, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000880)={0x1, 0x2, 0x2, 0x1f}, 0x10, 0x0, 0x0, 0x7, &(0x7f0000000940)=[0xffffffffffffffff], &(0x7f0000000980)=[{0x3, 0x3, 0xc, 0xc}, {0x0, 0x5, 0xd, 0x6}, {0x4, 0x2, 0xf, 0xa}, {0x4, 0x4, 0x0, 0x5}, {0x5, 0x3, 0x6, 0x5}, {0x3, 0x5, 0x10, 0x5}, {0x0, 0x3, 0x8, 0x2}], 0x10, 0x3}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x1c, 0xd, &(0x7f0000000000)=@raw=[@map_val={0x18, 0x0, 0x2, 0x0, r2, 0x0, 0x0, 0x0, 0x7}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x2}, @exit, @alu={0x7, 0x1, 0x6, 0x6, 0x2, 0x50, 0x4}, @map_val={0x18, 0x7}, @alu={0x4, 0x0, 0x6, 0x1, 0x5, 0x1, 0x8}, @ldst={0x1, 0x1, 0x0, 0xa, 0xa, 0xffffffffffffffe0, 0x8}, @map_idx_val={0x18, 0x4, 0x6, 0x0, 0x1002, 0x0, 0x0, 0x0, 0x401}, @exit, @call={0x85, 0x0, 0x0, 0x65}], &(0x7f0000000080)='syzkaller\x00', 0xa5, 0x1000, &(0x7f0000000440)=""/4096, 0x40f00, 0x3, '\x00', 0x0, 0xe, r1, 0x8, 0x0, 0x0, 0x10, &(0x7f00000000c0)={0x0, 0x1, 0xff, 0x2}, 0x10, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000180)=[r2, r3, r4, r15, r2], 0x0, 0x10, 0x3}, 0x90)

[ 1125.410591][T27378] RSP: 002b:00007f7961c87078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1125.418834][T27378] RAX: ffffffffffffffda RBX: 00007f7963023f80 RCX: 00007f7962f04ae9
[ 1125.426644][T27378] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000075848400
[ 1125.434455][T27378] RBP: 00007f7961c87120 R08: 0000000000000000 R09: 0000000000000000
[ 1125.442267][T27378] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1125.450078][T27378] R13: 000000000000000b R14: 00007f7963023f80 R15: 00007ffde0e39ef8
[ 1125.457896][T27378]  </TASK>
01:16:00 executing program 2:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 28)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00'}, 0x10)

01:16:00 executing program 1:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000ec0)={0x1d, 0x0, 0x0, &(0x7f0000000280)='syzkaller\x00', 0x8e07, 0x9a, &(0x7f0000000d80)=""/154, 0x41100, 0x0, '\x00', 0x0, 0x12, 0xffffffffffffffff, 0x8, &(0x7f0000000c80), 0x8, 0x10, 0xfffffffffffffffc, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, &(0x7f0000000e40)=[0xffffffffffffffff], &(0x7f0000000e80)=[{0x0, 0x4, 0x7, 0x8}], 0x10, 0x5}, 0x90)

[ 1125.462693][T27370] Mem-Info:
[ 1125.465653][T27370] active_anon:15459 inactive_anon:137778 isolated_anon:0
[ 1125.465653][T27370]  active_file:4749 inactive_file:22024 isolated_file:0
[ 1125.465653][T27370]  unevictable:0 dirty:9457 writeback:957
[ 1125.465653][T27370]  slab_reclaimable:16194 slab_unreclaimable:94707
[ 1125.465653][T27370]  mapped:55172 shmem:15515 pagetables:1029 bounce:0
[ 1125.465653][T27370]  kernel_misc_reclaimable:0
[ 1125.465653][T27370]  free:1346401 free_pcp:22381 free_cma:0
01:16:00 executing program 5:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000200)={0x0, <r0=>0x0}, 0x8)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000240)=r0, 0x4)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r1, 0x0, 0x4}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x7, 0xa, &(0x7f00000004c0)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0x6}, @ldst={0x0, 0x3, 0x1, 0x4, 0x7, 0xc, 0x1}, @map_fd, @btf_id={0x18, 0x9, 0x3, 0x0, 0x5}, @map_val={0x18, 0x0, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1ff}, @map_idx={0x18, 0x0, 0x5, 0x0, 0x2}], &(0x7f0000000580)='syzkaller\x00', 0xb99d, 0x1f, &(0x7f00000005c0)=""/31, 0x41000, 0x2, '\x00', 0x0, 0x5, 0xffffffffffffffff, 0x8, &(0x7f0000000600)={0xa, 0x5}, 0x8, 0x10, &(0x7f0000000680)={0x4, 0xe, 0x8, 0xfa}, 0x10}, 0x80)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@bloom_filter={0x1e, 0xfffff6be, 0x21, 0x7, 0x684, 0xffffffffffffffff, 0x4906, '\x00', 0x0, r1, 0x1, 0x0, 0x0, 0x5}, 0x48)
r4 = bpf$OBJ_GET_MAP(0x7, 0x0, 0xf859bb1f38cb9205) (async)
r5 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4) (async)
r6 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r6) (async)
r7 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r7) (async)
r8 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r8)
r9 = openat$cgroup_ro(r6, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0)
r10 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18c25fd1f45e9059827d3f7423e3b5d69cce000000000000000000"], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r5, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r6, r7, r8, 0xffffffffffffffff, r9, r10]}, 0x80) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a80)={0x18, 0xa, &(0x7f0000001440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x80800000, 0x0, 0x0, 0x0, 0xca}, [@alu={0x4, 0x1, 0x4, 0x8, 0xa, 0x100, 0x8}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffb}, @call={0x85, 0x0, 0x0, 0x88}, @map_fd={0x18, 0x3, 0x1, 0x0, r4}, @map_idx={0x18, 0x7, 0x5, 0x0, 0x4}]}, &(0x7f00000002c0)='GPL\x00', 0x3f, 0x86, &(0x7f0000000700)=""/134, 0x41100, 0x56, '\x00', 0x0, 0x0, r8, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000880)={0x1, 0x2, 0x2, 0x1f}, 0x10, 0x0, 0x0, 0x7, &(0x7f0000000940)=[0xffffffffffffffff], &(0x7f0000000980)=[{0x3, 0x3, 0xc, 0xc}, {0x0, 0x5, 0xd, 0x6}, {0x4, 0x2, 0xf, 0xa}, {0x4, 0x4, 0x0, 0x5}, {0x5, 0x3, 0x6, 0x5}, {0x3, 0x5, 0x10, 0x5}, {0x0, 0x3, 0x8, 0x2}], 0x10, 0x3}, 0x90) (async)
r11 = bpf$OBJ_GET_MAP(0x7, 0x0, 0xf859bb1f38cb9205) (async)
r12 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r13 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r13) (async)
r14 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r14) (async)
r15 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r15) (async)
r16 = openat$cgroup_ro(r13, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0)
r17 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f00000014c0)=ANY=[@ANYBLOB="18c239cbf45efb106b097fd6fab518da86699059827d3f7423e3b5d6a8ac0000"], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r12, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r13, r14, r15, 0xffffffffffffffff, r16, r17]}, 0x80) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a80)={0x18, 0xa, &(0x7f00000005c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x80800000, 0x0, 0x0, 0x0, 0xca}, [@jmp={0x5, 0x0, 0x1, 0x6, 0x6, 0xffffffffffffffe0, 0x4}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffb}, @call={0x85, 0x0, 0x0, 0x89}, @map_fd={0x18, 0x3, 0x1, 0x0, r11}, @map_idx={0x18, 0x7, 0x5, 0x0, 0x4}]}, &(0x7f00000002c0)='GPL\x00', 0x3f, 0x86, &(0x7f0000000700)=""/134, 0x41100, 0x56, '\x00', 0x0, 0x0, r15, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000880)={0x1, 0x2, 0x2, 0x1f}, 0x10, 0x0, 0x0, 0x7, &(0x7f0000000940)=[0xffffffffffffffff], &(0x7f0000000980)=[{0x3, 0x3, 0xc, 0xc}, {0x0, 0x5, 0xd, 0x6}, {0x4, 0x2, 0xf, 0xa}, {0x4, 0x4, 0x0, 0x5}, {0x5, 0x3, 0x6, 0x5}, {0x3, 0x5, 0x10, 0x5}, {0x0, 0x3, 0x8, 0x2}], 0x10, 0x3}, 0x90) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x1c, 0xd, &(0x7f0000000000)=@raw=[@map_val={0x18, 0x0, 0x2, 0x0, r2, 0x0, 0x0, 0x0, 0x7}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x2}, @exit, @alu={0x7, 0x1, 0x6, 0x6, 0x2, 0x50, 0x4}, @map_val={0x18, 0x7}, @alu={0x4, 0x0, 0x6, 0x1, 0x5, 0x1, 0x8}, @ldst={0x1, 0x1, 0x0, 0xa, 0xa, 0xffffffffffffffe0, 0x8}, @map_idx_val={0x18, 0x4, 0x6, 0x0, 0x1002, 0x0, 0x0, 0x0, 0x401}, @exit, @call={0x85, 0x0, 0x0, 0x65}], &(0x7f0000000080)='syzkaller\x00', 0xa5, 0x1000, &(0x7f0000000440)=""/4096, 0x40f00, 0x3, '\x00', 0x0, 0xe, r1, 0x8, 0x0, 0x0, 0x10, &(0x7f00000000c0)={0x0, 0x1, 0xff, 0x2}, 0x10, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000180)=[r2, r3, r4, r15, r2], 0x0, 0x10, 0x3}, 0x90)

[ 1125.511267][T27370] Node 0 active_anon:61836kB inactive_anon:551012kB active_file:18996kB inactive_file:88096kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:220688kB dirty:29728kB writeback:11928kB shmem:62060kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 2048kB writeback_tmp:0kB kernel_stack:7840kB pagetables:4016kB all_unreclaimable? no
[ 1125.557637][T27390] FAULT_INJECTION: forcing a failure.
[ 1125.557637][T27390] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1125.566520][T27370] DMA32 free:2976724kB min:62592kB low:78240kB high:93888kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:2981496kB mlocked:0kB bounce:0kB free_pcp:4772kB local_pcp:4716kB free_cma:0kB
[ 1125.584152][T27390] CPU: 0 PID: 27390 Comm: syz-executor.2 Tainted: G        W         5.15.132-syzkaller-01173-g754f8cc9b7de #0
[ 1125.609284][T27390] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023
[ 1125.619180][T27390] Call Trace:
[ 1125.622299][T27390]  <TASK>
[ 1125.625077][T27390]  dump_stack_lvl+0x151/0x1b7
[ 1125.629592][T27390]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 1125.635145][T27390]  ? stack_trace_save+0x113/0x1c0
[ 1125.640005][T27390]  ? stack_trace_snprint+0xf0/0xf0
[ 1125.644960][T27390]  ? _find_next_bit+0x1f3/0x200
[ 1125.649642][T27390]  dump_stack+0x15/0x17
[ 1125.653629][T27390]  should_fail+0x3c6/0x510
[ 1125.657880][T27390]  should_fail_alloc_page+0x5a/0x80
[ 1125.662913][T27390]  prepare_alloc_pages+0x15c/0x700
[ 1125.667863][T27390]  ? __alloc_pages_bulk+0xe60/0xe60
[ 1125.672894][T27390]  ? __kasan_check_write+0x14/0x20
[ 1125.677844][T27390]  ? pcpu_memcg_post_alloc_hook+0x1b1/0x260
[ 1125.683571][T27390]  __alloc_pages+0x138/0x5e0
[ 1125.687996][T27390]  ? prep_new_page+0x110/0x110
[ 1125.692598][T27390]  ? pcpu_alloc+0xda0/0x13e0
[ 1125.697026][T27390]  __get_free_pages+0xe/0x30
[ 1125.701448][T27390]  pgd_alloc+0x21/0x2c0
[ 1125.705441][T27390]  mm_init+0x5c7/0x970
[ 1125.709348][T27390]  copy_mm+0x1e3/0x13e0
[ 1125.713347][T27390]  ? _raw_spin_lock+0xa4/0x1b0
[ 1125.717940][T27390]  ? copy_signal+0x610/0x610
[ 1125.722365][T27390]  ? __kasan_check_write+0x14/0x20
[ 1125.727312][T27390]  ? __init_rwsem+0xd6/0x1c0
[ 1125.731740][T27390]  ? copy_signal+0x4e3/0x610
[ 1125.736168][T27390]  copy_process+0x12bc/0x3260
[ 1125.740684][T27390]  ? proc_fail_nth_write+0x20b/0x290
[ 1125.745800][T27390]  ? fsnotify_perm+0x6a/0x5d0
[ 1125.750314][T27390]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1125.755259][T27390]  ? vfs_write+0x9ec/0x1110
[ 1125.759599][T27390]  kernel_clone+0x21e/0x9e0
[ 1125.763943][T27390]  ? file_end_write+0x1c0/0x1c0
[ 1125.768626][T27390]  ? create_io_thread+0x1e0/0x1e0
[ 1125.773488][T27390]  ? mutex_unlock+0xb2/0x260
[ 1125.777913][T27390]  ? __mutex_lock_slowpath+0x10/0x10
[ 1125.783033][T27390]  __x64_sys_clone+0x23f/0x290
[ 1125.787633][T27390]  ? __do_sys_vfork+0x130/0x130
[ 1125.792327][T27390]  ? ksys_write+0x260/0x2c0
[ 1125.796661][T27390]  ? debug_smp_processor_id+0x17/0x20
[ 1125.801866][T27390]  ? fpregs_assert_state_consistent+0xb6/0xe0
[ 1125.807768][T27390]  ? exit_to_user_mode_prepare+0x39/0xa0
[ 1125.813236][T27390]  do_syscall_64+0x3d/0xb0
[ 1125.817497][T27390]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1125.823219][T27390] RIP: 0033:0x7f7962f04ae9
[ 1125.827474][T27390] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 1125.846914][T27390] RSP: 002b:00007f7961c87078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1125.855157][T27390] RAX: ffffffffffffffda RBX: 00007f7963023f80 RCX: 00007f7962f04ae9
[ 1125.862970][T27390] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000075848400
[ 1125.870780][T27390] RBP: 00007f7961c87120 R08: 0000000000000000 R09: 0000000000000000
[ 1125.878594][T27390] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1125.886402][T27390] R13: 000000000000000b R14: 00007f7963023f80 R15: 00007ffde0e39ef8
[ 1125.894218][T27390]  </TASK>
[ 1125.902781][T27370] lowmem_reserve[]: 0 3941 3941
[ 1125.917791][T27370] Normal free:2408656kB min:84860kB low:106072kB high:127284kB reserved_highatomic:0KB active_anon:61836kB inactive_anon:551112kB active_file:18996kB inactive_file:90196kB unevictable:0kB writepending:31484kB present:5242880kB managed:4035848kB mlocked:0kB bounce:0kB free_pcp:82940kB local_pcp:30340kB free_cma:0kB
[ 1126.032510][T27370] lowmem_reserve[]: 0 0 0
[ 1126.056449][T27370] DMA32: 3*4kB (M) 1*8kB (M) 2*16kB (M) 3*32kB (M) 3*64kB (M) 3*128kB (M) 3*256kB (M) 3*512kB (M) 4*1024kB (UM) 4*2048kB (UM) 723*4096kB (M) = 2976724kB
[ 1126.096615][T27370] Normal: 4546*4kB (UME) 2222*8kB (UME) 389*16kB (UME) 900*32kB (UME) 758*64kB (UME) 337*128kB (UME) 223*256kB (UM) 82*512kB (UME) 26*1024kB (UME) 5*2048kB (UME) 519*4096kB (UM) = 2424392kB
[ 1126.136445][T27370] 35413 total pagecache pages
[ 1126.141029][T27370] 0 pages in swap cache
[ 1126.144951][T27370] Swap cache stats: add 0, delete 0, find 0/0
[ 1126.150928][T27370] Free swap  = 124996kB
01:16:01 executing program 0:
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00', r0}, 0x10)

01:16:01 executing program 5:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000200)={0x0, <r0=>0x0}, 0x8)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000240)=r0, 0x4) (async)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000240)=r0, 0x4)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r1, 0x0, 0x4}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x7, 0xa, &(0x7f00000004c0)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0x6}, @ldst={0x0, 0x3, 0x1, 0x4, 0x7, 0xc, 0x1}, @map_fd, @btf_id={0x18, 0x9, 0x3, 0x0, 0x5}, @map_val={0x18, 0x0, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1ff}, @map_idx={0x18, 0x0, 0x5, 0x0, 0x2}], &(0x7f0000000580)='syzkaller\x00', 0xb99d, 0x1f, &(0x7f00000005c0)=""/31, 0x41000, 0x2, '\x00', 0x0, 0x5, 0xffffffffffffffff, 0x8, &(0x7f0000000600)={0xa, 0x5}, 0x8, 0x10, &(0x7f0000000680)={0x4, 0xe, 0x8, 0xfa}, 0x10}, 0x80) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x7, 0xa, &(0x7f00000004c0)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0x6}, @ldst={0x0, 0x3, 0x1, 0x4, 0x7, 0xc, 0x1}, @map_fd, @btf_id={0x18, 0x9, 0x3, 0x0, 0x5}, @map_val={0x18, 0x0, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1ff}, @map_idx={0x18, 0x0, 0x5, 0x0, 0x2}], &(0x7f0000000580)='syzkaller\x00', 0xb99d, 0x1f, &(0x7f00000005c0)=""/31, 0x41000, 0x2, '\x00', 0x0, 0x5, 0xffffffffffffffff, 0x8, &(0x7f0000000600)={0xa, 0x5}, 0x8, 0x10, &(0x7f0000000680)={0x4, 0xe, 0x8, 0xfa}, 0x10}, 0x80)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@bloom_filter={0x1e, 0xfffff6be, 0x21, 0x7, 0x684, 0xffffffffffffffff, 0x4906, '\x00', 0x0, r1, 0x1, 0x0, 0x0, 0x5}, 0x48)
r4 = bpf$OBJ_GET_MAP(0x7, 0x0, 0xf859bb1f38cb9205)
r5 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0) (async)
r6 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r6)
r7 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r7)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0) (async)
r8 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r8)
r9 = openat$cgroup_ro(r6, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0)
r10 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18c25fd1f45e9059827d3f7423e3b5d69cce000000000000000000"], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r5, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r6, r7, r8, 0xffffffffffffffff, r9, r10]}, 0x80)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a80)={0x18, 0xa, &(0x7f0000001440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x80800000, 0x0, 0x0, 0x0, 0xca}, [@alu={0x4, 0x1, 0x4, 0x8, 0xa, 0x100, 0x8}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffb}, @call={0x85, 0x0, 0x0, 0x88}, @map_fd={0x18, 0x3, 0x1, 0x0, r4}, @map_idx={0x18, 0x7, 0x5, 0x0, 0x4}]}, &(0x7f00000002c0)='GPL\x00', 0x3f, 0x86, &(0x7f0000000700)=""/134, 0x41100, 0x56, '\x00', 0x0, 0x0, r8, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000880)={0x1, 0x2, 0x2, 0x1f}, 0x10, 0x0, 0x0, 0x7, &(0x7f0000000940)=[0xffffffffffffffff], &(0x7f0000000980)=[{0x3, 0x3, 0xc, 0xc}, {0x0, 0x5, 0xd, 0x6}, {0x4, 0x2, 0xf, 0xa}, {0x4, 0x4, 0x0, 0x5}, {0x5, 0x3, 0x6, 0x5}, {0x3, 0x5, 0x10, 0x5}, {0x0, 0x3, 0x8, 0x2}], 0x10, 0x3}, 0x90)
bpf$OBJ_GET_MAP(0x7, 0x0, 0xf859bb1f38cb9205) (async)
r11 = bpf$OBJ_GET_MAP(0x7, 0x0, 0xf859bb1f38cb9205)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4) (async)
r12 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r13 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r13)
r14 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r14)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0) (async)
r15 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r15) (async)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r15)
r16 = openat$cgroup_ro(r13, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0)
r17 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f00000014c0)=ANY=[@ANYBLOB="18c239cbf45efb106b097fd6fab518da86699059827d3f7423e3b5d6a8ac0000"], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r12, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r13, r14, r15, 0xffffffffffffffff, r16, r17]}, 0x80) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f00000014c0)=ANY=[@ANYBLOB="18c239cbf45efb106b097fd6fab518da86699059827d3f7423e3b5d6a8ac0000"], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r12, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r13, r14, r15, 0xffffffffffffffff, r16, r17]}, 0x80)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a80)={0x18, 0xa, &(0x7f00000005c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x80800000, 0x0, 0x0, 0x0, 0xca}, [@jmp={0x5, 0x0, 0x1, 0x6, 0x6, 0xffffffffffffffe0, 0x4}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffb}, @call={0x85, 0x0, 0x0, 0x89}, @map_fd={0x18, 0x3, 0x1, 0x0, r11}, @map_idx={0x18, 0x7, 0x5, 0x0, 0x4}]}, &(0x7f00000002c0)='GPL\x00', 0x3f, 0x86, &(0x7f0000000700)=""/134, 0x41100, 0x56, '\x00', 0x0, 0x0, r15, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000880)={0x1, 0x2, 0x2, 0x1f}, 0x10, 0x0, 0x0, 0x7, &(0x7f0000000940)=[0xffffffffffffffff], &(0x7f0000000980)=[{0x3, 0x3, 0xc, 0xc}, {0x0, 0x5, 0xd, 0x6}, {0x4, 0x2, 0xf, 0xa}, {0x4, 0x4, 0x0, 0x5}, {0x5, 0x3, 0x6, 0x5}, {0x3, 0x5, 0x10, 0x5}, {0x0, 0x3, 0x8, 0x2}], 0x10, 0x3}, 0x90) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a80)={0x18, 0xa, &(0x7f00000005c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x80800000, 0x0, 0x0, 0x0, 0xca}, [@jmp={0x5, 0x0, 0x1, 0x6, 0x6, 0xffffffffffffffe0, 0x4}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffb}, @call={0x85, 0x0, 0x0, 0x89}, @map_fd={0x18, 0x3, 0x1, 0x0, r11}, @map_idx={0x18, 0x7, 0x5, 0x0, 0x4}]}, &(0x7f00000002c0)='GPL\x00', 0x3f, 0x86, &(0x7f0000000700)=""/134, 0x41100, 0x56, '\x00', 0x0, 0x0, r15, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000880)={0x1, 0x2, 0x2, 0x1f}, 0x10, 0x0, 0x0, 0x7, &(0x7f0000000940)=[0xffffffffffffffff], &(0x7f0000000980)=[{0x3, 0x3, 0xc, 0xc}, {0x0, 0x5, 0xd, 0x6}, {0x4, 0x2, 0xf, 0xa}, {0x4, 0x4, 0x0, 0x5}, {0x5, 0x3, 0x6, 0x5}, {0x3, 0x5, 0x10, 0x5}, {0x0, 0x3, 0x8, 0x2}], 0x10, 0x3}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x1c, 0xd, &(0x7f0000000000)=@raw=[@map_val={0x18, 0x0, 0x2, 0x0, r2, 0x0, 0x0, 0x0, 0x7}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x2}, @exit, @alu={0x7, 0x1, 0x6, 0x6, 0x2, 0x50, 0x4}, @map_val={0x18, 0x7}, @alu={0x4, 0x0, 0x6, 0x1, 0x5, 0x1, 0x8}, @ldst={0x1, 0x1, 0x0, 0xa, 0xa, 0xffffffffffffffe0, 0x8}, @map_idx_val={0x18, 0x4, 0x6, 0x0, 0x1002, 0x0, 0x0, 0x0, 0x401}, @exit, @call={0x85, 0x0, 0x0, 0x65}], &(0x7f0000000080)='syzkaller\x00', 0xa5, 0x1000, &(0x7f0000000440)=""/4096, 0x40f00, 0x3, '\x00', 0x0, 0xe, r1, 0x8, 0x0, 0x0, 0x10, &(0x7f00000000c0)={0x0, 0x1, 0xff, 0x2}, 0x10, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000180)=[r2, r3, r4, r15, r2], 0x0, 0x10, 0x3}, 0x90)

01:16:01 executing program 1:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000ec0)={0x1d, 0x0, 0x0, &(0x7f0000000280)='syzkaller\x00', 0x8e07, 0x9a, &(0x7f0000000d80)=""/154, 0x41100, 0x0, '\x00', 0x0, 0x12, 0xffffffffffffffff, 0x8, &(0x7f0000000c80), 0x8, 0x10, 0xfffffffffffffffc, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, &(0x7f0000000e40)=[0xffffffffffffffff], &(0x7f0000000e80)=[{0x0, 0x4, 0x7, 0x8}], 0x10, 0x5}, 0x90)

01:16:01 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0)
r6 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18d20300000000000000d69cce00"/25], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r2, r3, r4, 0xffffffffffffffff, r5, r6]}, 0x80)
mkdirat$cgroup(r5, &(0x7f00000001c0)='syz1\x00', 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x40000020)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000))
r7 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r7)

01:16:01 executing program 4:
syz_clone(0x75848400, 0x0, 0xfbffffff, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

01:16:01 executing program 2:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 29)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00'}, 0x10)

01:16:01 executing program 5:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000200)={0x5, <r0=>0x0}, 0x8)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000080)={{0xffffffffffffffff, <r1=>0xffffffffffffffff}, &(0x7f0000000000), &(0x7f0000000040)='%d     \x00'}, 0x20)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000300)={0x1, 0x58, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r2=>0x0}}, 0x10)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000600)={0x6, 0x1, &(0x7f0000000380)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffff8}], &(0x7f0000000440)='GPL\x00', 0x1, 0xee, &(0x7f0000000480)=""/238, 0x40f00, 0x44, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000580)={0x4, 0x4}, 0x8, 0x10, &(0x7f00000005c0)={0x5, 0xc, 0xfffffff7, 0x50}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xd9}, 0x90)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000006c0)={0x1, <r4=>0xffffffffffffffff}, 0x4)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000700)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x5, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x0, 0x5}, 0x48)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000780)=@bloom_filter={0x1e, 0xff, 0x4, 0x3, 0x210, 0x1, 0x1, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x5, 0x5, 0x6}, 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000800)={0x1, <r7=>0xffffffffffffffff}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0xb, 0x7, &(0x7f00000000c0)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffff8}, @map_val={0x18, 0x2, 0x2, 0x0, r1, 0x0, 0x0, 0x0, 0x7c58}, @generic={0x6e, 0x8, 0x1, 0x5b, 0x8}, @generic={0x1, 0x2, 0x6, 0x5a9, 0x3}, @initr0={0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x5}], &(0x7f0000000100)='GPL\x00', 0x4, 0x9d, &(0x7f0000000140)=""/157, 0x41000, 0x6, '\x00', r2, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000340)={0x4, 0xb, 0x7, 0x7fff}, 0x10, r0, r3, 0x8, &(0x7f0000000840)=[r4, r5, r6, r7], &(0x7f0000000880)=[{0x1, 0x3, 0x6, 0xc}, {0x3, 0x3, 0x10, 0xc}, {0x4, 0x1, 0xc, 0x6}, {0x3, 0x3, 0x5, 0x7}, {0x0, 0x3, 0xb, 0x3}, {0x2, 0x5, 0x2, 0x3}, {0x5, 0x4, 0x4, 0xb}, {0x3, 0x4, 0x2}], 0x10, 0x80000000}, 0x90)
r8 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000240)=r0, 0x4)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r8, 0x0, 0x4}, 0x48)

[ 1126.154845][T27370] Total swap = 124996kB
[ 1126.158915][T27370] 2097051 pages RAM
[ 1126.162485][T27370] 0 pages HighMem/MovableOnly
[ 1126.167180][T27370] 342715 pages reserved
[ 1126.171181][T27370] 0 pages cma reserved
[ 1126.193861][T27408] FAULT_INJECTION: forcing a failure.
[ 1126.193861][T27408] name failslab, interval 1, probability 0, space 0, times 0
[ 1126.231437][T27408] CPU: 1 PID: 27408 Comm: syz-executor.2 Tainted: G        W         5.15.132-syzkaller-01173-g754f8cc9b7de #0
[ 1126.242992][T27408] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023
[ 1126.252882][T27408] Call Trace:
[ 1126.255999][T27408]  <TASK>
[ 1126.258778][T27408]  dump_stack_lvl+0x151/0x1b7
[ 1126.263294][T27408]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 1126.268757][T27408]  ? __alloc_pages+0x206/0x5e0
[ 1126.273358][T27408]  dump_stack+0x15/0x17
[ 1126.277350][T27408]  should_fail+0x3c6/0x510
[ 1126.281604][T27408]  __should_failslab+0xa4/0xe0
[ 1126.286202][T27408]  ? vm_area_dup+0x26/0x230
[ 1126.290542][T27408]  should_failslab+0x9/0x20
[ 1126.294882][T27408]  slab_pre_alloc_hook+0x37/0xd0
[ 1126.299666][T27408]  ? vm_area_dup+0x26/0x230
[ 1126.304016][T27408]  kmem_cache_alloc+0x44/0x200
[ 1126.308601][T27408]  vm_area_dup+0x26/0x230
[ 1126.312765][T27408]  copy_mm+0x9a1/0x13e0
[ 1126.316758][T27408]  ? copy_signal+0x610/0x610
[ 1126.321181][T27408]  ? __init_rwsem+0xd6/0x1c0
[ 1126.325606][T27408]  ? copy_signal+0x4e3/0x610
[ 1126.330033][T27408]  copy_process+0x12bc/0x3260
[ 1126.334550][T27408]  ? proc_fail_nth_write+0x20b/0x290
[ 1126.339669][T27408]  ? fsnotify_perm+0x6a/0x5d0
[ 1126.344179][T27408]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1126.349127][T27408]  ? vfs_write+0x9ec/0x1110
[ 1126.353466][T27408]  kernel_clone+0x21e/0x9e0
[ 1126.357806][T27408]  ? file_end_write+0x1c0/0x1c0
[ 1126.362493][T27408]  ? create_io_thread+0x1e0/0x1e0
[ 1126.367351][T27408]  ? mutex_unlock+0xb2/0x260
[ 1126.371778][T27408]  ? __mutex_lock_slowpath+0x10/0x10
[ 1126.376901][T27408]  __x64_sys_clone+0x23f/0x290
[ 1126.381500][T27408]  ? __do_sys_vfork+0x130/0x130
[ 1126.386186][T27408]  ? ksys_write+0x260/0x2c0
[ 1126.390527][T27408]  ? debug_smp_processor_id+0x17/0x20
[ 1126.395733][T27408]  ? fpregs_assert_state_consistent+0xb6/0xe0
[ 1126.401638][T27408]  ? exit_to_user_mode_prepare+0x39/0xa0
[ 1126.407105][T27408]  do_syscall_64+0x3d/0xb0
[ 1126.411357][T27408]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1126.417085][T27408] RIP: 0033:0x7f7962f04ae9
[ 1126.421339][T27408] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 1126.440782][T27408] RSP: 002b:00007f7961c87078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1126.449024][T27408] RAX: ffffffffffffffda RBX: 00007f7963023f80 RCX: 00007f7962f04ae9
[ 1126.456834][T27408] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000075848400
[ 1126.464646][T27408] RBP: 00007f7961c87120 R08: 0000000000000000 R09: 0000000000000000
[ 1126.472456][T27408] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
01:16:01 executing program 2:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 30)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00'}, 0x10)

01:16:01 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
r5 = openat$cgroup_ro(r2, 0x0, 0x0, 0x0)
r6 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18d20300000000000000d69cce00"/25], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r2, r3, r4, 0xffffffffffffffff, r5, r6]}, 0x80)
mkdirat$cgroup(r5, &(0x7f00000001c0)='syz1\x00', 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x40000020)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000))
r7 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r7)

01:16:01 executing program 5:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000200)={0x5, <r0=>0x0}, 0x8) (async)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000080)={{0xffffffffffffffff, <r1=>0xffffffffffffffff}, &(0x7f0000000000), &(0x7f0000000040)='%d     \x00'}, 0x20) (async, rerun: 64)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000300)={0x1, 0x58, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r2=>0x0}}, 0x10) (async, rerun: 64)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000600)={0x6, 0x1, &(0x7f0000000380)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffff8}], &(0x7f0000000440)='GPL\x00', 0x1, 0xee, &(0x7f0000000480)=""/238, 0x40f00, 0x44, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000580)={0x4, 0x4}, 0x8, 0x10, &(0x7f00000005c0)={0x5, 0xc, 0xfffffff7, 0x50}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xd9}, 0x90) (async)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000006c0)={0x1, <r4=>0xffffffffffffffff}, 0x4) (async, rerun: 64)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000700)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x5, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x0, 0x5}, 0x48) (async, rerun: 64)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000780)=@bloom_filter={0x1e, 0xff, 0x4, 0x3, 0x210, 0x1, 0x1, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x5, 0x5, 0x6}, 0x48) (async)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000800)={0x1, <r7=>0xffffffffffffffff}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0xb, 0x7, &(0x7f00000000c0)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffff8}, @map_val={0x18, 0x2, 0x2, 0x0, r1, 0x0, 0x0, 0x0, 0x7c58}, @generic={0x6e, 0x8, 0x1, 0x5b, 0x8}, @generic={0x1, 0x2, 0x6, 0x5a9, 0x3}, @initr0={0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x5}], &(0x7f0000000100)='GPL\x00', 0x4, 0x9d, &(0x7f0000000140)=""/157, 0x41000, 0x6, '\x00', r2, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000340)={0x4, 0xb, 0x7, 0x7fff}, 0x10, r0, r3, 0x8, &(0x7f0000000840)=[r4, r5, r6, r7], &(0x7f0000000880)=[{0x1, 0x3, 0x6, 0xc}, {0x3, 0x3, 0x10, 0xc}, {0x4, 0x1, 0xc, 0x6}, {0x3, 0x3, 0x5, 0x7}, {0x0, 0x3, 0xb, 0x3}, {0x2, 0x5, 0x2, 0x3}, {0x5, 0x4, 0x4, 0xb}, {0x3, 0x4, 0x2}], 0x10, 0x80000000}, 0x90) (async)
r8 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000240)=r0, 0x4)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r8, 0x0, 0x4}, 0x48)

[ 1126.480271][T27408] R13: 000000000000000b R14: 00007f7963023f80 R15: 00007ffde0e39ef8
[ 1126.488082][T27408]  </TASK>
[ 1126.519055][T27422] FAULT_INJECTION: forcing a failure.
[ 1126.519055][T27422] name failslab, interval 1, probability 0, space 0, times 0
01:16:01 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
r5 = openat$cgroup_ro(r2, 0x0, 0x0, 0x0)
r6 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18d20300000000000000d69cce00"/25], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r2, r3, r4, 0xffffffffffffffff, r5, r6]}, 0x80)
mkdirat$cgroup(r5, &(0x7f00000001c0)='syz1\x00', 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x40000020)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000))
r7 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r7)

01:16:01 executing program 5:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000200)={0x5, <r0=>0x0}, 0x8)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000080)={{0xffffffffffffffff, <r1=>0xffffffffffffffff}, &(0x7f0000000000), &(0x7f0000000040)='%d     \x00'}, 0x20)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000300)={0x1, 0x58, &(0x7f0000000280)}, 0x10) (async)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000300)={0x1, 0x58, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r2=>0x0}}, 0x10)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000600)={0x6, 0x1, &(0x7f0000000380)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffff8}], &(0x7f0000000440)='GPL\x00', 0x1, 0xee, &(0x7f0000000480)=""/238, 0x40f00, 0x44, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000580)={0x4, 0x4}, 0x8, 0x10, &(0x7f00000005c0)={0x5, 0xc, 0xfffffff7, 0x50}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xd9}, 0x90)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000006c0)={0x1, <r4=>0xffffffffffffffff}, 0x4)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000700)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x5, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x0, 0x5}, 0x48) (async)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000700)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x5, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x0, 0x5}, 0x48)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000780)=@bloom_filter={0x1e, 0xff, 0x4, 0x3, 0x210, 0x1, 0x1, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x5, 0x5, 0x6}, 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000800)={0x1}, 0x4) (async)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000800)={0x1, <r7=>0xffffffffffffffff}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0xb, 0x7, &(0x7f00000000c0)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffff8}, @map_val={0x18, 0x2, 0x2, 0x0, r1, 0x0, 0x0, 0x0, 0x7c58}, @generic={0x6e, 0x8, 0x1, 0x5b, 0x8}, @generic={0x1, 0x2, 0x6, 0x5a9, 0x3}, @initr0={0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x5}], &(0x7f0000000100)='GPL\x00', 0x4, 0x9d, &(0x7f0000000140)=""/157, 0x41000, 0x6, '\x00', r2, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000340)={0x4, 0xb, 0x7, 0x7fff}, 0x10, r0, r3, 0x8, &(0x7f0000000840)=[r4, r5, r6, r7], &(0x7f0000000880)=[{0x1, 0x3, 0x6, 0xc}, {0x3, 0x3, 0x10, 0xc}, {0x4, 0x1, 0xc, 0x6}, {0x3, 0x3, 0x5, 0x7}, {0x0, 0x3, 0xb, 0x3}, {0x2, 0x5, 0x2, 0x3}, {0x5, 0x4, 0x4, 0xb}, {0x3, 0x4, 0x2}], 0x10, 0x80000000}, 0x90)
r8 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000240)=r0, 0x4)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r8, 0x0, 0x4}, 0x48)

[ 1126.586040][T27422] CPU: 1 PID: 27422 Comm: syz-executor.2 Tainted: G        W         5.15.132-syzkaller-01173-g754f8cc9b7de #0
[ 1126.597590][T27422] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023
[ 1126.607489][T27422] Call Trace:
[ 1126.610610][T27422]  <TASK>
[ 1126.613385][T27422]  dump_stack_lvl+0x151/0x1b7
[ 1126.617895][T27422]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 1126.623363][T27422]  ? avc_denied+0x1b0/0x1b0
[ 1126.627703][T27422]  dump_stack+0x15/0x17
[ 1126.631694][T27422]  should_fail+0x3c6/0x510
[ 1126.635952][T27422]  __should_failslab+0xa4/0xe0
[ 1126.640546][T27422]  ? vm_area_dup+0x26/0x230
[ 1126.644884][T27422]  should_failslab+0x9/0x20
[ 1126.649236][T27422]  slab_pre_alloc_hook+0x37/0xd0
[ 1126.653998][T27422]  ? vm_area_dup+0x26/0x230
[ 1126.658342][T27422]  kmem_cache_alloc+0x44/0x200
[ 1126.662939][T27422]  vm_area_dup+0x26/0x230
[ 1126.667107][T27422]  copy_mm+0x9a1/0x13e0
[ 1126.671100][T27422]  ? copy_signal+0x610/0x610
[ 1126.675525][T27422]  ? __init_rwsem+0xd6/0x1c0
[ 1126.679953][T27422]  ? copy_signal+0x4e3/0x610
[ 1126.684377][T27422]  copy_process+0x12bc/0x3260
[ 1126.688891][T27422]  ? proc_fail_nth_write+0x20b/0x290
[ 1126.694010][T27422]  ? fsnotify_perm+0x6a/0x5d0
[ 1126.698523][T27422]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1126.703479][T27422]  ? vfs_write+0x9ec/0x1110
[ 1126.707809][T27422]  kernel_clone+0x21e/0x9e0
[ 1126.712150][T27422]  ? file_end_write+0x1c0/0x1c0
[ 1126.716837][T27422]  ? create_io_thread+0x1e0/0x1e0
[ 1126.721695][T27422]  ? mutex_unlock+0xb2/0x260
[ 1126.726123][T27422]  ? __mutex_lock_slowpath+0x10/0x10
[ 1126.731247][T27422]  __x64_sys_clone+0x23f/0x290
[ 1126.735842][T27422]  ? __do_sys_vfork+0x130/0x130
[ 1126.740533][T27422]  ? ksys_write+0x260/0x2c0
[ 1126.744870][T27422]  ? debug_smp_processor_id+0x17/0x20
[ 1126.750076][T27422]  ? fpregs_assert_state_consistent+0xb6/0xe0
[ 1126.755978][T27422]  ? exit_to_user_mode_prepare+0x39/0xa0
[ 1126.761447][T27422]  do_syscall_64+0x3d/0xb0
[ 1126.765698][T27422]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1126.771427][T27422] RIP: 0033:0x7f7962f04ae9
[ 1126.775683][T27422] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 1126.795122][T27422] RSP: 002b:00007f7961c87078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1126.803368][T27422] RAX: ffffffffffffffda RBX: 00007f7963023f80 RCX: 00007f7962f04ae9
[ 1126.811177][T27422] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000075848400
[ 1126.818990][T27422] RBP: 00007f7961c87120 R08: 0000000000000000 R09: 0000000000000000
[ 1126.826802][T27422] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
01:16:02 executing program 0:
syz_clone(0x75848402, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00', r0}, 0x10)

01:16:02 executing program 1:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000ec0)={0x1d, 0x0, 0x0, &(0x7f0000000280)='syzkaller\x00', 0x8e07, 0x9a, &(0x7f0000000d80)=""/154, 0x41100, 0x0, '\x00', 0x0, 0x12, 0xffffffffffffffff, 0x8, &(0x7f0000000c80), 0x8, 0x10, 0xfffffffffffffffc, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, &(0x7f0000000e40)=[0xffffffffffffffff], &(0x7f0000000e80)=[{0x0, 0x4, 0x7, 0x8}], 0x10, 0x5}, 0x90)

01:16:02 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r1)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(r1, 0x0, 0x0, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
mkdirat$cgroup(r4, &(0x7f00000001c0)='syz1\x00', 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x40000020)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000))
r5 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r5)

[ 1126.834610][T27422] R13: 000000000000000b R14: 00007f7963023f80 R15: 00007ffde0e39ef8
[ 1126.842433][T27422]  </TASK>
01:16:02 executing program 5:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000200)={0x0, <r0=>0x0}, 0x8)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000240)=r0, 0x4)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r1, 0x0, 0x4}, 0x48)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000080)={{r2, <r3=>0xffffffffffffffff}, &(0x7f0000000000), &(0x7f0000000040)='%p     \x00'}, 0x20)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000540)={0xffffffffffffffff, 0xe0, &(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000280)=[0x0, 0x0, 0x0], ""/16, <r4=>0x0, 0x0, 0x0, 0x0, 0xa, 0x1, &(0x7f00000002c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000340)=[0x0], 0x0, 0x8, &(0x7f0000000440)=[{}, {}, {}, {}, {}, {}, {}, {}, {}], 0x48, 0x10, &(0x7f0000000380), &(0x7f00000004c0), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000500)}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x2, 0x6, &(0x7f0000000140)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, [@map_idx_val={0x18, 0xb, 0x6, 0x0, 0x8, 0x0, 0x0, 0x0, 0xff}, @exit]}, &(0x7f00000001c0)='GPL\x00', 0x6653e02e, 0x0, 0x0, 0x41000, 0x19, '\x00', r4, 0x2b, r1, 0x8, &(0x7f0000000580)={0x6, 0x1}, 0x8, 0x10, &(0x7f00000005c0)={0x2, 0xd, 0x0, 0x7}, 0x10, r0, 0xffffffffffffffff, 0x1, &(0x7f0000000740)=[r3], &(0x7f0000000780)=[{0x0, 0x1, 0x5, 0x4}], 0x10, 0x7}, 0x90)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000d40)={r5, 0xe0, &(0x7f0000000c40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r6=>0x0, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f0000000ac0), &(0x7f0000000600)=[0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000b40)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f0000000180), 0x0, 0x0, 0x10, 0x8, 0x8, &(0x7f0000000c00)}}, 0x10)
r7 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000009c0)='memory.stat\x00', 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1e9327171b1bc20e, 0x46, '\x00', r6, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000980)={0x5, 0xd, 0x0, 0x3}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000f80)=[0xffffffffffffffff, r7], 0x0, 0x10, 0x7}, 0x90)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0)={0x2, 0x4, 0x8, 0x1, 0x80, r3, 0x81, '\x00', r6, r1, 0x1, 0x0, 0x1}, 0x48)

01:16:03 executing program 4:
syz_clone(0x75848400, 0x0, 0xfeffffff, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

01:16:03 executing program 5:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000200)={0x0, <r0=>0x0}, 0x8)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000240)=r0, 0x4)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r1, 0x0, 0x4}, 0x48)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000080)={{r2, <r3=>0xffffffffffffffff}, &(0x7f0000000000), &(0x7f0000000040)='%p     \x00'}, 0x20) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000540)={0xffffffffffffffff, 0xe0, &(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000280)=[0x0, 0x0, 0x0], ""/16, <r4=>0x0, 0x0, 0x0, 0x0, 0xa, 0x1, &(0x7f00000002c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000340)=[0x0], 0x0, 0x8, &(0x7f0000000440)=[{}, {}, {}, {}, {}, {}, {}, {}, {}], 0x48, 0x10, &(0x7f0000000380), &(0x7f00000004c0), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000500)}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x2, 0x6, &(0x7f0000000140)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, [@map_idx_val={0x18, 0xb, 0x6, 0x0, 0x8, 0x0, 0x0, 0x0, 0xff}, @exit]}, &(0x7f00000001c0)='GPL\x00', 0x6653e02e, 0x0, 0x0, 0x41000, 0x19, '\x00', r4, 0x2b, r1, 0x8, &(0x7f0000000580)={0x6, 0x1}, 0x8, 0x10, &(0x7f00000005c0)={0x2, 0xd, 0x0, 0x7}, 0x10, r0, 0xffffffffffffffff, 0x1, &(0x7f0000000740)=[r3], &(0x7f0000000780)=[{0x0, 0x1, 0x5, 0x4}], 0x10, 0x7}, 0x90) (async)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000d40)={r5, 0xe0, &(0x7f0000000c40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r6=>0x0, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f0000000ac0), &(0x7f0000000600)=[0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000b40)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f0000000180), 0x0, 0x0, 0x10, 0x8, 0x8, &(0x7f0000000c00)}}, 0x10) (async)
r7 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000009c0)='memory.stat\x00', 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1e9327171b1bc20e, 0x46, '\x00', r6, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000980)={0x5, 0xd, 0x0, 0x3}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000f80)=[0xffffffffffffffff, r7], 0x0, 0x10, 0x7}, 0x90) (async)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0)={0x2, 0x4, 0x8, 0x1, 0x80, r3, 0x81, '\x00', r6, r1, 0x1, 0x0, 0x1}, 0x48)

01:16:03 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r1)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(r1, 0x0, 0x0, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
mkdirat$cgroup(r4, &(0x7f00000001c0)='syz1\x00', 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x40000020)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000))
r5 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r5)

01:16:03 executing program 0:
syz_clone(0x75848403, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00', r0}, 0x10)

01:16:03 executing program 2:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 31)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00'}, 0x10)

01:16:03 executing program 1:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000ec0)={0x1d, 0x0, 0x0, &(0x7f0000000280)='syzkaller\x00', 0x8e07, 0x9a, &(0x7f0000000d80)=""/154, 0x41100, 0x5, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000c80), 0x8, 0x10, 0xfffffffffffffffc, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, &(0x7f0000000e40)=[0xffffffffffffffff], &(0x7f0000000e80)=[{0x0, 0x4, 0x7, 0x8}], 0x10, 0x5}, 0x90)

01:16:03 executing program 5:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000200)={0x0, <r0=>0x0}, 0x8)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000240)=r0, 0x4)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r1, 0x0, 0x4}, 0x48)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000080)={{r2, <r3=>0xffffffffffffffff}, &(0x7f0000000000), &(0x7f0000000040)='%p     \x00'}, 0x20) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000540)={0xffffffffffffffff, 0xe0, &(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000280)=[0x0, 0x0, 0x0], ""/16, <r4=>0x0, 0x0, 0x0, 0x0, 0xa, 0x1, &(0x7f00000002c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000340)=[0x0], 0x0, 0x8, &(0x7f0000000440)=[{}, {}, {}, {}, {}, {}, {}, {}, {}], 0x48, 0x10, &(0x7f0000000380), &(0x7f00000004c0), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000500)}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x2, 0x6, &(0x7f0000000140)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, [@map_idx_val={0x18, 0xb, 0x6, 0x0, 0x8, 0x0, 0x0, 0x0, 0xff}, @exit]}, &(0x7f00000001c0)='GPL\x00', 0x6653e02e, 0x0, 0x0, 0x41000, 0x19, '\x00', r4, 0x2b, r1, 0x8, &(0x7f0000000580)={0x6, 0x1}, 0x8, 0x10, &(0x7f00000005c0)={0x2, 0xd, 0x0, 0x7}, 0x10, r0, 0xffffffffffffffff, 0x1, &(0x7f0000000740)=[r3], &(0x7f0000000780)=[{0x0, 0x1, 0x5, 0x4}], 0x10, 0x7}, 0x90)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000d40)={r5, 0xe0, &(0x7f0000000c40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r6=>0x0, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f0000000ac0), &(0x7f0000000600)=[0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000b40)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f0000000180), 0x0, 0x0, 0x10, 0x8, 0x8, &(0x7f0000000c00)}}, 0x10) (async)
r7 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000009c0)='memory.stat\x00', 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1e9327171b1bc20e, 0x46, '\x00', r6, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000980)={0x5, 0xd, 0x0, 0x3}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000f80)=[0xffffffffffffffff, r7], 0x0, 0x10, 0x7}, 0x90) (async)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0)={0x2, 0x4, 0x8, 0x1, 0x80, r3, 0x81, '\x00', r6, r1, 0x1, 0x0, 0x1}, 0x48)

01:16:03 executing program 0:
syz_clone(0x75848404, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00', r0}, 0x10)

01:16:03 executing program 5:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000200)={0x0, <r0=>0x0}, 0x8)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000240)=r0, 0x4)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r1, 0x0, 0x4}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xb, 0x3, 0x1f, 0x94, 0x2000, r2, 0x2, '\x00', 0x0, r1, 0x4, 0x4, 0x1}, 0x48)

01:16:03 executing program 5:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000200)={0x0, <r0=>0x0}, 0x8)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000240)=r0, 0x4)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r1, 0x0, 0x4}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xb, 0x3, 0x1f, 0x94, 0x2000, r2, 0x2, '\x00', 0x0, r1, 0x4, 0x4, 0x1}, 0x48)

[ 1127.917102][T27470] FAULT_INJECTION: forcing a failure.
[ 1127.917102][T27470] name failslab, interval 1, probability 0, space 0, times 0
[ 1127.947593][T27470] CPU: 1 PID: 27470 Comm: syz-executor.2 Tainted: G        W         5.15.132-syzkaller-01173-g754f8cc9b7de #0
01:16:03 executing program 5:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000200)={0x0, <r0=>0x0}, 0x8)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000240)=r0, 0x4)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r1, 0x0, 0x4}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xb, 0x3, 0x1f, 0x94, 0x2000, r2, 0x2, '\x00', 0x0, r1, 0x4, 0x4, 0x1}, 0x48)

01:16:03 executing program 5:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000200)={0x0, <r0=>0x0}, 0x8)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000000)=r0, 0x4)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000240)=r0, 0x4)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r1, 0x0, 0x4}, 0x48)

[ 1127.959248][T27470] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023
[ 1127.969146][T27470] Call Trace:
[ 1127.972267][T27470]  <TASK>
[ 1127.975046][T27470]  dump_stack_lvl+0x151/0x1b7
[ 1127.979559][T27470]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 1127.985022][T27470]  dump_stack+0x15/0x17
[ 1127.989015][T27470]  should_fail+0x3c6/0x510
[ 1127.993269][T27470]  __should_failslab+0xa4/0xe0
[ 1127.997868][T27470]  ? anon_vma_fork+0xf7/0x4e0
[ 1128.002380][T27470]  should_failslab+0x9/0x20
[ 1128.006721][T27470]  slab_pre_alloc_hook+0x37/0xd0
[ 1128.011493][T27470]  ? anon_vma_fork+0xf7/0x4e0
[ 1128.016006][T27470]  kmem_cache_alloc+0x44/0x200
[ 1128.020610][T27470]  anon_vma_fork+0xf7/0x4e0
[ 1128.024946][T27470]  ? anon_vma_name+0x4c/0x70
[ 1128.029373][T27470]  ? vm_area_dup+0x17a/0x230
[ 1128.033801][T27470]  copy_mm+0xa3a/0x13e0
[ 1128.037793][T27470]  ? copy_signal+0x610/0x610
[ 1128.042213][T27470]  ? __init_rwsem+0xd6/0x1c0
[ 1128.046639][T27470]  ? copy_signal+0x4e3/0x610
[ 1128.051068][T27470]  copy_process+0x12bc/0x3260
[ 1128.055584][T27470]  ? proc_fail_nth_write+0x20b/0x290
[ 1128.060699][T27470]  ? fsnotify_perm+0x6a/0x5d0
[ 1128.065241][T27470]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1128.070160][T27470]  ? vfs_write+0x9ec/0x1110
[ 1128.074500][T27470]  kernel_clone+0x21e/0x9e0
[ 1128.078837][T27470]  ? file_end_write+0x1c0/0x1c0
[ 1128.083536][T27470]  ? create_io_thread+0x1e0/0x1e0
[ 1128.088385][T27470]  ? mutex_unlock+0xb2/0x260
[ 1128.092814][T27470]  ? __mutex_lock_slowpath+0x10/0x10
[ 1128.097934][T27470]  __x64_sys_clone+0x23f/0x290
[ 1128.102534][T27470]  ? __do_sys_vfork+0x130/0x130
[ 1128.107218][T27470]  ? ksys_write+0x260/0x2c0
[ 1128.111561][T27470]  ? debug_smp_processor_id+0x17/0x20
[ 1128.116768][T27470]  ? fpregs_assert_state_consistent+0xb6/0xe0
[ 1128.122674][T27470]  ? exit_to_user_mode_prepare+0x39/0xa0
[ 1128.128140][T27470]  do_syscall_64+0x3d/0xb0
[ 1128.132388][T27470]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1128.138117][T27470] RIP: 0033:0x7f7962f04ae9
[ 1128.142372][T27470] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
01:16:03 executing program 4:
syz_clone(0x75848400, 0x0, 0xffff0300, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

01:16:03 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r1)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(r1, 0x0, 0x0, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
mkdirat$cgroup(r4, &(0x7f00000001c0)='syz1\x00', 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x40000020)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000))
r5 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r5)

01:16:03 executing program 2:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 32)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00'}, 0x10)

01:16:03 executing program 5:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000200)={0x0, <r0=>0x0}, 0x8)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000000)=r0, 0x4)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000240)=r0, 0x4)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r1, 0x0, 0x4}, 0x48)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000200), 0x8) (async)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000000)=r0, 0x4) (async)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000240)=r0, 0x4) (async)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r1, 0x0, 0x4}, 0x48) (async)

[ 1128.161817][T27470] RSP: 002b:00007f7961c87078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1128.170055][T27470] RAX: ffffffffffffffda RBX: 00007f7963023f80 RCX: 00007f7962f04ae9
[ 1128.177873][T27470] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000075848400
[ 1128.185678][T27470] RBP: 00007f7961c87120 R08: 0000000000000000 R09: 0000000000000000
[ 1128.193494][T27470] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1128.201302][T27470] R13: 000000000000000b R14: 00007f7963023f80 R15: 00007ffde0e39ef8
[ 1128.209131][T27470]  </TASK>
01:16:03 executing program 5:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000200)={0x0, <r0=>0x0}, 0x8)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000000)=r0, 0x4)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000240)=r0, 0x4)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r1, 0x0, 0x4}, 0x48)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000200), 0x8) (async)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000000)=r0, 0x4) (async)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000240)=r0, 0x4) (async)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r1, 0x0, 0x4}, 0x48) (async)

[ 1128.290010][T27499] FAULT_INJECTION: forcing a failure.
[ 1128.290010][T27499] name failslab, interval 1, probability 0, space 0, times 0
[ 1128.316504][T27499] CPU: 1 PID: 27499 Comm: syz-executor.2 Tainted: G        W         5.15.132-syzkaller-01173-g754f8cc9b7de #0
[ 1128.328055][T27499] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023
[ 1128.337945][T27499] Call Trace:
[ 1128.341066][T27499]  <TASK>
[ 1128.343845][T27499]  dump_stack_lvl+0x151/0x1b7
[ 1128.348360][T27499]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 1128.353826][T27499]  dump_stack+0x15/0x17
[ 1128.357818][T27499]  should_fail+0x3c6/0x510
[ 1128.362070][T27499]  __should_failslab+0xa4/0xe0
[ 1128.366670][T27499]  ? anon_vma_fork+0x1df/0x4e0
[ 1128.371270][T27499]  should_failslab+0x9/0x20
[ 1128.375609][T27499]  slab_pre_alloc_hook+0x37/0xd0
[ 1128.380385][T27499]  ? anon_vma_fork+0x1df/0x4e0
[ 1128.384982][T27499]  kmem_cache_alloc+0x44/0x200
[ 1128.389584][T27499]  anon_vma_fork+0x1df/0x4e0
[ 1128.394009][T27499]  copy_mm+0xa3a/0x13e0
[ 1128.398006][T27499]  ? copy_signal+0x610/0x610
[ 1128.402427][T27499]  ? __init_rwsem+0xd6/0x1c0
[ 1128.406856][T27499]  ? copy_signal+0x4e3/0x610
[ 1128.411281][T27499]  copy_process+0x12bc/0x3260
[ 1128.415794][T27499]  ? proc_fail_nth_write+0x20b/0x290
[ 1128.420915][T27499]  ? fsnotify_perm+0x6a/0x5d0
[ 1128.425427][T27499]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1128.430375][T27499]  ? vfs_write+0x9ec/0x1110
[ 1128.434714][T27499]  kernel_clone+0x21e/0x9e0
[ 1128.439054][T27499]  ? file_end_write+0x1c0/0x1c0
[ 1128.443744][T27499]  ? create_io_thread+0x1e0/0x1e0
[ 1128.448600][T27499]  ? mutex_unlock+0xb2/0x260
[ 1128.453029][T27499]  ? __mutex_lock_slowpath+0x10/0x10
[ 1128.458149][T27499]  __x64_sys_clone+0x23f/0x290
[ 1128.462747][T27499]  ? __do_sys_vfork+0x130/0x130
[ 1128.467434][T27499]  ? ksys_write+0x260/0x2c0
[ 1128.471778][T27499]  ? debug_smp_processor_id+0x17/0x20
[ 1128.476982][T27499]  ? fpregs_assert_state_consistent+0xb6/0xe0
[ 1128.482882][T27499]  ? exit_to_user_mode_prepare+0x39/0xa0
[ 1128.488354][T27499]  do_syscall_64+0x3d/0xb0
[ 1128.492604][T27499]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1128.498332][T27499] RIP: 0033:0x7f7962f04ae9
[ 1128.502587][T27499] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 1128.522026][T27499] RSP: 002b:00007f7961c87078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1128.530317][T27499] RAX: ffffffffffffffda RBX: 00007f7963023f80 RCX: 00007f7962f04ae9
[ 1128.538086][T27499] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000075848400
[ 1128.545899][T27499] RBP: 00007f7961c87120 R08: 0000000000000000 R09: 0000000000000000
[ 1128.553706][T27499] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1128.561515][T27499] R13: 000000000000000b R14: 00007f7963023f80 R15: 00007ffde0e39ef8
[ 1128.569333][T27499]  </TASK>
01:16:03 executing program 1:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000ec0)={0x1d, 0x0, 0x0, &(0x7f0000000280)='syzkaller\x00', 0x8e07, 0x9a, &(0x7f0000000d80)=""/154, 0x41100, 0x5, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000c80), 0x8, 0x10, 0xfffffffffffffffc, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, &(0x7f0000000e40)=[0xffffffffffffffff], &(0x7f0000000e80)=[{0x0, 0x4, 0x7, 0x8}], 0x10, 0x5}, 0x90)

01:16:03 executing program 0:
syz_clone(0x75848407, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00', r0}, 0x10)

01:16:03 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
r5 = openat$cgroup_ro(r2, 0x0, 0x0, 0x0)
r6 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x0, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18d20300000000000000d69cce00"/25], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r2, r3, r4, 0xffffffffffffffff, r5, r6]}, 0x80)
mkdirat$cgroup(r5, &(0x7f00000001c0)='syz1\x00', 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x40000020)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000))
r7 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r7)

01:16:03 executing program 5:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000200)={0x0, <r0=>0x0}, 0x8)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000240)=r0, 0x4)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r1, 0x0, 0x4}, 0x48)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x2, 0x4, 0x6, 0xbaa}, 0x48)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000003c0)={0x0, &(0x7f00000002c0)=""/251, &(0x7f0000000000), &(0x7f0000000200), 0xa7c, r3}, 0x38)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f00000002c0)={0x101, <r4=>0x0}, 0xfffffffffffffd82)
bpf$PROG_LOAD(0x5, &(0x7f00000021c0)={0x0, 0x4, &(0x7f00000007c0)=ANY=[@ANYBLOB="38323ead0f5bb522ee7f23e351e6c7069385aecdd8fb4d6a7070fafe9fdbf72f84faef400a1333d7b448355738104f66188449de4dd9cf00dfdc88ffe0e94be01d5ef3e2e96b89ddb02218dba4c27893177a66fcf579b8bd2b835f111de920f3509bc8449e1832118be2b35cf6cab240559fa4cc77d38ccaadddc28518b4919125969f2413c1e5bf1548268d168d4c719eaaff074605d7edb75f281434ed367a4def3d6ea7616abd88b7733c63d2d738e5db07789070db5776a500d655dfc0f73573be99b6883da5c9b0665d7aed85f10c1f19b4eb4059827331ae9157b0d25f7844e5c19ddea3323f0ccfd3402725fc0725e16d3f2a040c622d5331e7e850e9a15f081ed3387c06bd0eaa9632455ee9cf1e0047a59225670e9a36e8932ae29fb95505bb2b95608ab7250b9d4a329fed22ced101619ff755bb8186209224811f279d6d737a7e73aa2a39c5fcef64cf7576ef44515651655daf0650026cb37b06524f39a5a3260705c0db0209a47920e2364a14b34add67", @ANYRES32, @ANYBLOB="00008a00000000000000608700000000000000000000002c005def57ecd049c56eb57148454406086772e848833912c78544888f2d4e5c7f16b925fc60a375aa6288141d75055bfae63cfb94fb84162f20343decca126059eacc5f338be1349b9419b00dfefe0819fc84a297fa0159b875b06b993a78beb966a0f9a1b3b91b6294183b3cee6115bdf6adb4d72a65b147d9fad484d2a4dd368a9bf02acedbd77ae5db00c7376e103c5a5e057f084675758fd3196c"], &(0x7f0000001f40)='GPL\x00', 0x0, 0x37, &(0x7f0000001f80)=""/55, 0x41100, 0x9, '\x00', 0x0, 0x1e, 0xffffffffffffffff, 0x8, &(0x7f0000002080)={0x0, 0x3}, 0x8, 0x10, &(0x7f00000020c0)={0x3, 0xa, 0x3, 0x7}, 0x10, r4, 0xffffffffffffffff, 0x0, &(0x7f0000002180)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}, 0x80)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x7, 0xa, &(0x7f00000004c0)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0x6}, @ldst={0x0, 0x3, 0x1, 0x4, 0x7, 0xc, 0x1}, @map_fd, @btf_id={0x18, 0x9, 0x3, 0x0, 0x5}, @map_val={0x18, 0x0, 0x2, 0x0, r3, 0x0, 0x0, 0x0, 0x1ff}, @map_idx={0x18, 0x0, 0x5, 0x0, 0x2}], &(0x7f0000000580)='syzkaller\x00', 0xb99d, 0x1f, &(0x7f00000005c0)=""/31, 0x41000, 0x2, '\x00', 0x0, 0x5, 0xffffffffffffffff, 0x8, &(0x7f0000000600)={0xa, 0x5}, 0x8, 0x10, &(0x7f0000000680)={0x4, 0xe, 0x8, 0xfa}, 0x10, r4}, 0x80)
r5 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r6 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r6)
r7 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r7)
r8 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r8)
r9 = openat$cgroup_ro(r6, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0)
r10 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18c25fd1f45e9059827d3f7423e3b5d69cce000000000000000000"], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r5, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r6, r7, r8, 0xffffffffffffffff, r9, r10]}, 0x80)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000180)={{0x1, <r11=>0xffffffffffffffff}, &(0x7f0000000100), &(0x7f0000000140)='%p     \x00'}, 0x20)
r12 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r13 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r13)
r14 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r14)
r15 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r15)
r16 = openat$cgroup_ro(r13, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0)
r17 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18c25fd1f45e9059827d3f7423e3b5d69cce000000000000000000"], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r12, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r13, r14, r15, 0xffffffffffffffff, r16, r17]}, 0x80)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0xbfad28ed9a7f4e4e, 0xf, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, [@btf_id={0x18, 0x4, 0x3, 0x0, 0x2}, @func={0x85, 0x0, 0x1, 0x0, 0x7}, @printk={@pointer, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x6}}, @alu={0x4, 0x0, 0x5, 0x6, 0x0, 0x30, 0x8}]}, &(0x7f0000000080)='GPL\x00', 0x7, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x10, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f00000000c0)={0x4, 0xa, 0x2, 0x8}, 0x10, r4, r6, 0x7, &(0x7f00000001c0)=[r2, r2, r11, r14], &(0x7f0000000280)=[{0x3, 0x3, 0x3}, {0x2, 0x5, 0x0, 0x4}, {0x3, 0x5, 0xc, 0xb}, {0x5, 0x1, 0xc, 0xc}, {0x1, 0x3, 0x5}, {0x5, 0x3, 0x9, 0x6}, {0x4, 0x2, 0x10, 0x6}], 0x10, 0xda60000}, 0x90)

01:16:03 executing program 4:
syz_clone(0x75848400, 0x0, 0xfffffff5, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

01:16:03 executing program 2:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 33)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00'}, 0x10)

01:16:03 executing program 5:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000200)={0x0, <r0=>0x0}, 0x8)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000240)=r0, 0x4)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r1, 0x0, 0x4}, 0x48) (async, rerun: 32)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x2, 0x4, 0x6, 0xbaa}, 0x48) (rerun: 32)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000003c0)={0x0, &(0x7f00000002c0)=""/251, &(0x7f0000000000), &(0x7f0000000200), 0xa7c, r3}, 0x38) (async)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f00000002c0)={0x101, <r4=>0x0}, 0xfffffffffffffd82)
bpf$PROG_LOAD(0x5, &(0x7f00000021c0)={0x0, 0x4, &(0x7f00000007c0)=ANY=[@ANYBLOB="38323ead0f5bb522ee7f23e351e6c7069385aecdd8fb4d6a7070fafe9fdbf72f84faef400a1333d7b448355738104f66188449de4dd9cf00dfdc88ffe0e94be01d5ef3e2e96b89ddb02218dba4c27893177a66fcf579b8bd2b835f111de920f3509bc8449e1832118be2b35cf6cab240559fa4cc77d38ccaadddc28518b4919125969f2413c1e5bf1548268d168d4c719eaaff074605d7edb75f281434ed367a4def3d6ea7616abd88b7733c63d2d738e5db07789070db5776a500d655dfc0f73573be99b6883da5c9b0665d7aed85f10c1f19b4eb4059827331ae9157b0d25f7844e5c19ddea3323f0ccfd3402725fc0725e16d3f2a040c622d5331e7e850e9a15f081ed3387c06bd0eaa9632455ee9cf1e0047a59225670e9a36e8932ae29fb95505bb2b95608ab7250b9d4a329fed22ced101619ff755bb8186209224811f279d6d737a7e73aa2a39c5fcef64cf7576ef44515651655daf0650026cb37b06524f39a5a3260705c0db0209a47920e2364a14b34add67", @ANYRES32, @ANYBLOB="00008a00000000000000608700000000000000000000002c005def57ecd049c56eb57148454406086772e848833912c78544888f2d4e5c7f16b925fc60a375aa6288141d75055bfae63cfb94fb84162f20343decca126059eacc5f338be1349b9419b00dfefe0819fc84a297fa0159b875b06b993a78beb966a0f9a1b3b91b6294183b3cee6115bdf6adb4d72a65b147d9fad484d2a4dd368a9bf02acedbd77ae5db00c7376e103c5a5e057f084675758fd3196c"], &(0x7f0000001f40)='GPL\x00', 0x0, 0x37, &(0x7f0000001f80)=""/55, 0x41100, 0x9, '\x00', 0x0, 0x1e, 0xffffffffffffffff, 0x8, &(0x7f0000002080)={0x0, 0x3}, 0x8, 0x10, &(0x7f00000020c0)={0x3, 0xa, 0x3, 0x7}, 0x10, r4, 0xffffffffffffffff, 0x0, &(0x7f0000002180)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}, 0x80) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x7, 0xa, &(0x7f00000004c0)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0x6}, @ldst={0x0, 0x3, 0x1, 0x4, 0x7, 0xc, 0x1}, @map_fd, @btf_id={0x18, 0x9, 0x3, 0x0, 0x5}, @map_val={0x18, 0x0, 0x2, 0x0, r3, 0x0, 0x0, 0x0, 0x1ff}, @map_idx={0x18, 0x0, 0x5, 0x0, 0x2}], &(0x7f0000000580)='syzkaller\x00', 0xb99d, 0x1f, &(0x7f00000005c0)=""/31, 0x41000, 0x2, '\x00', 0x0, 0x5, 0xffffffffffffffff, 0x8, &(0x7f0000000600)={0xa, 0x5}, 0x8, 0x10, &(0x7f0000000680)={0x4, 0xe, 0x8, 0xfa}, 0x10, r4}, 0x80) (async)
r5 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r6 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r6) (async)
r7 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r7) (async)
r8 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r8) (async, rerun: 32)
r9 = openat$cgroup_ro(r6, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0) (async, rerun: 32)
r10 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18c25fd1f45e9059827d3f7423e3b5d69cce000000000000000000"], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r5, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r6, r7, r8, 0xffffffffffffffff, r9, r10]}, 0x80) (async, rerun: 64)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000180)={{0x1, <r11=>0xffffffffffffffff}, &(0x7f0000000100), &(0x7f0000000140)='%p     \x00'}, 0x20) (async, rerun: 64)
r12 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r13 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r13) (async, rerun: 32)
r14 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0) (rerun: 32)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r14)
r15 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r15) (async)
r16 = openat$cgroup_ro(r13, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0) (async, rerun: 32)
r17 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc) (rerun: 32)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18c25fd1f45e9059827d3f7423e3b5d69cce000000000000000000"], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r12, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r13, r14, r15, 0xffffffffffffffff, r16, r17]}, 0x80)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0xbfad28ed9a7f4e4e, 0xf, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, [@btf_id={0x18, 0x4, 0x3, 0x0, 0x2}, @func={0x85, 0x0, 0x1, 0x0, 0x7}, @printk={@pointer, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x6}}, @alu={0x4, 0x0, 0x5, 0x6, 0x0, 0x30, 0x8}]}, &(0x7f0000000080)='GPL\x00', 0x7, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x10, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f00000000c0)={0x4, 0xa, 0x2, 0x8}, 0x10, r4, r6, 0x7, &(0x7f00000001c0)=[r2, r2, r11, r14], &(0x7f0000000280)=[{0x3, 0x3, 0x3}, {0x2, 0x5, 0x0, 0x4}, {0x3, 0x5, 0xc, 0xb}, {0x5, 0x1, 0xc, 0xc}, {0x1, 0x3, 0x5}, {0x5, 0x3, 0x9, 0x6}, {0x4, 0x2, 0x10, 0x6}], 0x10, 0xda60000}, 0x90)

[ 1128.637628][T27512] FAULT_INJECTION: forcing a failure.
[ 1128.637628][T27512] name failslab, interval 1, probability 0, space 0, times 0
[ 1128.671700][T27512] CPU: 0 PID: 27512 Comm: syz-executor.2 Tainted: G        W         5.15.132-syzkaller-01173-g754f8cc9b7de #0
[ 1128.683246][T27512] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023
[ 1128.693144][T27512] Call Trace:
[ 1128.696266][T27512]  <TASK>
[ 1128.699053][T27512]  dump_stack_lvl+0x151/0x1b7
[ 1128.703553][T27512]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 1128.709018][T27512]  ? avc_denied+0x1b0/0x1b0
[ 1128.713357][T27512]  dump_stack+0x15/0x17
[ 1128.717348][T27512]  should_fail+0x3c6/0x510
[ 1128.721603][T27512]  __should_failslab+0xa4/0xe0
[ 1128.726200][T27512]  ? vm_area_dup+0x26/0x230
[ 1128.730542][T27512]  should_failslab+0x9/0x20
[ 1128.734882][T27512]  slab_pre_alloc_hook+0x37/0xd0
[ 1128.739656][T27512]  ? vm_area_dup+0x26/0x230
[ 1128.743993][T27512]  kmem_cache_alloc+0x44/0x200
[ 1128.748599][T27512]  vm_area_dup+0x26/0x230
[ 1128.752764][T27512]  copy_mm+0x9a1/0x13e0
[ 1128.756756][T27512]  ? copy_signal+0x610/0x610
[ 1128.761177][T27512]  ? __init_rwsem+0xd6/0x1c0
[ 1128.765603][T27512]  ? copy_signal+0x4e3/0x610
[ 1128.770033][T27512]  copy_process+0x12bc/0x3260
[ 1128.774546][T27512]  ? proc_fail_nth_write+0x20b/0x290
[ 1128.779672][T27512]  ? fsnotify_perm+0x6a/0x5d0
[ 1128.784178][T27512]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1128.789126][T27512]  ? vfs_write+0x9ec/0x1110
[ 1128.793466][T27512]  kernel_clone+0x21e/0x9e0
[ 1128.797807][T27512]  ? file_end_write+0x1c0/0x1c0
[ 1128.802493][T27512]  ? create_io_thread+0x1e0/0x1e0
[ 1128.807352][T27512]  ? mutex_unlock+0xb2/0x260
[ 1128.811778][T27512]  ? __mutex_lock_slowpath+0x10/0x10
[ 1128.816902][T27512]  __x64_sys_clone+0x23f/0x290
[ 1128.821499][T27512]  ? __do_sys_vfork+0x130/0x130
[ 1128.826185][T27512]  ? ksys_write+0x260/0x2c0
[ 1128.830526][T27512]  ? debug_smp_processor_id+0x17/0x20
[ 1128.835735][T27512]  ? fpregs_assert_state_consistent+0xb6/0xe0
[ 1128.841633][T27512]  ? exit_to_user_mode_prepare+0x39/0xa0
[ 1128.847103][T27512]  do_syscall_64+0x3d/0xb0
[ 1128.851356][T27512]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1128.857084][T27512] RIP: 0033:0x7f7962f04ae9
[ 1128.861338][T27512] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
01:16:04 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
r5 = openat$cgroup_ro(r2, 0x0, 0x0, 0x0)
r6 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x0, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18d20300000000000000d69cce00"/25], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r2, r3, r4, 0xffffffffffffffff, r5, r6]}, 0x80)
mkdirat$cgroup(r5, &(0x7f00000001c0)='syz1\x00', 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x40000020)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000))
r7 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r7)

[ 1128.880780][T27512] RSP: 002b:00007f7961c87078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1128.889022][T27512] RAX: ffffffffffffffda RBX: 00007f7963023f80 RCX: 00007f7962f04ae9
[ 1128.896834][T27512] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000075848400
[ 1128.904645][T27512] RBP: 00007f7961c87120 R08: 0000000000000000 R09: 0000000000000000
[ 1128.912455][T27512] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1128.920266][T27512] R13: 000000000000000b R14: 00007f7963023f80 R15: 00007ffde0e39ef8
[ 1128.928081][T27512]  </TASK>
01:16:04 executing program 0:
syz_clone(0x75848408, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00', r0}, 0x10)

01:16:04 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
r5 = openat$cgroup_ro(r2, 0x0, 0x0, 0x0)
r6 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x0, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18d20300000000000000d69cce00"/25], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r2, r3, r4, 0xffffffffffffffff, r5, r6]}, 0x80)
mkdirat$cgroup(r5, &(0x7f00000001c0)='syz1\x00', 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x40000020)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000))
r7 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r7)

01:16:04 executing program 5:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000200)={0x0, <r0=>0x0}, 0x8)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000240)=r0, 0x4)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r1, 0x0, 0x4}, 0x48) (async)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x2, 0x4, 0x6, 0xbaa}, 0x48)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000003c0)={0x0, &(0x7f00000002c0)=""/251, &(0x7f0000000000), &(0x7f0000000200), 0xa7c, r3}, 0x38) (async, rerun: 32)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f00000002c0)={0x101, <r4=>0x0}, 0xfffffffffffffd82) (rerun: 32)
bpf$PROG_LOAD(0x5, &(0x7f00000021c0)={0x0, 0x4, &(0x7f00000007c0)=ANY=[@ANYBLOB="38323ead0f5bb522ee7f23e351e6c7069385aecdd8fb4d6a7070fafe9fdbf72f84faef400a1333d7b448355738104f66188449de4dd9cf00dfdc88ffe0e94be01d5ef3e2e96b89ddb02218dba4c27893177a66fcf579b8bd2b835f111de920f3509bc8449e1832118be2b35cf6cab240559fa4cc77d38ccaadddc28518b4919125969f2413c1e5bf1548268d168d4c719eaaff074605d7edb75f281434ed367a4def3d6ea7616abd88b7733c63d2d738e5db07789070db5776a500d655dfc0f73573be99b6883da5c9b0665d7aed85f10c1f19b4eb4059827331ae9157b0d25f7844e5c19ddea3323f0ccfd3402725fc0725e16d3f2a040c622d5331e7e850e9a15f081ed3387c06bd0eaa9632455ee9cf1e0047a59225670e9a36e8932ae29fb95505bb2b95608ab7250b9d4a329fed22ced101619ff755bb8186209224811f279d6d737a7e73aa2a39c5fcef64cf7576ef44515651655daf0650026cb37b06524f39a5a3260705c0db0209a47920e2364a14b34add67", @ANYRES32, @ANYBLOB="00008a00000000000000608700000000000000000000002c005def57ecd049c56eb57148454406086772e848833912c78544888f2d4e5c7f16b925fc60a375aa6288141d75055bfae63cfb94fb84162f20343decca126059eacc5f338be1349b9419b00dfefe0819fc84a297fa0159b875b06b993a78beb966a0f9a1b3b91b6294183b3cee6115bdf6adb4d72a65b147d9fad484d2a4dd368a9bf02acedbd77ae5db00c7376e103c5a5e057f084675758fd3196c"], &(0x7f0000001f40)='GPL\x00', 0x0, 0x37, &(0x7f0000001f80)=""/55, 0x41100, 0x9, '\x00', 0x0, 0x1e, 0xffffffffffffffff, 0x8, &(0x7f0000002080)={0x0, 0x3}, 0x8, 0x10, &(0x7f00000020c0)={0x3, 0xa, 0x3, 0x7}, 0x10, r4, 0xffffffffffffffff, 0x0, &(0x7f0000002180)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}, 0x80) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x7, 0xa, &(0x7f00000004c0)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0x6}, @ldst={0x0, 0x3, 0x1, 0x4, 0x7, 0xc, 0x1}, @map_fd, @btf_id={0x18, 0x9, 0x3, 0x0, 0x5}, @map_val={0x18, 0x0, 0x2, 0x0, r3, 0x0, 0x0, 0x0, 0x1ff}, @map_idx={0x18, 0x0, 0x5, 0x0, 0x2}], &(0x7f0000000580)='syzkaller\x00', 0xb99d, 0x1f, &(0x7f00000005c0)=""/31, 0x41000, 0x2, '\x00', 0x0, 0x5, 0xffffffffffffffff, 0x8, &(0x7f0000000600)={0xa, 0x5}, 0x8, 0x10, &(0x7f0000000680)={0x4, 0xe, 0x8, 0xfa}, 0x10, r4}, 0x80) (async)
r5 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4) (async)
r6 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r6) (async)
r7 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r7) (async, rerun: 64)
r8 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0) (rerun: 64)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r8) (async, rerun: 64)
r9 = openat$cgroup_ro(r6, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0) (rerun: 64)
r10 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18c25fd1f45e9059827d3f7423e3b5d69cce000000000000000000"], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r5, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r6, r7, r8, 0xffffffffffffffff, r9, r10]}, 0x80) (async)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000180)={{0x1, <r11=>0xffffffffffffffff}, &(0x7f0000000100), &(0x7f0000000140)='%p     \x00'}, 0x20)
r12 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4) (async)
r13 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r13) (async, rerun: 64)
r14 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0) (rerun: 64)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r14) (async)
r15 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r15)
r16 = openat$cgroup_ro(r13, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0) (async)
r17 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18c25fd1f45e9059827d3f7423e3b5d69cce000000000000000000"], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r12, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r13, r14, r15, 0xffffffffffffffff, r16, r17]}, 0x80) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0xbfad28ed9a7f4e4e, 0xf, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, [@btf_id={0x18, 0x4, 0x3, 0x0, 0x2}, @func={0x85, 0x0, 0x1, 0x0, 0x7}, @printk={@pointer, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x6}}, @alu={0x4, 0x0, 0x5, 0x6, 0x0, 0x30, 0x8}]}, &(0x7f0000000080)='GPL\x00', 0x7, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x10, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f00000000c0)={0x4, 0xa, 0x2, 0x8}, 0x10, r4, r6, 0x7, &(0x7f00000001c0)=[r2, r2, r11, r14], &(0x7f0000000280)=[{0x3, 0x3, 0x3}, {0x2, 0x5, 0x0, 0x4}, {0x3, 0x5, 0xc, 0xb}, {0x5, 0x1, 0xc, 0xc}, {0x1, 0x3, 0x5}, {0x5, 0x3, 0x9, 0x6}, {0x4, 0x2, 0x10, 0x6}], 0x10, 0xda60000}, 0x90)

01:16:04 executing program 5:
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x2}, 0x0, 0x0, 0x4, 0x0, 0x2000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x1, 0x0, 0x0, &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x7}, 0x8, 0x10, &(0x7f0000000000)={0x0, 0xa}, 0x10}, 0x80)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r0, 0x20e, 0x126, 0x0, &(0x7f00000004c0)="b9180bb76003070c009e40f086dd1fff310000002b0020010010ac14142ee0080001c699da153f0ae0e6e380f60115f683317585d7472be0ab4439f0f570ff155bc5f73ba3f8bb99a6e8ded1ce485cf058105cd981b42493481cd659416a2e10c9119664f36eb00b333c20c9ec0c222d644bdcb178c1cc53d6960fbb842d6a33dfcde3a1e1848135214baf139753866cadcbe3ce52505e992818cc452bee339d9ab076f484020eaa348a21d7911e4c44905256ec2cc54cca47a198b00c10aff62a4bed43a2ebcad92743fb22c593f28fd4bb7c703cde9cae0569d4c8d9a823f2c12863f7a6c0cf88ed22aae4f6f084508833b61429a25773eedf63dd9f33d430f2a0a30a7761db16fe0f743b95ded898c28aac1256ce2751b3d738899b8b19d9052b7f13ff94", 0x0, 0x0, 0x6000000000000000, 0x3d, 0xf, &(0x7f0000000640)="b5dda728fd0909750154afde311091df44f0eeb67dc437491dd91e849a925d7ae54bea8512f4981d75f77b51a4dcafdadf03d4df4cc0363ea1339108c5", &(0x7f0000000680)="f90232000073f4dc9930b10202403b", 0x0, 0xfffffffa}, 0x50)
r1 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000c80)={0x18, 0x1, &(0x7f0000000300)=@raw=[@jmp={0x5, 0x0, 0xd, 0x4, 0xa, 0x100}], &(0x7f0000000480)='GPL\x00', 0x8, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000ac0)={0x6, 0x1}, 0x8, 0x10, &(0x7f0000000b00)={0x2, 0x10000a, 0x1, 0x7}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000c40)=[r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x1], 0x0, 0x10, 0x40000}, 0x90)
r2 = getpid()
syz_open_procfs$namespace(0x0, 0x0)
perf_event_open(&(0x7f0000000400)={0x1, 0x80, 0x5, 0x0, 0x40, 0x88, 0x0, 0xd, 0x7307191439396e53, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x3, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x7}, 0x19d41, 0xc9, 0xfff, 0x5, 0x3, 0x1, 0x0, 0x0, 0x8001, 0x0, 0x6d}, 0xffffffffffffffff, 0xe, 0xffffffffffffffff, 0xa)
r3 = perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x80000, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x1007}, 0x6, 0x0, 0x0, 0x1, 0x0, 0x5, 0x3}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.net/syz0\x00', 0x200002, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x40082406, &(0x7f00000003c0)='memory.numa_stat\x00')
openat$cgroup_devices(r4, &(0x7f0000000040)='devices.deny\x00', 0x2, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000009c0)='cpuacct.usage_sys\x00', 0x26e1, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000006c0)={r2, 0xffffffffffffffff, 0x0, 0xac, &(0x7f0000000b80)='\x00\xba\xb4E$R\x1e\a\x92\xe4=\xe6\x8e\xa8\x94\f\xdaR\xe8^\xa3\x1f\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x9b\x9a\xb4\xdcf(\xcb\xed\x15\xfc\x9a\xff\x87\xc1m\xdd\xd3\xbf\xe6\xdd3=\x88\x91J\x85\xe7\xad\xadp\x9cf\x8c\n\xef:>H}\x85?\xe0\x94LB\xd5\xe9S\xba\x9cH\xd9\tV\x19TE\xb3]b\xd2\x19\xf2H;\x93\x9a\x937\xea3:\x86b,\x9e\xf6D\x16D\xff\xfe\n]9c{>\x89\xc0,\x9dq\xd2j\x01\x16\x8a\xc5\x81\xb1\xd9^\x15\xfc\xba\xcb\xc5/\xe4Z{\xa38\x18\x82\xc6Z=\"\xec\xcf\x13k\xb6\x8b\xb0}\xc0\x88\xba\xf0\x88\xf5\xdbk\xdb'}, 0x30)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000080)={'bridge0\x00', 0x100})
socketpair(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000080))
socketpair(0x0, 0x80000, 0x471, &(0x7f00000001c0))
r8 = bpf$ITER_CREATE(0x21, &(0x7f0000000780), 0x8)
bpf$ITER_CREATE(0x21, &(0x7f00000007c0)={r1}, 0x8)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000600)='blkio.bfq.io_service_bytes\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x89a1, &(0x7f0000000080))
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
socketpair(0x21, 0x80000, 0x2, &(0x7f0000000140))
r9 = syz_clone(0x738c0480, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_open_procfs$namespace(r9, &(0x7f0000000b40)='ns/net\x00')
bpf$MAP_CREATE(0x0, &(0x7f0000000940)=@base={0x0, 0x800, 0x1, 0x7, 0x40, r8, 0x7, '\x00', 0x0, r5, 0x3}, 0x48)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000001840)={r9, 0xffffffffffffffff, 0x0, 0x1b, &(0x7f0000000840)='blkio.bfq.io_service_bytes\x00'}, 0x30)
write$cgroup_type(0xffffffffffffffff, &(0x7f0000000380), 0x9)

01:16:04 executing program 1:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000ec0)={0x1d, 0x0, 0x0, &(0x7f0000000280)='syzkaller\x00', 0x8e07, 0x9a, &(0x7f0000000d80)=""/154, 0x41100, 0x5, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0xfffffffffffffffc, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, &(0x7f0000000e40)=[0xffffffffffffffff], &(0x7f0000000e80)=[{0x0, 0x4, 0x7, 0x8}], 0x10, 0x5}, 0x90)

01:16:04 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
r5 = openat$cgroup_ro(r2, 0x0, 0x0, 0x0)
r6 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, 0x0, &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r2, r3, r4, 0xffffffffffffffff, r5, r6]}, 0x90)
mkdirat$cgroup(r5, &(0x7f00000001c0)='syz1\x00', 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x40000020)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000))
r7 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r7)

01:16:04 executing program 2:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 34)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00'}, 0x10)

01:16:04 executing program 4:
syz_clone(0x75848400, 0x0, 0xfffffffb, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

[ 1129.131342][T27554] FAULT_INJECTION: forcing a failure.
[ 1129.131342][T27554] name failslab, interval 1, probability 0, space 0, times 0
[ 1129.169280][T27554] CPU: 1 PID: 27554 Comm: syz-executor.2 Tainted: G        W         5.15.132-syzkaller-01173-g754f8cc9b7de #0
[ 1129.180835][T27554] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023
[ 1129.190728][T27554] Call Trace:
[ 1129.193847][T27554]  <TASK>
[ 1129.196624][T27554]  dump_stack_lvl+0x151/0x1b7
[ 1129.201137][T27554]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 1129.206609][T27554]  dump_stack+0x15/0x17
[ 1129.210597][T27554]  should_fail+0x3c6/0x510
[ 1129.214852][T27554]  __should_failslab+0xa4/0xe0
[ 1129.219452][T27554]  ? anon_vma_clone+0x9a/0x500
[ 1129.224051][T27554]  should_failslab+0x9/0x20
[ 1129.228393][T27554]  slab_pre_alloc_hook+0x37/0xd0
[ 1129.233166][T27554]  ? anon_vma_clone+0x9a/0x500
[ 1129.237763][T27554]  kmem_cache_alloc+0x44/0x200
[ 1129.242363][T27554]  anon_vma_clone+0x9a/0x500
[ 1129.246795][T27554]  anon_vma_fork+0x91/0x4e0
[ 1129.251133][T27554]  ? anon_vma_name+0x4c/0x70
[ 1129.255557][T27554]  ? vm_area_dup+0x17a/0x230
[ 1129.259985][T27554]  copy_mm+0xa3a/0x13e0
[ 1129.263975][T27554]  ? copy_signal+0x610/0x610
[ 1129.268399][T27554]  ? __init_rwsem+0xd6/0x1c0
[ 1129.272831][T27554]  ? copy_signal+0x4e3/0x610
[ 1129.277253][T27554]  copy_process+0x12bc/0x3260
[ 1129.281768][T27554]  ? proc_fail_nth_write+0x20b/0x290
[ 1129.286887][T27554]  ? fsnotify_perm+0x6a/0x5d0
[ 1129.291406][T27554]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1129.296345][T27554]  ? vfs_write+0x9ec/0x1110
[ 1129.300688][T27554]  kernel_clone+0x21e/0x9e0
[ 1129.305028][T27554]  ? file_end_write+0x1c0/0x1c0
[ 1129.309714][T27554]  ? create_io_thread+0x1e0/0x1e0
[ 1129.314574][T27554]  ? mutex_unlock+0xb2/0x260
[ 1129.319000][T27554]  ? __mutex_lock_slowpath+0x10/0x10
[ 1129.324122][T27554]  __x64_sys_clone+0x23f/0x290
[ 1129.328723][T27554]  ? __do_sys_vfork+0x130/0x130
[ 1129.333405][T27554]  ? ksys_write+0x260/0x2c0
[ 1129.337752][T27554]  ? debug_smp_processor_id+0x17/0x20
[ 1129.342955][T27554]  ? fpregs_assert_state_consistent+0xb6/0xe0
[ 1129.348855][T27554]  ? exit_to_user_mode_prepare+0x39/0xa0
[ 1129.354323][T27554]  do_syscall_64+0x3d/0xb0
[ 1129.358580][T27554]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1129.364306][T27554] RIP: 0033:0x7f7962f04ae9
[ 1129.368558][T27554] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 1129.387998][T27554] RSP: 002b:00007f7961c87078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1129.396243][T27554] RAX: ffffffffffffffda RBX: 00007f7963023f80 RCX: 00007f7962f04ae9
[ 1129.404056][T27554] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000075848400
[ 1129.411865][T27554] RBP: 00007f7961c87120 R08: 0000000000000000 R09: 0000000000000000
[ 1129.419679][T27554] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
01:16:04 executing program 0:
syz_clone(0x75848409, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00', r0}, 0x10)

01:16:04 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
r5 = openat$cgroup_ro(r2, 0x0, 0x0, 0x0)
r6 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, 0x0, &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r2, r3, r4, 0xffffffffffffffff, r5, r6]}, 0x90)
mkdirat$cgroup(r5, &(0x7f00000001c0)='syz1\x00', 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x40000020)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000))
r7 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r7)

[ 1129.427489][T27554] R13: 000000000000000b R14: 00007f7963023f80 R15: 00007ffde0e39ef8
[ 1129.435304][T27554]  </TASK>
01:16:04 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
r5 = openat$cgroup_ro(r2, 0x0, 0x0, 0x0)
r6 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, 0x0, &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r2, r3, r4, 0xffffffffffffffff, r5, r6]}, 0x90)
mkdirat$cgroup(r5, &(0x7f00000001c0)='syz1\x00', 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x40000020)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000))
r7 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r7)

01:16:04 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
r5 = openat$cgroup_ro(r2, 0x0, 0x0, 0x0)
r6 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, 0x0, 0x0, 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r2, r3, r4, 0xffffffffffffffff, r5, r6]}, 0x90)
mkdirat$cgroup(r5, &(0x7f00000001c0)='syz1\x00', 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x40000020)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000))
r7 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r7)

01:16:04 executing program 0:
syz_clone(0x7584840f, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00', r0}, 0x10)

01:16:04 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
r5 = openat$cgroup_ro(r2, 0x0, 0x0, 0x0)
r6 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, 0x0, 0x0, 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r2, r3, r4, 0xffffffffffffffff, r5, r6]}, 0x90)
mkdirat$cgroup(r5, &(0x7f00000001c0)='syz1\x00', 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x40000020)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000))
r7 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r7)

01:16:04 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
r5 = openat$cgroup_ro(r2, 0x0, 0x0, 0x0)
r6 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, 0x0, 0x0, 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r2, r3, r4, 0xffffffffffffffff, r5, r6]}, 0x90)
mkdirat$cgroup(r5, &(0x7f00000001c0)='syz1\x00', 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x40000020)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000))
r7 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r7)

01:16:05 executing program 5:
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x2}, 0x0, 0x0, 0x4, 0x0, 0x2000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x1, 0x0, 0x0, &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x7}, 0x8, 0x10, &(0x7f0000000000)={0x0, 0xa}, 0x10}, 0x80)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r0, 0x20e, 0x126, 0x0, &(0x7f00000004c0)="b9180bb76003070c009e40f086dd1fff310000002b0020010010ac14142ee0080001c699da153f0ae0e6e380f60115f683317585d7472be0ab4439f0f570ff155bc5f73ba3f8bb99a6e8ded1ce485cf058105cd981b42493481cd659416a2e10c9119664f36eb00b333c20c9ec0c222d644bdcb178c1cc53d6960fbb842d6a33dfcde3a1e1848135214baf139753866cadcbe3ce52505e992818cc452bee339d9ab076f484020eaa348a21d7911e4c44905256ec2cc54cca47a198b00c10aff62a4bed43a2ebcad92743fb22c593f28fd4bb7c703cde9cae0569d4c8d9a823f2c12863f7a6c0cf88ed22aae4f6f084508833b61429a25773eedf63dd9f33d430f2a0a30a7761db16fe0f743b95ded898c28aac1256ce2751b3d738899b8b19d9052b7f13ff94", 0x0, 0x0, 0x6000000000000000, 0x3d, 0xf, &(0x7f0000000640)="b5dda728fd0909750154afde311091df44f0eeb67dc437491dd91e849a925d7ae54bea8512f4981d75f77b51a4dcafdadf03d4df4cc0363ea1339108c5", &(0x7f0000000680)="f90232000073f4dc9930b10202403b", 0x0, 0xfffffffa}, 0x50)
r1 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000c80)={0x18, 0x1, &(0x7f0000000300)=@raw=[@jmp={0x5, 0x0, 0xd, 0x4, 0xa, 0x100}], &(0x7f0000000480)='GPL\x00', 0x8, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000ac0)={0x6, 0x1}, 0x8, 0x10, &(0x7f0000000b00)={0x2, 0x10000a, 0x1, 0x7}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000c40)=[r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x1], 0x0, 0x10, 0x40000}, 0x90)
r2 = getpid() (async)
syz_open_procfs$namespace(0x0, 0x0)
perf_event_open(&(0x7f0000000400)={0x1, 0x80, 0x5, 0x0, 0x40, 0x88, 0x0, 0xd, 0x7307191439396e53, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x3, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x7}, 0x19d41, 0xc9, 0xfff, 0x5, 0x3, 0x1, 0x0, 0x0, 0x8001, 0x0, 0x6d}, 0xffffffffffffffff, 0xe, 0xffffffffffffffff, 0xa) (async, rerun: 64)
r3 = perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x80000, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x1007}, 0x6, 0x0, 0x0, 0x1, 0x0, 0x5, 0x3}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0) (async, rerun: 64)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.net/syz0\x00', 0x200002, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x40082406, &(0x7f00000003c0)='memory.numa_stat\x00') (async)
openat$cgroup_devices(r4, &(0x7f0000000040)='devices.deny\x00', 0x2, 0x0) (async)
r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000009c0)='cpuacct.usage_sys\x00', 0x26e1, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000006c0)={r2, 0xffffffffffffffff, 0x0, 0xac, &(0x7f0000000b80)='\x00\xba\xb4E$R\x1e\a\x92\xe4=\xe6\x8e\xa8\x94\f\xdaR\xe8^\xa3\x1f\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x9b\x9a\xb4\xdcf(\xcb\xed\x15\xfc\x9a\xff\x87\xc1m\xdd\xd3\xbf\xe6\xdd3=\x88\x91J\x85\xe7\xad\xadp\x9cf\x8c\n\xef:>H}\x85?\xe0\x94LB\xd5\xe9S\xba\x9cH\xd9\tV\x19TE\xb3]b\xd2\x19\xf2H;\x93\x9a\x937\xea3:\x86b,\x9e\xf6D\x16D\xff\xfe\n]9c{>\x89\xc0,\x9dq\xd2j\x01\x16\x8a\xc5\x81\xb1\xd9^\x15\xfc\xba\xcb\xc5/\xe4Z{\xa38\x18\x82\xc6Z=\"\xec\xcf\x13k\xb6\x8b\xb0}\xc0\x88\xba\xf0\x88\xf5\xdbk\xdb'}, 0x30) (async)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000080)={'bridge0\x00', 0x100}) (async)
socketpair(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r6=>0xffffffffffffffff}) (async)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000080)) (async)
socketpair(0x0, 0x80000, 0x471, &(0x7f00000001c0))
r8 = bpf$ITER_CREATE(0x21, &(0x7f0000000780), 0x8)
bpf$ITER_CREATE(0x21, &(0x7f00000007c0)={r1}, 0x8) (async)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000600)='blkio.bfq.io_service_bytes\x00', 0x0, 0x0) (async)
ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x89a1, &(0x7f0000000080))
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) (async)
socketpair(0x21, 0x80000, 0x2, &(0x7f0000000140)) (async)
r9 = syz_clone(0x738c0480, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_open_procfs$namespace(r9, &(0x7f0000000b40)='ns/net\x00') (async, rerun: 64)
bpf$MAP_CREATE(0x0, &(0x7f0000000940)=@base={0x0, 0x800, 0x1, 0x7, 0x40, r8, 0x7, '\x00', 0x0, r5, 0x3}, 0x48) (async, rerun: 64)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000001840)={r9, 0xffffffffffffffff, 0x0, 0x1b, &(0x7f0000000840)='blkio.bfq.io_service_bytes\x00'}, 0x30) (async)
write$cgroup_type(0xffffffffffffffff, &(0x7f0000000380), 0x9)

01:16:05 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
r5 = openat$cgroup_ro(r2, 0x0, 0x0, 0x0)
r6 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, 0x0, 0x0, 0x0, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r2, r3, r4, 0xffffffffffffffff, r5, r6]}, 0x90)
mkdirat$cgroup(r5, &(0x7f00000001c0)='syz1\x00', 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x40000020)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000))
r7 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r7)

01:16:05 executing program 2:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 35)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00'}, 0x10)

01:16:05 executing program 1:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000ec0)={0x1d, 0x0, 0x0, &(0x7f0000000280)='syzkaller\x00', 0x8e07, 0x9a, &(0x7f0000000d80)=""/154, 0x41100, 0x5, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0xfffffffffffffffc, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000e80)=[{0x0, 0x4, 0x7, 0x8}], 0x10, 0x5}, 0x90)

[ 1129.963600][T27597] FAULT_INJECTION: forcing a failure.
[ 1129.963600][T27597] name fail_page_alloc, interval 1, probability 0, space 0, times 0
01:16:05 executing program 4:
syz_clone(0x75848400, 0x0, 0xfffffffe, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

01:16:05 executing program 0:
syz_clone(0x75848441, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00', r0}, 0x10)

01:16:05 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
r5 = openat$cgroup_ro(r2, 0x0, 0x0, 0x0)
r6 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, 0x0, 0x0, 0x0, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r2, r3, r4, 0xffffffffffffffff, r5, r6]}, 0x90)
mkdirat$cgroup(r5, &(0x7f00000001c0)='syz1\x00', 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x40000020)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000))
r7 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r7)

[ 1130.047293][T27597] CPU: 1 PID: 27597 Comm: syz-executor.2 Tainted: G        W         5.15.132-syzkaller-01173-g754f8cc9b7de #0
[ 1130.058847][T27597] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023
[ 1130.068742][T27597] Call Trace:
[ 1130.071870][T27597]  <TASK>
[ 1130.074641][T27597]  dump_stack_lvl+0x151/0x1b7
[ 1130.079154][T27597]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 1130.084625][T27597]  dump_stack+0x15/0x17
[ 1130.088615][T27597]  should_fail+0x3c6/0x510
[ 1130.092868][T27597]  should_fail_alloc_page+0x5a/0x80
[ 1130.097902][T27597]  prepare_alloc_pages+0x15c/0x700
[ 1130.102848][T27597]  ? __alloc_pages_bulk+0xe60/0xe60
[ 1130.107886][T27597]  __alloc_pages+0x138/0x5e0
[ 1130.112310][T27597]  ? prep_new_page+0x110/0x110
[ 1130.116909][T27597]  ? __alloc_pages+0x206/0x5e0
[ 1130.121503][T27597]  ? prep_new_page+0x110/0x110
[ 1130.126104][T27597]  ? __kasan_check_write+0x14/0x20
[ 1130.131049][T27597]  ? _raw_spin_lock+0xa4/0x1b0
[ 1130.135650][T27597]  pte_alloc_one+0x73/0x1b0
[ 1130.139990][T27597]  ? pfn_modify_allowed+0x2f0/0x2f0
[ 1130.145024][T27597]  ? __pmd_alloc+0x48d/0x550
[ 1130.149450][T27597]  __pte_alloc+0x86/0x350
[ 1130.153615][T27597]  ? __pud_alloc+0x260/0x260
[ 1130.158043][T27597]  ? __pud_alloc+0x213/0x260
[ 1130.162469][T27597]  ? free_pgtables+0x280/0x280
[ 1130.167070][T27597]  ? do_handle_mm_fault+0x2330/0x2330
[ 1130.172278][T27597]  ? __stack_depot_save+0x34/0x470
[ 1130.177223][T27597]  ? anon_vma_clone+0x9a/0x500
[ 1130.181827][T27597]  copy_page_range+0x28a8/0x2f90
[ 1130.186598][T27597]  ? __kasan_slab_alloc+0xb1/0xe0
[ 1130.191457][T27597]  ? slab_post_alloc_hook+0x53/0x2c0
[ 1130.196586][T27597]  ? kernel_clone+0x21e/0x9e0
[ 1130.201091][T27597]  ? do_syscall_64+0x3d/0xb0
[ 1130.205520][T27597]  ? entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1130.211429][T27597]  ? pfn_valid+0x1e0/0x1e0
[ 1130.215673][T27597]  ? rwsem_write_trylock+0x15b/0x290
[ 1130.220793][T27597]  ? vma_interval_tree_augment_rotate+0x1d0/0x1d0
[ 1130.227041][T27597]  ? vma_gap_callbacks_rotate+0x1e2/0x210
[ 1130.232597][T27597]  ? __rb_insert_augmented+0x5de/0x610
[ 1130.237895][T27597]  copy_mm+0xc7e/0x13e0
[ 1130.241898][T27597]  ? copy_signal+0x610/0x610
[ 1130.246308][T27597]  ? __init_rwsem+0xd6/0x1c0
[ 1130.250740][T27597]  ? copy_signal+0x4e3/0x610
[ 1130.255162][T27597]  copy_process+0x12bc/0x3260
[ 1130.259678][T27597]  ? proc_fail_nth_write+0x20b/0x290
[ 1130.264795][T27597]  ? fsnotify_perm+0x6a/0x5d0
[ 1130.269311][T27597]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1130.274255][T27597]  ? vfs_write+0x9ec/0x1110
[ 1130.278609][T27597]  kernel_clone+0x21e/0x9e0
[ 1130.282936][T27597]  ? file_end_write+0x1c0/0x1c0
[ 1130.287623][T27597]  ? create_io_thread+0x1e0/0x1e0
[ 1130.292484][T27597]  ? mutex_unlock+0xb2/0x260
[ 1130.296910][T27597]  ? __mutex_lock_slowpath+0x10/0x10
[ 1130.302032][T27597]  __x64_sys_clone+0x23f/0x290
[ 1130.306631][T27597]  ? __do_sys_vfork+0x130/0x130
[ 1130.311318][T27597]  ? ksys_write+0x260/0x2c0
[ 1130.315658][T27597]  ? debug_smp_processor_id+0x17/0x20
[ 1130.320884][T27597]  ? fpregs_assert_state_consistent+0xb6/0xe0
[ 1130.326766][T27597]  ? exit_to_user_mode_prepare+0x39/0xa0
[ 1130.332235][T27597]  do_syscall_64+0x3d/0xb0
[ 1130.336486][T27597]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1130.342214][T27597] RIP: 0033:0x7f7962f04ae9
[ 1130.346469][T27597] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 1130.365908][T27597] RSP: 002b:00007f7961c87078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1130.374153][T27597] RAX: ffffffffffffffda RBX: 00007f7963023f80 RCX: 00007f7962f04ae9
[ 1130.381964][T27597] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000075848400
[ 1130.389776][T27597] RBP: 00007f7961c87120 R08: 0000000000000000 R09: 0000000000000000
01:16:05 executing program 2:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 36)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00'}, 0x10)

[ 1130.397586][T27597] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1130.405399][T27597] R13: 000000000000000b R14: 00007f7963023f80 R15: 00007ffde0e39ef8
[ 1130.413212][T27597]  </TASK>
01:16:05 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
r5 = openat$cgroup_ro(r2, 0x0, 0x0, 0x0)
r6 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, 0x0, 0x0, 0x0, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r2, r3, r4, 0xffffffffffffffff, r5, r6]}, 0x90)
mkdirat$cgroup(r5, &(0x7f00000001c0)='syz1\x00', 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x40000020)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000))
r7 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r7)

01:16:05 executing program 1:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000ec0)={0x1d, 0x0, 0x0, &(0x7f0000000280)='syzkaller\x00', 0x8e07, 0x9a, &(0x7f0000000d80)=""/154, 0x41100, 0x5, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0xfffffffffffffffc, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x5}, 0x90)

01:16:05 executing program 5:
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x2}, 0x0, 0x0, 0x4, 0x0, 0x2000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x1, 0x0, 0x0, &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x7}, 0x8, 0x10, &(0x7f0000000000)={0x0, 0xa}, 0x10}, 0x80)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r0, 0x20e, 0x126, 0x0, &(0x7f00000004c0)="b9180bb76003070c009e40f086dd1fff310000002b0020010010ac14142ee0080001c699da153f0ae0e6e380f60115f683317585d7472be0ab4439f0f570ff155bc5f73ba3f8bb99a6e8ded1ce485cf058105cd981b42493481cd659416a2e10c9119664f36eb00b333c20c9ec0c222d644bdcb178c1cc53d6960fbb842d6a33dfcde3a1e1848135214baf139753866cadcbe3ce52505e992818cc452bee339d9ab076f484020eaa348a21d7911e4c44905256ec2cc54cca47a198b00c10aff62a4bed43a2ebcad92743fb22c593f28fd4bb7c703cde9cae0569d4c8d9a823f2c12863f7a6c0cf88ed22aae4f6f084508833b61429a25773eedf63dd9f33d430f2a0a30a7761db16fe0f743b95ded898c28aac1256ce2751b3d738899b8b19d9052b7f13ff94", 0x0, 0x0, 0x6000000000000000, 0x3d, 0xf, &(0x7f0000000640)="b5dda728fd0909750154afde311091df44f0eeb67dc437491dd91e849a925d7ae54bea8512f4981d75f77b51a4dcafdadf03d4df4cc0363ea1339108c5", &(0x7f0000000680)="f90232000073f4dc9930b10202403b", 0x0, 0xfffffffa}, 0x50)
r1 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000c80)={0x18, 0x1, &(0x7f0000000300)=@raw=[@jmp={0x5, 0x0, 0xd, 0x4, 0xa, 0x100}], &(0x7f0000000480)='GPL\x00', 0x8, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000ac0)={0x6, 0x1}, 0x8, 0x10, &(0x7f0000000b00)={0x2, 0x10000a, 0x1, 0x7}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000c40)=[r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x1], 0x0, 0x10, 0x40000}, 0x90) (async)
r2 = getpid() (async)
syz_open_procfs$namespace(0x0, 0x0) (async)
perf_event_open(&(0x7f0000000400)={0x1, 0x80, 0x5, 0x0, 0x40, 0x88, 0x0, 0xd, 0x7307191439396e53, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x3, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x7}, 0x19d41, 0xc9, 0xfff, 0x5, 0x3, 0x1, 0x0, 0x0, 0x8001, 0x0, 0x6d}, 0xffffffffffffffff, 0xe, 0xffffffffffffffff, 0xa) (async)
r3 = perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x80000, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x1007}, 0x6, 0x0, 0x0, 0x1, 0x0, 0x5, 0x3}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.net/syz0\x00', 0x200002, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x40082406, &(0x7f00000003c0)='memory.numa_stat\x00') (async)
openat$cgroup_devices(r4, &(0x7f0000000040)='devices.deny\x00', 0x2, 0x0) (async)
r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000009c0)='cpuacct.usage_sys\x00', 0x26e1, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000006c0)={r2, 0xffffffffffffffff, 0x0, 0xac, &(0x7f0000000b80)='\x00\xba\xb4E$R\x1e\a\x92\xe4=\xe6\x8e\xa8\x94\f\xdaR\xe8^\xa3\x1f\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x9b\x9a\xb4\xdcf(\xcb\xed\x15\xfc\x9a\xff\x87\xc1m\xdd\xd3\xbf\xe6\xdd3=\x88\x91J\x85\xe7\xad\xadp\x9cf\x8c\n\xef:>H}\x85?\xe0\x94LB\xd5\xe9S\xba\x9cH\xd9\tV\x19TE\xb3]b\xd2\x19\xf2H;\x93\x9a\x937\xea3:\x86b,\x9e\xf6D\x16D\xff\xfe\n]9c{>\x89\xc0,\x9dq\xd2j\x01\x16\x8a\xc5\x81\xb1\xd9^\x15\xfc\xba\xcb\xc5/\xe4Z{\xa38\x18\x82\xc6Z=\"\xec\xcf\x13k\xb6\x8b\xb0}\xc0\x88\xba\xf0\x88\xf5\xdbk\xdb'}, 0x30) (async)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000080)={'bridge0\x00', 0x100})
socketpair(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r6=>0xffffffffffffffff}) (async)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000080)) (async)
socketpair(0x0, 0x80000, 0x471, &(0x7f00000001c0)) (async, rerun: 32)
r8 = bpf$ITER_CREATE(0x21, &(0x7f0000000780), 0x8) (rerun: 32)
bpf$ITER_CREATE(0x21, &(0x7f00000007c0)={r1}, 0x8) (async, rerun: 64)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000600)='blkio.bfq.io_service_bytes\x00', 0x0, 0x0) (async, rerun: 64)
ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x89a1, &(0x7f0000000080)) (async)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
socketpair(0x21, 0x80000, 0x2, &(0x7f0000000140)) (async)
r9 = syz_clone(0x738c0480, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_open_procfs$namespace(r9, &(0x7f0000000b40)='ns/net\x00') (async, rerun: 32)
bpf$MAP_CREATE(0x0, &(0x7f0000000940)=@base={0x0, 0x800, 0x1, 0x7, 0x40, r8, 0x7, '\x00', 0x0, r5, 0x3}, 0x48) (async, rerun: 32)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000001840)={r9, 0xffffffffffffffff, 0x0, 0x1b, &(0x7f0000000840)='blkio.bfq.io_service_bytes\x00'}, 0x30) (async, rerun: 32)
write$cgroup_type(0xffffffffffffffff, &(0x7f0000000380), 0x9) (rerun: 32)

01:16:05 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
r5 = openat$cgroup_ro(r2, 0x0, 0x0, 0x0)
r6 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x17, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r2, r3, r4, 0xffffffffffffffff, r5, r6]}, 0x90)
mkdirat$cgroup(r5, &(0x7f00000001c0)='syz1\x00', 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x40000020)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000))
r7 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r7)

[ 1130.507485][T27614] FAULT_INJECTION: forcing a failure.
[ 1130.507485][T27614] name failslab, interval 1, probability 0, space 0, times 0
01:16:05 executing program 4:
syz_clone(0x75848400, 0x0, 0x1b0d21f000, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

[ 1130.553539][T27614] CPU: 0 PID: 27614 Comm: syz-executor.2 Tainted: G        W         5.15.132-syzkaller-01173-g754f8cc9b7de #0
[ 1130.565098][T27614] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023
[ 1130.574985][T27614] Call Trace:
[ 1130.578109][T27614]  <TASK>
[ 1130.580889][T27614]  dump_stack_lvl+0x151/0x1b7
[ 1130.585401][T27614]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 1130.590872][T27614]  dump_stack+0x15/0x17
[ 1130.594862][T27614]  should_fail+0x3c6/0x510
[ 1130.599115][T27614]  __should_failslab+0xa4/0xe0
[ 1130.603715][T27614]  ? anon_vma_fork+0xf7/0x4e0
[ 1130.608230][T27614]  should_failslab+0x9/0x20
[ 1130.612565][T27614]  slab_pre_alloc_hook+0x37/0xd0
[ 1130.617339][T27614]  ? anon_vma_fork+0xf7/0x4e0
[ 1130.621850][T27614]  kmem_cache_alloc+0x44/0x200
[ 1130.626453][T27614]  anon_vma_fork+0xf7/0x4e0
[ 1130.630791][T27614]  ? anon_vma_name+0x4c/0x70
[ 1130.635216][T27614]  ? vm_area_dup+0x17a/0x230
[ 1130.639644][T27614]  copy_mm+0xa3a/0x13e0
[ 1130.643640][T27614]  ? copy_signal+0x610/0x610
[ 1130.648063][T27614]  ? __init_rwsem+0xd6/0x1c0
[ 1130.652494][T27614]  ? copy_signal+0x4e3/0x610
[ 1130.656915][T27614]  copy_process+0x12bc/0x3260
[ 1130.661429][T27614]  ? proc_fail_nth_write+0x20b/0x290
[ 1130.666548][T27614]  ? fsnotify_perm+0x6a/0x5d0
[ 1130.671062][T27614]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1130.676009][T27614]  ? vfs_write+0x9ec/0x1110
[ 1130.680349][T27614]  kernel_clone+0x21e/0x9e0
[ 1130.684689][T27614]  ? file_end_write+0x1c0/0x1c0
[ 1130.689375][T27614]  ? create_io_thread+0x1e0/0x1e0
[ 1130.694235][T27614]  ? mutex_unlock+0xb2/0x260
[ 1130.698662][T27614]  ? __mutex_lock_slowpath+0x10/0x10
[ 1130.703782][T27614]  __x64_sys_clone+0x23f/0x290
[ 1130.708382][T27614]  ? __do_sys_vfork+0x130/0x130
[ 1130.713071][T27614]  ? ksys_write+0x260/0x2c0
[ 1130.717409][T27614]  ? debug_smp_processor_id+0x17/0x20
[ 1130.722615][T27614]  ? fpregs_assert_state_consistent+0xb6/0xe0
[ 1130.728519][T27614]  ? exit_to_user_mode_prepare+0x39/0xa0
[ 1130.733987][T27614]  do_syscall_64+0x3d/0xb0
[ 1130.738242][T27614]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1130.743969][T27614] RIP: 0033:0x7f7962f04ae9
01:16:05 executing program 4:
syz_clone(0x75848400, 0x0, 0x2a77e72c9000, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

[ 1130.748217][T27614] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 1130.767662][T27614] RSP: 002b:00007f7961c87078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1130.775906][T27614] RAX: ffffffffffffffda RBX: 00007f7963023f80 RCX: 00007f7962f04ae9
[ 1130.783717][T27614] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000075848400
[ 1130.791530][T27614] RBP: 00007f7961c87120 R08: 0000000000000000 R09: 0000000000000000
01:16:06 executing program 0:
syz_clone(0x75848400, 0x0, 0x2, 0x0, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00', r0}, 0x10)

01:16:06 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
r5 = openat$cgroup_ro(r2, 0x0, 0x0, 0x0)
r6 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x17, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r2, r3, r4, 0xffffffffffffffff, r5, r6]}, 0x90)
mkdirat$cgroup(r5, &(0x7f00000001c0)='syz1\x00', 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x40000020)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000))
r7 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r7)

01:16:06 executing program 5:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x80000, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x188}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = perf_event_open$cgroup(&(0x7f0000000280)={0x0, 0x80, 0x5, 0x0, 0xff, 0x6, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4, 0x2, @perf_config_ext={0x0, 0x6}, 0x8263, 0xb6e, 0x0, 0x8, 0x3, 0x0, 0x6, 0x0, 0x0, 0x0, 0xff}, 0xffffffffffffffff, 0xf, 0xffffffffffffffff, 0x0)
r1 = perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x80000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, r1, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f00000001c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x100002, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, 0x0)
r7 = getpid()
perf_event_open(&(0x7f0000000340)={0x4, 0x80, 0xfc, 0x9, 0x6, 0x7, 0x0, 0x10001, 0x10e0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x3, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, @perf_bp={&(0x7f00000000c0), 0xa}, 0x10, 0xb0, 0x4, 0x5, 0x20, 0xd279, 0x6cc, 0x0, 0x7, 0x0, 0x200}, r7, 0x1, r0, 0x2)
ioctl$PERF_EVENT_IOC_PERIOD(r6, 0x40082404, &(0x7f0000000640))
recvmsg(r4, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0xd68210}], 0x1, 0x0, 0x1f00000000000000, 0x200000}, 0x1f00)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
recvmsg(r8, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00)
socketpair$tipc(0x1e, 0x20b8ce7cf0d3447c, 0x0, &(0x7f0000000680)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
sendmsg$tipc(r10, &(0x7f00000007c0)={&(0x7f00000006c0)=@id={0x1e, 0x3, 0x1, {0x4e24, 0x1}}, 0x10, &(0x7f0000000780), 0x0, 0x0, 0x0, 0x40000040}, 0xc0)
r11 = getpid()
perf_event_open(&(0x7f0000000100)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90001, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x83, 0x3}, r11, 0x0, 0xffffffffffffffff, 0x0)
r12 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.controllers\x00', 0x26e1, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000300)='page_pool_state_hold\x00', r12}, 0x10)
sendmsg$tipc(r9, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000180)={0xffffffffffffffff, 0x7, 0x8}, 0xc)
write$cgroup_subtree(r2, &(0x7f0000000300)=ANY=[@ANYBLOB='+devices -perf_event\b+rlimit '], 0x1d)
sendmsg$tipc(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)
r13 = perf_event_open$cgroup(&(0x7f00000005c0)={0x4, 0x80, 0x40, 0x1, 0x81, 0x6, 0x0, 0x9, 0x1, 0x4, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x2, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x10000, 0x4, @perf_bp={&(0x7f00000003c0), 0x1}, 0x1080, 0x1c00000, 0x9, 0x1, 0x3, 0xffffb0ea, 0x5, 0x0, 0xc534, 0x0, 0x80}, r2, 0xd, r3, 0x1)
perf_event_open(&(0x7f0000000540)={0x0, 0x80, 0x9, 0x8, 0x1, 0x3f, 0x0, 0x100000000, 0x8000, 0x6, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x730a2181, 0x0, @perf_config_ext={0x3ff, 0x5838000000000000}, 0x5000, 0x2, 0x6, 0x0, 0x8, 0x0, 0x0, 0x0, 0x7fff}, 0x0, 0xffffffffffffffff, r13, 0x1)

01:16:06 executing program 1:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000ec0)={0x1d, 0x0, 0x0, &(0x7f0000000280)='syzkaller\x00', 0x8e07, 0x9a, &(0x7f0000000d80)=""/154, 0x41100, 0x5, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0xfffffffffffffffc, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x5}, 0x90)

[ 1130.799343][T27614] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1130.807154][T27614] R13: 000000000000000b R14: 00007f7963023f80 R15: 00007ffde0e39ef8
[ 1130.814968][T27614]  </TASK>
01:16:06 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
r5 = openat$cgroup_ro(r2, 0x0, 0x0, 0x0)
r6 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x17, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r2, r3, r4, 0xffffffffffffffff, r5, r6]}, 0x90)
mkdirat$cgroup(r5, &(0x7f00000001c0)='syz1\x00', 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x40000020)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000))
r7 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r7)

01:16:06 executing program 2:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 37)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00'}, 0x10)

01:16:06 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
r5 = openat$cgroup_ro(r2, 0x0, 0x0, 0x0)
r6 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x17, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r2, r3, r4, 0xffffffffffffffff, r5, r6]}, 0x90)
mkdirat$cgroup(r5, &(0x7f00000001c0)='syz1\x00', 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x40000020)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000))
r7 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r7)

01:16:06 executing program 0:
syz_clone(0x75848400, 0x0, 0x3, 0x0, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00', r0}, 0x10)

01:16:06 executing program 1:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000ec0)={0x1d, 0x0, 0x0, &(0x7f0000000280)='syzkaller\x00', 0x8e07, 0x9a, &(0x7f0000000d80)=""/154, 0x41100, 0x5, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0xfffffffffffffffc, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x5}, 0x90)

[ 1131.148229][T27659] FAULT_INJECTION: forcing a failure.
[ 1131.148229][T27659] name failslab, interval 1, probability 0, space 0, times 0
[ 1131.182112][T27659] CPU: 0 PID: 27659 Comm: syz-executor.2 Tainted: G        W         5.15.132-syzkaller-01173-g754f8cc9b7de #0
[ 1131.193657][T27659] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023
[ 1131.203547][T27659] Call Trace:
[ 1131.206671][T27659]  <TASK>
[ 1131.209449][T27659]  dump_stack_lvl+0x151/0x1b7
[ 1131.213964][T27659]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 1131.219430][T27659]  dump_stack+0x15/0x17
[ 1131.223425][T27659]  should_fail+0x3c6/0x510
[ 1131.227675][T27659]  __should_failslab+0xa4/0xe0
[ 1131.232275][T27659]  ? anon_vma_fork+0xf7/0x4e0
[ 1131.236789][T27659]  should_failslab+0x9/0x20
[ 1131.241129][T27659]  slab_pre_alloc_hook+0x37/0xd0
[ 1131.245901][T27659]  ? anon_vma_fork+0xf7/0x4e0
[ 1131.250415][T27659]  kmem_cache_alloc+0x44/0x200
[ 1131.255014][T27659]  anon_vma_fork+0xf7/0x4e0
[ 1131.259357][T27659]  ? anon_vma_name+0x4c/0x70
[ 1131.263779][T27659]  ? vm_area_dup+0x17a/0x230
[ 1131.268205][T27659]  copy_mm+0xa3a/0x13e0
[ 1131.272200][T27659]  ? copy_signal+0x610/0x610
[ 1131.276627][T27659]  ? __init_rwsem+0xd6/0x1c0
[ 1131.281051][T27659]  ? copy_signal+0x4e3/0x610
[ 1131.285480][T27659]  copy_process+0x12bc/0x3260
[ 1131.289999][T27659]  ? proc_fail_nth_write+0x20b/0x290
[ 1131.295111][T27659]  ? fsnotify_perm+0x6a/0x5d0
[ 1131.299626][T27659]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1131.304573][T27659]  ? vfs_write+0x9ec/0x1110
[ 1131.308914][T27659]  kernel_clone+0x21e/0x9e0
[ 1131.313250][T27659]  ? file_end_write+0x1c0/0x1c0
[ 1131.317937][T27659]  ? create_io_thread+0x1e0/0x1e0
[ 1131.322797][T27659]  ? mutex_unlock+0xb2/0x260
[ 1131.327224][T27659]  ? __mutex_lock_slowpath+0x10/0x10
[ 1131.332348][T27659]  __x64_sys_clone+0x23f/0x290
[ 1131.336945][T27659]  ? __do_sys_vfork+0x130/0x130
[ 1131.341630][T27659]  ? ksys_write+0x260/0x2c0
[ 1131.345972][T27659]  ? debug_smp_processor_id+0x17/0x20
[ 1131.351179][T27659]  ? fpregs_assert_state_consistent+0xb6/0xe0
[ 1131.357085][T27659]  ? exit_to_user_mode_prepare+0x39/0xa0
[ 1131.362548][T27659]  do_syscall_64+0x3d/0xb0
[ 1131.366801][T27659]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1131.372530][T27659] RIP: 0033:0x7f7962f04ae9
[ 1131.376783][T27659] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
01:16:06 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
r5 = openat$cgroup_ro(r2, 0x0, 0x0, 0x0)
r6 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x17, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r2, r3, r4, 0xffffffffffffffff, r5, r6]}, 0x90)
mkdirat$cgroup(r5, &(0x7f00000001c0)='syz1\x00', 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x40000020)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000))
r7 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r7)

[ 1131.396223][T27659] RSP: 002b:00007f7961c87078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1131.404467][T27659] RAX: ffffffffffffffda RBX: 00007f7963023f80 RCX: 00007f7962f04ae9
[ 1131.412279][T27659] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000075848400
[ 1131.420093][T27659] RBP: 00007f7961c87120 R08: 0000000000000000 R09: 0000000000000000
[ 1131.427901][T27659] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1131.435714][T27659] R13: 000000000000000b R14: 00007f7963023f80 R15: 00007ffde0e39ef8
[ 1131.443527][T27659]  </TASK>
01:16:06 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
r5 = openat$cgroup_ro(r2, 0x0, 0x0, 0x0)
r6 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r2, r3, r4, 0xffffffffffffffff, r5, r6]}, 0x90)
mkdirat$cgroup(r5, &(0x7f00000001c0)='syz1\x00', 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x40000020)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000))
r7 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r7)

01:16:06 executing program 4:
syz_clone(0x75848400, 0x0, 0x553a26ddd000, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

01:16:06 executing program 0:
syz_clone(0x75848400, 0x0, 0x4, 0x0, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00', r0}, 0x10)

01:16:06 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r1)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(r1, 0x0, 0x0, 0x0)
r5 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r1, r2, r3, 0xffffffffffffffff, r4, r5]}, 0x90)
mkdirat$cgroup(r4, &(0x7f00000001c0)='syz1\x00', 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x40000020)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000))
r6 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r6)

01:16:06 executing program 5:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x80000, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x188}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async)
r0 = perf_event_open$cgroup(&(0x7f0000000280)={0x0, 0x80, 0x5, 0x0, 0xff, 0x6, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4, 0x2, @perf_config_ext={0x0, 0x6}, 0x8263, 0xb6e, 0x0, 0x8, 0x3, 0x0, 0x6, 0x0, 0x0, 0x0, 0xff}, 0xffffffffffffffff, 0xf, 0xffffffffffffffff, 0x0) (async)
r1 = perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x80000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, r1, 0x0) (async)
r2 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0) (async)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f00000001c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x100002, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, 0x0) (async)
r7 = getpid()
perf_event_open(&(0x7f0000000340)={0x4, 0x80, 0xfc, 0x9, 0x6, 0x7, 0x0, 0x10001, 0x10e0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x3, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, @perf_bp={&(0x7f00000000c0), 0xa}, 0x10, 0xb0, 0x4, 0x5, 0x20, 0xd279, 0x6cc, 0x0, 0x7, 0x0, 0x200}, r7, 0x1, r0, 0x2) (async)
ioctl$PERF_EVENT_IOC_PERIOD(r6, 0x40082404, &(0x7f0000000640))
recvmsg(r4, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0xd68210}], 0x1, 0x0, 0x1f00000000000000, 0x200000}, 0x1f00) (async)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
recvmsg(r8, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00)
socketpair$tipc(0x1e, 0x20b8ce7cf0d3447c, 0x0, &(0x7f0000000680)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
sendmsg$tipc(r10, &(0x7f00000007c0)={&(0x7f00000006c0)=@id={0x1e, 0x3, 0x1, {0x4e24, 0x1}}, 0x10, &(0x7f0000000780), 0x0, 0x0, 0x0, 0x40000040}, 0xc0)
r11 = getpid()
perf_event_open(&(0x7f0000000100)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90001, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x83, 0x3}, r11, 0x0, 0xffffffffffffffff, 0x0) (async)
r12 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.controllers\x00', 0x26e1, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000300)='page_pool_state_hold\x00', r12}, 0x10) (async)
sendmsg$tipc(r9, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000180)={0xffffffffffffffff, 0x7, 0x8}, 0xc)
write$cgroup_subtree(r2, &(0x7f0000000300)=ANY=[@ANYBLOB='+devices -perf_event\b+rlimit '], 0x1d)
sendmsg$tipc(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0) (async)
r13 = perf_event_open$cgroup(&(0x7f00000005c0)={0x4, 0x80, 0x40, 0x1, 0x81, 0x6, 0x0, 0x9, 0x1, 0x4, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x2, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x10000, 0x4, @perf_bp={&(0x7f00000003c0), 0x1}, 0x1080, 0x1c00000, 0x9, 0x1, 0x3, 0xffffb0ea, 0x5, 0x0, 0xc534, 0x0, 0x80}, r2, 0xd, r3, 0x1)
perf_event_open(&(0x7f0000000540)={0x0, 0x80, 0x9, 0x8, 0x1, 0x3f, 0x0, 0x100000000, 0x8000, 0x6, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x730a2181, 0x0, @perf_config_ext={0x3ff, 0x5838000000000000}, 0x5000, 0x2, 0x6, 0x0, 0x8, 0x0, 0x0, 0x0, 0x7fff}, 0x0, 0xffffffffffffffff, r13, 0x1)

01:16:06 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r1)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(r1, 0x0, 0x0, 0x0)
r5 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r1, r2, r3, 0xffffffffffffffff, r4, r5]}, 0x90)
mkdirat$cgroup(r4, &(0x7f00000001c0)='syz1\x00', 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x40000020)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000))
r6 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r6)

01:16:06 executing program 1:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000ec0)={0x1d, 0x0, 0x0, &(0x7f0000000280)='syzkaller\x00', 0x8e07, 0x9a, &(0x7f0000000d80)=""/154, 0x41100, 0x5, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0xfffffffffffffffc, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000e80), 0x10, 0x5}, 0x90)

01:16:07 executing program 2:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 38)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00'}, 0x10)

01:16:07 executing program 0:
syz_clone(0x75848400, 0x0, 0x7, 0x0, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00', r0}, 0x10)

01:16:07 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r1)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(r1, 0x0, 0x0, 0x0)
r5 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r1, r2, r3, 0xffffffffffffffff, r4, r5]}, 0x90)
mkdirat$cgroup(r4, &(0x7f00000001c0)='syz1\x00', 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x40000020)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000))
r6 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r6)

01:16:07 executing program 1:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000ec0)={0x1d, 0x0, 0x0, &(0x7f0000000280)='syzkaller\x00', 0x8e07, 0x9a, &(0x7f0000000d80)=""/154, 0x41100, 0x5, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0xfffffffffffffffc, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000e80), 0x10, 0x5}, 0x90)

01:16:07 executing program 4:
syz_clone(0x75848400, 0x0, 0x2020000000000, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

01:16:07 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
r5 = openat$cgroup_ro(r2, 0x0, 0x0, 0x0)
r6 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r1, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r2, r3, r4, 0xffffffffffffffff, r5, r6]}, 0x90)
mkdirat$cgroup(r5, &(0x7f00000001c0)='syz1\x00', 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x40000020)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000))
r7 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r7)

01:16:07 executing program 0:
syz_clone(0x75848400, 0x0, 0x8, 0x0, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00', r0}, 0x10)

[ 1132.020997][T27705] FAULT_INJECTION: forcing a failure.
[ 1132.020997][T27705] name failslab, interval 1, probability 0, space 0, times 0
[ 1132.083891][T27705] CPU: 0 PID: 27705 Comm: syz-executor.2 Tainted: G        W         5.15.132-syzkaller-01173-g754f8cc9b7de #0
[ 1132.095447][T27705] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023
[ 1132.105341][T27705] Call Trace:
[ 1132.108466][T27705]  <TASK>
[ 1132.111240][T27705]  dump_stack_lvl+0x151/0x1b7
[ 1132.115757][T27705]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 1132.121223][T27705]  dump_stack+0x15/0x17
[ 1132.125214][T27705]  should_fail+0x3c6/0x510
[ 1132.129469][T27705]  __should_failslab+0xa4/0xe0
[ 1132.134064][T27705]  ? vm_area_dup+0x26/0x230
[ 1132.138402][T27705]  should_failslab+0x9/0x20
[ 1132.142744][T27705]  slab_pre_alloc_hook+0x37/0xd0
[ 1132.147518][T27705]  ? vm_area_dup+0x26/0x230
[ 1132.151879][T27705]  kmem_cache_alloc+0x44/0x200
[ 1132.156460][T27705]  vm_area_dup+0x26/0x230
[ 1132.160627][T27705]  copy_mm+0x9a1/0x13e0
[ 1132.164618][T27705]  ? copy_signal+0x610/0x610
[ 1132.169042][T27705]  ? __init_rwsem+0xd6/0x1c0
[ 1132.173470][T27705]  ? copy_signal+0x4e3/0x610
[ 1132.177896][T27705]  copy_process+0x12bc/0x3260
[ 1132.182413][T27705]  ? proc_fail_nth_write+0x20b/0x290
[ 1132.187533][T27705]  ? fsnotify_perm+0x6a/0x5d0
[ 1132.192045][T27705]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1132.196991][T27705]  ? vfs_write+0x9ec/0x1110
[ 1132.201329][T27705]  kernel_clone+0x21e/0x9e0
[ 1132.205668][T27705]  ? file_end_write+0x1c0/0x1c0
[ 1132.210357][T27705]  ? create_io_thread+0x1e0/0x1e0
[ 1132.215216][T27705]  ? mutex_unlock+0xb2/0x260
[ 1132.219641][T27705]  ? __mutex_lock_slowpath+0x10/0x10
[ 1132.224766][T27705]  __x64_sys_clone+0x23f/0x290
[ 1132.229364][T27705]  ? __do_sys_vfork+0x130/0x130
[ 1132.234050][T27705]  ? ksys_write+0x260/0x2c0
[ 1132.238390][T27705]  ? debug_smp_processor_id+0x17/0x20
[ 1132.243598][T27705]  ? fpregs_assert_state_consistent+0xb6/0xe0
[ 1132.249499][T27705]  ? exit_to_user_mode_prepare+0x39/0xa0
[ 1132.254970][T27705]  do_syscall_64+0x3d/0xb0
[ 1132.259223][T27705]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1132.264950][T27705] RIP: 0033:0x7f7962f04ae9
01:16:07 executing program 1:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000ec0)={0x1d, 0x0, 0x0, &(0x7f0000000280)='syzkaller\x00', 0x8e07, 0x9a, &(0x7f0000000d80)=""/154, 0x41100, 0x5, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0xfffffffffffffffc, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000e80), 0x10, 0x5}, 0x90)

[ 1132.269201][T27705] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 1132.288644][T27705] RSP: 002b:00007f7961c87078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1132.296885][T27705] RAX: ffffffffffffffda RBX: 00007f7963023f80 RCX: 00007f7962f04ae9
[ 1132.304693][T27705] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000075848400
[ 1132.312504][T27705] RBP: 00007f7961c87120 R08: 0000000000000000 R09: 0000000000000000
[ 1132.320314][T27705] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
01:16:07 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
r5 = openat$cgroup_ro(r2, 0x0, 0x0, 0x0)
r6 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r1, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r2, r3, r4, 0xffffffffffffffff, r5, r6]}, 0x90)
mkdirat$cgroup(r5, &(0x7f00000001c0)='syz1\x00', 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x40000020)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000))
r7 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r7)

[ 1132.328126][T27705] R13: 000000000000000b R14: 00007f7963023f80 R15: 00007ffde0e39ef8
[ 1132.335948][T27705]  </TASK>
01:16:07 executing program 5:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x80000, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x188}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = perf_event_open$cgroup(&(0x7f0000000280)={0x0, 0x80, 0x5, 0x0, 0xff, 0x6, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4, 0x2, @perf_config_ext={0x0, 0x6}, 0x8263, 0xb6e, 0x0, 0x8, 0x3, 0x0, 0x6, 0x0, 0x0, 0x0, 0xff}, 0xffffffffffffffff, 0xf, 0xffffffffffffffff, 0x0)
r1 = perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x80000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, r1, 0x0) (async)
r2 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0) (async)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async, rerun: 32)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f00000001c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff}) (async, rerun: 32)
r6 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x100002, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, 0x0) (async)
r7 = getpid()
perf_event_open(&(0x7f0000000340)={0x4, 0x80, 0xfc, 0x9, 0x6, 0x7, 0x0, 0x10001, 0x10e0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x3, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, @perf_bp={&(0x7f00000000c0), 0xa}, 0x10, 0xb0, 0x4, 0x5, 0x20, 0xd279, 0x6cc, 0x0, 0x7, 0x0, 0x200}, r7, 0x1, r0, 0x2) (async)
ioctl$PERF_EVENT_IOC_PERIOD(r6, 0x40082404, &(0x7f0000000640))
recvmsg(r4, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0xd68210}], 0x1, 0x0, 0x1f00000000000000, 0x200000}, 0x1f00) (async)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
recvmsg(r8, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00)
socketpair$tipc(0x1e, 0x20b8ce7cf0d3447c, 0x0, &(0x7f0000000680)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
sendmsg$tipc(r10, &(0x7f00000007c0)={&(0x7f00000006c0)=@id={0x1e, 0x3, 0x1, {0x4e24, 0x1}}, 0x10, &(0x7f0000000780), 0x0, 0x0, 0x0, 0x40000040}, 0xc0) (async)
r11 = getpid()
perf_event_open(&(0x7f0000000100)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x90001, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x83, 0x3}, r11, 0x0, 0xffffffffffffffff, 0x0) (async, rerun: 32)
r12 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.controllers\x00', 0x26e1, 0x0) (rerun: 32)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000300)='page_pool_state_hold\x00', r12}, 0x10) (async)
sendmsg$tipc(r9, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0) (async)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000180)={0xffffffffffffffff, 0x7, 0x8}, 0xc) (async, rerun: 64)
write$cgroup_subtree(r2, &(0x7f0000000300)=ANY=[@ANYBLOB='+devices -perf_event\b+rlimit '], 0x1d) (async, rerun: 64)
sendmsg$tipc(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)
r13 = perf_event_open$cgroup(&(0x7f00000005c0)={0x4, 0x80, 0x40, 0x1, 0x81, 0x6, 0x0, 0x9, 0x1, 0x4, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x2, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x10000, 0x4, @perf_bp={&(0x7f00000003c0), 0x1}, 0x1080, 0x1c00000, 0x9, 0x1, 0x3, 0xffffb0ea, 0x5, 0x0, 0xc534, 0x0, 0x80}, r2, 0xd, r3, 0x1)
perf_event_open(&(0x7f0000000540)={0x0, 0x80, 0x9, 0x8, 0x1, 0x3f, 0x0, 0x100000000, 0x8000, 0x6, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x730a2181, 0x0, @perf_config_ext={0x3ff, 0x5838000000000000}, 0x5000, 0x2, 0x6, 0x0, 0x8, 0x0, 0x0, 0x0, 0x7fff}, 0x0, 0xffffffffffffffff, r13, 0x1)

01:16:07 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
r5 = openat$cgroup_ro(r2, 0x0, 0x0, 0x0)
r6 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r1, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r2, r3, r4, 0xffffffffffffffff, r5, r6]}, 0x90)
mkdirat$cgroup(r5, &(0x7f00000001c0)='syz1\x00', 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x40000020)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000))
r7 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r7)

01:16:07 executing program 0:
syz_clone(0x75848400, 0x0, 0x9, 0x0, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00', r0}, 0x10)

01:16:08 executing program 2:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 39)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00'}, 0x10)

01:16:08 executing program 1:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000ec0)={0x1d, 0x0, 0x0, &(0x7f0000000280)='syzkaller\x00', 0x8e07, 0x9a, &(0x7f0000000d80)=""/154, 0x41100, 0x5, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0xfffffffffffffffc, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000e80)=[{0x0, 0x0, 0x7, 0x8}], 0x10, 0x5}, 0x90)

01:16:08 executing program 4:
syz_clone(0x75848400, 0x0, 0x4000000000000, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

01:16:08 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
r5 = openat$cgroup_ro(r2, 0x0, 0x0, 0x0)
r6 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0x0, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r2, r3, r4, 0xffffffffffffffff, r5, r6]}, 0x90)
mkdirat$cgroup(r5, &(0x7f00000001c0)='syz1\x00', 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x40000020)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000))
r7 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r7)

01:16:08 executing program 0:
syz_clone(0x75848400, 0x0, 0xf, 0x0, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00', r0}, 0x10)

01:16:08 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
r5 = openat$cgroup_ro(r2, 0x0, 0x0, 0x0)
r6 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0x0, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r2, r3, r4, 0xffffffffffffffff, r5, r6]}, 0x90)
mkdirat$cgroup(r5, &(0x7f00000001c0)='syz1\x00', 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x40000020)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000))
r7 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r7)

01:16:08 executing program 5:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r1)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(r1, 0x0, 0x0, 0x0)
r5 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r1, r2, r3, 0xffffffffffffffff, r4, r5]}, 0x90)
mkdirat$cgroup(r4, &(0x7f00000001c0)='syz1\x00', 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x40000020)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000))
r6 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r6)

[ 1132.865279][T27746] FAULT_INJECTION: forcing a failure.
[ 1132.865279][T27746] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1132.899024][T27746] CPU: 0 PID: 27746 Comm: syz-executor.2 Tainted: G        W         5.15.132-syzkaller-01173-g754f8cc9b7de #0
[ 1132.910584][T27746] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023
[ 1132.920477][T27746] Call Trace:
[ 1132.923598][T27746]  <TASK>
[ 1132.926374][T27746]  dump_stack_lvl+0x151/0x1b7
[ 1132.930887][T27746]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 1132.936356][T27746]  dump_stack+0x15/0x17
[ 1132.940344][T27746]  should_fail+0x3c6/0x510
[ 1132.944600][T27746]  should_fail_alloc_page+0x5a/0x80
[ 1132.949633][T27746]  prepare_alloc_pages+0x15c/0x700
[ 1132.954578][T27746]  ? __alloc_pages_bulk+0xe60/0xe60
[ 1132.959612][T27746]  __alloc_pages+0x138/0x5e0
[ 1132.964035][T27746]  ? stack_trace_save+0x1c0/0x1c0
[ 1132.968900][T27746]  ? prep_new_page+0x110/0x110
[ 1132.973501][T27746]  get_zeroed_page+0x19/0x40
[ 1132.977925][T27746]  __pud_alloc+0x8b/0x260
[ 1132.982088][T27746]  ? stack_trace_snprint+0xf0/0xf0
[ 1132.987037][T27746]  ? do_handle_mm_fault+0x2330/0x2330
[ 1132.992247][T27746]  ? __stack_depot_save+0x34/0x470
[ 1132.997190][T27746]  ? anon_vma_clone+0x9a/0x500
[ 1133.001791][T27746]  copy_page_range+0x2bcf/0x2f90
[ 1133.006564][T27746]  ? __kasan_slab_alloc+0xb1/0xe0
[ 1133.011424][T27746]  ? slab_post_alloc_hook+0x53/0x2c0
[ 1133.016546][T27746]  ? copy_mm+0xa3a/0x13e0
[ 1133.020710][T27746]  ? copy_process+0x12bc/0x3260
[ 1133.025399][T27746]  ? kernel_clone+0x21e/0x9e0
[ 1133.029910][T27746]  ? __x64_sys_clone+0x23f/0x290
[ 1133.034685][T27746]  ? do_syscall_64+0x3d/0xb0
[ 1133.039112][T27746]  ? entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1133.045021][T27746]  ? pfn_valid+0x1e0/0x1e0
[ 1133.049265][T27746]  ? rwsem_write_trylock+0x15b/0x290
[ 1133.054387][T27746]  ? vma_interval_tree_augment_rotate+0x1d0/0x1d0
[ 1133.060634][T27746]  ? vma_gap_callbacks_rotate+0x1e2/0x210
[ 1133.066192][T27746]  ? __rb_insert_augmented+0x5de/0x610
[ 1133.071499][T27746]  copy_mm+0xc7e/0x13e0
[ 1133.075486][T27746]  ? copy_signal+0x610/0x610
[ 1133.079905][T27746]  ? __init_rwsem+0xd6/0x1c0
[ 1133.084329][T27746]  ? copy_signal+0x4e3/0x610
[ 1133.088757][T27746]  copy_process+0x12bc/0x3260
[ 1133.093270][T27746]  ? proc_fail_nth_write+0x20b/0x290
[ 1133.098390][T27746]  ? fsnotify_perm+0x6a/0x5d0
[ 1133.102902][T27746]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1133.107852][T27746]  ? vfs_write+0x9ec/0x1110
[ 1133.112190][T27746]  kernel_clone+0x21e/0x9e0
[ 1133.116531][T27746]  ? file_end_write+0x1c0/0x1c0
[ 1133.121214][T27746]  ? create_io_thread+0x1e0/0x1e0
[ 1133.126075][T27746]  ? mutex_unlock+0xb2/0x260
[ 1133.130503][T27746]  ? __mutex_lock_slowpath+0x10/0x10
[ 1133.135625][T27746]  __x64_sys_clone+0x23f/0x290
[ 1133.140223][T27746]  ? __do_sys_vfork+0x130/0x130
[ 1133.144909][T27746]  ? ksys_write+0x260/0x2c0
[ 1133.149250][T27746]  ? debug_smp_processor_id+0x17/0x20
[ 1133.154457][T27746]  ? fpregs_assert_state_consistent+0xb6/0xe0
[ 1133.160358][T27746]  ? exit_to_user_mode_prepare+0x39/0xa0
[ 1133.165827][T27746]  do_syscall_64+0x3d/0xb0
[ 1133.170085][T27746]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1133.175809][T27746] RIP: 0033:0x7f7962f04ae9
[ 1133.180061][T27746] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 1133.199503][T27746] RSP: 002b:00007f7961c87078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1133.207839][T27746] RAX: ffffffffffffffda RBX: 00007f7963023f80 RCX: 00007f7962f04ae9
[ 1133.215648][T27746] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000075848400
[ 1133.223456][T27746] RBP: 00007f7961c87120 R08: 0000000000000000 R09: 0000000000000000
[ 1133.231266][T27746] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1133.239087][T27746] R13: 000000000000000b R14: 00007f7963023f80 R15: 00007ffde0e39ef8
[ 1133.246898][T27746]  </TASK>
01:16:08 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
r5 = openat$cgroup_ro(r2, 0x0, 0x0, 0x0)
r6 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0x0, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r2, r3, r4, 0xffffffffffffffff, r5, r6]}, 0x90)
mkdirat$cgroup(r5, &(0x7f00000001c0)='syz1\x00', 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x40000020)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000))
r7 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r7)

01:16:08 executing program 2:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 40)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00'}, 0x10)

01:16:08 executing program 1:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000ec0)={0x1d, 0x0, 0x0, &(0x7f0000000280)='syzkaller\x00', 0x8e07, 0x9a, &(0x7f0000000d80)=""/154, 0x41100, 0x5, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0xfffffffffffffffc, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000e80)=[{0x0, 0x0, 0x7, 0x8}], 0x10, 0x5}, 0x90)

01:16:08 executing program 5:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
r5 = openat$cgroup_ro(r2, 0x0, 0x0, 0x0)
r6 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x17, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r2, r3, r4, 0xffffffffffffffff, r5, r6]}, 0x90)
mkdirat$cgroup(r5, &(0x7f00000001c0)='syz1\x00', 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x40000020)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000))
r7 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r7)

01:16:08 executing program 0:
syz_clone(0x75848400, 0x0, 0x41, 0x0, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00', r0}, 0x10)

01:16:08 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
r5 = openat$cgroup_ro(r2, 0x0, 0x0, 0x0)
r6 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r2, r3, r4, 0xffffffffffffffff, r5, r6]}, 0x90)
mkdirat$cgroup(r5, &(0x7f00000001c0)='syz1\x00', 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x40000020)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000))
r7 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r7)

[ 1133.339503][T27762] FAULT_INJECTION: forcing a failure.
[ 1133.339503][T27762] name fail_page_alloc, interval 1, probability 0, space 0, times 0
01:16:08 executing program 5:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000780)={0x0}, 0xfffffffffffffccf)
bpf$PROG_LOAD(0x5, &(0x7f0000001780)={0x19, 0x3, &(0x7f0000000580)=ANY=[@ANYBLOB="00009500000000087700"/24], 0x0, 0x401, 0x0, 0x0, 0x40f00, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x6, 0x3}, 0x8}, 0x80)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r0 = perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x3, 0x4, 0x8, 0x8, 0x0, 0xff, 0x800, 0xf2eebde39aa58a28, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x5, 0x4, @perf_bp={&(0x7f0000000000), 0x8}, 0x100, 0xe52b, 0x734, 0x7, 0x1000, 0x5, 0xfe01, 0x0, 0xfff, 0x0, 0x1}, 0xffffffffffffffff, 0x6, r0, 0x2)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={0x0}, 0x10)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
write$cgroup_type(r1, &(0x7f0000000180), 0x40001)
syz_clone(0x20000, 0x0, 0x0, 0x0, 0x0, 0x0)

[ 1133.431282][T27762] CPU: 1 PID: 27762 Comm: syz-executor.2 Tainted: G        W         5.15.132-syzkaller-01173-g754f8cc9b7de #0
[ 1133.442831][T27762] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023
[ 1133.452720][T27762] Call Trace:
[ 1133.455845][T27762]  <TASK>
[ 1133.458623][T27762]  dump_stack_lvl+0x151/0x1b7
[ 1133.463135][T27762]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 1133.468605][T27762]  dump_stack+0x15/0x17
[ 1133.472593][T27762]  should_fail+0x3c6/0x510
[ 1133.476849][T27762]  should_fail_alloc_page+0x5a/0x80
[ 1133.481880][T27762]  prepare_alloc_pages+0x15c/0x700
[ 1133.486829][T27762]  ? __alloc_pages_bulk+0xe60/0xe60
[ 1133.491861][T27762]  __alloc_pages+0x138/0x5e0
[ 1133.496287][T27762]  ? prep_new_page+0x110/0x110
[ 1133.500885][T27762]  ? __alloc_pages+0x206/0x5e0
[ 1133.505488][T27762]  ? stack_trace_save+0x1c0/0x1c0
[ 1133.510351][T27762]  ? __kasan_check_write+0x14/0x20
[ 1133.515294][T27762]  ? _raw_spin_lock+0xa4/0x1b0
[ 1133.519895][T27762]  __pmd_alloc+0xb1/0x550
[ 1133.524061][T27762]  ? __pud_alloc+0x260/0x260
[ 1133.528487][T27762]  ? __pud_alloc+0x213/0x260
[ 1133.532915][T27762]  ? do_handle_mm_fault+0x2330/0x2330
[ 1133.538122][T27762]  ? __stack_depot_save+0x34/0x470
[ 1133.543067][T27762]  ? anon_vma_clone+0x9a/0x500
[ 1133.547669][T27762]  copy_page_range+0x2b3d/0x2f90
[ 1133.552441][T27762]  ? __kasan_slab_alloc+0xb1/0xe0
[ 1133.557301][T27762]  ? slab_post_alloc_hook+0x53/0x2c0
[ 1133.562422][T27762]  ? copy_mm+0xa3a/0x13e0
[ 1133.566587][T27762]  ? copy_process+0x12bc/0x3260
[ 1133.571274][T27762]  ? kernel_clone+0x21e/0x9e0
[ 1133.575787][T27762]  ? do_syscall_64+0x3d/0xb0
[ 1133.580214][T27762]  ? entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1133.586122][T27762]  ? pfn_valid+0x1e0/0x1e0
[ 1133.590369][T27762]  ? rwsem_write_trylock+0x15b/0x290
[ 1133.595489][T27762]  ? vma_interval_tree_augment_rotate+0x1d0/0x1d0
[ 1133.601741][T27762]  ? vma_gap_callbacks_rotate+0x1e2/0x210
[ 1133.607294][T27762]  ? __rb_insert_augmented+0x5de/0x610
[ 1133.612593][T27762]  copy_mm+0xc7e/0x13e0
[ 1133.616583][T27762]  ? copy_signal+0x610/0x610
[ 1133.621006][T27762]  ? __init_rwsem+0xd6/0x1c0
[ 1133.625434][T27762]  ? copy_signal+0x4e3/0x610
[ 1133.629858][T27762]  copy_process+0x12bc/0x3260
[ 1133.634373][T27762]  ? proc_fail_nth_write+0x20b/0x290
[ 1133.639495][T27762]  ? fsnotify_perm+0x6a/0x5d0
[ 1133.644005][T27762]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1133.648959][T27762]  ? vfs_write+0x9ec/0x1110
[ 1133.653293][T27762]  kernel_clone+0x21e/0x9e0
[ 1133.657632][T27762]  ? file_end_write+0x1c0/0x1c0
[ 1133.662318][T27762]  ? create_io_thread+0x1e0/0x1e0
[ 1133.667179][T27762]  ? mutex_unlock+0xb2/0x260
[ 1133.671605][T27762]  ? __mutex_lock_slowpath+0x10/0x10
[ 1133.676728][T27762]  __x64_sys_clone+0x23f/0x290
[ 1133.681326][T27762]  ? __do_sys_vfork+0x130/0x130
[ 1133.686011][T27762]  ? ksys_write+0x260/0x2c0
[ 1133.690354][T27762]  ? debug_smp_processor_id+0x17/0x20
[ 1133.695562][T27762]  ? fpregs_assert_state_consistent+0xb6/0xe0
[ 1133.701463][T27762]  ? exit_to_user_mode_prepare+0x39/0xa0
[ 1133.706930][T27762]  do_syscall_64+0x3d/0xb0
[ 1133.711182][T27762]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1133.716910][T27762] RIP: 0033:0x7f7962f04ae9
[ 1133.721165][T27762] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 1133.740605][T27762] RSP: 002b:00007f7961c87078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1133.748852][T27762] RAX: ffffffffffffffda RBX: 00007f7963023f80 RCX: 00007f7962f04ae9
[ 1133.756662][T27762] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000075848400
[ 1133.764472][T27762] RBP: 00007f7961c87120 R08: 0000000000000000 R09: 0000000000000000
[ 1133.772284][T27762] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1133.780095][T27762] R13: 000000000000000b R14: 00007f7963023f80 R15: 00007ffde0e39ef8
[ 1133.787909][T27762]  </TASK>
01:16:09 executing program 4:
syz_clone(0x75848400, 0x0, 0x8000000000000, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

01:16:09 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
r5 = openat$cgroup_ro(r2, 0x0, 0x0, 0x0)
r6 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r2, r3, r4, 0xffffffffffffffff, r5, r6]}, 0x90)
mkdirat$cgroup(r5, &(0x7f00000001c0)='syz1\x00', 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x40000020)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000))
r7 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r7)

01:16:09 executing program 5:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000780)={0x0}, 0xfffffffffffffccf)
bpf$PROG_LOAD(0x5, &(0x7f0000001780)={0x19, 0x3, &(0x7f0000000580)=ANY=[@ANYBLOB="00009500000000087700"/24], 0x0, 0x401, 0x0, 0x0, 0x40f00, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x6, 0x3}, 0x8}, 0x80)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r0 = perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x3, 0x4, 0x8, 0x8, 0x0, 0xff, 0x800, 0xf2eebde39aa58a28, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x5, 0x4, @perf_bp={&(0x7f0000000000), 0x8}, 0x100, 0xe52b, 0x734, 0x7, 0x1000, 0x5, 0xfe01, 0x0, 0xfff, 0x0, 0x1}, 0xffffffffffffffff, 0x6, r0, 0x2)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={0x0}, 0x10)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
write$cgroup_type(r1, &(0x7f0000000180), 0x40001)
syz_clone(0x20000, 0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000780)={0x0}, 0xfffffffffffffccf) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000001780)={0x19, 0x3, &(0x7f0000000580)=ANY=[@ANYBLOB="00009500000000087700"/24], 0x0, 0x401, 0x0, 0x0, 0x40f00, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x6, 0x3}, 0x8}, 0x80) (async)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) (async)
perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) (async)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x3, 0x4, 0x8, 0x8, 0x0, 0xff, 0x800, 0xf2eebde39aa58a28, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x5, 0x4, @perf_bp={&(0x7f0000000000), 0x8}, 0x100, 0xe52b, 0x734, 0x7, 0x1000, 0x5, 0xfe01, 0x0, 0xfff, 0x0, 0x1}, 0xffffffffffffffff, 0x6, r0, 0x2) (async)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={0x0}, 0x10) (async)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0) (async)
write$cgroup_type(r1, &(0x7f0000000180), 0x40001) (async)
syz_clone(0x20000, 0x0, 0x0, 0x0, 0x0, 0x0) (async)

01:16:09 executing program 2:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00'}, 0x10)

01:16:09 executing program 0:
syz_clone(0x75848400, 0x0, 0x70, 0x0, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00', r0}, 0x10)

01:16:09 executing program 1:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000ec0)={0x1d, 0x0, 0x0, &(0x7f0000000280)='syzkaller\x00', 0x8e07, 0x9a, &(0x7f0000000d80)=""/154, 0x41100, 0x5, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0xfffffffffffffffc, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000e80)=[{0x0, 0x0, 0x0, 0x8}], 0x10, 0x5}, 0x90)

01:16:09 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
r5 = openat$cgroup_ro(r2, 0x0, 0x0, 0x0)
r6 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r2, r3, r4, 0xffffffffffffffff, r5, r6]}, 0x90)
mkdirat$cgroup(r5, &(0x7f00000001c0)='syz1\x00', 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x40000020)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000))
r7 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r7)

01:16:09 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
r5 = openat$cgroup_ro(r2, 0x0, 0x0, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa}, 0x8}, 0x90)
mkdirat$cgroup(r5, &(0x7f00000001c0)='syz1\x00', 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x40000020)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000))
r6 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r6)

01:16:09 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
openat$cgroup_ro(r2, 0x0, 0x0, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa}, 0x8}, 0x90)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f00000001c0)='syz1\x00', 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x40000020)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000))
r5 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r5)

01:16:09 executing program 5:
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0) (async, rerun: 64)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000780)={0x0}, 0xfffffffffffffccf) (async, rerun: 64)
bpf$PROG_LOAD(0x5, &(0x7f0000001780)={0x19, 0x3, &(0x7f0000000580)=ANY=[@ANYBLOB="00009500000000087700"/24], 0x0, 0x401, 0x0, 0x0, 0x40f00, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x6, 0x3}, 0x8}, 0x80) (async)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r0 = perf_event_open$cgroup(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) (async)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x3, 0x4, 0x8, 0x8, 0x0, 0xff, 0x800, 0xf2eebde39aa58a28, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x5, 0x4, @perf_bp={&(0x7f0000000000), 0x8}, 0x100, 0xe52b, 0x734, 0x7, 0x1000, 0x5, 0xfe01, 0x0, 0xfff, 0x0, 0x1}, 0xffffffffffffffff, 0x6, r0, 0x2) (async)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={0x0}, 0x10) (async, rerun: 32)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0) (rerun: 32)
write$cgroup_type(r1, &(0x7f0000000180), 0x40001)
syz_clone(0x20000, 0x0, 0x0, 0x0, 0x0, 0x0)

01:16:09 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
openat$cgroup_ro(r2, 0x0, 0x0, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa}, 0x8}, 0x90)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x40000020)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000))
r5 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r5)

01:16:09 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
openat$cgroup_ro(r2, 0x0, 0x0, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa}, 0x8}, 0x90)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000))
r5 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r5)

[ 1134.199309][T27824] FAULT_INJECTION: forcing a failure.
[ 1134.199309][T27824] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1134.232246][T27824] CPU: 1 PID: 27824 Comm: syz-executor.2 Tainted: G        W         5.15.132-syzkaller-01173-g754f8cc9b7de #0
[ 1134.243796][T27824] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023
[ 1134.253690][T27824] Call Trace:
[ 1134.256811][T27824]  <TASK>
[ 1134.259589][T27824]  dump_stack_lvl+0x151/0x1b7
[ 1134.264103][T27824]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 1134.269587][T27824]  dump_stack+0x15/0x17
[ 1134.273562][T27824]  should_fail+0x3c6/0x510
[ 1134.277815][T27824]  should_fail_alloc_page+0x5a/0x80
[ 1134.282848][T27824]  prepare_alloc_pages+0x15c/0x700
[ 1134.287800][T27824]  ? __alloc_pages_bulk+0xe60/0xe60
[ 1134.292830][T27824]  __alloc_pages+0x138/0x5e0
[ 1134.297256][T27824]  ? prep_new_page+0x110/0x110
[ 1134.301856][T27824]  ? __alloc_pages+0x206/0x5e0
[ 1134.306455][T27824]  ? prep_new_page+0x110/0x110
[ 1134.311055][T27824]  ? __kasan_check_write+0x14/0x20
[ 1134.316002][T27824]  ? _raw_spin_lock+0xa4/0x1b0
[ 1134.320603][T27824]  pte_alloc_one+0x73/0x1b0
[ 1134.324942][T27824]  ? pfn_modify_allowed+0x2f0/0x2f0
[ 1134.329977][T27824]  ? __pmd_alloc+0x48d/0x550
[ 1134.334402][T27824]  __pte_alloc+0x86/0x350
[ 1134.338568][T27824]  ? __pud_alloc+0x260/0x260
[ 1134.342999][T27824]  ? __pud_alloc+0x213/0x260
[ 1134.347429][T27824]  ? free_pgtables+0x280/0x280
[ 1134.352021][T27824]  ? do_handle_mm_fault+0x2330/0x2330
[ 1134.357230][T27824]  ? __stack_depot_save+0x34/0x470
[ 1134.362174][T27824]  ? anon_vma_clone+0x9a/0x500
[ 1134.366778][T27824]  copy_page_range+0x28a8/0x2f90
[ 1134.371548][T27824]  ? __kasan_slab_alloc+0xb1/0xe0
[ 1134.376407][T27824]  ? slab_post_alloc_hook+0x53/0x2c0
[ 1134.381531][T27824]  ? kernel_clone+0x21e/0x9e0
[ 1134.386043][T27824]  ? do_syscall_64+0x3d/0xb0
[ 1134.390467][T27824]  ? entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1134.396377][T27824]  ? pfn_valid+0x1e0/0x1e0
[ 1134.400626][T27824]  ? rwsem_write_trylock+0x15b/0x290
[ 1134.405745][T27824]  ? vma_interval_tree_augment_rotate+0x1d0/0x1d0
[ 1134.411994][T27824]  ? vma_gap_callbacks_rotate+0x1e2/0x210
[ 1134.417551][T27824]  ? __rb_insert_augmented+0x5de/0x610
[ 1134.422847][T27824]  copy_mm+0xc7e/0x13e0
[ 1134.426838][T27824]  ? copy_signal+0x610/0x610
[ 1134.431260][T27824]  ? __init_rwsem+0xd6/0x1c0
[ 1134.435688][T27824]  ? copy_signal+0x4e3/0x610
[ 1134.440117][T27824]  copy_process+0x12bc/0x3260
[ 1134.444629][T27824]  ? proc_fail_nth_write+0x20b/0x290
[ 1134.449746][T27824]  ? fsnotify_perm+0x6a/0x5d0
[ 1134.454263][T27824]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1134.459206][T27824]  ? vfs_write+0x9ec/0x1110
[ 1134.463553][T27824]  kernel_clone+0x21e/0x9e0
[ 1134.467887][T27824]  ? file_end_write+0x1c0/0x1c0
[ 1134.472573][T27824]  ? create_io_thread+0x1e0/0x1e0
[ 1134.477434][T27824]  ? mutex_unlock+0xb2/0x260
[ 1134.481862][T27824]  ? __mutex_lock_slowpath+0x10/0x10
[ 1134.486983][T27824]  __x64_sys_clone+0x23f/0x290
[ 1134.491585][T27824]  ? __do_sys_vfork+0x130/0x130
[ 1134.496265][T27824]  ? ksys_write+0x260/0x2c0
[ 1134.500610][T27824]  ? debug_smp_processor_id+0x17/0x20
[ 1134.505814][T27824]  ? fpregs_assert_state_consistent+0xb6/0xe0
[ 1134.511716][T27824]  ? exit_to_user_mode_prepare+0x39/0xa0
[ 1134.517185][T27824]  do_syscall_64+0x3d/0xb0
[ 1134.521439][T27824]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1134.527167][T27824] RIP: 0033:0x7f7962f04ae9
[ 1134.531424][T27824] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 1134.550861][T27824] RSP: 002b:00007f7961c87078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1134.559103][T27824] RAX: ffffffffffffffda RBX: 00007f7963023f80 RCX: 00007f7962f04ae9
[ 1134.566917][T27824] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000075848400
[ 1134.574726][T27824] RBP: 00007f7961c87120 R08: 0000000000000000 R09: 0000000000000000
[ 1134.582538][T27824] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1134.590348][T27824] R13: 000000000000000b R14: 00007f7963023f80 R15: 00007ffde0e39ef8
[ 1134.598170][T27824]  </TASK>
01:16:09 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
openat$cgroup_ro(r2, 0x0, 0x0, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa}, 0x8}, 0x90)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0)
socketpair(0x0, 0x5, 0x0, &(0x7f0000000000))
r5 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r5)

01:16:09 executing program 4:
syz_clone(0x75848400, 0x0, 0x10100000000000, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

01:16:09 executing program 0:
syz_clone(0x75848400, 0x0, 0x300, 0x0, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00', r0}, 0x10)

01:16:09 executing program 2:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 42)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00'}, 0x10)

01:16:09 executing program 1:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000ec0)={0x1d, 0x0, 0x0, &(0x7f0000000280)='syzkaller\x00', 0x8e07, 0x9a, &(0x7f0000000d80)=""/154, 0x41100, 0x5, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0xfffffffffffffffc, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000e80)=[{}], 0x10, 0x5}, 0x90)

01:16:09 executing program 5:
socketpair$unix(0x1, 0x3, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040))
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0)
r5 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18c25fd1f45e9059827d3f7423e3b5d69cce000000000000000000"], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[0xffffffffffffffff, r2, r3, 0xffffffffffffffff, r4, r5]}, 0x80)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a80)={0x18, 0xa, &(0x7f00000005c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x80800000, 0x0, 0x0, 0x0, 0xca}, [@jmp={0x5, 0x0, 0x1, 0x6, 0x6, 0xffffffffffffffe0, 0x4}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffb}, @call={0x85, 0x0, 0x0, 0x90}, @map_fd={0x18, 0x3}, @map_idx={0x18, 0x7, 0x5, 0x0, 0x4}]}, &(0x7f00000002c0)='GPL\x00', 0x3f, 0x86, &(0x7f0000000700)=""/134, 0x41100, 0x56, '\x00', 0x0, 0x0, r3, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000880)={0x1, 0x2, 0x2, 0x1f}, 0x10, 0x0, 0x0, 0x7, &(0x7f0000000940)=[0xffffffffffffffff], &(0x7f0000000980)=[{0x3, 0x3, 0xc, 0xc}, {0x0, 0x5, 0xd, 0x6}, {0x4, 0x2, 0xf, 0xa}, {0x4, 0x4, 0x0, 0x5}, {0x5, 0x2000003, 0x6, 0x5}, {0x3, 0x5, 0x10, 0x5}, {0x0, 0x3, 0x8, 0x2}], 0x10, 0x3}, 0x90)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000340)={@map=r0, r3, 0x0, 0x0, 0x0, @link_id}, 0x20)
r6 = getpid()
perf_event_open(0x0, r6, 0xa, 0xffffffffffffffff, 0x0)
r7 = bpf$BPF_RAW_TRACEPOINT_OPEN_UNNAMED(0x11, &(0x7f0000000300)={0x0, r1}, 0x10)
perf_event_open(&(0x7f0000000440)={0x0, 0x80, 0x50, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8e7, 0x1, @perf_config_ext={0x0, 0xfffffffffffffff2}, 0x400, 0x80, 0xfffff001, 0x0, 0xffff, 0x100, 0x0, 0x0, 0x0, 0x0, 0x3}, r6, 0x0, r7, 0x3)
write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600)
r8 = bpf$ITER_CREATE(0x21, &(0x7f0000000000), 0x8)
openat$cgroup_ro(r8, &(0x7f0000000280)='cpuacct.usage_user\x00', 0x0, 0x0)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000002c0)='./cgroup.cpu/syz0\x00', 0x200002, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000400)=ANY=[@ANYRES16=0x0], 0xda00)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x21c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000240), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x2}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$cgroup_int(r9, &(0x7f0000000200), 0x43405)
close(0xffffffffffffffff)

[ 1134.715202][T27835] FAULT_INJECTION: forcing a failure.
[ 1134.715202][T27835] name failslab, interval 1, probability 0, space 0, times 0
[ 1134.734444][T27835] CPU: 0 PID: 27835 Comm: syz-executor.2 Tainted: G        W         5.15.132-syzkaller-01173-g754f8cc9b7de #0
[ 1134.745999][T27835] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023
[ 1134.755892][T27835] Call Trace:
[ 1134.759010][T27835]  <TASK>
[ 1134.761790][T27835]  dump_stack_lvl+0x151/0x1b7
[ 1134.766302][T27835]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 1134.771770][T27835]  dump_stack+0x15/0x17
[ 1134.775762][T27835]  should_fail+0x3c6/0x510
[ 1134.780015][T27835]  __should_failslab+0xa4/0xe0
[ 1134.784613][T27835]  ? vm_area_dup+0x26/0x230
[ 1134.788951][T27835]  should_failslab+0x9/0x20
[ 1134.793294][T27835]  slab_pre_alloc_hook+0x37/0xd0
[ 1134.798067][T27835]  ? vm_area_dup+0x26/0x230
[ 1134.802406][T27835]  kmem_cache_alloc+0x44/0x200
[ 1134.807008][T27835]  vm_area_dup+0x26/0x230
[ 1134.811179][T27835]  copy_mm+0x9a1/0x13e0
[ 1134.815171][T27835]  ? copy_signal+0x610/0x610
[ 1134.819589][T27835]  ? __init_rwsem+0xd6/0x1c0
[ 1134.824017][T27835]  ? copy_signal+0x4e3/0x610
[ 1134.828444][T27835]  copy_process+0x12bc/0x3260
[ 1134.832960][T27835]  ? proc_fail_nth_write+0x20b/0x290
[ 1134.838076][T27835]  ? fsnotify_perm+0x6a/0x5d0
[ 1134.842597][T27835]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1134.847540][T27835]  ? vfs_write+0x9ec/0x1110
[ 1134.851879][T27835]  kernel_clone+0x21e/0x9e0
[ 1134.856216][T27835]  ? file_end_write+0x1c0/0x1c0
[ 1134.860904][T27835]  ? create_io_thread+0x1e0/0x1e0
[ 1134.865763][T27835]  ? mutex_unlock+0xb2/0x260
[ 1134.870191][T27835]  ? __mutex_lock_slowpath+0x10/0x10
[ 1134.875313][T27835]  __x64_sys_clone+0x23f/0x290
[ 1134.879912][T27835]  ? __do_sys_vfork+0x130/0x130
[ 1134.884597][T27835]  ? ksys_write+0x260/0x2c0
[ 1134.888940][T27835]  ? debug_smp_processor_id+0x17/0x20
[ 1134.894149][T27835]  ? fpregs_assert_state_consistent+0xb6/0xe0
[ 1134.900044][T27835]  ? exit_to_user_mode_prepare+0x39/0xa0
[ 1134.905512][T27835]  do_syscall_64+0x3d/0xb0
[ 1134.909766][T27835]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1134.915494][T27835] RIP: 0033:0x7f7962f04ae9
[ 1134.919749][T27835] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 1134.939197][T27835] RSP: 002b:00007f7961c87078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1134.947436][T27835] RAX: ffffffffffffffda RBX: 00007f7963023f80 RCX: 00007f7962f04ae9
[ 1134.955243][T27835] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000075848400
[ 1134.963057][T27835] RBP: 00007f7961c87120 R08: 0000000000000000 R09: 0000000000000000
[ 1134.970867][T27835] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1134.978679][T27835] R13: 000000000000000b R14: 00007f7963023f80 R15: 00007ffde0e39ef8
[ 1134.986497][T27835]  </TASK>
01:16:10 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
openat$cgroup_ro(r2, 0x0, 0x0, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa}, 0x8}, 0x90)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0)
socketpair(0x0, 0x5, 0x0, &(0x7f0000000000))
r5 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r5)

01:16:10 executing program 2:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 43)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00'}, 0x10)

01:16:10 executing program 5:
socketpair$unix(0x1, 0x3, 0x0, 0x0) (async)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) (async)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) (async)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) (async)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2) (async)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0) (async)
r5 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18c25fd1f45e9059827d3f7423e3b5d69cce000000000000000000"], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[0xffffffffffffffff, r2, r3, 0xffffffffffffffff, r4, r5]}, 0x80) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a80)={0x18, 0xa, &(0x7f00000005c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x80800000, 0x0, 0x0, 0x0, 0xca}, [@jmp={0x5, 0x0, 0x1, 0x6, 0x6, 0xffffffffffffffe0, 0x4}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffb}, @call={0x85, 0x0, 0x0, 0x90}, @map_fd={0x18, 0x3}, @map_idx={0x18, 0x7, 0x5, 0x0, 0x4}]}, &(0x7f00000002c0)='GPL\x00', 0x3f, 0x86, &(0x7f0000000700)=""/134, 0x41100, 0x56, '\x00', 0x0, 0x0, r3, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000880)={0x1, 0x2, 0x2, 0x1f}, 0x10, 0x0, 0x0, 0x7, &(0x7f0000000940)=[0xffffffffffffffff], &(0x7f0000000980)=[{0x3, 0x3, 0xc, 0xc}, {0x0, 0x5, 0xd, 0x6}, {0x4, 0x2, 0xf, 0xa}, {0x4, 0x4, 0x0, 0x5}, {0x5, 0x2000003, 0x6, 0x5}, {0x3, 0x5, 0x10, 0x5}, {0x0, 0x3, 0x8, 0x2}], 0x10, 0x3}, 0x90)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000340)={@map=r0, r3, 0x0, 0x0, 0x0, @link_id}, 0x20) (async)
r6 = getpid()
perf_event_open(0x0, r6, 0xa, 0xffffffffffffffff, 0x0) (async)
r7 = bpf$BPF_RAW_TRACEPOINT_OPEN_UNNAMED(0x11, &(0x7f0000000300)={0x0, r1}, 0x10)
perf_event_open(&(0x7f0000000440)={0x0, 0x80, 0x50, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8e7, 0x1, @perf_config_ext={0x0, 0xfffffffffffffff2}, 0x400, 0x80, 0xfffff001, 0x0, 0xffff, 0x100, 0x0, 0x0, 0x0, 0x0, 0x3}, r6, 0x0, r7, 0x3) (async)
write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) (async)
r8 = bpf$ITER_CREATE(0x21, &(0x7f0000000000), 0x8)
openat$cgroup_ro(r8, &(0x7f0000000280)='cpuacct.usage_user\x00', 0x0, 0x0)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) (async)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000002c0)='./cgroup.cpu/syz0\x00', 0x200002, 0x0) (async)
write$cgroup_subtree(r1, &(0x7f0000000400)=ANY=[@ANYRES16=0x0], 0xda00)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x21c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000240), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x2}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$cgroup_int(r9, &(0x7f0000000200), 0x43405)
close(0xffffffffffffffff)

01:16:10 executing program 1:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000ec0)={0x1d, 0x0, 0x0, &(0x7f0000000280)='syzkaller\x00', 0x8e07, 0x9a, &(0x7f0000000d80)=""/154, 0x41100, 0x5, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0xfffffffffffffffc, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000e80)=[{}]}, 0x90)

01:16:10 executing program 0:
syz_clone(0x75848400, 0x0, 0x700, 0x0, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00', r0}, 0x10)

01:16:10 executing program 4:
syz_clone(0x75848400, 0x0, 0x902ce7772a0000, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

[ 1135.431662][T27869] FAULT_INJECTION: forcing a failure.
[ 1135.431662][T27869] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1135.475336][T27869] CPU: 0 PID: 27869 Comm: syz-executor.2 Tainted: G        W         5.15.132-syzkaller-01173-g754f8cc9b7de #0
[ 1135.486897][T27869] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023
[ 1135.496785][T27869] Call Trace:
[ 1135.499904][T27869]  <TASK>
[ 1135.502685][T27869]  dump_stack_lvl+0x151/0x1b7
[ 1135.507195][T27869]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 1135.512663][T27869]  dump_stack+0x15/0x17
[ 1135.516656][T27869]  should_fail+0x3c6/0x510
[ 1135.520908][T27869]  should_fail_alloc_page+0x5a/0x80
[ 1135.525940][T27869]  prepare_alloc_pages+0x15c/0x700
[ 1135.530890][T27869]  ? __alloc_pages+0x5e0/0x5e0
[ 1135.535489][T27869]  ? __alloc_pages_bulk+0xe60/0xe60
[ 1135.540525][T27869]  __alloc_pages+0x138/0x5e0
[ 1135.544948][T27869]  ? prep_new_page+0x110/0x110
[ 1135.549550][T27869]  ? 0xffffffffa0028094
[ 1135.553541][T27869]  ? is_bpf_text_address+0x172/0x190
[ 1135.558661][T27869]  pte_alloc_one+0x73/0x1b0
[ 1135.563001][T27869]  ? pfn_modify_allowed+0x2f0/0x2f0
[ 1135.568035][T27869]  ? arch_stack_walk+0xf3/0x140
[ 1135.572724][T27869]  __pte_alloc+0x86/0x350
[ 1135.576889][T27869]  ? free_pgtables+0x280/0x280
[ 1135.581488][T27869]  ? _raw_spin_lock+0xa4/0x1b0
[ 1135.586090][T27869]  ? __kasan_check_write+0x14/0x20
[ 1135.591038][T27869]  copy_page_range+0x28a8/0x2f90
[ 1135.595808][T27869]  ? __kasan_slab_alloc+0xb1/0xe0
[ 1135.600674][T27869]  ? pfn_valid+0x1e0/0x1e0
[ 1135.604924][T27869]  ? vma_gap_callbacks_rotate+0x1e2/0x210
[ 1135.610477][T27869]  ? __rb_insert_augmented+0x5de/0x610
[ 1135.615779][T27869]  copy_mm+0xc7e/0x13e0
[ 1135.619768][T27869]  ? copy_signal+0x610/0x610
[ 1135.624190][T27869]  ? __init_rwsem+0xd6/0x1c0
[ 1135.628615][T27869]  ? copy_signal+0x4e3/0x610
[ 1135.633044][T27869]  copy_process+0x12bc/0x3260
[ 1135.637556][T27869]  ? proc_fail_nth_write+0x20b/0x290
[ 1135.642679][T27869]  ? fsnotify_perm+0x6a/0x5d0
[ 1135.647190][T27869]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1135.652136][T27869]  ? vfs_write+0x9ec/0x1110
[ 1135.656476][T27869]  kernel_clone+0x21e/0x9e0
[ 1135.660816][T27869]  ? file_end_write+0x1c0/0x1c0
[ 1135.665505][T27869]  ? create_io_thread+0x1e0/0x1e0
[ 1135.670362][T27869]  ? mutex_unlock+0xb2/0x260
[ 1135.674790][T27869]  ? __mutex_lock_slowpath+0x10/0x10
[ 1135.679910][T27869]  __x64_sys_clone+0x23f/0x290
[ 1135.684510][T27869]  ? __do_sys_vfork+0x130/0x130
[ 1135.689194][T27869]  ? ksys_write+0x260/0x2c0
[ 1135.693539][T27869]  ? debug_smp_processor_id+0x17/0x20
[ 1135.698745][T27869]  ? fpregs_assert_state_consistent+0xb6/0xe0
[ 1135.704646][T27869]  ? exit_to_user_mode_prepare+0x39/0xa0
[ 1135.710114][T27869]  do_syscall_64+0x3d/0xb0
[ 1135.714366][T27869]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1135.720093][T27869] RIP: 0033:0x7f7962f04ae9
[ 1135.724346][T27869] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 1135.744220][T27869] RSP: 002b:00007f7961c87078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1135.752465][T27869] RAX: ffffffffffffffda RBX: 00007f7963023f80 RCX: 00007f7962f04ae9
[ 1135.760280][T27869] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000075848400
[ 1135.768089][T27869] RBP: 00007f7961c87120 R08: 0000000000000000 R09: 0000000000000000
01:16:11 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
openat$cgroup_ro(r2, 0x0, 0x0, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa}, 0x8}, 0x90)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0)
socketpair(0x0, 0x0, 0x0, &(0x7f0000000000))
r5 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r5)

[ 1135.775900][T27869] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1135.783713][T27869] R13: 000000000000000b R14: 00007f7963023f80 R15: 00007ffde0e39ef8
[ 1135.791526][T27869]  </TASK>
01:16:11 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
openat$cgroup_ro(r2, 0x0, 0x0, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa}, 0x8}, 0x90)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0)
socketpair(0x0, 0x0, 0x0, 0x0)
r5 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r5)

01:16:11 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
openat$cgroup_ro(r2, 0x0, 0x0, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa}, 0x8}, 0x90)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0)
socketpair(0x0, 0x0, 0x0, 0x0)
r5 = perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r5)

01:16:11 executing program 1:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 1)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000ec0)={0x1d, 0x0, 0x0, &(0x7f0000000280)='syzkaller\x00', 0x8e07, 0x9a, &(0x7f0000000d80)=""/154, 0x41100, 0x5, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0xfffffffffffffffc, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000e80)=[{}]}, 0x90)

01:16:11 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
openat$cgroup_ro(r2, 0x0, 0x0, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa}, 0x8}, 0x90)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0)
socketpair(0x0, 0x0, 0x0, 0x0)
r5 = perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r5)

01:16:11 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
openat$cgroup_ro(r2, 0x0, 0x0, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa}, 0x8}, 0x90)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0)
socketpair(0x0, 0x0, 0x0, 0x0)
r5 = perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r5)

[ 1135.976023][T27882] FAULT_INJECTION: forcing a failure.
[ 1135.976023][T27882] name failslab, interval 1, probability 0, space 0, times 0
[ 1136.019786][T27882] CPU: 1 PID: 27882 Comm: syz-executor.1 Tainted: G        W         5.15.132-syzkaller-01173-g754f8cc9b7de #0
[ 1136.031338][T27882] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023
[ 1136.041231][T27882] Call Trace:
[ 1136.044353][T27882]  <TASK>
[ 1136.047128][T27882]  dump_stack_lvl+0x151/0x1b7
[ 1136.051729][T27882]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 1136.057199][T27882]  dump_stack+0x15/0x17
[ 1136.061191][T27882]  should_fail+0x3c6/0x510
[ 1136.065442][T27882]  __should_failslab+0xa4/0xe0
[ 1136.070071][T27882]  ? dup_task_struct+0x53/0xc60
[ 1136.074731][T27882]  should_failslab+0x9/0x20
[ 1136.079180][T27882]  slab_pre_alloc_hook+0x37/0xd0
[ 1136.083968][T27882]  ? dup_task_struct+0x53/0xc60
[ 1136.088682][T27882]  kmem_cache_alloc+0x44/0x200
[ 1136.093259][T27882]  dup_task_struct+0x53/0xc60
[ 1136.097766][T27882]  ? __kasan_check_write+0x14/0x20
[ 1136.102712][T27882]  copy_process+0x5c4/0x3260
[ 1136.107147][T27882]  ? timerqueue_add+0x250/0x270
[ 1136.111824][T27882]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1136.116771][T27882]  ? enqueue_hrtimer+0xca/0x240
[ 1136.121461][T27882]  ? __hrtimer_run_queues+0x46b/0xad0
[ 1136.126667][T27882]  kernel_clone+0x21e/0x9e0
[ 1136.131008][T27882]  ? create_io_thread+0x1e0/0x1e0
[ 1136.135872][T27882]  ? clockevents_program_event+0x22f/0x300
[ 1136.141509][T27882]  __x64_sys_clone+0x23f/0x290
[ 1136.146108][T27882]  ? __do_sys_vfork+0x130/0x130
[ 1136.150796][T27882]  ? debug_smp_processor_id+0x17/0x20
[ 1136.155998][T27882]  ? fpregs_assert_state_consistent+0xb6/0xe0
[ 1136.161899][T27882]  ? exit_to_user_mode_prepare+0x39/0xa0
[ 1136.167366][T27882]  do_syscall_64+0x3d/0xb0
[ 1136.171620][T27882]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[ 1136.177304][T27882]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1136.183000][T27882] RIP: 0033:0x7f517d83bae9
[ 1136.187254][T27882] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 1136.206684][T27882] RSP: 002b:00007f517c5be078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
01:16:11 executing program 0:
syz_clone(0x75848400, 0x0, 0x900, 0x0, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00', r0}, 0x10)

01:16:11 executing program 2:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 44)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00'}, 0x10)

01:16:11 executing program 5:
socketpair$unix(0x1, 0x3, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) (async)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) (async, rerun: 64)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700) (async, rerun: 64)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0)
r5 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18c25fd1f45e9059827d3f7423e3b5d69cce000000000000000000"], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[0xffffffffffffffff, r2, r3, 0xffffffffffffffff, r4, r5]}, 0x80)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a80)={0x18, 0xa, &(0x7f00000005c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x80800000, 0x0, 0x0, 0x0, 0xca}, [@jmp={0x5, 0x0, 0x1, 0x6, 0x6, 0xffffffffffffffe0, 0x4}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffb}, @call={0x85, 0x0, 0x0, 0x90}, @map_fd={0x18, 0x3}, @map_idx={0x18, 0x7, 0x5, 0x0, 0x4}]}, &(0x7f00000002c0)='GPL\x00', 0x3f, 0x86, &(0x7f0000000700)=""/134, 0x41100, 0x56, '\x00', 0x0, 0x0, r3, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000880)={0x1, 0x2, 0x2, 0x1f}, 0x10, 0x0, 0x0, 0x7, &(0x7f0000000940)=[0xffffffffffffffff], &(0x7f0000000980)=[{0x3, 0x3, 0xc, 0xc}, {0x0, 0x5, 0xd, 0x6}, {0x4, 0x2, 0xf, 0xa}, {0x4, 0x4, 0x0, 0x5}, {0x5, 0x2000003, 0x6, 0x5}, {0x3, 0x5, 0x10, 0x5}, {0x0, 0x3, 0x8, 0x2}], 0x10, 0x3}, 0x90)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000340)={@map=r0, r3, 0x0, 0x0, 0x0, @link_id}, 0x20) (async)
r6 = getpid()
perf_event_open(0x0, r6, 0xa, 0xffffffffffffffff, 0x0) (async)
r7 = bpf$BPF_RAW_TRACEPOINT_OPEN_UNNAMED(0x11, &(0x7f0000000300)={0x0, r1}, 0x10)
perf_event_open(&(0x7f0000000440)={0x0, 0x80, 0x50, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8e7, 0x1, @perf_config_ext={0x0, 0xfffffffffffffff2}, 0x400, 0x80, 0xfffff001, 0x0, 0xffff, 0x100, 0x0, 0x0, 0x0, 0x0, 0x3}, r6, 0x0, r7, 0x3) (async)
write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) (async)
r8 = bpf$ITER_CREATE(0x21, &(0x7f0000000000), 0x8)
openat$cgroup_ro(r8, &(0x7f0000000280)='cpuacct.usage_user\x00', 0x0, 0x0) (async, rerun: 32)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) (async, rerun: 32)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000002c0)='./cgroup.cpu/syz0\x00', 0x200002, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000400)=ANY=[@ANYRES16=0x0], 0xda00)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x21c4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000240), 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async, rerun: 32)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x2}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async, rerun: 32)
write$cgroup_int(r9, &(0x7f0000000200), 0x43405) (async)
close(0xffffffffffffffff)

[ 1136.214927][T27882] RAX: ffffffffffffffda RBX: 00007f517d95af80 RCX: 00007f517d83bae9
[ 1136.222740][T27882] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000075848400
[ 1136.230555][T27882] RBP: 00007f517c5be120 R08: 0000000000000000 R09: 0000000000000000
[ 1136.238360][T27882] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001
[ 1136.246173][T27882] R13: 000000000000000b R14: 00007f517d95af80 R15: 00007ffebf1f37c8
[ 1136.253986][T27882]  </TASK>
01:16:11 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
openat$cgroup_ro(r2, 0x0, 0x0, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa}, 0x8}, 0x90)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0)
socketpair(0x0, 0x0, 0x0, 0x0)
r5 = perf_event_open(&(0x7f0000000b00)={0x0, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r5)

[ 1136.292608][T27898] FAULT_INJECTION: forcing a failure.
[ 1136.292608][T27898] name fail_page_alloc, interval 1, probability 0, space 0, times 0
01:16:11 executing program 5:
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40028, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x3, &(0x7f00000007c0)=ANY=[@ANYBLOB="850000002a00000025000000000000009500000000000000afcd48d6494d614dcc6fab5335ec470db2c6161dba392176dd2963038e1d69ba7ea94c500dc4ef2fad96ed406f218af5adcf920569c00cc1199684fa7c93836d9ea2cfb0e60436e05425cc4686b066707de94a4f4d5fc79c987d669f381faca0f9d9924be41a9169bdfaf16da915b2e249ee1c6eee84309e7a23c19a39484809539fca4e0b6eab1aa7d55545a34effa077faa55c59e88254f54077f799bf168301000000bf2255d6a0244d35b213bda84cc172afd8cc2e47a7d8b85a5e3d77ac46f8803d90cba03920e231b7ae0da8616d2b7958f91f5da6c025d060ab186d94af98af1da2b5952eb15855933a212304e035f7a35dfc72c81256a55a25f8fe3b28d7e53c78fbfe5ab0255f347160ec83070000000000004015cf10453f6c0b973b81a484ebad04859d928365a7ea3fab8b4b380a00d72bc0480f949c479757306720399379d9271cf555c14d56b51c2298237bebfc08e0d5976a942b846970cfd98b9d4139f1111f2cc5e46ac1c60a9b030074bfbcd4b09012175484135f0e519f0b1e4aaa026d570ecb5e8cddbed65ff702000000a3ff4f8a4cf796b07a6ff61c5552417fd703f7f14d8b78a602ca3cdf6a662d8bc9c89c9120072a5d00dcdd8595356c9b2492aaf1264d4ef4a410c882834867bcd2b6e559d17879570c8ad943e392955f4f979ea13201bafe4f0f6ea508000000a0c548552b571bed5647223c78a996810000000571cbb17d9f37282462f0e9c147c0d497c61433c6ccc35601eef97ee611be8c97f4151ffdf6f7820549cda6cb799c6e924966a7f90bf8fd1e75ee76bd72346cfbb5567e54d3504723177d356c4604b7a492ecec37e83efceefd7ca2533659edc8be05cc85451c6a14507434eb54b6f43caea5c4bf690441974b155f5adc681a03c0bbb8358856175e2ce8b0cbbbe3c033e54ffcebde1d9d3d35a152a9ec9a7a3755e0f209150a07682c4e14e3a83558df6f3fc97f1730a136bdee07e98cb984b2e2304a1b63afefdb636e56bbaae4e62136574bc6371a0bb2be1a962aae9c1258da6ef590e1d85ea9e12b3025f43e7e08ccffc5064dea4c39cf4b98e1fc6efb5978f51e16b678eca0b658a56008948e561a9845e4ff29e2bdb1d0b923b272341c5e093fd66a294351c5356c1d06c92cf8ce3c7c56cd31121624d74517fd3666277f670e812b28e2f30d035cee5d0e77a3c72208ec651cc0ae637fa474816bc59d2e2a00092419304b338a987e9d3044d856ce24f370030be3b5f79f034b8d3ebce68663ef5af469abe75b314fae31a0445859a5ece8fb11a4ee8e46354c9c3a041a1e7b55c4e81dba1e12289ee34463aaf28345bd168b4177ce37ed85464c31679053e7f9d04bb5cb51da0b7958989fd70f241262d0af3246eb4fc4bda345360200000001fbddeacd3adaa4d2ee6fe0d072ccd44341f7fd53df58ae791ee8b489a7c9efe3625a9d971b5997485d6a063dc6f7359e2eccc2fb39d401adf59d44e58eb1c60b3475be31a9b7cf42b6402312d2725b8d9fa700a86407e79ae29d2c117ca65fc86c2dce97aa03279a66ec87122219b0f796ab92b1adecae50fdb408c8a80f7f02f750d6c977a1919f9f69a6cfefdf879d447df53f3b9b70d10355b07466d1ef0056b5af553d18a6cc50feeb7bfad9b7be3283b6450d264e7712d2f1d7004548b19162cef04d18d4f5987baab97a9bfbd8f185b5631820420bf5b6522c0e21c882c66f4f25ffb6d95e07de02205fca4f18a2eb5b63e45d5d80fe52734093ae5aa3c0b4f3f45bfff2418a18217747ae442e31560e5b741445ea2a1acee2e98c7f9f3427834ba0a765d20b30f87af976a46f9a9a1ac7dea1ea6845f9aa6623920dacc107f532348cc21164efe794874eac73381e961f3d9c8c21578fe3245097c280abe51427b9f6cd72b5da6d0252803c66730cd5eac907f09b9695906313f8873522608c6fc01e1b9e16587bb5f721303e6b89e5c54d680ac66d09af90dbf50ee69a39265964279d174b0000000000000000000000fa08ad0731c4b839688b22c4da2a6ba0623e488eabf045dff7d22ccf94ddb756034a9fe3d592d9904f300152e64976ae958bd45fcfc45e63ee41d78ef9b14051dfb9e3467f6631a50a01370fdf269402a3399d770be42170c8302d75c0ca40768c46b9bd5dca9d89214d8640b9228e1d278c838811"], &(0x7f0000000000)='GPL\x00', 0x5, 0x252, &(0x7f000000cf3d)=""/195}, 0x48)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
close(r0)

[ 1136.336647][T27898] CPU: 1 PID: 27898 Comm: syz-executor.2 Tainted: G        W         5.15.132-syzkaller-01173-g754f8cc9b7de #0
[ 1136.348203][T27898] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023
[ 1136.358099][T27898] Call Trace:
[ 1136.361224][T27898]  <TASK>
[ 1136.364004][T27898]  dump_stack_lvl+0x151/0x1b7
[ 1136.368514][T27898]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 1136.373981][T27898]  dump_stack+0x15/0x17
[ 1136.377974][T27898]  should_fail+0x3c6/0x510
[ 1136.382221][T27898]  should_fail_alloc_page+0x5a/0x80
[ 1136.387254][T27898]  prepare_alloc_pages+0x15c/0x700
[ 1136.392200][T27898]  ? __alloc_pages+0x5e0/0x5e0
[ 1136.396803][T27898]  ? __alloc_pages_bulk+0xe60/0xe60
[ 1136.401838][T27898]  ? sched_clock+0x9/0x10
[ 1136.406000][T27898]  __alloc_pages+0x138/0x5e0
[ 1136.410430][T27898]  ? prep_new_page+0x110/0x110
[ 1136.415032][T27898]  ? 0xffffffffa0028094
[ 1136.419021][T27898]  ? is_bpf_text_address+0x172/0x190
[ 1136.424139][T27898]  pte_alloc_one+0x73/0x1b0
[ 1136.428482][T27898]  ? pfn_modify_allowed+0x2f0/0x2f0
[ 1136.433514][T27898]  ? arch_stack_walk+0xf3/0x140
[ 1136.438201][T27898]  __pte_alloc+0x86/0x350
[ 1136.442369][T27898]  ? free_pgtables+0x280/0x280
[ 1136.446966][T27898]  ? _raw_spin_lock+0xa4/0x1b0
[ 1136.451576][T27898]  ? __kasan_check_write+0x14/0x20
[ 1136.456517][T27898]  copy_page_range+0x28a8/0x2f90
[ 1136.461291][T27898]  ? __kasan_slab_alloc+0xb1/0xe0
[ 1136.466158][T27898]  ? pfn_valid+0x1e0/0x1e0
[ 1136.470413][T27898]  ? vma_gap_callbacks_rotate+0x1e2/0x210
[ 1136.475971][T27898]  ? __rb_insert_augmented+0x5de/0x610
[ 1136.481253][T27898]  copy_mm+0xc7e/0x13e0
[ 1136.485245][T27898]  ? copy_signal+0x610/0x610
[ 1136.489668][T27898]  ? __init_rwsem+0xd6/0x1c0
[ 1136.494095][T27898]  ? copy_signal+0x4e3/0x610
[ 1136.498520][T27898]  copy_process+0x12bc/0x3260
[ 1136.503035][T27898]  ? proc_fail_nth_write+0x20b/0x290
[ 1136.508154][T27898]  ? fsnotify_perm+0x6a/0x5d0
[ 1136.512668][T27898]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1136.517614][T27898]  ? vfs_write+0x9ec/0x1110
[ 1136.521955][T27898]  kernel_clone+0x21e/0x9e0
[ 1136.526292][T27898]  ? file_end_write+0x1c0/0x1c0
[ 1136.530984][T27898]  ? create_io_thread+0x1e0/0x1e0
[ 1136.535839][T27898]  ? mutex_unlock+0xb2/0x260
[ 1136.540268][T27898]  ? __mutex_lock_slowpath+0x10/0x10
[ 1136.545388][T27898]  __x64_sys_clone+0x23f/0x290
[ 1136.549988][T27898]  ? __do_sys_vfork+0x130/0x130
[ 1136.554672][T27898]  ? ksys_write+0x260/0x2c0
[ 1136.559018][T27898]  ? debug_smp_processor_id+0x17/0x20
[ 1136.564222][T27898]  ? fpregs_assert_state_consistent+0xb6/0xe0
[ 1136.570125][T27898]  ? exit_to_user_mode_prepare+0x39/0xa0
[ 1136.575592][T27898]  do_syscall_64+0x3d/0xb0
[ 1136.579845][T27898]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[ 1136.585485][T27898]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1136.591216][T27898] RIP: 0033:0x7f7962f04ae9
[ 1136.595468][T27898] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 1136.614909][T27898] RSP: 002b:00007f7961c87078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1136.623154][T27898] RAX: ffffffffffffffda RBX: 00007f7963023f80 RCX: 00007f7962f04ae9
[ 1136.630967][T27898] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000075848400
[ 1136.638776][T27898] RBP: 00007f7961c87120 R08: 0000000000000000 R09: 0000000000000000
[ 1136.646585][T27898] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1136.654397][T27898] R13: 000000000000000b R14: 00007f7963023f80 R15: 00007ffde0e39ef8
[ 1136.662213][T27898]  </TASK>
01:16:11 executing program 4:
syz_clone(0x75848400, 0x0, 0xa002a0ffffffff, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

01:16:11 executing program 1:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 2)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000ec0)={0x1d, 0x0, 0x0, &(0x7f0000000280)='syzkaller\x00', 0x8e07, 0x9a, &(0x7f0000000d80)=""/154, 0x41100, 0x5, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0xfffffffffffffffc, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000e80)=[{}]}, 0x90)

01:16:11 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
openat$cgroup_ro(r2, 0x0, 0x0, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa}, 0x8}, 0x90)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0)
socketpair(0x0, 0x0, 0x0, 0x0)
r5 = perf_event_open(&(0x7f0000000b00)={0x0, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r5)

01:16:11 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
openat$cgroup_ro(r2, 0x0, 0x0, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa}, 0x8}, 0x90)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0)
socketpair(0x0, 0x0, 0x0, 0x0)
r5 = perf_event_open(&(0x7f0000000b00)={0x0, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r5)

[ 1136.748080][T27915] FAULT_INJECTION: forcing a failure.
[ 1136.748080][T27915] name failslab, interval 1, probability 0, space 0, times 0
[ 1136.794379][T27915] CPU: 0 PID: 27915 Comm: syz-executor.1 Tainted: G        W         5.15.132-syzkaller-01173-g754f8cc9b7de #0
[ 1136.805935][T27915] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023
[ 1136.815830][T27915] Call Trace:
[ 1136.818953][T27915]  <TASK>
[ 1136.821732][T27915]  dump_stack_lvl+0x151/0x1b7
[ 1136.826244][T27915]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 1136.831714][T27915]  ? __kasan_slab_alloc+0xc3/0xe0
[ 1136.836574][T27915]  ? __kasan_slab_alloc+0xb1/0xe0
[ 1136.841432][T27915]  ? slab_post_alloc_hook+0x53/0x2c0
[ 1136.846556][T27915]  ? dup_task_struct+0x53/0xc60
[ 1136.851242][T27915]  ? copy_process+0x5c4/0x3260
[ 1136.855839][T27915]  ? kernel_clone+0x21e/0x9e0
[ 1136.860356][T27915]  dump_stack+0x15/0x17
[ 1136.864344][T27915]  should_fail+0x3c6/0x510
[ 1136.868600][T27915]  __should_failslab+0xa4/0xe0
[ 1136.873201][T27915]  should_failslab+0x9/0x20
[ 1136.877538][T27915]  slab_pre_alloc_hook+0x37/0xd0
[ 1136.882314][T27915]  kmem_cache_alloc_trace+0x48/0x210
[ 1136.887432][T27915]  ? __get_vm_area_node+0x117/0x360
[ 1136.892464][T27915]  __get_vm_area_node+0x117/0x360
[ 1136.897329][T27915]  __vmalloc_node_range+0xe2/0x8d0
[ 1136.902271][T27915]  ? copy_process+0x5c4/0x3260
[ 1136.906874][T27915]  ? slab_post_alloc_hook+0x72/0x2c0
[ 1136.911998][T27915]  ? dup_task_struct+0x53/0xc60
[ 1136.916683][T27915]  dup_task_struct+0x416/0xc60
[ 1136.921283][T27915]  ? copy_process+0x5c4/0x3260
[ 1136.925884][T27915]  copy_process+0x5c4/0x3260
[ 1136.930309][T27915]  ? __kasan_check_write+0x14/0x20
[ 1136.935258][T27915]  ? proc_fail_nth_write+0x20b/0x290
[ 1136.940377][T27915]  ? selinux_file_permission+0x2c4/0x570
[ 1136.945843][T27915]  ? fsnotify_perm+0x6a/0x5d0
[ 1136.950357][T27915]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1136.955304][T27915]  ? vfs_write+0x9ec/0x1110
[ 1136.959642][T27915]  ? irqentry_exit+0x30/0x40
[ 1136.964072][T27915]  kernel_clone+0x21e/0x9e0
[ 1136.968410][T27915]  ? file_end_write+0x1c0/0x1c0
[ 1136.973095][T27915]  ? create_io_thread+0x1e0/0x1e0
[ 1136.977955][T27915]  ? mutex_unlock+0xb2/0x260
[ 1136.982380][T27915]  ? __mutex_lock_slowpath+0x10/0x10
[ 1136.987505][T27915]  __x64_sys_clone+0x23f/0x290
[ 1136.992101][T27915]  ? __do_sys_vfork+0x130/0x130
[ 1136.996789][T27915]  ? ksys_write+0x260/0x2c0
[ 1137.001130][T27915]  ? debug_smp_processor_id+0x17/0x20
[ 1137.006335][T27915]  ? fpregs_assert_state_consistent+0xb6/0xe0
[ 1137.012238][T27915]  ? exit_to_user_mode_prepare+0x39/0xa0
[ 1137.017713][T27915]  do_syscall_64+0x3d/0xb0
[ 1137.021956][T27915]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[ 1137.027601][T27915]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1137.033328][T27915] RIP: 0033:0x7f517d83bae9
[ 1137.037580][T27915] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 1137.057024][T27915] RSP: 002b:00007f517c5be078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1137.065267][T27915] RAX: ffffffffffffffda RBX: 00007f517d95af80 RCX: 00007f517d83bae9
[ 1137.073078][T27915] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000075848400
[ 1137.080888][T27915] RBP: 00007f517c5be120 R08: 0000000000000000 R09: 0000000000000000
01:16:12 executing program 2:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 45)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00'}, 0x10)

[ 1137.088704][T27915] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001
[ 1137.096512][T27915] R13: 000000000000000b R14: 00007f517d95af80 R15: 00007ffebf1f37c8
[ 1137.104349][T27915]  </TASK>
[ 1137.122478][T27915] syz-executor.1: vmalloc error: size 32768, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz1,mems_allowed=0
[ 1137.123982][T27924] FAULT_INJECTION: forcing a failure.
[ 1137.123982][T27924] name failslab, interval 1, probability 0, space 0, times 0
[ 1137.139157][T27915] CPU: 0 PID: 27915 Comm: syz-executor.1 Tainted: G        W         5.15.132-syzkaller-01173-g754f8cc9b7de #0
[ 1137.161782][T27915] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023
[ 1137.171683][T27915] Call Trace:
[ 1137.174801][T27915]  <TASK>
[ 1137.177578][T27915]  dump_stack_lvl+0x151/0x1b7
[ 1137.182091][T27915]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 1137.187566][T27915]  ? pr_cont_kernfs_name+0xf0/0x100
[ 1137.192592][T27915]  dump_stack+0x15/0x17
[ 1137.196588][T27915]  warn_alloc+0x21a/0x390
[ 1137.200751][T27915]  ? should_failslab+0x9/0x20
[ 1137.205264][T27915]  ? zone_watermark_ok_safe+0x270/0x270
[ 1137.210652][T27915]  ? __get_vm_area_node+0x347/0x360
[ 1137.215682][T27915]  __vmalloc_node_range+0x2c1/0x8d0
[ 1137.220715][T27915]  ? slab_post_alloc_hook+0x72/0x2c0
[ 1137.225834][T27915]  ? dup_task_struct+0x53/0xc60
[ 1137.230519][T27915]  dup_task_struct+0x416/0xc60
[ 1137.235118][T27915]  ? copy_process+0x5c4/0x3260
[ 1137.239720][T27915]  copy_process+0x5c4/0x3260
[ 1137.244149][T27915]  ? __kasan_check_write+0x14/0x20
[ 1137.249093][T27915]  ? proc_fail_nth_write+0x20b/0x290
[ 1137.254215][T27915]  ? selinux_file_permission+0x2c4/0x570
[ 1137.259679][T27915]  ? fsnotify_perm+0x6a/0x5d0
[ 1137.264193][T27915]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1137.269141][T27915]  ? vfs_write+0x9ec/0x1110
[ 1137.273479][T27915]  ? irqentry_exit+0x30/0x40
[ 1137.277907][T27915]  kernel_clone+0x21e/0x9e0
[ 1137.282245][T27915]  ? file_end_write+0x1c0/0x1c0
[ 1137.286937][T27915]  ? create_io_thread+0x1e0/0x1e0
[ 1137.291791][T27915]  ? mutex_unlock+0xb2/0x260
[ 1137.296219][T27915]  ? __mutex_lock_slowpath+0x10/0x10
[ 1137.301343][T27915]  __x64_sys_clone+0x23f/0x290
[ 1137.305942][T27915]  ? __do_sys_vfork+0x130/0x130
[ 1137.310627][T27915]  ? ksys_write+0x260/0x2c0
[ 1137.314967][T27915]  ? debug_smp_processor_id+0x17/0x20
[ 1137.320174][T27915]  ? fpregs_assert_state_consistent+0xb6/0xe0
[ 1137.326076][T27915]  ? exit_to_user_mode_prepare+0x39/0xa0
[ 1137.331545][T27915]  do_syscall_64+0x3d/0xb0
[ 1137.335795][T27915]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[ 1137.341437][T27915]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1137.347166][T27915] RIP: 0033:0x7f517d83bae9
[ 1137.351423][T27915] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 1137.370860][T27915] RSP: 002b:00007f517c5be078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1137.379105][T27915] RAX: ffffffffffffffda RBX: 00007f517d95af80 RCX: 00007f517d83bae9
[ 1137.386922][T27915] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000075848400
[ 1137.394729][T27915] RBP: 00007f517c5be120 R08: 0000000000000000 R09: 0000000000000000
[ 1137.402541][T27915] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001
[ 1137.410349][T27915] R13: 000000000000000b R14: 00007f517d95af80 R15: 00007ffebf1f37c8
[ 1137.418165][T27915]  </TASK>
[ 1137.423755][T27924] CPU: 0 PID: 27924 Comm: syz-executor.2 Tainted: G        W         5.15.132-syzkaller-01173-g754f8cc9b7de #0
[ 1137.435295][T27924] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023
[ 1137.445190][T27924] Call Trace:
[ 1137.448314][T27924]  <TASK>
[ 1137.451091][T27924]  dump_stack_lvl+0x151/0x1b7
[ 1137.455606][T27924]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 1137.461076][T27924]  dump_stack+0x15/0x17
[ 1137.465066][T27924]  should_fail+0x3c6/0x510
[ 1137.469319][T27924]  __should_failslab+0xa4/0xe0
[ 1137.473921][T27924]  ? anon_vma_fork+0xf7/0x4e0
[ 1137.478436][T27924]  should_failslab+0x9/0x20
[ 1137.482771][T27924]  slab_pre_alloc_hook+0x37/0xd0
[ 1137.487544][T27924]  ? anon_vma_fork+0xf7/0x4e0
[ 1137.492058][T27924]  kmem_cache_alloc+0x44/0x200
[ 1137.496656][T27924]  anon_vma_fork+0xf7/0x4e0
[ 1137.500997][T27924]  ? anon_vma_name+0x4c/0x70
[ 1137.505421][T27924]  ? vm_area_dup+0x17a/0x230
[ 1137.509847][T27924]  copy_mm+0xa3a/0x13e0
[ 1137.513847][T27924]  ? copy_signal+0x610/0x610
[ 1137.518268][T27924]  ? __init_rwsem+0xd6/0x1c0
[ 1137.522697][T27924]  ? copy_signal+0x4e3/0x610
[ 1137.527133][T27924]  copy_process+0x12bc/0x3260
[ 1137.531636][T27924]  ? proc_fail_nth_write+0x20b/0x290
[ 1137.536756][T27924]  ? fsnotify_perm+0x6a/0x5d0
[ 1137.541271][T27924]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1137.546234][T27924]  ? vfs_write+0x9ec/0x1110
[ 1137.550559][T27924]  kernel_clone+0x21e/0x9e0
[ 1137.554895][T27924]  ? file_end_write+0x1c0/0x1c0
[ 1137.559582][T27924]  ? create_io_thread+0x1e0/0x1e0
[ 1137.564441][T27924]  ? mutex_unlock+0xb2/0x260
[ 1137.568871][T27924]  ? __mutex_lock_slowpath+0x10/0x10
[ 1137.573985][T27924]  __x64_sys_clone+0x23f/0x290
[ 1137.578589][T27924]  ? __do_sys_vfork+0x130/0x130
[ 1137.583278][T27924]  ? ksys_write+0x260/0x2c0
[ 1137.587616][T27924]  ? debug_smp_processor_id+0x17/0x20
[ 1137.592818][T27924]  ? fpregs_assert_state_consistent+0xb6/0xe0
[ 1137.598725][T27924]  ? exit_to_user_mode_prepare+0x39/0xa0
[ 1137.604193][T27924]  do_syscall_64+0x3d/0xb0
[ 1137.608444][T27924]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1137.614170][T27924] RIP: 0033:0x7f7962f04ae9
[ 1137.618424][T27924] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 1137.637863][T27924] RSP: 002b:00007f7961c87078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
01:16:12 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
openat$cgroup_ro(r2, 0x0, 0x0, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa}, 0x8}, 0x90)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0)
socketpair(0x0, 0x0, 0x0, 0x0)
r5 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r5)

[ 1137.646104][T27924] RAX: ffffffffffffffda RBX: 00007f7963023f80 RCX: 00007f7962f04ae9
[ 1137.653916][T27924] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000075848400
[ 1137.661731][T27924] RBP: 00007f7961c87120 R08: 0000000000000000 R09: 0000000000000000
[ 1137.669537][T27924] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1137.677348][T27924] R13: 000000000000000b R14: 00007f7963023f80 R15: 00007ffde0e39ef8
[ 1137.685168][T27924]  </TASK>
01:16:12 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
openat$cgroup_ro(r2, 0x0, 0x0, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa}, 0x8}, 0x90)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0)
socketpair(0x0, 0x0, 0x0, 0x0)
r5 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r5)

[ 1137.886758][T27915] Mem-Info:
[ 1137.892786][T27915] active_anon:15494 inactive_anon:137854 isolated_anon:0
[ 1137.892786][T27915]  active_file:4773 inactive_file:39695 isolated_file:0
[ 1137.892786][T27915]  unevictable:0 dirty:23988 writeback:1007
[ 1137.892786][T27915]  slab_reclaimable:16728 slab_unreclaimable:93066
[ 1137.892786][T27915]  mapped:57053 shmem:15548 pagetables:1107 bounce:0
[ 1137.892786][T27915]  kernel_misc_reclaimable:0
[ 1137.892786][T27915]  free:1344534 free_pcp:7452 free_cma:0
[ 1137.955011][T27915] Node 0 active_anon:61976kB inactive_anon:551416kB active_file:19092kB inactive_file:163680kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:228812kB dirty:97152kB writeback:8028kB shmem:62192kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 2048kB writeback_tmp:0kB kernel_stack:7960kB pagetables:4428kB all_unreclaimable? no
[ 1138.011395][T27915] DMA32 free:2976724kB min:62592kB low:78240kB high:93888kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:2981496kB mlocked:0kB bounce:0kB free_pcp:4772kB local_pcp:56kB free_cma:0kB
[ 1138.046446][T27915] lowmem_reserve[]: 0 3941 3941
[ 1138.051156][T27915] Normal free:2397128kB min:84860kB low:106072kB high:127284kB reserved_highatomic:0KB active_anon:61976kB inactive_anon:551316kB active_file:19092kB inactive_file:168780kB unevictable:0kB writepending:106596kB present:5242880kB managed:4035848kB mlocked:0kB bounce:0kB free_pcp:19584kB local_pcp:14904kB free_cma:0kB
[ 1138.096456][T27915] lowmem_reserve[]: 0 0 0
[ 1138.100637][T27915] DMA32: 3*4kB (M) 1*8kB (M) 2*16kB (M) 3*32kB (M) 3*64kB (M) 3*128kB (M) 3*256kB (M) 3*512kB (M) 4*1024kB (UM) 4*2048kB (UM) 723*4096kB (M) = 2976724kB
[ 1138.127536][T27915] Normal: 855*4kB (UM) 1397*8kB (UE) 247*16kB (UE) 882*32kB (UE) 665*64kB (UME) 338*128kB (UME) 223*256kB (UM) 82*512kB (UME) 26*1024kB (UME) 5*2048kB (UME) 519*4096kB (UM) = 2394356kB
[ 1138.156454][T27915] 63409 total pagecache pages
[ 1138.160957][T27915] 0 pages in swap cache
[ 1138.164950][T27915] Swap cache stats: add 0, delete 0, find 0/0
[ 1138.176525][T27915] Free swap  = 124996kB
[ 1138.180500][T27915] Total swap = 124996kB
[ 1138.196458][T27915] 2097051 pages RAM
[ 1138.200095][T27915] 0 pages HighMem/MovableOnly
[ 1138.207021][T27915] 342715 pages reserved
[ 1138.211015][T27915] 0 pages cma reserved
01:16:13 executing program 0:
syz_clone(0x75848400, 0x0, 0xf00, 0x0, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00', r0}, 0x10)

01:16:13 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
openat$cgroup_ro(r2, 0x0, 0x0, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa}, 0x8}, 0x90)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0)
socketpair(0x0, 0x0, 0x0, 0x0)
r5 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r5)

01:16:13 executing program 4:
syz_clone(0x75848400, 0x0, 0xd0dd263a550000, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

01:16:13 executing program 2:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 46)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00'}, 0x10)

01:16:13 executing program 1:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000ec0)={0x1d, 0x0, 0x0, &(0x7f0000000280)='syzkaller\x00', 0x8e07, 0x9a, &(0x7f0000000d80)=""/154, 0x41100, 0x5, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0xfffffffffffffffc, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000e80)=[{}]}, 0x90)

01:16:13 executing program 5:
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40028, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x3, &(0x7f00000007c0)=ANY=[@ANYBLOB="850000002a00000025000000000000009500000000000000afcd48d6494d614dcc6fab5335ec470db2c6161dba392176dd2963038e1d69ba7ea94c500dc4ef2fad96ed406f218af5adcf920569c00cc1199684fa7c93836d9ea2cfb0e60436e05425cc4686b066707de94a4f4d5fc79c987d669f381faca0f9d9924be41a9169bdfaf16da915b2e249ee1c6eee84309e7a23c19a39484809539fca4e0b6eab1aa7d55545a34effa077faa55c59e88254f54077f799bf168301000000bf2255d6a0244d35b213bda84cc172afd8cc2e47a7d8b85a5e3d77ac46f8803d90cba03920e231b7ae0da8616d2b7958f91f5da6c025d060ab186d94af98af1da2b5952eb15855933a212304e035f7a35dfc72c81256a55a25f8fe3b28d7e53c78fbfe5ab0255f347160ec83070000000000004015cf10453f6c0b973b81a484ebad04859d928365a7ea3fab8b4b380a00d72bc0480f949c479757306720399379d9271cf555c14d56b51c2298237bebfc08e0d5976a942b846970cfd98b9d4139f1111f2cc5e46ac1c60a9b030074bfbcd4b09012175484135f0e519f0b1e4aaa026d570ecb5e8cddbed65ff702000000a3ff4f8a4cf796b07a6ff61c5552417fd703f7f14d8b78a602ca3cdf6a662d8bc9c89c9120072a5d00dcdd8595356c9b2492aaf1264d4ef4a410c882834867bcd2b6e559d17879570c8ad943e392955f4f979ea13201bafe4f0f6ea508000000a0c548552b571bed5647223c78a996810000000571cbb17d9f37282462f0e9c147c0d497c61433c6ccc35601eef97ee611be8c97f4151ffdf6f7820549cda6cb799c6e924966a7f90bf8fd1e75ee76bd72346cfbb5567e54d3504723177d356c4604b7a492ecec37e83efceefd7ca2533659edc8be05cc85451c6a14507434eb54b6f43caea5c4bf690441974b155f5adc681a03c0bbb8358856175e2ce8b0cbbbe3c033e54ffcebde1d9d3d35a152a9ec9a7a3755e0f209150a07682c4e14e3a83558df6f3fc97f1730a136bdee07e98cb984b2e2304a1b63afefdb636e56bbaae4e62136574bc6371a0bb2be1a962aae9c1258da6ef590e1d85ea9e12b3025f43e7e08ccffc5064dea4c39cf4b98e1fc6efb5978f51e16b678eca0b658a56008948e561a9845e4ff29e2bdb1d0b923b272341c5e093fd66a294351c5356c1d06c92cf8ce3c7c56cd31121624d74517fd3666277f670e812b28e2f30d035cee5d0e77a3c72208ec651cc0ae637fa474816bc59d2e2a00092419304b338a987e9d3044d856ce24f370030be3b5f79f034b8d3ebce68663ef5af469abe75b314fae31a0445859a5ece8fb11a4ee8e46354c9c3a041a1e7b55c4e81dba1e12289ee34463aaf28345bd168b4177ce37ed85464c31679053e7f9d04bb5cb51da0b7958989fd70f241262d0af3246eb4fc4bda345360200000001fbddeacd3adaa4d2ee6fe0d072ccd44341f7fd53df58ae791ee8b489a7c9efe3625a9d971b5997485d6a063dc6f7359e2eccc2fb39d401adf59d44e58eb1c60b3475be31a9b7cf42b6402312d2725b8d9fa700a86407e79ae29d2c117ca65fc86c2dce97aa03279a66ec87122219b0f796ab92b1adecae50fdb408c8a80f7f02f750d6c977a1919f9f69a6cfefdf879d447df53f3b9b70d10355b07466d1ef0056b5af553d18a6cc50feeb7bfad9b7be3283b6450d264e7712d2f1d7004548b19162cef04d18d4f5987baab97a9bfbd8f185b5631820420bf5b6522c0e21c882c66f4f25ffb6d95e07de02205fca4f18a2eb5b63e45d5d80fe52734093ae5aa3c0b4f3f45bfff2418a18217747ae442e31560e5b741445ea2a1acee2e98c7f9f3427834ba0a765d20b30f87af976a46f9a9a1ac7dea1ea6845f9aa6623920dacc107f532348cc21164efe794874eac73381e961f3d9c8c21578fe3245097c280abe51427b9f6cd72b5da6d0252803c66730cd5eac907f09b9695906313f8873522608c6fc01e1b9e16587bb5f721303e6b89e5c54d680ac66d09af90dbf50ee69a39265964279d174b0000000000000000000000fa08ad0731c4b839688b22c4da2a6ba0623e488eabf045dff7d22ccf94ddb756034a9fe3d592d9904f300152e64976ae958bd45fcfc45e63ee41d78ef9b14051dfb9e3467f6631a50a01370fdf269402a3399d770be42170c8302d75c0ca40768c46b9bd5dca9d89214d8640b9228e1d278c838811"], &(0x7f0000000000)='GPL\x00', 0x5, 0x252, &(0x7f000000cf3d)=""/195}, 0x48)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
close(r0)

01:16:13 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
openat$cgroup_ro(r2, 0x0, 0x0, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa}, 0x8}, 0x90)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0)
socketpair(0x0, 0x0, 0x0, 0x0)
r5 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r5)

01:16:13 executing program 5:
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40028, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (async)
r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (async)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x3, &(0x7f00000007c0)=ANY=[@ANYBLOB="850000002a00000025000000000000009500000000000000afcd48d6494d614dcc6fab5335ec470db2c6161dba392176dd2963038e1d69ba7ea94c500dc4ef2fad96ed406f218af5adcf920569c00cc1199684fa7c93836d9ea2cfb0e60436e05425cc4686b066707de94a4f4d5fc79c987d669f381faca0f9d9924be41a9169bdfaf16da915b2e249ee1c6eee84309e7a23c19a39484809539fca4e0b6eab1aa7d55545a34effa077faa55c59e88254f54077f799bf168301000000bf2255d6a0244d35b213bda84cc172afd8cc2e47a7d8b85a5e3d77ac46f8803d90cba03920e231b7ae0da8616d2b7958f91f5da6c025d060ab186d94af98af1da2b5952eb15855933a212304e035f7a35dfc72c81256a55a25f8fe3b28d7e53c78fbfe5ab0255f347160ec83070000000000004015cf10453f6c0b973b81a484ebad04859d928365a7ea3fab8b4b380a00d72bc0480f949c479757306720399379d9271cf555c14d56b51c2298237bebfc08e0d5976a942b846970cfd98b9d4139f1111f2cc5e46ac1c60a9b030074bfbcd4b09012175484135f0e519f0b1e4aaa026d570ecb5e8cddbed65ff702000000a3ff4f8a4cf796b07a6ff61c5552417fd703f7f14d8b78a602ca3cdf6a662d8bc9c89c9120072a5d00dcdd8595356c9b2492aaf1264d4ef4a410c882834867bcd2b6e559d17879570c8ad943e392955f4f979ea13201bafe4f0f6ea508000000a0c548552b571bed5647223c78a996810000000571cbb17d9f37282462f0e9c147c0d497c61433c6ccc35601eef97ee611be8c97f4151ffdf6f7820549cda6cb799c6e924966a7f90bf8fd1e75ee76bd72346cfbb5567e54d3504723177d356c4604b7a492ecec37e83efceefd7ca2533659edc8be05cc85451c6a14507434eb54b6f43caea5c4bf690441974b155f5adc681a03c0bbb8358856175e2ce8b0cbbbe3c033e54ffcebde1d9d3d35a152a9ec9a7a3755e0f209150a07682c4e14e3a83558df6f3fc97f1730a136bdee07e98cb984b2e2304a1b63afefdb636e56bbaae4e62136574bc6371a0bb2be1a962aae9c1258da6ef590e1d85ea9e12b3025f43e7e08ccffc5064dea4c39cf4b98e1fc6efb5978f51e16b678eca0b658a56008948e561a9845e4ff29e2bdb1d0b923b272341c5e093fd66a294351c5356c1d06c92cf8ce3c7c56cd31121624d74517fd3666277f670e812b28e2f30d035cee5d0e77a3c72208ec651cc0ae637fa474816bc59d2e2a00092419304b338a987e9d3044d856ce24f370030be3b5f79f034b8d3ebce68663ef5af469abe75b314fae31a0445859a5ece8fb11a4ee8e46354c9c3a041a1e7b55c4e81dba1e12289ee34463aaf28345bd168b4177ce37ed85464c31679053e7f9d04bb5cb51da0b7958989fd70f241262d0af3246eb4fc4bda345360200000001fbddeacd3adaa4d2ee6fe0d072ccd44341f7fd53df58ae791ee8b489a7c9efe3625a9d971b5997485d6a063dc6f7359e2eccc2fb39d401adf59d44e58eb1c60b3475be31a9b7cf42b6402312d2725b8d9fa700a86407e79ae29d2c117ca65fc86c2dce97aa03279a66ec87122219b0f796ab92b1adecae50fdb408c8a80f7f02f750d6c977a1919f9f69a6cfefdf879d447df53f3b9b70d10355b07466d1ef0056b5af553d18a6cc50feeb7bfad9b7be3283b6450d264e7712d2f1d7004548b19162cef04d18d4f5987baab97a9bfbd8f185b5631820420bf5b6522c0e21c882c66f4f25ffb6d95e07de02205fca4f18a2eb5b63e45d5d80fe52734093ae5aa3c0b4f3f45bfff2418a18217747ae442e31560e5b741445ea2a1acee2e98c7f9f3427834ba0a765d20b30f87af976a46f9a9a1ac7dea1ea6845f9aa6623920dacc107f532348cc21164efe794874eac73381e961f3d9c8c21578fe3245097c280abe51427b9f6cd72b5da6d0252803c66730cd5eac907f09b9695906313f8873522608c6fc01e1b9e16587bb5f721303e6b89e5c54d680ac66d09af90dbf50ee69a39265964279d174b0000000000000000000000fa08ad0731c4b839688b22c4da2a6ba0623e488eabf045dff7d22ccf94ddb756034a9fe3d592d9904f300152e64976ae958bd45fcfc45e63ee41d78ef9b14051dfb9e3467f6631a50a01370fdf269402a3399d770be42170c8302d75c0ca40768c46b9bd5dca9d89214d8640b9228e1d278c838811"], &(0x7f0000000000)='GPL\x00', 0x5, 0x252, &(0x7f000000cf3d)=""/195}, 0x48)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1) (async)
close(r0)

[ 1138.332533][T27936] FAULT_INJECTION: forcing a failure.
[ 1138.332533][T27936] name failslab, interval 1, probability 0, space 0, times 0
[ 1138.376536][T27936] CPU: 1 PID: 27936 Comm: syz-executor.2 Tainted: G        W         5.15.132-syzkaller-01173-g754f8cc9b7de #0
[ 1138.388082][T27936] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023
[ 1138.397980][T27936] Call Trace:
[ 1138.401102][T27936]  <TASK>
[ 1138.403877][T27936]  dump_stack_lvl+0x151/0x1b7
[ 1138.408392][T27936]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 1138.413865][T27936]  dump_stack+0x15/0x17
[ 1138.417854][T27936]  should_fail+0x3c6/0x510
[ 1138.422107][T27936]  __should_failslab+0xa4/0xe0
[ 1138.426703][T27936]  ? vm_area_dup+0x26/0x230
[ 1138.431046][T27936]  should_failslab+0x9/0x20
[ 1138.435386][T27936]  slab_pre_alloc_hook+0x37/0xd0
[ 1138.440156][T27936]  ? vm_area_dup+0x26/0x230
[ 1138.444498][T27936]  kmem_cache_alloc+0x44/0x200
[ 1138.449096][T27936]  vm_area_dup+0x26/0x230
[ 1138.453264][T27936]  copy_mm+0x9a1/0x13e0
[ 1138.457259][T27936]  ? copy_signal+0x610/0x610
[ 1138.461679][T27936]  ? __init_rwsem+0xd6/0x1c0
[ 1138.466107][T27936]  ? copy_signal+0x4e3/0x610
[ 1138.470537][T27936]  copy_process+0x12bc/0x3260
[ 1138.475050][T27936]  ? proc_fail_nth_write+0x20b/0x290
[ 1138.480167][T27936]  ? fsnotify_perm+0x6a/0x5d0
[ 1138.484680][T27936]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1138.489630][T27936]  ? vfs_write+0x9ec/0x1110
[ 1138.493970][T27936]  kernel_clone+0x21e/0x9e0
[ 1138.498310][T27936]  ? file_end_write+0x1c0/0x1c0
[ 1138.502997][T27936]  ? create_io_thread+0x1e0/0x1e0
[ 1138.507855][T27936]  ? mutex_unlock+0xb2/0x260
[ 1138.512283][T27936]  ? __mutex_lock_slowpath+0x10/0x10
[ 1138.517402][T27936]  __x64_sys_clone+0x23f/0x290
[ 1138.522004][T27936]  ? __do_sys_vfork+0x130/0x130
[ 1138.526685][T27936]  ? ksys_write+0x260/0x2c0
[ 1138.531029][T27936]  ? debug_smp_processor_id+0x17/0x20
[ 1138.536236][T27936]  ? fpregs_assert_state_consistent+0xb6/0xe0
[ 1138.542138][T27936]  ? exit_to_user_mode_prepare+0x39/0xa0
[ 1138.547607][T27936]  do_syscall_64+0x3d/0xb0
[ 1138.551861][T27936]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1138.557587][T27936] RIP: 0033:0x7f7962f04ae9
[ 1138.561847][T27936] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 1138.581279][T27936] RSP: 002b:00007f7961c87078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1138.589520][T27936] RAX: ffffffffffffffda RBX: 00007f7963023f80 RCX: 00007f7962f04ae9
[ 1138.597332][T27936] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000075848400
[ 1138.605141][T27936] RBP: 00007f7961c87120 R08: 0000000000000000 R09: 0000000000000000
[ 1138.612954][T27936] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
01:16:13 executing program 1:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x75848402, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000ec0)={0x1d, 0x0, 0x0, &(0x7f0000000280)='syzkaller\x00', 0x8e07, 0x9a, &(0x7f0000000d80)=""/154, 0x41100, 0x5, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0xfffffffffffffffc, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000e80)=[{}]}, 0x90)

01:16:13 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
openat$cgroup_ro(r2, 0x0, 0x0, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa}, 0x8}, 0x90)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0)
socketpair(0x0, 0x0, 0x0, 0x0)
r5 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xa)
close(r5)

[ 1138.620763][T27936] R13: 000000000000000b R14: 00007f7963023f80 R15: 00007ffde0e39ef8
[ 1138.628582][T27936]  </TASK>
01:16:13 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
openat$cgroup_ro(r2, 0x0, 0x0, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa}, 0x8}, 0x90)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0)
socketpair(0x0, 0x0, 0x0, 0x0)
r5 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
close(r5)

01:16:13 executing program 5:
r0 = perf_event_open(&(0x7f0000000180)={0x4, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xafffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='blkio.bfq.io_service_time\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x5452, &(0x7f00000004c0)='\x02;\xe5\b\x00\x00\x9c\x00\x00\x00\x00\x00\x00')
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x6, &(0x7f0000000ec0)=@framed={{}, [@alu={0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe7000000}, @map_idx_val={0x18, 0x7, 0x6, 0x0, 0xf, 0x0, 0x0, 0x0, 0x9}]}, &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x19fc29, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x67000000}, 0x90)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000240)={{r1, <r3=>0xffffffffffffffff}, &(0x7f0000000080), &(0x7f0000000200)='%p     \x00'}, 0x20)
r4 = bpf$ITER_CREATE(0x21, &(0x7f0000000400)={r1}, 0x8)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000440)={0x2, 0x4, 0x8, 0x1, 0x80, r1, 0x7, '\x00', 0x0, r1, 0x4, 0x0, 0x4}, 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000540)={r1, <r6=>0xffffffffffffffff}, 0x4)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a00)={0x6, 0x1d, &(0x7f0000000b00)=ANY=[@ANYBLOB="1800000003000000000000004080000018670000090000000000000000000000851000000000000005320000f0ffffff85100000fcffffff180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000040000008500000006000000b7080000000000007b8af8ff00000000b7080000e85c00007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb7020000080000001823000023eca16c14d5cd68c5fc0f34fffb46696afd8b9f1e3789746fab8ac2deef355a921893f209dbe4264ba617978b8284c3b09bdad1f695e0a541d613eca985274f2abf5dbf223e3e067744a4557deca069261dc43b9d3cf8e0a8119e8dd5ee77f96c2039c93f3db391699528225a6cef6cc2b2b8cc4ae334516b580fa472c9c6b041655616e934194a2fa7708ef528c9f390a661d433a0504becba67a68c2b5fd506a9cc6d04cb0e4511e0cfb7eb09c1385f432a2237ae7dfb94dd0ecc39a94b7d501cd26ff3fb9336643a46e748044b7b5e3cf45e350abbf865e9605264910761a74a821ddd100aa36e2d2c", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500000800000085000000a50000008520000003000000"], &(0x7f0000000900)='GPL\x00', 0x5, 0x28, &(0x7f0000000940)=""/40, 0x41100, 0x14, '\x00', 0x0, 0x25, r2, 0x8, &(0x7f0000000980)={0x5, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000009c0)=[r6, r1], 0x0, 0x10, 0x1}, 0x90)
r7 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000880)={0x2, 0x4, 0x8, 0x1, 0x80, r3, 0x512, '\x00', 0x0, r1, 0x5, 0x2, 0x3}, 0x48)
r8 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000d40)={r8, 0xe0, &(0x7f0000000c40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r9=>0x0, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f0000000ac0), &(0x7f0000000600)=[0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000b40)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f0000000180), 0x0, 0x0, 0x10, 0x8, 0x8, &(0x7f0000000c00)}}, 0x10)
r10 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000009c0)='memory.stat\x00', 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1e9327171b1bc20e, 0x46, '\x00', r9, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000980)={0x5, 0xd, 0x0, 0x3}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000f80)=[0xffffffffffffffff, r10], 0x0, 0x10, 0x7}, 0x90)
r11 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r12 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r12)
r13 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r13)
r14 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r14)
r15 = openat$cgroup_ro(r12, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0)
r16 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18c25fd1f45e9059827d3f7423e3b5d69cce000000000000000000"], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r11, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r12, r13, r14, 0xffffffffffffffff, r15, r16]}, 0x80)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000e00)=@bpf_tracing={0x1a, 0x9, &(0x7f0000000d00)=@raw=[@map_idx={0x18, 0x5, 0x5, 0x0, 0xb}, @cb_func={0x18, 0x3, 0x4, 0x0, 0x8}, @jmp={0x5, 0x1, 0xb, 0x7, 0x8, 0xc, 0x4}, @map_fd={0x18, 0x7, 0x1, 0x0, r7}, @map_idx={0x18, 0x5, 0x5, 0x0, 0x3}], &(0x7f00000005c0)='syzkaller\x00', 0x4, 0x20, &(0x7f0000000ac0)=""/32, 0x41000, 0x42, '\x00', r9, 0x17, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000d80)={0x5, 0x2, 0x10, 0x7}, 0x10, 0x2a948, r12, 0x1, 0x0, &(0x7f0000000dc0)=[{0x3, 0x2, 0xd, 0x9}]}, 0x90)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000980)={@ifindex, 0x1d, 0x0, 0x6, 0x0, 0x0, 0x0, &(0x7f0000002040)=[0x0], &(0x7f0000000900)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000940)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], <r17=>0x0}, 0x40)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000800)={@ifindex, 0xffffffffffffffff, 0x2, 0x2e, 0x0, @prog_id, r17}, 0x20)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000840)={{r1, <r18=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f0000000600)='%p     \x00'}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x11, 0x8, &(0x7f0000000280)=@framed={{0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x1}, [@map_val={0x18, 0x4, 0x2, 0x0, r3, 0x0, 0x0, 0x0, 0x3ff}, @func={0x85, 0x0, 0x1, 0x0, 0x5}, @initr0={0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x9}]}, &(0x7f00000002c0)='GPL\x00', 0x5, 0x52, &(0x7f0000000300)=""/82, 0x41000, 0x20, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000380)={0x2, 0x2}, 0x8, 0x10, &(0x7f00000003c0)={0x3, 0x10, 0x1000, 0x3}, 0x10, 0x0, 0x0, 0xa, &(0x7f0000000640)=[r1, r4, r1, r5, r6, r18, r1], &(0x7f0000000680)=[{0x2, 0x1, 0x6, 0x6}, {0x0, 0x1, 0xe, 0x4}, {0x1, 0x3, 0xc, 0x2}, {0x0, 0x1, 0x3, 0x5}, {0x5, 0x3, 0xb, 0xa}, {0x5, 0x3, 0x1, 0x4}, {0x3, 0x4, 0xd, 0x1}, {0x2, 0x4, 0x10, 0x8}, {0x1, 0x2, 0x7, 0xb}, {0x4, 0x5, 0x6, 0x2}], 0x10, 0x800}, 0x90)

01:16:14 executing program 0:
syz_clone(0x75848400, 0x0, 0x1f00, 0x0, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00', r0}, 0x10)

01:16:14 executing program 5:
r0 = perf_event_open(&(0x7f0000000180)={0x4, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xafffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='blkio.bfq.io_service_time\x00', 0x0, 0x0) (async)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='blkio.bfq.io_service_time\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x5452, &(0x7f00000004c0)='\x02;\xe5\b\x00\x00\x9c\x00\x00\x00\x00\x00\x00')
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x6, &(0x7f0000000ec0)=@framed={{}, [@alu={0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe7000000}, @map_idx_val={0x18, 0x7, 0x6, 0x0, 0xf, 0x0, 0x0, 0x0, 0x9}]}, &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x19fc29, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x67000000}, 0x90) (async)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x6, &(0x7f0000000ec0)=@framed={{}, [@alu={0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe7000000}, @map_idx_val={0x18, 0x7, 0x6, 0x0, 0xf, 0x0, 0x0, 0x0, 0x9}]}, &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x19fc29, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x67000000}, 0x90)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000240)={{r1, <r3=>0xffffffffffffffff}, &(0x7f0000000080), &(0x7f0000000200)='%p     \x00'}, 0x20)
bpf$ITER_CREATE(0x21, &(0x7f0000000400)={r1}, 0x8) (async)
r4 = bpf$ITER_CREATE(0x21, &(0x7f0000000400)={r1}, 0x8)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000440)={0x2, 0x4, 0x8, 0x1, 0x80, r1, 0x7, '\x00', 0x0, r1, 0x4, 0x0, 0x4}, 0x48) (async)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000440)={0x2, 0x4, 0x8, 0x1, 0x80, r1, 0x7, '\x00', 0x0, r1, 0x4, 0x0, 0x4}, 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000540)={r1, <r6=>0xffffffffffffffff}, 0x4)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a00)={0x6, 0x1d, &(0x7f0000000b00)=ANY=[@ANYBLOB="1800000003000000000000004080000018670000090000000000000000000000851000000000000005320000f0ffffff85100000fcffffff180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000040000008500000006000000b7080000000000007b8af8ff00000000b7080000e85c00007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb7020000080000001823000023eca16c14d5cd68c5fc0f34fffb46696afd8b9f1e3789746fab8ac2deef355a921893f209dbe4264ba617978b8284c3b09bdad1f695e0a541d613eca985274f2abf5dbf223e3e067744a4557deca069261dc43b9d3cf8e0a8119e8dd5ee77f96c2039c93f3db391699528225a6cef6cc2b2b8cc4ae334516b580fa472c9c6b041655616e934194a2fa7708ef528c9f390a661d433a0504becba67a68c2b5fd506a9cc6d04cb0e4511e0cfb7eb09c1385f432a2237ae7dfb94dd0ecc39a94b7d501cd26ff3fb9336643a46e748044b7b5e3cf45e350abbf865e9605264910761a74a821ddd100aa36e2d2c", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500000800000085000000a50000008520000003000000"], &(0x7f0000000900)='GPL\x00', 0x5, 0x28, &(0x7f0000000940)=""/40, 0x41100, 0x14, '\x00', 0x0, 0x25, r2, 0x8, &(0x7f0000000980)={0x5, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000009c0)=[r6, r1], 0x0, 0x10, 0x1}, 0x90) (async)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a00)={0x6, 0x1d, &(0x7f0000000b00)=ANY=[@ANYBLOB="1800000003000000000000004080000018670000090000000000000000000000851000000000000005320000f0ffffff85100000fcffffff180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000040000008500000006000000b7080000000000007b8af8ff00000000b7080000e85c00007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb7020000080000001823000023eca16c14d5cd68c5fc0f34fffb46696afd8b9f1e3789746fab8ac2deef355a921893f209dbe4264ba617978b8284c3b09bdad1f695e0a541d613eca985274f2abf5dbf223e3e067744a4557deca069261dc43b9d3cf8e0a8119e8dd5ee77f96c2039c93f3db391699528225a6cef6cc2b2b8cc4ae334516b580fa472c9c6b041655616e934194a2fa7708ef528c9f390a661d433a0504becba67a68c2b5fd506a9cc6d04cb0e4511e0cfb7eb09c1385f432a2237ae7dfb94dd0ecc39a94b7d501cd26ff3fb9336643a46e748044b7b5e3cf45e350abbf865e9605264910761a74a821ddd100aa36e2d2c", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500000800000085000000a50000008520000003000000"], &(0x7f0000000900)='GPL\x00', 0x5, 0x28, &(0x7f0000000940)=""/40, 0x41100, 0x14, '\x00', 0x0, 0x25, r2, 0x8, &(0x7f0000000980)={0x5, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000009c0)=[r6, r1], 0x0, 0x10, 0x1}, 0x90)
r7 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000880)={0x2, 0x4, 0x8, 0x1, 0x80, r3, 0x512, '\x00', 0x0, r1, 0x5, 0x2, 0x3}, 0x48)
r8 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000d40)={r8, 0xe0, &(0x7f0000000c40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r9=>0x0, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f0000000ac0), &(0x7f0000000600)=[0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000b40)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f0000000180), 0x0, 0x0, 0x10, 0x8, 0x8, &(0x7f0000000c00)}}, 0x10)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000009c0)='memory.stat\x00', 0x0, 0x0) (async)
r10 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000009c0)='memory.stat\x00', 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1e9327171b1bc20e, 0x46, '\x00', r9, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000980)={0x5, 0xd, 0x0, 0x3}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000f80)=[0xffffffffffffffff, r10], 0x0, 0x10, 0x7}, 0x90)
r11 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r12 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r12)
r13 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r13)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0) (async)
r14 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r14)
r15 = openat$cgroup_ro(r12, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc) (async)
r16 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18c25fd1f45e9059827d3f7423e3b5d69cce000000000000000000"], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r11, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r12, r13, r14, 0xffffffffffffffff, r15, r16]}, 0x80) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18c25fd1f45e9059827d3f7423e3b5d69cce000000000000000000"], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r11, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r12, r13, r14, 0xffffffffffffffff, r15, r16]}, 0x80)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000e00)=@bpf_tracing={0x1a, 0x9, &(0x7f0000000d00)=@raw=[@map_idx={0x18, 0x5, 0x5, 0x0, 0xb}, @cb_func={0x18, 0x3, 0x4, 0x0, 0x8}, @jmp={0x5, 0x1, 0xb, 0x7, 0x8, 0xc, 0x4}, @map_fd={0x18, 0x7, 0x1, 0x0, r7}, @map_idx={0x18, 0x5, 0x5, 0x0, 0x3}], &(0x7f00000005c0)='syzkaller\x00', 0x4, 0x20, &(0x7f0000000ac0)=""/32, 0x41000, 0x42, '\x00', r9, 0x17, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000d80)={0x5, 0x2, 0x10, 0x7}, 0x10, 0x2a948, r12, 0x1, 0x0, &(0x7f0000000dc0)=[{0x3, 0x2, 0xd, 0x9}]}, 0x90)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000980)={@ifindex, 0x1d, 0x0, 0x6, 0x0, 0x0, 0x0, &(0x7f0000002040)=[0x0], &(0x7f0000000900)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000940)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], <r17=>0x0}, 0x40)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000800)={@ifindex, 0xffffffffffffffff, 0x2, 0x2e, 0x0, @prog_id, r17}, 0x20)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000840)={{r1, <r18=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f0000000600)='%p     \x00'}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x11, 0x8, &(0x7f0000000280)=@framed={{0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x1}, [@map_val={0x18, 0x4, 0x2, 0x0, r3, 0x0, 0x0, 0x0, 0x3ff}, @func={0x85, 0x0, 0x1, 0x0, 0x5}, @initr0={0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x9}]}, &(0x7f00000002c0)='GPL\x00', 0x5, 0x52, &(0x7f0000000300)=""/82, 0x41000, 0x20, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000380)={0x2, 0x2}, 0x8, 0x10, &(0x7f00000003c0)={0x3, 0x10, 0x1000, 0x3}, 0x10, 0x0, 0x0, 0xa, &(0x7f0000000640)=[r1, r4, r1, r5, r6, r18, r1], &(0x7f0000000680)=[{0x2, 0x1, 0x6, 0x6}, {0x0, 0x1, 0xe, 0x4}, {0x1, 0x3, 0xc, 0x2}, {0x0, 0x1, 0x3, 0x5}, {0x5, 0x3, 0xb, 0xa}, {0x5, 0x3, 0x1, 0x4}, {0x3, 0x4, 0xd, 0x1}, {0x2, 0x4, 0x10, 0x8}, {0x1, 0x2, 0x7, 0xb}, {0x4, 0x5, 0x6, 0x2}], 0x10, 0x800}, 0x90)

01:16:14 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
openat$cgroup_ro(r2, 0x0, 0x0, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa}, 0x8}, 0x90)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0)
socketpair(0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
close(0xffffffffffffffff)

01:16:14 executing program 1:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x75848404, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000ec0)={0x1d, 0x0, 0x0, &(0x7f0000000280)='syzkaller\x00', 0x8e07, 0x9a, &(0x7f0000000d80)=""/154, 0x41100, 0x5, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0xfffffffffffffffc, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000e80)=[{}]}, 0x90)

01:16:14 executing program 4:
syz_clone(0x75848400, 0x0, 0xf0210d1b000000, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

01:16:14 executing program 2:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 47)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00'}, 0x10)

01:16:14 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
openat$cgroup_ro(r2, 0x0, 0x0, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa}, 0x8}, 0x90)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0)
socketpair(0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
close(0xffffffffffffffff)

01:16:14 executing program 5:
perf_event_open(&(0x7f0000000180)={0x4, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xafffffffffffffff, 0xffffffffffffffff, 0x0) (async)
r0 = perf_event_open(&(0x7f0000000180)={0x4, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xafffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='blkio.bfq.io_service_time\x00', 0x0, 0x0) (async)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='blkio.bfq.io_service_time\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x5452, &(0x7f00000004c0)='\x02;\xe5\b\x00\x00\x9c\x00\x00\x00\x00\x00\x00')
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x6, &(0x7f0000000ec0)=@framed={{}, [@alu={0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe7000000}, @map_idx_val={0x18, 0x7, 0x6, 0x0, 0xf, 0x0, 0x0, 0x0, 0x9}]}, &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x19fc29, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x67000000}, 0x90) (async)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x6, &(0x7f0000000ec0)=@framed={{}, [@alu={0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe7000000}, @map_idx_val={0x18, 0x7, 0x6, 0x0, 0xf, 0x0, 0x0, 0x0, 0x9}]}, &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x19fc29, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x67000000}, 0x90)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000240)={{r1, <r3=>0xffffffffffffffff}, &(0x7f0000000080), &(0x7f0000000200)='%p     \x00'}, 0x20)
r4 = bpf$ITER_CREATE(0x21, &(0x7f0000000400)={r1}, 0x8)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000440)={0x2, 0x4, 0x8, 0x1, 0x80, r1, 0x7, '\x00', 0x0, r1, 0x4, 0x0, 0x4}, 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000540)={r1}, 0x4) (async)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000540)={r1, <r6=>0xffffffffffffffff}, 0x4)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a00)={0x6, 0x1d, &(0x7f0000000b00)=ANY=[@ANYBLOB="1800000003000000000000004080000018670000090000000000000000000000851000000000000005320000f0ffffff85100000fcffffff180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000040000008500000006000000b7080000000000007b8af8ff00000000b7080000e85c00007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb7020000080000001823000023eca16c14d5cd68c5fc0f34fffb46696afd8b9f1e3789746fab8ac2deef355a921893f209dbe4264ba617978b8284c3b09bdad1f695e0a541d613eca985274f2abf5dbf223e3e067744a4557deca069261dc43b9d3cf8e0a8119e8dd5ee77f96c2039c93f3db391699528225a6cef6cc2b2b8cc4ae334516b580fa472c9c6b041655616e934194a2fa7708ef528c9f390a661d433a0504becba67a68c2b5fd506a9cc6d04cb0e4511e0cfb7eb09c1385f432a2237ae7dfb94dd0ecc39a94b7d501cd26ff3fb9336643a46e748044b7b5e3cf45e350abbf865e9605264910761a74a821ddd100aa36e2d2c", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500000800000085000000a50000008520000003000000"], &(0x7f0000000900)='GPL\x00', 0x5, 0x28, &(0x7f0000000940)=""/40, 0x41100, 0x14, '\x00', 0x0, 0x25, r2, 0x8, &(0x7f0000000980)={0x5, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000009c0)=[r6, r1], 0x0, 0x10, 0x1}, 0x90)
r7 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000880)={0x2, 0x4, 0x8, 0x1, 0x80, r3, 0x512, '\x00', 0x0, r1, 0x5, 0x2, 0x3}, 0x48)
r8 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000d40)={r8, 0xe0, &(0x7f0000000c40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r9=>0x0, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f0000000ac0), &(0x7f0000000600)=[0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000b40)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f0000000180), 0x0, 0x0, 0x10, 0x8, 0x8, &(0x7f0000000c00)}}, 0x10)
r10 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000009c0)='memory.stat\x00', 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1e9327171b1bc20e, 0x46, '\x00', r9, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000980)={0x5, 0xd, 0x0, 0x3}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000f80)=[0xffffffffffffffff, r10], 0x0, 0x10, 0x7}, 0x90)
r11 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r12 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r12)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0) (async)
r13 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r13) (async)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r13)
r14 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r14) (async)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r14)
r15 = openat$cgroup_ro(r12, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc) (async)
r16 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18c25fd1f45e9059827d3f7423e3b5d69cce000000000000000000"], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r11, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r12, r13, r14, 0xffffffffffffffff, r15, r16]}, 0x80)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000e00)=@bpf_tracing={0x1a, 0x9, &(0x7f0000000d00)=@raw=[@map_idx={0x18, 0x5, 0x5, 0x0, 0xb}, @cb_func={0x18, 0x3, 0x4, 0x0, 0x8}, @jmp={0x5, 0x1, 0xb, 0x7, 0x8, 0xc, 0x4}, @map_fd={0x18, 0x7, 0x1, 0x0, r7}, @map_idx={0x18, 0x5, 0x5, 0x0, 0x3}], &(0x7f00000005c0)='syzkaller\x00', 0x4, 0x20, &(0x7f0000000ac0)=""/32, 0x41000, 0x42, '\x00', r9, 0x17, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000d80)={0x5, 0x2, 0x10, 0x7}, 0x10, 0x2a948, r12, 0x1, 0x0, &(0x7f0000000dc0)=[{0x3, 0x2, 0xd, 0x9}]}, 0x90)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000980)={@ifindex, 0x1d, 0x0, 0x6, 0x0, 0x0, 0x0, &(0x7f0000002040)=[0x0], &(0x7f0000000900)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000940)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], <r17=>0x0}, 0x40)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000800)={@ifindex, 0xffffffffffffffff, 0x2, 0x2e, 0x0, @prog_id, r17}, 0x20)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000840)={{r1}, &(0x7f0000000580), &(0x7f0000000600)='%p     \x00'}, 0x20) (async)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000840)={{r1, <r18=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f0000000600)='%p     \x00'}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x11, 0x8, &(0x7f0000000280)=@framed={{0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x1}, [@map_val={0x18, 0x4, 0x2, 0x0, r3, 0x0, 0x0, 0x0, 0x3ff}, @func={0x85, 0x0, 0x1, 0x0, 0x5}, @initr0={0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x9}]}, &(0x7f00000002c0)='GPL\x00', 0x5, 0x52, &(0x7f0000000300)=""/82, 0x41000, 0x20, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000380)={0x2, 0x2}, 0x8, 0x10, &(0x7f00000003c0)={0x3, 0x10, 0x1000, 0x3}, 0x10, 0x0, 0x0, 0xa, &(0x7f0000000640)=[r1, r4, r1, r5, r6, r18, r1], &(0x7f0000000680)=[{0x2, 0x1, 0x6, 0x6}, {0x0, 0x1, 0xe, 0x4}, {0x1, 0x3, 0xc, 0x2}, {0x0, 0x1, 0x3, 0x5}, {0x5, 0x3, 0xb, 0xa}, {0x5, 0x3, 0x1, 0x4}, {0x3, 0x4, 0xd, 0x1}, {0x2, 0x4, 0x10, 0x8}, {0x1, 0x2, 0x7, 0xb}, {0x4, 0x5, 0x6, 0x2}], 0x10, 0x800}, 0x90)

[ 1139.188577][T27977] FAULT_INJECTION: forcing a failure.
[ 1139.188577][T27977] name fail_page_alloc, interval 1, probability 0, space 0, times 0
01:16:14 executing program 5:
perf_event_open(&(0x7f0000000800)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
write$cgroup_int(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040))
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00)
openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000140)='cgroup.threads\x00', 0x2, 0x0)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='blkio.bfq.io_service_bytes\x00', 0x0, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r5)
r6 = openat$cgroup_ro(r3, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0)
r7 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18c25fd1f45e905982dcd41ba7634a1a0413e6657d3f7423e3b5d6"], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r3, r4, r5, 0xffffffffffffffff, r6, r7]}, 0x80)
ioctl$PERF_EVENT_IOC_PERIOD(r6, 0x40082404, &(0x7f0000000000)=0x1)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000b80), 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000bc0)=@bloom_filter={0x1e, 0x8, 0x8, 0x4, 0x400, 0xffffffffffffffff, 0x1f, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x2, 0x0, 0x7}, 0x48)
write$cgroup_int(r2, &(0x7f0000000200), 0x43405)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000240)='cpuacct.usage_all\x00', 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000003c0)={0x0, &(0x7f0000000500)=""/260, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x127}, 0x38)

[ 1139.272329][T27977] CPU: 1 PID: 27977 Comm: syz-executor.2 Tainted: G        W         5.15.132-syzkaller-01173-g754f8cc9b7de #0
[ 1139.283886][T27977] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023
[ 1139.293779][T27977] Call Trace:
[ 1139.296900][T27977]  <TASK>
[ 1139.299678][T27977]  dump_stack_lvl+0x151/0x1b7
[ 1139.304193][T27977]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 1139.309660][T27977]  dump_stack+0x15/0x17
[ 1139.313651][T27977]  should_fail+0x3c6/0x510
[ 1139.317907][T27977]  should_fail_alloc_page+0x5a/0x80
[ 1139.322942][T27977]  prepare_alloc_pages+0x15c/0x700
[ 1139.327888][T27977]  ? __alloc_pages_bulk+0xe60/0xe60
[ 1139.332920][T27977]  __alloc_pages+0x138/0x5e0
[ 1139.337347][T27977]  ? prep_new_page+0x110/0x110
[ 1139.341943][T27977]  ? __alloc_pages+0x206/0x5e0
[ 1139.346545][T27977]  ? stack_trace_save+0x1c0/0x1c0
[ 1139.351410][T27977]  ? __kasan_check_write+0x14/0x20
[ 1139.356351][T27977]  ? _raw_spin_lock+0xa4/0x1b0
[ 1139.360955][T27977]  __pmd_alloc+0xb1/0x550
[ 1139.365119][T27977]  ? __pud_alloc+0x260/0x260
[ 1139.369545][T27977]  ? __pud_alloc+0x213/0x260
[ 1139.373974][T27977]  ? do_handle_mm_fault+0x2330/0x2330
[ 1139.379182][T27977]  ? __stack_depot_save+0x34/0x470
[ 1139.384136][T27977]  ? anon_vma_clone+0x9a/0x500
[ 1139.388727][T27977]  copy_page_range+0x2b3d/0x2f90
[ 1139.393501][T27977]  ? __kasan_slab_alloc+0xb1/0xe0
[ 1139.398359][T27977]  ? slab_post_alloc_hook+0x53/0x2c0
[ 1139.403479][T27977]  ? copy_mm+0xa3a/0x13e0
[ 1139.407646][T27977]  ? copy_process+0x12bc/0x3260
[ 1139.412335][T27977]  ? kernel_clone+0x21e/0x9e0
[ 1139.416849][T27977]  ? do_syscall_64+0x3d/0xb0
[ 1139.421273][T27977]  ? entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1139.427180][T27977]  ? pfn_valid+0x1e0/0x1e0
[ 1139.431429][T27977]  ? rwsem_write_trylock+0x15b/0x290
[ 1139.436550][T27977]  ? vma_interval_tree_augment_rotate+0x1d0/0x1d0
[ 1139.442801][T27977]  ? vma_gap_callbacks_rotate+0x1e2/0x210
[ 1139.448351][T27977]  ? __rb_insert_augmented+0x5de/0x610
[ 1139.453649][T27977]  copy_mm+0xc7e/0x13e0
[ 1139.457642][T27977]  ? copy_signal+0x610/0x610
[ 1139.462064][T27977]  ? __init_rwsem+0xd6/0x1c0
[ 1139.466492][T27977]  ? copy_signal+0x4e3/0x610
[ 1139.470918][T27977]  copy_process+0x12bc/0x3260
[ 1139.475431][T27977]  ? proc_fail_nth_write+0x20b/0x290
[ 1139.480554][T27977]  ? fsnotify_perm+0x6a/0x5d0
[ 1139.485065][T27977]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1139.490014][T27977]  ? vfs_write+0x9ec/0x1110
[ 1139.494352][T27977]  kernel_clone+0x21e/0x9e0
[ 1139.498696][T27977]  ? file_end_write+0x1c0/0x1c0
[ 1139.503377][T27977]  ? create_io_thread+0x1e0/0x1e0
[ 1139.508239][T27977]  ? mutex_unlock+0xb2/0x260
[ 1139.512664][T27977]  ? __mutex_lock_slowpath+0x10/0x10
[ 1139.517791][T27977]  __x64_sys_clone+0x23f/0x290
[ 1139.522385][T27977]  ? __do_sys_vfork+0x130/0x130
[ 1139.527069][T27977]  ? ksys_write+0x260/0x2c0
[ 1139.531411][T27977]  ? debug_smp_processor_id+0x17/0x20
[ 1139.536617][T27977]  ? fpregs_assert_state_consistent+0xb6/0xe0
[ 1139.542524][T27977]  ? exit_to_user_mode_prepare+0x39/0xa0
[ 1139.547994][T27977]  do_syscall_64+0x3d/0xb0
[ 1139.552246][T27977]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1139.557970][T27977] RIP: 0033:0x7f7962f04ae9
[ 1139.562223][T27977] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 1139.581663][T27977] RSP: 002b:00007f7961c87078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1139.589910][T27977] RAX: ffffffffffffffda RBX: 00007f7963023f80 RCX: 00007f7962f04ae9
[ 1139.597721][T27977] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000075848400
[ 1139.605530][T27977] RBP: 00007f7961c87120 R08: 0000000000000000 R09: 0000000000000000
[ 1139.613342][T27977] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
01:16:14 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
openat$cgroup_ro(r2, 0x0, 0x0, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa}, 0x8}, 0x90)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0)
socketpair(0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
close(0xffffffffffffffff)

[ 1139.621151][T27977] R13: 000000000000000b R14: 00007f7963023f80 R15: 00007ffde0e39ef8
[ 1139.628968][T27977]  </TASK>
01:16:14 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
openat$cgroup_ro(r2, 0x0, 0x0, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa}, 0x8}, 0x90)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0)
socketpair(0x0, 0x0, 0x0, 0x0)
r5 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
close(r5) (fail_nth: 1)

01:16:14 executing program 4:
syz_clone(0x75848400, 0x0, 0xf0ff1f00000000, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

[ 1139.756787][T27997] FAULT_INJECTION: forcing a failure.
[ 1139.756787][T27997] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1139.789647][T27997] CPU: 0 PID: 27997 Comm: syz-executor.3 Tainted: G        W         5.15.132-syzkaller-01173-g754f8cc9b7de #0
[ 1139.801199][T27997] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023
[ 1139.811094][T27997] Call Trace:
[ 1139.814213][T27997]  <TASK>
[ 1139.816990][T27997]  dump_stack_lvl+0x151/0x1b7
[ 1139.821499][T27997]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 1139.826974][T27997]  dump_stack+0x15/0x17
[ 1139.830958][T27997]  should_fail+0x3c6/0x510
[ 1139.835213][T27997]  should_fail_usercopy+0x1a/0x20
[ 1139.840072][T27997]  _copy_to_user+0x20/0x90
[ 1139.844326][T27997]  simple_read_from_buffer+0xc7/0x150
[ 1139.849536][T27997]  proc_fail_nth_read+0x1a3/0x210
[ 1139.854394][T27997]  ? proc_fault_inject_write+0x390/0x390
[ 1139.859866][T27997]  ? fsnotify_perm+0x470/0x5d0
[ 1139.864474][T27997]  ? security_file_permission+0x86/0xb0
[ 1139.869842][T27997]  ? proc_fault_inject_write+0x390/0x390
[ 1139.875313][T27997]  vfs_read+0x27d/0xd40
[ 1139.879316][T27997]  ? kernel_read+0x1f0/0x1f0
[ 1139.883731][T27997]  ? __kasan_check_write+0x14/0x20
[ 1139.888686][T27997]  ? mutex_lock+0xb6/0x1e0
[ 1139.892931][T27997]  ? wait_for_completion_killable_timeout+0x10/0x10
[ 1139.899353][T27997]  ? __fdget_pos+0x2e7/0x3a0
[ 1139.903778][T27997]  ? ksys_read+0x77/0x2c0
[ 1139.907945][T27997]  ksys_read+0x199/0x2c0
[ 1139.912026][T27997]  ? vfs_write+0x1110/0x1110
[ 1139.916450][T27997]  ? debug_smp_processor_id+0x17/0x20
[ 1139.921663][T27997]  ? fpregs_assert_state_consistent+0xb6/0xe0
[ 1139.927558][T27997]  __x64_sys_read+0x7b/0x90
[ 1139.931901][T27997]  do_syscall_64+0x3d/0xb0
[ 1139.936152][T27997]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[ 1139.941792][T27997]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1139.947518][T27997] RIP: 0033:0x7fc00589578c
[ 1139.951774][T27997] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 59 81 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 af 81 02 00 48
[ 1139.971217][T27997] RSP: 002b:00007fc0046190c0 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1139.979458][T27997] RAX: ffffffffffffffda RBX: 00007fc0059b5f80 RCX: 00007fc00589578c
[ 1139.987269][T27997] RDX: 000000000000000f RSI: 00007fc004619130 RDI: 0000000000000005
[ 1139.995082][T27997] RBP: 00007fc004619120 R08: 0000000000000000 R09: 0000000000000000
[ 1140.002891][T27997] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1140.010705][T27997] R13: 000000000000000b R14: 00007fc0059b5f80 R15: 00007ffde9231d78
[ 1140.018518][T27997]  </TASK>
01:16:15 executing program 0:
syz_clone(0x75848400, 0x0, 0x2000, 0x0, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00', r0}, 0x10)

01:16:15 executing program 2:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00'}, 0x10)

01:16:15 executing program 1:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x75848407, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000ec0)={0x1d, 0x0, 0x0, &(0x7f0000000280)='syzkaller\x00', 0x8e07, 0x9a, &(0x7f0000000d80)=""/154, 0x41100, 0x5, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0xfffffffffffffffc, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000e80)=[{}]}, 0x90)

01:16:15 executing program 5:
perf_event_open(&(0x7f0000000800)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async, rerun: 64)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0) (rerun: 64)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) (async)
write$cgroup_int(0xffffffffffffffff, 0x0, 0x0) (async, rerun: 64)
bpf$MAP_CREATE(0x0, 0x0, 0x0) (async, rerun: 64)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) (async)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040)) (async)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) (async)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700) (async, rerun: 64)
write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) (rerun: 64)
openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000140)='cgroup.threads\x00', 0x2, 0x0)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='blkio.bfq.io_service_bytes\x00', 0x0, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r5) (async)
r6 = openat$cgroup_ro(r3, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0) (async)
r7 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18c25fd1f45e905982dcd41ba7634a1a0413e6657d3f7423e3b5d6"], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r3, r4, r5, 0xffffffffffffffff, r6, r7]}, 0x80) (async, rerun: 64)
ioctl$PERF_EVENT_IOC_PERIOD(r6, 0x40082404, &(0x7f0000000000)=0x1) (async, rerun: 64)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000b80), 0x10) (async, rerun: 64)
bpf$MAP_CREATE(0x0, &(0x7f0000000bc0)=@bloom_filter={0x1e, 0x8, 0x8, 0x4, 0x400, 0xffffffffffffffff, 0x1f, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x2, 0x0, 0x7}, 0x48) (async, rerun: 64)
write$cgroup_int(r2, &(0x7f0000000200), 0x43405) (async)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000240)='cpuacct.usage_all\x00', 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) (async)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000003c0)={0x0, &(0x7f0000000500)=""/260, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x127}, 0x38)

01:16:15 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
openat$cgroup_ro(r2, 0x0, 0x0, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa}, 0x8}, 0x90)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0)
socketpair(0x0, 0x0, 0x0, 0x0)
r5 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
close(r5)

01:16:15 executing program 4:
syz_clone(0x75848400, 0x0, 0x100000000000000, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

[ 1140.289047][T28012] FAULT_INJECTION: forcing a failure.
[ 1140.289047][T28012] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1140.331941][T28012] CPU: 1 PID: 28012 Comm: syz-executor.2 Tainted: G        W         5.15.132-syzkaller-01173-g754f8cc9b7de #0
[ 1140.343504][T28012] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023
[ 1140.353399][T28012] Call Trace:
[ 1140.356518][T28012]  <TASK>
[ 1140.359305][T28012]  dump_stack_lvl+0x151/0x1b7
[ 1140.363813][T28012]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 1140.369281][T28012]  dump_stack+0x15/0x17
[ 1140.373271][T28012]  should_fail+0x3c6/0x510
[ 1140.377523][T28012]  should_fail_alloc_page+0x5a/0x80
[ 1140.382557][T28012]  prepare_alloc_pages+0x15c/0x700
[ 1140.387505][T28012]  ? __alloc_pages_bulk+0xe60/0xe60
[ 1140.392537][T28012]  __alloc_pages+0x138/0x5e0
[ 1140.396966][T28012]  ? prep_new_page+0x110/0x110
[ 1140.401564][T28012]  ? __alloc_pages+0x206/0x5e0
[ 1140.406161][T28012]  ? stack_trace_save+0x1c0/0x1c0
[ 1140.411026][T28012]  ? __kasan_check_write+0x14/0x20
[ 1140.415972][T28012]  ? _raw_spin_lock+0xa4/0x1b0
[ 1140.420575][T28012]  __pmd_alloc+0xb1/0x550
[ 1140.424737][T28012]  ? __pud_alloc+0x260/0x260
[ 1140.429164][T28012]  ? __pud_alloc+0x213/0x260
[ 1140.433589][T28012]  ? do_handle_mm_fault+0x2330/0x2330
[ 1140.438798][T28012]  ? __stack_depot_save+0x34/0x470
[ 1140.443742][T28012]  ? anon_vma_clone+0x9a/0x500
[ 1140.448346][T28012]  copy_page_range+0x2b3d/0x2f90
[ 1140.453125][T28012]  ? __kasan_slab_alloc+0xb1/0xe0
[ 1140.457980][T28012]  ? slab_post_alloc_hook+0x53/0x2c0
[ 1140.463098][T28012]  ? copy_mm+0xa3a/0x13e0
[ 1140.467265][T28012]  ? copy_process+0x12bc/0x3260
[ 1140.471949][T28012]  ? kernel_clone+0x21e/0x9e0
[ 1140.476460][T28012]  ? do_syscall_64+0x3d/0xb0
[ 1140.480886][T28012]  ? entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1140.486791][T28012]  ? pfn_valid+0x1e0/0x1e0
[ 1140.491041][T28012]  ? rwsem_write_trylock+0x15b/0x290
[ 1140.496160][T28012]  ? vma_interval_tree_augment_rotate+0x1d0/0x1d0
[ 1140.502409][T28012]  ? vma_gap_callbacks_rotate+0x1e2/0x210
[ 1140.507965][T28012]  ? __rb_insert_augmented+0x5de/0x610
[ 1140.513262][T28012]  copy_mm+0xc7e/0x13e0
[ 1140.517254][T28012]  ? copy_signal+0x610/0x610
[ 1140.521688][T28012]  ? __init_rwsem+0xd6/0x1c0
[ 1140.526103][T28012]  ? copy_signal+0x4e3/0x610
[ 1140.530533][T28012]  copy_process+0x12bc/0x3260
[ 1140.535049][T28012]  ? proc_fail_nth_write+0x20b/0x290
[ 1140.540164][T28012]  ? fsnotify_perm+0x6a/0x5d0
[ 1140.544679][T28012]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1140.554573][T28012]  ? vfs_write+0x9ec/0x1110
[ 1140.558913][T28012]  kernel_clone+0x21e/0x9e0
[ 1140.563249][T28012]  ? file_end_write+0x1c0/0x1c0
[ 1140.567954][T28012]  ? create_io_thread+0x1e0/0x1e0
[ 1140.572796][T28012]  ? mutex_unlock+0xb2/0x260
[ 1140.577225][T28012]  ? __mutex_lock_slowpath+0x10/0x10
[ 1140.582347][T28012]  __x64_sys_clone+0x23f/0x290
[ 1140.586945][T28012]  ? __do_sys_vfork+0x130/0x130
[ 1140.591635][T28012]  ? ksys_write+0x260/0x2c0
[ 1140.595970][T28012]  ? debug_smp_processor_id+0x17/0x20
[ 1140.601178][T28012]  ? fpregs_assert_state_consistent+0xb6/0xe0
[ 1140.607119][T28012]  ? exit_to_user_mode_prepare+0x39/0xa0
[ 1140.612551][T28012]  do_syscall_64+0x3d/0xb0
[ 1140.616801][T28012]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1140.622530][T28012] RIP: 0033:0x7f7962f04ae9
[ 1140.626785][T28012] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 1140.646224][T28012] RSP: 002b:00007f7961c87078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1140.654468][T28012] RAX: ffffffffffffffda RBX: 00007f7963023f80 RCX: 00007f7962f04ae9
[ 1140.662368][T28012] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000075848400
[ 1140.670176][T28012] RBP: 00007f7961c87120 R08: 0000000000000000 R09: 0000000000000000
01:16:15 executing program 1:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x75848408, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000ec0)={0x1d, 0x0, 0x0, &(0x7f0000000280)='syzkaller\x00', 0x8e07, 0x9a, &(0x7f0000000d80)=""/154, 0x41100, 0x5, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0xfffffffffffffffc, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000e80)=[{}]}, 0x90)

01:16:15 executing program 5:
perf_event_open(&(0x7f0000000800)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0) (async)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
write$cgroup_int(0xffffffffffffffff, 0x0, 0x0) (async)
bpf$MAP_CREATE(0x0, 0x0, 0x0) (async)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) (async)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000040))
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x32600) (async)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xda00) (async)
openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000140)='cgroup.threads\x00', 0x2, 0x0) (async)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='blkio.bfq.io_service_bytes\x00', 0x0, 0x0) (async)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3) (async)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4) (async)
r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r5) (async)
r6 = openat$cgroup_ro(r3, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0) (async)
r7 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18c25fd1f45e905982dcd41ba7634a1a0413e6657d3f7423e3b5d6"], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r3, r4, r5, 0xffffffffffffffff, r6, r7]}, 0x80)
ioctl$PERF_EVENT_IOC_PERIOD(r6, 0x40082404, &(0x7f0000000000)=0x1) (async)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000b80), 0x10) (async)
bpf$MAP_CREATE(0x0, &(0x7f0000000bc0)=@bloom_filter={0x1e, 0x8, 0x8, 0x4, 0x400, 0xffffffffffffffff, 0x1f, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x2, 0x0, 0x7}, 0x48)
write$cgroup_int(r2, &(0x7f0000000200), 0x43405) (async)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000240)='cpuacct.usage_all\x00', 0x0, 0x0) (async)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000003c0)={0x0, &(0x7f0000000500)=""/260, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x127}, 0x38)

[ 1140.677987][T28012] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1140.685802][T28012] R13: 000000000000000b R14: 00007f7963023f80 R15: 00007ffde0e39ef8
[ 1140.693617][T28012]  </TASK>
01:16:15 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, 0xffffffffffffffff)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0)
r5 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18c25fd1f45e9059827d3f7423e3b5d69cce000000000000000000"], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r4, r5]}, 0x80)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a80)={0x18, 0xa, &(0x7f00000005c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x80800000, 0x0, 0x0, 0x0, 0xca}, [@jmp={0x5, 0x0, 0x1, 0x6, 0x6, 0xffffffffffffffe0, 0x4}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffb}, @call={0x85, 0x0, 0x0, 0x89}, @map_fd={0x18, 0x3}, @map_idx={0x18, 0x7, 0x5, 0x0, 0x4}]}, &(0x7f00000002c0)='GPL\x00', 0x3f, 0x86, &(0x7f0000000700)=""/134, 0x41100, 0x56, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000880)={0x1, 0x2, 0x2, 0x1f}, 0x10, 0x0, 0x0, 0x7, &(0x7f0000000940)=[0xffffffffffffffff], &(0x7f0000000980)=[{0x3, 0x3, 0xc, 0xc}, {0x0, 0x5, 0xd, 0x6}, {0x4, 0x2, 0xf, 0xa}, {0x4, 0x4, 0x0, 0x5}, {0x5, 0x3, 0x6, 0x5}, {0x3, 0x5, 0x10, 0x5}, {0x0, 0x3, 0x8, 0x2}], 0x10, 0x3}, 0x90)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='blkio.bfq.idle_time\x00', 0x0, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r6)
openat$cgroup_ro(r2, 0x0, 0x0, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa}, 0x8}, 0x90)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0)
socketpair(0x0, 0x0, 0x0, 0x0)
r7 = perf_event_open(&(0x7f0000000b00)={0x3, 0x80, 0x82, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0x6}, 0x0, 0x2000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x8)
close(r7)

01:16:15 executing program 5:
ioctl$TUNGETVNETBE(0xffffffffffffffff, 0x800454df, &(0x7f0000000440)=0x1)
perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x7d, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.throttle.io_serviced_recursive\x00', 0x26e1, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0)
perf_event_open(&(0x7f0000000700)={0x5, 0x80, 0xff, 0x2, 0xfe, 0x40, 0x0, 0x23aa, 0x14200, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000c40), 0xf}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x23, 0x0, 0x0, 0x0, 0x0, 0x80009}, 0xffffffffffffffff, 0x1, r0, 0x9)
bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0xc, 0x0, 0x0, &(0x7f0000000180)='syzkaller\x00', 0x2, 0x0, 0x0, 0x40f00, 0xe, '\x00', 0x0, 0x16, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000300)={0x2, 0x10, 0x0, 0x104}, 0x10, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, &(0x7f00000001c0)=[0x1, 0xffffffffffffffff, 0xffffffffffffffff, r0], 0x0, 0x10, 0xffffffff}, 0x90)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000200)={0xffffffffffffffff, 0x58, &(0x7f0000000f40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r1=>0x0}}, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='rdma.current\x00', 0x26e1, 0x0)
r3 = openat$cgroup_ro(r2, &(0x7f0000000380)='cgroup.controllers\x00', 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x0, 0x0, 0x0, &(0x7f00000002c0)='syzkaller\x00', 0x2, 0x84, &(0x7f0000000780)=""/132, 0x40f00, 0xe, '\x00', r1, 0x12, r3, 0x8, &(0x7f00000008c0)={0x10000}, 0x8, 0x10, &(0x7f0000000900)={0x2, 0xc, 0x4, 0x4}, 0x10, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000a00)}, 0x80)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000680)=@base={0x1d, 0x4, 0xbf, 0x10d37, 0x17ac, 0x1, 0x8, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x3}, 0x48)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x82400, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000000)={'wlan0\x00', 0x1})
sendmsg$inet(r5, &(0x7f0000000580)={0x0, 0x0, 0x0}, 0x0)
recvmsg$unix(r4, &(0x7f0000004100)={0x0, 0x30, 0x0, 0x0, &(0x7f0000000140)=ANY=[@ANYRES32=<r7=>r4], 0x18}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1f, 0xfffffffd, 0x800, 0x101, 0x400, r0, 0xace3, '\x00', 0x0, r0, 0x5, 0x1, 0x5}, 0x48)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1000, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2006a, 0x0, @perf_bp={&(0x7f0000000340), 0x2}, 0x10, 0x1, 0x0, 0x8, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$TUNSETNOCSUM(r7, 0x8923, 0x20000000)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xed4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0xfffd, 0x0, 0x51}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair(0x28, 0x5, 0x0, &(0x7f0000000000))
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000240)='hugetlb.1GB.usage_in_bytes\x00', 0x26e1, 0x0)
openat$cgroup_ro(r0, &(0x7f0000000600)='blkio.bfq.io_service_bytes\x00', 0x0, 0x0)
syz_clone(0x670c8680, 0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000ac0)={0x1, 0x80, 0x0, 0x0, 0x7, 0x1, 0x0, 0xfffffffffffffff8, 0x95, 0x8, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2, @perf_config_ext={0x328f, 0x10001}, 0x0, 0x2, 0x7, 0x7, 0x0, 0x9, 0x0, 0x0, 0x4, 0x0, 0x80000000}, 0x0, 0xb, r2, 0x2)
close(0xffffffffffffffff)
recvmsg(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000021c0)=[{&(0x7f0000000c80)=""/102, 0x66}, {&(0x7f0000002340)=""/111, 0x6f}, {&(0x7f0000001040)=""/72, 0x48}, {&(0x7f0000000280)=""/29, 0x1d}, {&(0x7f00000010c0)=""/4095, 0xfff}, {&(0x7f00000005c0)=""/7, 0x7}, {&(0x7f00000020c0)=""/241, 0xf1}], 0x7, &(0x7f0000002240)=""/225, 0xe1}, 0x40000140)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)

01:16:16 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) (async, rerun: 32)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0) (rerun: 32)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8) (async)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0) (async)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0) (async, rerun: 64)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4) (async, rerun: 64)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2) (async, rerun: 32)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0) (rerun: 32)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3) (async)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, 0xffffffffffffffff) (async)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0) (async)
r5 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18c25fd1f45e9059827d3f7423e3b5d69cce000000000000000000"], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r4, r5]}, 0x80) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a80)={0x18, 0xa, &(0x7f00000005c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x80800000, 0x0, 0x0, 0x0, 0xca}, [@jmp={0x5, 0x0, 0x1, 0x6, 0x6, 0xffffffffffffffe0, 0x4}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffb}, @call={0x85, 0x0, 0x0, 0x89}, @map_fd={0x18, 0x3}, @map_idx={0x18, 0x7, 0x5, 0x0, 0x4}]}, &(0x7f00000002c0)='GPL\x00', 0x3f, 0x86, &(0x7f0000000700)=""/134, 0x41100, 0x56, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000880)={0x1, 0x2, 0x2, 0x1f}, 0x10, 0x0, 0x0, 0x7, &(0x7f0000000940)=[0xffffffffffffffff], &(0x7f0000000980)=[{0x3, 0x3, 0xc, 0xc}, {0x0, 0x5, 0xd, 0x6}, {0x4, 0x2, 0xf, 0xa}, {0x4, 0x4, 0x0, 0x5}, {0x5, 0x3, 0x6, 0x5}, {0x3, 0x5, 0x10, 0x5}, {0x0, 0x3, 0x8, 0x2}], 0x10, 0x3}, 0x90) (async, rerun: 64)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='blkio.bfq.idle_time\x00', 0x0, 0x0) (async, rerun: 64)
r6 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r6) (async)
openat$cgroup_ro(r2, 0x0, 0x0, 0x0) (async, rerun: 64)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0) (async, rerun: 64)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa}, 0x8}, 0x90) (async)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff) (async)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16) (async)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0)
socketpair(0x0, 0x0, 0x0, 0x0) (async, rerun: 32)
r7 = perf_event_open(&(0x7f0000000b00)={0x3, 0x80, 0x82, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0x6}, 0x0, 0x2000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x8) (rerun: 32)
close(r7)

01:16:16 executing program 4:
syz_clone(0x75848400, 0x0, 0x200000000000000, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

01:16:16 executing program 0:
syz_clone(0x75848400, 0x0, 0x3f00, 0x0, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00', r0}, 0x10)

01:16:16 executing program 2:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 49)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00'}, 0x10)

01:16:16 executing program 1:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x75848409, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000ec0)={0x1d, 0x0, 0x0, &(0x7f0000000280)='syzkaller\x00', 0x8e07, 0x9a, &(0x7f0000000d80)=""/154, 0x41100, 0x5, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0xfffffffffffffffc, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000e80)=[{}]}, 0x90)

01:16:16 executing program 4:
syz_clone(0x75848400, 0x0, 0x400000000000000, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

01:16:16 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) (async)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff) (async)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8) (async)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0) (async)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0) (async)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4) (async)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2) (async)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, 0xffffffffffffffff)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0) (async)
r5 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18c25fd1f45e9059827d3f7423e3b5d69cce000000000000000000"], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r4, r5]}, 0x80) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a80)={0x18, 0xa, &(0x7f00000005c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x80800000, 0x0, 0x0, 0x0, 0xca}, [@jmp={0x5, 0x0, 0x1, 0x6, 0x6, 0xffffffffffffffe0, 0x4}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffb}, @call={0x85, 0x0, 0x0, 0x89}, @map_fd={0x18, 0x3}, @map_idx={0x18, 0x7, 0x5, 0x0, 0x4}]}, &(0x7f00000002c0)='GPL\x00', 0x3f, 0x86, &(0x7f0000000700)=""/134, 0x41100, 0x56, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000880)={0x1, 0x2, 0x2, 0x1f}, 0x10, 0x0, 0x0, 0x7, &(0x7f0000000940)=[0xffffffffffffffff], &(0x7f0000000980)=[{0x3, 0x3, 0xc, 0xc}, {0x0, 0x5, 0xd, 0x6}, {0x4, 0x2, 0xf, 0xa}, {0x4, 0x4, 0x0, 0x5}, {0x5, 0x3, 0x6, 0x5}, {0x3, 0x5, 0x10, 0x5}, {0x0, 0x3, 0x8, 0x2}], 0x10, 0x3}, 0x90) (async)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='blkio.bfq.idle_time\x00', 0x0, 0x0) (async)
r6 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r6)
openat$cgroup_ro(r2, 0x0, 0x0, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa}, 0x8}, 0x90)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff) (async)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16) (async)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0) (async)
socketpair(0x0, 0x0, 0x0, 0x0) (async)
r7 = perf_event_open(&(0x7f0000000b00)={0x3, 0x80, 0x82, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0x6}, 0x0, 0x2000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x8)
close(r7)

01:16:16 executing program 5:
ioctl$TUNGETVNETBE(0xffffffffffffffff, 0x800454df, &(0x7f0000000440)=0x1)
perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x7d, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.throttle.io_serviced_recursive\x00', 0x26e1, 0x0) (async)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.throttle.io_serviced_recursive\x00', 0x26e1, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0)
perf_event_open(&(0x7f0000000700)={0x5, 0x80, 0xff, 0x2, 0xfe, 0x40, 0x0, 0x23aa, 0x14200, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000c40), 0xf}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x23, 0x0, 0x0, 0x0, 0x0, 0x80009}, 0xffffffffffffffff, 0x1, r0, 0x9)
bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0xc, 0x0, 0x0, &(0x7f0000000180)='syzkaller\x00', 0x2, 0x0, 0x0, 0x40f00, 0xe, '\x00', 0x0, 0x16, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000300)={0x2, 0x10, 0x0, 0x104}, 0x10, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, &(0x7f00000001c0)=[0x1, 0xffffffffffffffff, 0xffffffffffffffff, r0], 0x0, 0x10, 0xffffffff}, 0x90) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0xc, 0x0, 0x0, &(0x7f0000000180)='syzkaller\x00', 0x2, 0x0, 0x0, 0x40f00, 0xe, '\x00', 0x0, 0x16, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000300)={0x2, 0x10, 0x0, 0x104}, 0x10, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, &(0x7f00000001c0)=[0x1, 0xffffffffffffffff, 0xffffffffffffffff, r0], 0x0, 0x10, 0xffffffff}, 0x90)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000200)={0xffffffffffffffff, 0x58, &(0x7f0000000f40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r1=>0x0}}, 0x10)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='rdma.current\x00', 0x26e1, 0x0) (async)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='rdma.current\x00', 0x26e1, 0x0)
r3 = openat$cgroup_ro(r2, &(0x7f0000000380)='cgroup.controllers\x00', 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x0, 0x0, 0x0, &(0x7f00000002c0)='syzkaller\x00', 0x2, 0x84, &(0x7f0000000780)=""/132, 0x40f00, 0xe, '\x00', r1, 0x12, r3, 0x8, &(0x7f00000008c0)={0x10000}, 0x8, 0x10, &(0x7f0000000900)={0x2, 0xc, 0x4, 0x4}, 0x10, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000a00)}, 0x80)
bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000680)=@base={0x1d, 0x4, 0xbf, 0x10d37, 0x17ac, 0x1, 0x8, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x3}, 0x48)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x82400, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000000)={'wlan0\x00', 0x1})
sendmsg$inet(r5, &(0x7f0000000580)={0x0, 0x0, 0x0}, 0x0) (async)
sendmsg$inet(r5, &(0x7f0000000580)={0x0, 0x0, 0x0}, 0x0)
recvmsg$unix(r4, &(0x7f0000004100)={0x0, 0x30, 0x0, 0x0, &(0x7f0000000140)=ANY=[@ANYRES32=<r7=>r4], 0x18}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1f, 0xfffffffd, 0x800, 0x101, 0x400, r0, 0xace3, '\x00', 0x0, r0, 0x5, 0x1, 0x5}, 0x48)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1000, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2006a, 0x0, @perf_bp={&(0x7f0000000340), 0x2}, 0x10, 0x1, 0x0, 0x8, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$TUNSETNOCSUM(r7, 0x8923, 0x20000000) (async)
ioctl$TUNSETNOCSUM(r7, 0x8923, 0x20000000)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xed4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0xfffd, 0x0, 0x51}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair(0x28, 0x5, 0x0, &(0x7f0000000000)) (async)
socketpair(0x28, 0x5, 0x0, &(0x7f0000000000))
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000240)='hugetlb.1GB.usage_in_bytes\x00', 0x26e1, 0x0)
openat$cgroup_ro(r0, &(0x7f0000000600)='blkio.bfq.io_service_bytes\x00', 0x0, 0x0)
syz_clone(0x670c8680, 0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000ac0)={0x1, 0x80, 0x0, 0x0, 0x7, 0x1, 0x0, 0xfffffffffffffff8, 0x95, 0x8, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2, @perf_config_ext={0x328f, 0x10001}, 0x0, 0x2, 0x7, 0x7, 0x0, 0x9, 0x0, 0x0, 0x4, 0x0, 0x80000000}, 0x0, 0xb, r2, 0x2) (async)
perf_event_open(&(0x7f0000000ac0)={0x1, 0x80, 0x0, 0x0, 0x7, 0x1, 0x0, 0xfffffffffffffff8, 0x95, 0x8, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2, @perf_config_ext={0x328f, 0x10001}, 0x0, 0x2, 0x7, 0x7, 0x0, 0x9, 0x0, 0x0, 0x4, 0x0, 0x80000000}, 0x0, 0xb, r2, 0x2)
close(0xffffffffffffffff)
recvmsg(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000021c0)=[{&(0x7f0000000c80)=""/102, 0x66}, {&(0x7f0000002340)=""/111, 0x6f}, {&(0x7f0000001040)=""/72, 0x48}, {&(0x7f0000000280)=""/29, 0x1d}, {&(0x7f00000010c0)=""/4095, 0xfff}, {&(0x7f00000005c0)=""/7, 0x7}, {&(0x7f00000020c0)=""/241, 0xf1}], 0x7, &(0x7f0000002240)=""/225, 0xe1}, 0x40000140)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)

01:16:16 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, 0xffffffffffffffff)
openat$cgroup_ro(r2, 0x0, 0x0, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa}, 0x8}, 0x90)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0)
socketpair(0x0, 0x0, 0x0, 0x0)
r4 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
close(r4)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='blkio.bfq.io_merged\x00', 0x0, 0x0)

01:16:16 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) (async)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0) (async)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8) (async)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0) (async)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0) (async)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, 0xffffffffffffffff) (async)
openat$cgroup_ro(r2, 0x0, 0x0, 0x0) (async)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa}, 0x8}, 0x90)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff) (async)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16) (async)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0)
socketpair(0x0, 0x0, 0x0, 0x0) (async)
r4 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
close(r4)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='blkio.bfq.io_merged\x00', 0x0, 0x0)

[ 1141.236712][T28088] FAULT_INJECTION: forcing a failure.
[ 1141.236712][T28088] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1141.304959][T28088] CPU: 0 PID: 28088 Comm: syz-executor.2 Tainted: G        W         5.15.132-syzkaller-01173-g754f8cc9b7de #0
[ 1141.316516][T28088] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023
[ 1141.326499][T28088] Call Trace:
[ 1141.329621][T28088]  <TASK>
[ 1141.332394][T28088]  dump_stack_lvl+0x151/0x1b7
[ 1141.336957][T28088]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 1141.342371][T28088]  ? kmem_cache_alloc+0x134/0x200
[ 1141.347233][T28088]  dump_stack+0x15/0x17
[ 1141.351225][T28088]  should_fail+0x3c6/0x510
[ 1141.355491][T28088]  should_fail_alloc_page+0x5a/0x80
[ 1141.360514][T28088]  prepare_alloc_pages+0x15c/0x700
[ 1141.365462][T28088]  ? __alloc_pages_bulk+0xe60/0xe60
[ 1141.370494][T28088]  __alloc_pages+0x138/0x5e0
[ 1141.374920][T28088]  ? prep_new_page+0x110/0x110
[ 1141.379517][T28088]  ? __alloc_pages+0x206/0x5e0
[ 1141.384120][T28088]  ? stack_trace_save+0x1c0/0x1c0
[ 1141.388981][T28088]  ? __kasan_check_write+0x14/0x20
[ 1141.393926][T28088]  ? _raw_spin_lock+0xa4/0x1b0
[ 1141.398530][T28088]  __pmd_alloc+0xb1/0x550
[ 1141.402693][T28088]  ? __pud_alloc+0x260/0x260
[ 1141.407118][T28088]  ? __pud_alloc+0x213/0x260
[ 1141.411564][T28088]  ? do_handle_mm_fault+0x2330/0x2330
[ 1141.416752][T28088]  ? __stack_depot_save+0x34/0x470
[ 1141.421705][T28088]  ? anon_vma_clone+0x9a/0x500
[ 1141.426298][T28088]  copy_page_range+0x2b3d/0x2f90
[ 1141.431072][T28088]  ? __kasan_slab_alloc+0xb1/0xe0
[ 1141.435934][T28088]  ? slab_post_alloc_hook+0x53/0x2c0
[ 1141.441057][T28088]  ? copy_mm+0xa3a/0x13e0
[ 1141.445233][T28088]  ? copy_process+0x12bc/0x3260
[ 1141.449905][T28088]  ? kernel_clone+0x21e/0x9e0
[ 1141.454420][T28088]  ? do_syscall_64+0x3d/0xb0
[ 1141.458845][T28088]  ? entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1141.464753][T28088]  ? pfn_valid+0x1e0/0x1e0
[ 1141.469003][T28088]  ? rwsem_write_trylock+0x15b/0x290
[ 1141.474122][T28088]  ? vma_interval_tree_augment_rotate+0x1d0/0x1d0
[ 1141.480372][T28088]  ? vma_gap_callbacks_rotate+0x1e2/0x210
[ 1141.485926][T28088]  ? __rb_insert_augmented+0x5de/0x610
[ 1141.491229][T28088]  copy_mm+0xc7e/0x13e0
[ 1141.495213][T28088]  ? copy_signal+0x610/0x610
[ 1141.499639][T28088]  ? __init_rwsem+0xd6/0x1c0
[ 1141.504065][T28088]  ? copy_signal+0x4e3/0x610
[ 1141.508491][T28088]  copy_process+0x12bc/0x3260
[ 1141.513008][T28088]  ? proc_fail_nth_write+0x20b/0x290
[ 1141.518126][T28088]  ? fsnotify_perm+0x6a/0x5d0
[ 1141.522653][T28088]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1141.527588][T28088]  ? vfs_write+0x9ec/0x1110
[ 1141.531926][T28088]  kernel_clone+0x21e/0x9e0
[ 1141.536263][T28088]  ? file_end_write+0x1c0/0x1c0
[ 1141.540954][T28088]  ? create_io_thread+0x1e0/0x1e0
[ 1141.545986][T28088]  ? mutex_unlock+0xb2/0x260
[ 1141.550412][T28088]  ? __mutex_lock_slowpath+0x10/0x10
[ 1141.555545][T28088]  __x64_sys_clone+0x23f/0x290
[ 1141.560136][T28088]  ? __do_sys_vfork+0x130/0x130
[ 1141.564822][T28088]  ? ksys_write+0x260/0x2c0
[ 1141.569160][T28088]  ? debug_smp_processor_id+0x17/0x20
[ 1141.574365][T28088]  ? fpregs_assert_state_consistent+0xb6/0xe0
[ 1141.580270][T28088]  ? exit_to_user_mode_prepare+0x39/0xa0
[ 1141.585737][T28088]  do_syscall_64+0x3d/0xb0
[ 1141.589988][T28088]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1141.595719][T28088] RIP: 0033:0x7f7962f04ae9
[ 1141.599971][T28088] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 1141.619413][T28088] RSP: 002b:00007f7961c66078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1141.627657][T28088] RAX: ffffffffffffffda RBX: 00007f7963024050 RCX: 00007f7962f04ae9
[ 1141.635465][T28088] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000075848400
[ 1141.643277][T28088] RBP: 00007f7961c66120 R08: 0000000000000000 R09: 0000000000000000
01:16:16 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) (async)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0) (async)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4) (async)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0) (async)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, 0xffffffffffffffff)
openat$cgroup_ro(r2, 0x0, 0x0, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa}, 0x8}, 0x90)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff) (async)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16) (async)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0)
socketpair(0x0, 0x0, 0x0, 0x0) (async)
socketpair(0x0, 0x0, 0x0, 0x0)
r4 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
close(r4) (async)
close(r4)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='blkio.bfq.io_merged\x00', 0x0, 0x0)

[ 1141.651089][T28088] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1141.658901][T28088] R13: 000000000000006e R14: 00007f7963024050 R15: 00007ffde0e39ef8
[ 1141.666714][T28088]  </TASK>
01:16:16 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
openat$cgroup_ro(r2, 0x0, 0x0, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa}, 0x8}, 0x90)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r5)
r6 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0)
r7 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18c25fd1f45e90598200"/27], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[0xffffffffffffffff, 0xffffffffffffffff, r5, 0xffffffffffffffff, r6, r7]}, 0x80)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x18, 0x14, &(0x7f0000000140)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1}, [@cb_func={0x18, 0x5, 0x4, 0x0, 0x1}, @map_fd={0x18, 0x4}, @ldst={0x2, 0x3, 0x1, 0x9, 0x0, 0x50, 0x1}, @generic={0x3f, 0x2, 0x0, 0xff, 0x1ff}, @btf_id={0x18, 0x4, 0x3, 0x0, 0x4}, @printk={@integer, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x4}}, @func={0x85, 0x0, 0x1, 0x0, 0x4}]}, &(0x7f00000002c0)='syzkaller\x00', 0xa07c, 0x1000, &(0x7f0000000b80)=""/4096, 0x41100, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000400)={0x5, 0x4}, 0x8, 0x10, &(0x7f0000000500)={0x4, 0x7, 0x9, 0x2}, 0x10, 0x0, 0x0, 0x1, &(0x7f00000006c0)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000700)=[{0x1, 0x2, 0x10, 0x5}], 0x10, 0x8}, 0x90)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0)
socketpair(0x0, 0x0, 0x0, 0x0)
r8 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
close(r8)

01:16:16 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) (async, rerun: 32)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0) (async, rerun: 32)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff) (async)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0) (async)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4) (async, rerun: 32)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0) (rerun: 32)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3) (async)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
openat$cgroup_ro(r2, 0x0, 0x0, 0x0) (async)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa}, 0x8}, 0x90) (async, rerun: 64)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff) (async, rerun: 64)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r5) (async, rerun: 32)
r6 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0) (rerun: 32)
r7 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18c25fd1f45e90598200"/27], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[0xffffffffffffffff, 0xffffffffffffffff, r5, 0xffffffffffffffff, r6, r7]}, 0x80) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x18, 0x14, &(0x7f0000000140)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1}, [@cb_func={0x18, 0x5, 0x4, 0x0, 0x1}, @map_fd={0x18, 0x4}, @ldst={0x2, 0x3, 0x1, 0x9, 0x0, 0x50, 0x1}, @generic={0x3f, 0x2, 0x0, 0xff, 0x1ff}, @btf_id={0x18, 0x4, 0x3, 0x0, 0x4}, @printk={@integer, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x4}}, @func={0x85, 0x0, 0x1, 0x0, 0x4}]}, &(0x7f00000002c0)='syzkaller\x00', 0xa07c, 0x1000, &(0x7f0000000b80)=""/4096, 0x41100, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000400)={0x5, 0x4}, 0x8, 0x10, &(0x7f0000000500)={0x4, 0x7, 0x9, 0x2}, 0x10, 0x0, 0x0, 0x1, &(0x7f00000006c0)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000700)=[{0x1, 0x2, 0x10, 0x5}], 0x10, 0x8}, 0x90) (async)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0)
socketpair(0x0, 0x0, 0x0, 0x0)
r8 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
close(r8)

01:16:17 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0) (async)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff) (async)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8) (async)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0) (async)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4) (async)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2) (async)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3) (async)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
openat$cgroup_ro(r2, 0x0, 0x0, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa}, 0x8}, 0x90) (async)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff) (async)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r5) (async)
r6 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0) (async)
r7 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18c25fd1f45e90598200"/27], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[0xffffffffffffffff, 0xffffffffffffffff, r5, 0xffffffffffffffff, r6, r7]}, 0x80)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x18, 0x14, &(0x7f0000000140)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1}, [@cb_func={0x18, 0x5, 0x4, 0x0, 0x1}, @map_fd={0x18, 0x4}, @ldst={0x2, 0x3, 0x1, 0x9, 0x0, 0x50, 0x1}, @generic={0x3f, 0x2, 0x0, 0xff, 0x1ff}, @btf_id={0x18, 0x4, 0x3, 0x0, 0x4}, @printk={@integer, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x4}}, @func={0x85, 0x0, 0x1, 0x0, 0x4}]}, &(0x7f00000002c0)='syzkaller\x00', 0xa07c, 0x1000, &(0x7f0000000b80)=""/4096, 0x41100, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000400)={0x5, 0x4}, 0x8, 0x10, &(0x7f0000000500)={0x4, 0x7, 0x9, 0x2}, 0x10, 0x0, 0x0, 0x1, &(0x7f00000006c0)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000700)=[{0x1, 0x2, 0x10, 0x5}], 0x10, 0x8}, 0x90) (async)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0) (async)
socketpair(0x0, 0x0, 0x0, 0x0)
r8 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
close(r8)

01:16:17 executing program 0:
syz_clone(0x75848400, 0x0, 0x4000, 0x0, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00', r0}, 0x10)

01:16:17 executing program 1:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x7584840f, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000ec0)={0x1d, 0x0, 0x0, &(0x7f0000000280)='syzkaller\x00', 0x8e07, 0x9a, &(0x7f0000000d80)=""/154, 0x41100, 0x5, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0xfffffffffffffffc, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000e80)=[{}]}, 0x90)

01:16:17 executing program 2:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00'}, 0x10)

01:16:17 executing program 3:
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f00000000c0), 0x6e, &(0x7f0000000000)=[{&(0x7f0000000140)=""/164, 0xa4}], 0x1, &(0x7f00000002c0)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}], 0x118}, 0x2)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
openat$cgroup_ro(r2, 0x0, 0x0, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa}, 0x8}, 0x90)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0)
socketpair(0x0, 0x0, 0x0, 0x0)
r5 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
close(r5)

01:16:17 executing program 5:
ioctl$TUNGETVNETBE(0xffffffffffffffff, 0x800454df, &(0x7f0000000440)=0x1) (async)
perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x7d, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (async)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.throttle.io_serviced_recursive\x00', 0x26e1, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0) (async)
perf_event_open(&(0x7f0000000700)={0x5, 0x80, 0xff, 0x2, 0xfe, 0x40, 0x0, 0x23aa, 0x14200, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000c40), 0xf}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x23, 0x0, 0x0, 0x0, 0x0, 0x80009}, 0xffffffffffffffff, 0x1, r0, 0x9)
bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0xc, 0x0, 0x0, &(0x7f0000000180)='syzkaller\x00', 0x2, 0x0, 0x0, 0x40f00, 0xe, '\x00', 0x0, 0x16, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000300)={0x2, 0x10, 0x0, 0x104}, 0x10, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, &(0x7f00000001c0)=[0x1, 0xffffffffffffffff, 0xffffffffffffffff, r0], 0x0, 0x10, 0xffffffff}, 0x90)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000200)={0xffffffffffffffff, 0x58, &(0x7f0000000f40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r1=>0x0}}, 0x10) (async)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='rdma.current\x00', 0x26e1, 0x0)
r3 = openat$cgroup_ro(r2, &(0x7f0000000380)='cgroup.controllers\x00', 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x0, 0x0, 0x0, &(0x7f00000002c0)='syzkaller\x00', 0x2, 0x84, &(0x7f0000000780)=""/132, 0x40f00, 0xe, '\x00', r1, 0x12, r3, 0x8, &(0x7f00000008c0)={0x10000}, 0x8, 0x10, &(0x7f0000000900)={0x2, 0xc, 0x4, 0x4}, 0x10, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000a00)}, 0x80) (async)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000680)=@base={0x1d, 0x4, 0xbf, 0x10d37, 0x17ac, 0x1, 0x8, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x3}, 0x48)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff}) (async)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x82400, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000000)={'wlan0\x00', 0x1}) (async)
sendmsg$inet(r5, &(0x7f0000000580)={0x0, 0x0, 0x0}, 0x0) (async)
recvmsg$unix(r4, &(0x7f0000004100)={0x0, 0x30, 0x0, 0x0, &(0x7f0000000140)=ANY=[@ANYRES32=<r7=>r4], 0x18}, 0x0) (async)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1f, 0xfffffffd, 0x800, 0x101, 0x400, r0, 0xace3, '\x00', 0x0, r0, 0x5, 0x1, 0x5}, 0x48)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1000, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2006a, 0x0, @perf_bp={&(0x7f0000000340), 0x2}, 0x10, 0x1, 0x0, 0x8, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) (async)
ioctl$TUNSETNOCSUM(r7, 0x8923, 0x20000000) (async)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xed4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0xfffd, 0x0, 0x51}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair(0x28, 0x5, 0x0, &(0x7f0000000000))
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000240)='hugetlb.1GB.usage_in_bytes\x00', 0x26e1, 0x0) (async)
openat$cgroup_ro(r0, &(0x7f0000000600)='blkio.bfq.io_service_bytes\x00', 0x0, 0x0)
syz_clone(0x670c8680, 0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000ac0)={0x1, 0x80, 0x0, 0x0, 0x7, 0x1, 0x0, 0xfffffffffffffff8, 0x95, 0x8, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2, @perf_config_ext={0x328f, 0x10001}, 0x0, 0x2, 0x7, 0x7, 0x0, 0x9, 0x0, 0x0, 0x4, 0x0, 0x80000000}, 0x0, 0xb, r2, 0x2)
close(0xffffffffffffffff)
recvmsg(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000021c0)=[{&(0x7f0000000c80)=""/102, 0x66}, {&(0x7f0000002340)=""/111, 0x6f}, {&(0x7f0000001040)=""/72, 0x48}, {&(0x7f0000000280)=""/29, 0x1d}, {&(0x7f00000010c0)=""/4095, 0xfff}, {&(0x7f00000005c0)=""/7, 0x7}, {&(0x7f00000020c0)=""/241, 0xf1}], 0x7, &(0x7f0000002240)=""/225, 0xe1}, 0x40000140)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)

01:16:17 executing program 4:
syz_clone(0x75848400, 0x0, 0x700000000000000, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

01:16:17 executing program 3:
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f00000000c0), 0x6e, &(0x7f0000000000)=[{&(0x7f0000000140)=""/164, 0xa4}], 0x1, &(0x7f00000002c0)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}], 0x118}, 0x2) (async)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f00000000c0), 0x6e, &(0x7f0000000000)=[{&(0x7f0000000140)=""/164, 0xa4}], 0x1, &(0x7f00000002c0)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}], 0x118}, 0x2)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) (async)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2) (async)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3) (async)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
openat$cgroup_ro(r2, 0x0, 0x0, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0) (async)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa}, 0x8}, 0x90)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff) (async)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16) (async)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0)
socketpair(0x0, 0x0, 0x0, 0x0)
r5 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
close(r5)

[ 1142.534497][T28131] FAULT_INJECTION: forcing a failure.
[ 1142.534497][T28131] name failslab, interval 1, probability 0, space 0, times 0
[ 1142.590994][T28131] CPU: 0 PID: 28131 Comm: syz-executor.2 Tainted: G        W         5.15.132-syzkaller-01173-g754f8cc9b7de #0
[ 1142.602642][T28131] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023
[ 1142.612635][T28131] Call Trace:
[ 1142.615742][T28131]  <TASK>
[ 1142.618521][T28131]  dump_stack_lvl+0x151/0x1b7
[ 1142.623034][T28131]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 1142.628502][T28131]  dump_stack+0x15/0x17
[ 1142.632493][T28131]  should_fail+0x3c6/0x510
[ 1142.636755][T28131]  __should_failslab+0xa4/0xe0
[ 1142.641349][T28131]  ? vm_area_dup+0x26/0x230
[ 1142.645687][T28131]  should_failslab+0x9/0x20
[ 1142.650027][T28131]  slab_pre_alloc_hook+0x37/0xd0
[ 1142.654799][T28131]  ? vm_area_dup+0x26/0x230
[ 1142.659141][T28131]  kmem_cache_alloc+0x44/0x200
[ 1142.663740][T28131]  vm_area_dup+0x26/0x230
[ 1142.667905][T28131]  copy_mm+0x9a1/0x13e0
[ 1142.671904][T28131]  ? copy_signal+0x610/0x610
[ 1142.676324][T28131]  ? __init_rwsem+0xd6/0x1c0
[ 1142.680751][T28131]  ? copy_signal+0x4e3/0x610
[ 1142.685186][T28131]  copy_process+0x12bc/0x3260
[ 1142.689694][T28131]  ? proc_fail_nth_write+0x20b/0x290
[ 1142.694811][T28131]  ? fsnotify_perm+0x6a/0x5d0
[ 1142.699324][T28131]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1142.704271][T28131]  ? vfs_write+0x9ec/0x1110
[ 1142.708614][T28131]  kernel_clone+0x21e/0x9e0
[ 1142.712951][T28131]  ? file_end_write+0x1c0/0x1c0
[ 1142.717637][T28131]  ? create_io_thread+0x1e0/0x1e0
[ 1142.722583][T28131]  ? mutex_unlock+0xb2/0x260
[ 1142.727018][T28131]  ? __mutex_lock_slowpath+0x10/0x10
[ 1142.732133][T28131]  __x64_sys_clone+0x23f/0x290
[ 1142.736732][T28131]  ? __do_sys_vfork+0x130/0x130
[ 1142.741415][T28131]  ? ksys_write+0x260/0x2c0
[ 1142.745760][T28131]  ? debug_smp_processor_id+0x17/0x20
[ 1142.750966][T28131]  ? fpregs_assert_state_consistent+0xb6/0xe0
[ 1142.756874][T28131]  ? exit_to_user_mode_prepare+0x39/0xa0
[ 1142.762335][T28131]  do_syscall_64+0x3d/0xb0
[ 1142.766599][T28131]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1142.772320][T28131] RIP: 0033:0x7f7962f04ae9
[ 1142.776571][T28131] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 1142.796010][T28131] RSP: 002b:00007f7961c87078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1142.804255][T28131] RAX: ffffffffffffffda RBX: 00007f7963023f80 RCX: 00007f7962f04ae9
[ 1142.812144][T28131] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000075848400
[ 1142.819900][T28131] RBP: 00007f7961c87120 R08: 0000000000000000 R09: 0000000000000000
[ 1142.827691][T28131] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
01:16:18 executing program 1:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x75848441, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000ec0)={0x1d, 0x0, 0x0, &(0x7f0000000280)='syzkaller\x00', 0x8e07, 0x9a, &(0x7f0000000d80)=""/154, 0x41100, 0x5, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0xfffffffffffffffc, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000e80)=[{}]}, 0x90)

[ 1142.835500][T28131] R13: 000000000000000b R14: 00007f7963023f80 R15: 00007ffde0e39ef8
[ 1142.843318][T28131]  </TASK>
01:16:18 executing program 2:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 51)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00'}, 0x10)

[ 1143.066982][T28149] FAULT_INJECTION: forcing a failure.
[ 1143.066982][T28149] name failslab, interval 1, probability 0, space 0, times 0
[ 1143.113612][T28149] CPU: 1 PID: 28149 Comm: syz-executor.2 Tainted: G        W         5.15.132-syzkaller-01173-g754f8cc9b7de #0
[ 1143.125170][T28149] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023
[ 1143.135060][T28149] Call Trace:
[ 1143.138186][T28149]  <TASK>
[ 1143.140962][T28149]  dump_stack_lvl+0x151/0x1b7
[ 1143.145476][T28149]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 1143.150941][T28149]  ? avc_denied+0x1b0/0x1b0
[ 1143.155281][T28149]  dump_stack+0x15/0x17
[ 1143.159276][T28149]  should_fail+0x3c6/0x510
[ 1143.163528][T28149]  __should_failslab+0xa4/0xe0
[ 1143.168127][T28149]  ? vm_area_dup+0x26/0x230
[ 1143.172466][T28149]  should_failslab+0x9/0x20
[ 1143.176807][T28149]  slab_pre_alloc_hook+0x37/0xd0
[ 1143.181581][T28149]  ? vm_area_dup+0x26/0x230
[ 1143.186018][T28149]  kmem_cache_alloc+0x44/0x200
[ 1143.190611][T28149]  vm_area_dup+0x26/0x230
[ 1143.194775][T28149]  copy_mm+0x9a1/0x13e0
[ 1143.198769][T28149]  ? copy_signal+0x610/0x610
[ 1143.203191][T28149]  ? __init_rwsem+0xd6/0x1c0
[ 1143.207618][T28149]  ? copy_signal+0x4e3/0x610
[ 1143.212043][T28149]  copy_process+0x12bc/0x3260
[ 1143.216558][T28149]  ? proc_fail_nth_write+0x20b/0x290
[ 1143.221677][T28149]  ? fsnotify_perm+0x6a/0x5d0
[ 1143.226191][T28149]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1143.231169][T28149]  ? vfs_write+0x9ec/0x1110
[ 1143.235478][T28149]  kernel_clone+0x21e/0x9e0
[ 1143.239818][T28149]  ? file_end_write+0x1c0/0x1c0
[ 1143.244503][T28149]  ? create_io_thread+0x1e0/0x1e0
[ 1143.249364][T28149]  ? mutex_unlock+0xb2/0x260
[ 1143.253791][T28149]  ? __mutex_lock_slowpath+0x10/0x10
[ 1143.258912][T28149]  __x64_sys_clone+0x23f/0x290
[ 1143.263511][T28149]  ? __do_sys_vfork+0x130/0x130
[ 1143.268197][T28149]  ? ksys_write+0x260/0x2c0
[ 1143.272538][T28149]  ? debug_smp_processor_id+0x17/0x20
[ 1143.277743][T28149]  ? fpregs_assert_state_consistent+0xb6/0xe0
[ 1143.283647][T28149]  ? exit_to_user_mode_prepare+0x39/0xa0
[ 1143.289114][T28149]  do_syscall_64+0x3d/0xb0
[ 1143.293370][T28149]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1143.299095][T28149] RIP: 0033:0x7f7962f04ae9
[ 1143.303351][T28149] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 1143.322792][T28149] RSP: 002b:00007f7961c66078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1143.331034][T28149] RAX: ffffffffffffffda RBX: 00007f7963024050 RCX: 00007f7962f04ae9
[ 1143.338846][T28149] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000075848400
[ 1143.346655][T28149] RBP: 00007f7961c66120 R08: 0000000000000000 R09: 0000000000000000
[ 1143.354466][T28149] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
01:16:18 executing program 1:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x75848400, 0x0, 0x2, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000ec0)={0x1d, 0x0, 0x0, &(0x7f0000000280)='syzkaller\x00', 0x8e07, 0x9a, &(0x7f0000000d80)=""/154, 0x41100, 0x5, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0xfffffffffffffffc, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000e80)=[{}]}, 0x90)

01:16:18 executing program 3:
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f00000000c0), 0x6e, &(0x7f0000000000)=[{&(0x7f0000000140)=""/164, 0xa4}], 0x1, &(0x7f00000002c0)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}], 0x118}, 0x2) (async)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) (async)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8) (async)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0) (async)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0) (async)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2) (async)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4) (async)
openat$cgroup_ro(r2, 0x0, 0x0, 0x0) (async)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa}, 0x8}, 0x90)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16) (async, rerun: 64)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0) (async, rerun: 64)
socketpair(0x0, 0x0, 0x0, 0x0) (async)
r5 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
close(r5)

01:16:18 executing program 0:
syz_clone(0x75848400, 0x0, 0x4100, 0x0, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00', r0}, 0x10)

[ 1143.362285][T28149] R13: 000000000000006e R14: 00007f7963024050 R15: 00007ffde0e39ef8
[ 1143.370095][T28149]  </TASK>
01:16:18 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
openat$cgroup_ro(r2, 0x0, 0x0, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa}, 0x8}, 0x90)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0)
socketpair(0x23, 0xa, 0x3, 0x0)
r5 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
close(r5)
r6 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r6)
r7 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0)
r8 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x1, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18c25fd1f45e9059827d3f7423e3b5d69cce000000000000000000"], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[0xffffffffffffffff, 0xffffffffffffffff, r6, 0xffffffffffffffff, r7, r8]}, 0x80)
mkdirat$cgroup(r7, &(0x7f0000000000)='syz1\x00', 0x1ff)

01:16:18 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0) (async)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8) (async)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0) (async)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0) (async)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4) (async)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2) (async)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4) (async)
openat$cgroup_ro(r2, 0x0, 0x0, 0x0) (async)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa}, 0x8}, 0x90) (async)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff) (async)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16) (async)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0)
socketpair(0x23, 0xa, 0x3, 0x0) (async)
r5 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
close(r5) (async)
r6 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r6) (async)
r7 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0) (async)
r8 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x1, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18c25fd1f45e9059827d3f7423e3b5d69cce000000000000000000"], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[0xffffffffffffffff, 0xffffffffffffffff, r6, 0xffffffffffffffff, r7, r8]}, 0x80)
mkdirat$cgroup(r7, &(0x7f0000000000)='syz1\x00', 0x1ff)

01:16:18 executing program 4:
syz_clone(0x75848400, 0x0, 0x800000000000000, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

01:16:18 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) (async)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0) (async)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff) (async)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0) (async)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4) (async)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2) (async)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3) (async)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
openat$cgroup_ro(r2, 0x0, 0x0, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa}, 0x8}, 0x90) (async)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff) (async)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16) (async)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0)
socketpair(0x23, 0xa, 0x3, 0x0) (async)
r5 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
close(r5) (async)
r6 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r6)
r7 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0)
r8 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x1, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18c25fd1f45e9059827d3f7423e3b5d69cce000000000000000000"], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[0xffffffffffffffff, 0xffffffffffffffff, r6, 0xffffffffffffffff, r7, r8]}, 0x80)
mkdirat$cgroup(r7, &(0x7f0000000000)='syz1\x00', 0x1ff)

01:16:19 executing program 5:
syz_clone(0x75848400, 0x0, 0x3f00, 0x0, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00', r0}, 0x10)

01:16:19 executing program 1:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x75848400, 0x0, 0x4, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000ec0)={0x1d, 0x0, 0x0, &(0x7f0000000280)='syzkaller\x00', 0x8e07, 0x9a, &(0x7f0000000d80)=""/154, 0x41100, 0x5, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0xfffffffffffffffc, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000e80)=[{}]}, 0x90)

01:16:19 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(r2, &(0x7f00000000c0)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
openat$cgroup_ro(r2, 0x0, 0x0, 0x0)
r5 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa}, 0x8}, 0x90)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0)
socketpair(0x0, 0x0, 0x0, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0)
r7 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18c25fd1f45e9059827d3f7423e3b5d69cce000000000000000000"], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r6, r7]}, 0x80)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a80)={0x18, 0xa, &(0x7f00000005c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x80800000, 0x0, 0x0, 0x0, 0xca}, [@jmp={0x5, 0x0, 0x1, 0x6, 0x6, 0xffffffffffffffe0, 0x4}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffb}, @call={0x85, 0x0, 0x0, 0x89}, @map_fd={0x18, 0x3}, @map_idx={0x18, 0x7, 0x5, 0x0, 0x4}]}, &(0x7f00000002c0)='GPL\x00', 0x3f, 0x86, &(0x7f0000000700)=""/134, 0x41100, 0x56, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000880)={0x1, 0x2, 0x2, 0x1f}, 0x10, 0x0, 0x0, 0x7, &(0x7f0000000940)=[0xffffffffffffffff], &(0x7f0000000980)=[{0x3, 0x3, 0xc, 0xc}, {0x0, 0x5, 0xd, 0x6}, {0x4, 0x2, 0xf, 0xa}, {0x4, 0x4, 0x0, 0x5}, {0x5, 0x3, 0x6, 0x5}, {0x3, 0x5, 0x10, 0x5}, {0x0, 0x3, 0x8, 0x2}], 0x10, 0x3}, 0x90)
r8 = bpf$ITER_CREATE(0x21, &(0x7f0000000180)={r0}, 0x8)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x2, &(0x7f0000000000)=@raw=[@map_val={0x18, 0xa, 0x2, 0x0, r0, 0x0, 0x0, 0x0, 0x2}], &(0x7f0000000100)='syzkaller\x00', 0xa1, 0x0, 0x0, 0x40f00, 0x7, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000140)={0x2, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=[r0, r2, r2, 0xffffffffffffffff, 0xffffffffffffffff, r5, r8], 0x0, 0x10, 0xfe99}, 0x90)
r9 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
close(r9)

01:16:19 executing program 4:
syz_clone(0x75848400, 0x0, 0x900000000000000, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

01:16:19 executing program 2:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 52)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00'}, 0x10)

01:16:19 executing program 0:
syz_clone(0x75848400, 0x0, 0x7000, 0x0, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00', r0}, 0x10)

01:16:19 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0) (async)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
bpf$ITER_CREATE(0x21, 0x0, 0x0) (async)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0) (async)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0) (async)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4) (async)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2) (async)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(r2, &(0x7f00000000c0)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
openat$cgroup_ro(r2, 0x0, 0x0, 0x0)
r5 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa}, 0x8}, 0x90) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa}, 0x8}, 0x90)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff) (async)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0) (async)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0)
socketpair(0x0, 0x0, 0x0, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0)
r7 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18c25fd1f45e9059827d3f7423e3b5d69cce000000000000000000"], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r6, r7]}, 0x80)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a80)={0x18, 0xa, &(0x7f00000005c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x80800000, 0x0, 0x0, 0x0, 0xca}, [@jmp={0x5, 0x0, 0x1, 0x6, 0x6, 0xffffffffffffffe0, 0x4}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffb}, @call={0x85, 0x0, 0x0, 0x89}, @map_fd={0x18, 0x3}, @map_idx={0x18, 0x7, 0x5, 0x0, 0x4}]}, &(0x7f00000002c0)='GPL\x00', 0x3f, 0x86, &(0x7f0000000700)=""/134, 0x41100, 0x56, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000880)={0x1, 0x2, 0x2, 0x1f}, 0x10, 0x0, 0x0, 0x7, &(0x7f0000000940)=[0xffffffffffffffff], &(0x7f0000000980)=[{0x3, 0x3, 0xc, 0xc}, {0x0, 0x5, 0xd, 0x6}, {0x4, 0x2, 0xf, 0xa}, {0x4, 0x4, 0x0, 0x5}, {0x5, 0x3, 0x6, 0x5}, {0x3, 0x5, 0x10, 0x5}, {0x0, 0x3, 0x8, 0x2}], 0x10, 0x3}, 0x90)
r8 = bpf$ITER_CREATE(0x21, &(0x7f0000000180)={r0}, 0x8)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x2, &(0x7f0000000000)=@raw=[@map_val={0x18, 0xa, 0x2, 0x0, r0, 0x0, 0x0, 0x0, 0x2}], &(0x7f0000000100)='syzkaller\x00', 0xa1, 0x0, 0x0, 0x40f00, 0x7, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000140)={0x2, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=[r0, r2, r2, 0xffffffffffffffff, 0xffffffffffffffff, r5, r8], 0x0, 0x10, 0xfe99}, 0x90)
r9 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
close(r9)

01:16:19 executing program 1:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x75848400, 0x0, 0x7, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000ec0)={0x1d, 0x0, 0x0, &(0x7f0000000280)='syzkaller\x00', 0x8e07, 0x9a, &(0x7f0000000d80)=""/154, 0x41100, 0x5, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0xfffffffffffffffc, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000e80)=[{}]}, 0x90)

01:16:19 executing program 5:
r0 = bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
ioctl$TUNSETIFF(r0, 0x400454ca, 0x0)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec85000000750000000400000007"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000780)={0xffffffffffffffff, 0x0, 0x0}, 0x10)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000009c0)={0xffffffffffffffff, 0x6}, 0xc)
openat$cgroup(0xffffffffffffffff, 0x0, 0x200002, 0x0)
r1 = perf_event_open$cgroup(&(0x7f0000000440)={0x3, 0x80, 0x46, 0x7, 0x1f, 0x0, 0x0, 0x3, 0x42010, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x3, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x8, 0x1, @perf_config_ext={0x0, 0x8}, 0x8, 0x269, 0x9, 0x9, 0x7, 0x1, 0x5, 0x0, 0x3, 0x0, 0x6}, r0, 0xd, r0, 0xc)
perf_event_open(&(0x7f00000003c0)={0x3, 0x80, 0x9e, 0x67, 0x3f, 0xab, 0x0, 0x1, 0x1203, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x4, 0x0, @perf_bp={&(0x7f0000000140), 0x8}, 0x8, 0x0, 0x80, 0x3, 0x100000001, 0x7, 0x6f16, 0x0, 0x9, 0x0, 0x2}, 0x0, 0xb, r1, 0x1)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000980), 0x8)
bpf$OBJ_GET_MAP(0x7, 0x0, 0x0)
r2 = openat$tun(0xffffffffffffff9c, 0x0, 0x2900, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000240)={'team_slave_1\x00', 0x20})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
perf_event_open(&(0x7f00000000c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x2, 0xe, &(0x7f0000000ac0)=ANY=[@ANYBLOB="b700000062000000bca30000000000002403000020feffff720af0fff8ffffff71a4f0ff000000001f030000000000002e100200000000002604fdffff02000014010000000000001d130000000000007a0a00fe0000001f0f14000000000000b503f7fff80000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e5181554a090f300020000fe275daf51efd601b6bf01c8e8b1b526375ee4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e65440000000000000000028610643a98d9ec21ead2ed51b104d4d91af25b845b9f7d08d123deda88c658d42ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff61623604000000000000006a89adaf17b0a6041bdeebdfd1f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564163427afea62d84f3a10076443d643649393bf52d2105bd901128c7e0ec82701c8204a1deeed4155617572652d950ad31928b0b036dc2869f478341d02d0f5ad94b081fcd507acb4b9c67382f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdbb9893a5de817101ab062cd54e67051d355d84ce97bb0c6b6a595e487a2cc47c0efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599dd273863be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d91c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566d674e425da5e7f009602a9f61d3804b3e0a1053abdc31282dfb15eb6841bb64a1b3045024a982f3c48153baae244e7bf573eac34b781337ad5905c6bbf1137548c7f1a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a90144022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afcc829ba0f85da6d888f18ea40ab959f6074ab2a40d85d1501783a7ab540b8d7b4ead35a385e0b4a26b702396df7e0c1e02b88c114f244a9bf93f04bf072f0861f5c0b000000000000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba3401e6a52acb11883ad2a3b1832371fe5bc621426d1ed01b389708165b9cdbae2ed9dc7358f0ebadde0b727f27feeb7464dcd857ab15e355713767c536cbae2f5c7d951680f6f2f9a6a8346962a350845ffa0d82884f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010ae20e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ced301efeb6dc5f6a9037d2283c42efc54fa84323afc4c10eff462c8843187f1dd48ef0981000000000000ff0f40b1888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f908ba7554ba583ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fc08001011e32f80fb60e14b9eee094277bbc170882c8890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e3f753b639a924599c1f69219927ea5301fff0a6063d427180d61542c2571f983e96635600000554f327a3535e7c7542799493c31ac05a7b57f03ca91a01ba2a30ca99e969d6fd09dc28ebc15edb4d91675767999d146aef7799738b292fd64bb25b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a794963342aece449a0d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b6ef9d12096833d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ecab5d232f89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a05e41f6016ab5bbe4fe7ff5d785d0128171c90d9900ca2532b0f9d01c4b45294fbba468df3e1b393cb4e62e753b4172ba7ac1f2b51c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a881192292ffff5392ab3d1311b82432662806add87047f601fa888400000000000000000000000000006acc19808d7cf29bc974b0ea92499a41b9b9a7c2bca311a28ee4952f2d325a56397c78f12205db653a536f9f3322405d1efd78e578dc6b3fb84f3738a4b6caa800000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf79a43746979f99f6a1527f004f1e37a3926937e84fb478199dc1020f4beb98b8074bf7df8b5e783637da740800000000000000c55a4385e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae633d44086b3f03b20d546fa66a72e38207c9d20035abc46271a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1db18c472dafc5569adc282928d2a1ffe29f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a6a274000000000000000000000000000000000000000000000009dd14b38f2f4426d7cf5075047c31f6ce6adddfe3ac649c0643c8bfbeb14ba1fd7a485aa893915cf81e29aaf375e904bbe52691a4100260ffcd8f1d04166d291ebcef893e1b9ccb6797d0646fe0e7274434f28efb43e06e64f0698caca42f4e6018a455736c482a017e2b13dac4a90faa109f0e87cc94e3efb649692456463ca74aa6ad4bf50c1acb0000000000000005375e528285544d0064b98646f3109e9a4942ce42c6e7ec84b664f6c2770803f10baa804a707f0a1fcbfc309381aeba191950bae71f37f1eb7ceeffb3c0547ac6571603adbfde4c8b5f8d7f4b854441613633b48865b65bdc415e1e0dcf672d68cf4cebf04f4bc1eebf560a26d34d3757b1450fdb0a9a69f432e277f3a0386eb2bd3305c821c64757f786b79fef54dbe64c67d73934bc80b2133fb3c04cc7ea48bf97a6243c9f95dcbddecf45f008f1822c7868e1ff5a3cff5d6b6898335792749df7b1f51e91f8c1c3b1b93b33aaa3fab69cef08a9f6f6cf39dea3d878b2ed42545421970cc426e644332bc956d1c6adefdf0ede2c5c94aa632646ae225accdf031f611d01622921f1b922a5ac887cca3136133dce8d9f5f4da7bed2ea5d94362200000000000000000000f296b0c1484e5f781ad26bff696b05ff0a5e2270e07618b04273bd4075ea38ab463bfa6a38e7c537498ba3e4df8dfc9e040000003c3ffad44d2a376def42e41e9fc31678257e040fa7cf32c221aaac08000000000000001a00000000000000000000173570f0c11ae694b0f7a4f9c2f6790044a357e785af6e153d5f1ea460af92c7cbbd6295afe740f5e154346d483e0d641ef02e4d5295d756e110522a7a945b93fb705b95b6aae27a8fb33732ce1da1c0b1af8eb9222a06e984ab1e6984c8bdc12360627137ab67b6b68ab08acb29a74dc36b51209cfbc87f61182bbeb2772e9d5a1ffc477179be481efe46a4ce86be0b1d8eee42a611a3d44ca450b14586ed63dd92005c79e4a8ab8a94f0c6cb4bed8594a39bd76d3ef8a7ab014e787596db796bd93a36c2880423291e3bccc86f66ba792ff4d87b3f80e5908779e51c5e9055fc5b23605cd000c723187ef09dcf4b07b06a9342f3f62ee7acddff292082c1f4d8eb9561f80873a09a1ae0c9af1121175e5600f43a1179484502009759264a5729f07c2b218fa36ba2316a99aaad0130df83d0bda1e711290f78c143ea143967b00adcd77e6ad5e48d839ea61aadb83e4d071c54691924a3830d3e7b5c198bb0ed623153590000000000000000004b985ea1702f34f2f85b168c083e810ed567e3f1979b9ed1a4bf6a10dac825c96a0828b335de445a4880bb6474157efd1a72ca46ae4cbe3ab648c9bc4867a5a4cb87d7d6d55475b34b3cb6aa9e2337d4e04a37e35109752522ac9b186ddd80c47da6a2f4ef7bb909c975520000000000000000000000219cf5c1376ab33786f6b856d354e90a"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffff97, 0x10, &(0x7f00000000c0), 0xfffffffffffffd00}, 0x48)

01:16:19 executing program 4:
syz_clone(0x75848400, 0x0, 0xf00000000000000, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

01:16:19 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0) (async)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4) (async)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2) (async)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3) (async)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(r2, &(0x7f00000000c0)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
openat$cgroup_ro(r2, 0x0, 0x0, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0) (async)
r5 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa}, 0x8}, 0x90)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff) (async)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16) (async)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0)
socketpair(0x0, 0x0, 0x0, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc) (async)
r7 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18c25fd1f45e9059827d3f7423e3b5d69cce000000000000000000"], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r6, r7]}, 0x80)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a80)={0x18, 0xa, &(0x7f00000005c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x80800000, 0x0, 0x0, 0x0, 0xca}, [@jmp={0x5, 0x0, 0x1, 0x6, 0x6, 0xffffffffffffffe0, 0x4}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffb}, @call={0x85, 0x0, 0x0, 0x89}, @map_fd={0x18, 0x3}, @map_idx={0x18, 0x7, 0x5, 0x0, 0x4}]}, &(0x7f00000002c0)='GPL\x00', 0x3f, 0x86, &(0x7f0000000700)=""/134, 0x41100, 0x56, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000880)={0x1, 0x2, 0x2, 0x1f}, 0x10, 0x0, 0x0, 0x7, &(0x7f0000000940)=[0xffffffffffffffff], &(0x7f0000000980)=[{0x3, 0x3, 0xc, 0xc}, {0x0, 0x5, 0xd, 0x6}, {0x4, 0x2, 0xf, 0xa}, {0x4, 0x4, 0x0, 0x5}, {0x5, 0x3, 0x6, 0x5}, {0x3, 0x5, 0x10, 0x5}, {0x0, 0x3, 0x8, 0x2}], 0x10, 0x3}, 0x90) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a80)={0x18, 0xa, &(0x7f00000005c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x80800000, 0x0, 0x0, 0x0, 0xca}, [@jmp={0x5, 0x0, 0x1, 0x6, 0x6, 0xffffffffffffffe0, 0x4}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffb}, @call={0x85, 0x0, 0x0, 0x89}, @map_fd={0x18, 0x3}, @map_idx={0x18, 0x7, 0x5, 0x0, 0x4}]}, &(0x7f00000002c0)='GPL\x00', 0x3f, 0x86, &(0x7f0000000700)=""/134, 0x41100, 0x56, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000880)={0x1, 0x2, 0x2, 0x1f}, 0x10, 0x0, 0x0, 0x7, &(0x7f0000000940)=[0xffffffffffffffff], &(0x7f0000000980)=[{0x3, 0x3, 0xc, 0xc}, {0x0, 0x5, 0xd, 0x6}, {0x4, 0x2, 0xf, 0xa}, {0x4, 0x4, 0x0, 0x5}, {0x5, 0x3, 0x6, 0x5}, {0x3, 0x5, 0x10, 0x5}, {0x0, 0x3, 0x8, 0x2}], 0x10, 0x3}, 0x90)
r8 = bpf$ITER_CREATE(0x21, &(0x7f0000000180)={r0}, 0x8)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x2, &(0x7f0000000000)=@raw=[@map_val={0x18, 0xa, 0x2, 0x0, r0, 0x0, 0x0, 0x0, 0x2}], &(0x7f0000000100)='syzkaller\x00', 0xa1, 0x0, 0x0, 0x40f00, 0x7, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000140)={0x2, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=[r0, r2, r2, 0xffffffffffffffff, 0xffffffffffffffff, r5, r8], 0x0, 0x10, 0xfe99}, 0x90)
r9 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
close(r9)

[ 1144.287606][T28215] FAULT_INJECTION: forcing a failure.
[ 1144.287606][T28215] name failslab, interval 1, probability 0, space 0, times 0
[ 1144.329680][T28215] CPU: 0 PID: 28215 Comm: syz-executor.2 Tainted: G        W         5.15.132-syzkaller-01173-g754f8cc9b7de #0
[ 1144.341238][T28215] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023
[ 1144.351128][T28215] Call Trace:
[ 1144.354253][T28215]  <TASK>
[ 1144.357029][T28215]  dump_stack_lvl+0x151/0x1b7
[ 1144.361544][T28215]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 1144.367011][T28215]  dump_stack+0x15/0x17
[ 1144.371000][T28215]  should_fail+0x3c6/0x510
[ 1144.375255][T28215]  __should_failslab+0xa4/0xe0
[ 1144.379855][T28215]  ? vm_area_dup+0x26/0x230
[ 1144.384194][T28215]  should_failslab+0x9/0x20
[ 1144.388535][T28215]  slab_pre_alloc_hook+0x37/0xd0
[ 1144.393310][T28215]  ? vm_area_dup+0x26/0x230
[ 1144.397647][T28215]  kmem_cache_alloc+0x44/0x200
[ 1144.402252][T28215]  vm_area_dup+0x26/0x230
[ 1144.406430][T28215]  copy_mm+0x9a1/0x13e0
[ 1144.410408][T28215]  ? copy_signal+0x610/0x610
[ 1144.414832][T28215]  ? __init_rwsem+0xd6/0x1c0
[ 1144.419258][T28215]  ? copy_signal+0x4e3/0x610
[ 1144.423689][T28215]  copy_process+0x12bc/0x3260
[ 1144.428196][T28215]  ? proc_fail_nth_write+0x20b/0x290
[ 1144.433314][T28215]  ? fsnotify_perm+0x6a/0x5d0
[ 1144.437829][T28215]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1144.442773][T28215]  ? vfs_write+0x9ec/0x1110
[ 1144.447114][T28215]  kernel_clone+0x21e/0x9e0
[ 1144.451456][T28215]  ? file_end_write+0x1c0/0x1c0
[ 1144.456140][T28215]  ? create_io_thread+0x1e0/0x1e0
[ 1144.461001][T28215]  ? mutex_unlock+0xb2/0x260
[ 1144.465429][T28215]  ? __mutex_lock_slowpath+0x10/0x10
[ 1144.470549][T28215]  __x64_sys_clone+0x23f/0x290
[ 1144.475148][T28215]  ? __do_sys_vfork+0x130/0x130
[ 1144.479833][T28215]  ? ksys_write+0x260/0x2c0
[ 1144.484176][T28215]  ? debug_smp_processor_id+0x17/0x20
[ 1144.489393][T28215]  ? fpregs_assert_state_consistent+0xb6/0xe0
[ 1144.495283][T28215]  ? exit_to_user_mode_prepare+0x39/0xa0
[ 1144.500751][T28215]  do_syscall_64+0x3d/0xb0
[ 1144.505005][T28215]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1144.510732][T28215] RIP: 0033:0x7f7962f04ae9
[ 1144.514986][T28215] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 1144.534437][T28215] RSP: 002b:00007f7961c87078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1144.542671][T28215] RAX: ffffffffffffffda RBX: 00007f7963023f80 RCX: 00007f7962f04ae9
[ 1144.550481][T28215] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000075848400
[ 1144.558295][T28215] RBP: 00007f7961c87120 R08: 0000000000000000 R09: 0000000000000000
[ 1144.566102][T28215] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
01:16:19 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
r0 = bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r1 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r1, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r2 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r5)
openat$cgroup_ro(r3, 0x0, 0x0, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r2, 0x8, &(0x7f0000000240)={0xa}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x38}, 0x90)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff)
openat$cgroup_ro(r0, &(0x7f0000000000)='memory.swap.current\x00', 0x0, 0x0)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0)
socketpair(0x0, 0x0, 0x0, 0x0)
r6 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
close(r6)

[ 1144.573915][T28215] R13: 000000000000000b R14: 00007f7963023f80 R15: 00007ffde0e39ef8
[ 1144.581731][T28215]  </TASK>
01:16:19 executing program 1:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x75848400, 0x0, 0x8, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000ec0)={0x1d, 0x0, 0x0, &(0x7f0000000280)='syzkaller\x00', 0x8e07, 0x9a, &(0x7f0000000d80)=""/154, 0x41100, 0x5, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0xfffffffffffffffc, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000e80)=[{}]}, 0x90)

01:16:19 executing program 2:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 53)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00'}, 0x10)

01:16:20 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) (async)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff) (async)
r0 = bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8) (async)
r1 = bpf$ITER_CREATE(0x21, 0x0, 0x0) (async)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r1, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0) (async)
r2 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4) (async)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3) (async)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4) (async)
r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r5) (async)
openat$cgroup_ro(r3, 0x0, 0x0, 0x0) (async)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r2, 0x8, &(0x7f0000000240)={0xa}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x38}, 0x90) (async)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff)
openat$cgroup_ro(r0, &(0x7f0000000000)='memory.swap.current\x00', 0x0, 0x0) (async)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0)
socketpair(0x0, 0x0, 0x0, 0x0) (async)
r6 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
close(r6)

01:16:20 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) (async)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0) (async)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff) (async)
r0 = bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r1 = bpf$ITER_CREATE(0x21, 0x0, 0x0) (async)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r1, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0) (async)
r2 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4) (async)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3) (async)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4) (async)
r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r5) (async)
openat$cgroup_ro(r3, 0x0, 0x0, 0x0) (async)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r2, 0x8, &(0x7f0000000240)={0xa}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x38}, 0x90) (async)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff) (async)
openat$cgroup_ro(r0, &(0x7f0000000000)='memory.swap.current\x00', 0x0, 0x0) (async)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16) (async)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0) (async)
socketpair(0x0, 0x0, 0x0, 0x0) (async)
r6 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
close(r6)

01:16:20 executing program 4:
syz_clone(0x75848400, 0x0, 0x1f00000000000000, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

01:16:20 executing program 0:
syz_clone(0x75848400, 0x0, 0x10fff, 0x0, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00', r0}, 0x10)

01:16:20 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
r0 = bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r1 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x7f, 0x3, 0x81, 0xe3, 0x0, 0x4, 0x88000, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x200, 0x4, @perf_bp={&(0x7f0000000000), 0xa}, 0xc00, 0x1, 0x2, 0x3, 0x9, 0x2, 0x401, 0x0, 0xae4, 0x0, 0x100}, 0x0, 0x6, r0, 0x3)
openat$cgroup_procs(r1, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r2 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r5)
openat$cgroup_ro(r3, 0x0, 0x0, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r2, 0x8, &(0x7f0000000240)={0xa}, 0x8}, 0x90)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0)
socketpair(0x0, 0x0, 0x0, 0x0)
r6 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
close(r6)

01:16:20 executing program 1:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x75848400, 0x0, 0x9, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000ec0)={0x1d, 0x0, 0x0, &(0x7f0000000280)='syzkaller\x00', 0x8e07, 0x9a, &(0x7f0000000d80)=""/154, 0x41100, 0x5, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0xfffffffffffffffc, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000e80)=[{}]}, 0x90)

[ 1145.166271][T28270] FAULT_INJECTION: forcing a failure.
[ 1145.166271][T28270] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1145.202509][T28270] CPU: 0 PID: 28270 Comm: syz-executor.2 Tainted: G        W         5.15.132-syzkaller-01173-g754f8cc9b7de #0
[ 1145.214066][T28270] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023
[ 1145.223964][T28270] Call Trace:
[ 1145.227081][T28270]  <TASK>
[ 1145.229859][T28270]  dump_stack_lvl+0x151/0x1b7
[ 1145.234373][T28270]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 1145.239844][T28270]  dump_stack+0x15/0x17
[ 1145.243834][T28270]  should_fail+0x3c6/0x510
[ 1145.248086][T28270]  should_fail_alloc_page+0x5a/0x80
[ 1145.253120][T28270]  prepare_alloc_pages+0x15c/0x700
[ 1145.258069][T28270]  ? __alloc_pages+0x5e0/0x5e0
[ 1145.262669][T28270]  ? __alloc_pages_bulk+0xe60/0xe60
[ 1145.267707][T28270]  __alloc_pages+0x138/0x5e0
[ 1145.272130][T28270]  ? prep_new_page+0x110/0x110
[ 1145.276731][T28270]  ? 0xffffffffa0028cc8
[ 1145.280721][T28270]  ? is_bpf_text_address+0x172/0x190
[ 1145.285844][T28270]  pte_alloc_one+0x73/0x1b0
[ 1145.290183][T28270]  ? pfn_modify_allowed+0x2f0/0x2f0
[ 1145.295215][T28270]  ? arch_stack_walk+0xf3/0x140
[ 1145.299903][T28270]  __pte_alloc+0x86/0x350
[ 1145.304074][T28270]  ? free_pgtables+0x280/0x280
[ 1145.308668][T28270]  ? _raw_spin_lock+0xa4/0x1b0
[ 1145.313271][T28270]  ? __kasan_check_write+0x14/0x20
[ 1145.318218][T28270]  copy_page_range+0x28a8/0x2f90
[ 1145.322990][T28270]  ? __kasan_slab_alloc+0xb1/0xe0
[ 1145.327860][T28270]  ? pfn_valid+0x1e0/0x1e0
[ 1145.332104][T28270]  ? vma_gap_callbacks_rotate+0x1e2/0x210
[ 1145.337744][T28270]  ? __rb_insert_augmented+0x5de/0x610
[ 1145.343043][T28270]  copy_mm+0xc7e/0x13e0
[ 1145.347033][T28270]  ? copy_signal+0x610/0x610
[ 1145.351457][T28270]  ? __init_rwsem+0xd6/0x1c0
[ 1145.355888][T28270]  ? copy_signal+0x4e3/0x610
[ 1145.360308][T28270]  copy_process+0x12bc/0x3260
[ 1145.364823][T28270]  ? proc_fail_nth_write+0x20b/0x290
[ 1145.369942][T28270]  ? fsnotify_perm+0x6a/0x5d0
[ 1145.374455][T28270]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1145.379403][T28270]  ? vfs_write+0x9ec/0x1110
[ 1145.383746][T28270]  kernel_clone+0x21e/0x9e0
[ 1145.388079][T28270]  ? file_end_write+0x1c0/0x1c0
[ 1145.392772][T28270]  ? create_io_thread+0x1e0/0x1e0
[ 1145.397627][T28270]  ? mutex_unlock+0xb2/0x260
[ 1145.402060][T28270]  ? __mutex_lock_slowpath+0x10/0x10
[ 1145.407177][T28270]  __x64_sys_clone+0x23f/0x290
[ 1145.411769][T28270]  ? __do_sys_vfork+0x130/0x130
[ 1145.416456][T28270]  ? ksys_write+0x260/0x2c0
[ 1145.420799][T28270]  ? debug_smp_processor_id+0x17/0x20
[ 1145.426002][T28270]  ? fpregs_assert_state_consistent+0xb6/0xe0
[ 1145.431906][T28270]  ? exit_to_user_mode_prepare+0x39/0xa0
[ 1145.437372][T28270]  do_syscall_64+0x3d/0xb0
[ 1145.441628][T28270]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1145.447353][T28270] RIP: 0033:0x7f7962f04ae9
[ 1145.451607][T28270] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 1145.471048][T28270] RSP: 002b:00007f7961c87078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1145.479291][T28270] RAX: ffffffffffffffda RBX: 00007f7963023f80 RCX: 00007f7962f04ae9
[ 1145.487103][T28270] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000075848400
[ 1145.494936][T28270] RBP: 00007f7961c87120 R08: 0000000000000000 R09: 0000000000000000
[ 1145.502727][T28270] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1145.510537][T28270] R13: 000000000000000b R14: 00007f7963023f80 R15: 00007ffde0e39ef8
01:16:20 executing program 5:
r0 = bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
ioctl$TUNSETIFF(r0, 0x400454ca, 0x0) (async, rerun: 32)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0) (async, rerun: 32)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec85000000750000000400000007"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000780)={0xffffffffffffffff, 0x0, 0x0}, 0x10)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000009c0)={0xffffffffffffffff, 0x6}, 0xc)
openat$cgroup(0xffffffffffffffff, 0x0, 0x200002, 0x0)
r1 = perf_event_open$cgroup(&(0x7f0000000440)={0x3, 0x80, 0x46, 0x7, 0x1f, 0x0, 0x0, 0x3, 0x42010, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x3, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x8, 0x1, @perf_config_ext={0x0, 0x8}, 0x8, 0x269, 0x9, 0x9, 0x7, 0x1, 0x5, 0x0, 0x3, 0x0, 0x6}, r0, 0xd, r0, 0xc)
perf_event_open(&(0x7f00000003c0)={0x3, 0x80, 0x9e, 0x67, 0x3f, 0xab, 0x0, 0x1, 0x1203, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x4, 0x0, @perf_bp={&(0x7f0000000140), 0x8}, 0x8, 0x0, 0x80, 0x3, 0x100000001, 0x7, 0x6f16, 0x0, 0x9, 0x0, 0x2}, 0x0, 0xb, r1, 0x1) (async)
bpf$MAP_CREATE(0x0, 0x0, 0x0) (async)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000980), 0x8)
bpf$OBJ_GET_MAP(0x7, 0x0, 0x0)
r2 = openat$tun(0xffffffffffffff9c, 0x0, 0x2900, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000240)={'team_slave_1\x00', 0x20}) (async, rerun: 64)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) (rerun: 64)
perf_event_open(&(0x7f00000000c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x2, 0xe, &(0x7f0000000ac0)=ANY=[@ANYBLOB="b700000062000000bca30000000000002403000020feffff720af0fff8ffffff71a4f0ff000000001f030000000000002e100200000000002604fdffff02000014010000000000001d130000000000007a0a00fe0000001f0f14000000000000b503f7fff80000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e5181554a090f300020000fe275daf51efd601b6bf01c8e8b1b526375ee4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e65440000000000000000028610643a98d9ec21ead2ed51b104d4d91af25b845b9f7d08d123deda88c658d42ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff61623604000000000000006a89adaf17b0a6041bdeebdfd1f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564163427afea62d84f3a10076443d643649393bf52d2105bd901128c7e0ec82701c8204a1deeed4155617572652d950ad31928b0b036dc2869f478341d02d0f5ad94b081fcd507acb4b9c67382f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdbb9893a5de817101ab062cd54e67051d355d84ce97bb0c6b6a595e487a2cc47c0efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599dd273863be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d91c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566d674e425da5e7f009602a9f61d3804b3e0a1053abdc31282dfb15eb6841bb64a1b3045024a982f3c48153baae244e7bf573eac34b781337ad5905c6bbf1137548c7f1a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a90144022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afcc829ba0f85da6d888f18ea40ab959f6074ab2a40d85d1501783a7ab540b8d7b4ead35a385e0b4a26b702396df7e0c1e02b88c114f244a9bf93f04bf072f0861f5c0b000000000000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba3401e6a52acb11883ad2a3b1832371fe5bc621426d1ed01b389708165b9cdbae2ed9dc7358f0ebadde0b727f27feeb7464dcd857ab15e355713767c536cbae2f5c7d951680f6f2f9a6a8346962a350845ffa0d82884f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010ae20e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ced301efeb6dc5f6a9037d2283c42efc54fa84323afc4c10eff462c8843187f1dd48ef0981000000000000ff0f40b1888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f908ba7554ba583ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fc08001011e32f80fb60e14b9eee094277bbc170882c8890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e3f753b639a924599c1f69219927ea5301fff0a6063d427180d61542c2571f983e96635600000554f327a3535e7c7542799493c31ac05a7b57f03ca91a01ba2a30ca99e969d6fd09dc28ebc15edb4d91675767999d146aef7799738b292fd64bb25b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a794963342aece449a0d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b6ef9d12096833d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ecab5d232f89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a05e41f6016ab5bbe4fe7ff5d785d0128171c90d9900ca2532b0f9d01c4b45294fbba468df3e1b393cb4e62e753b4172ba7ac1f2b51c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a881192292ffff5392ab3d1311b82432662806add87047f601fa888400000000000000000000000000006acc19808d7cf29bc974b0ea92499a41b9b9a7c2bca311a28ee4952f2d325a56397c78f12205db653a536f9f3322405d1efd78e578dc6b3fb84f3738a4b6caa800000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf79a43746979f99f6a1527f004f1e37a3926937e84fb478199dc1020f4beb98b8074bf7df8b5e783637da740800000000000000c55a4385e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae633d44086b3f03b20d546fa66a72e38207c9d20035abc46271a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1db18c472dafc5569adc282928d2a1ffe29f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a6a274000000000000000000000000000000000000000000000009dd14b38f2f4426d7cf5075047c31f6ce6adddfe3ac649c0643c8bfbeb14ba1fd7a485aa893915cf81e29aaf375e904bbe52691a4100260ffcd8f1d04166d291ebcef893e1b9ccb6797d0646fe0e7274434f28efb43e06e64f0698caca42f4e6018a455736c482a017e2b13dac4a90faa109f0e87cc94e3efb649692456463ca74aa6ad4bf50c1acb0000000000000005375e528285544d0064b98646f3109e9a4942ce42c6e7ec84b664f6c2770803f10baa804a707f0a1fcbfc309381aeba191950bae71f37f1eb7ceeffb3c0547ac6571603adbfde4c8b5f8d7f4b854441613633b48865b65bdc415e1e0dcf672d68cf4cebf04f4bc1eebf560a26d34d3757b1450fdb0a9a69f432e277f3a0386eb2bd3305c821c64757f786b79fef54dbe64c67d73934bc80b2133fb3c04cc7ea48bf97a6243c9f95dcbddecf45f008f1822c7868e1ff5a3cff5d6b6898335792749df7b1f51e91f8c1c3b1b93b33aaa3fab69cef08a9f6f6cf39dea3d878b2ed42545421970cc426e644332bc956d1c6adefdf0ede2c5c94aa632646ae225accdf031f611d01622921f1b922a5ac887cca3136133dce8d9f5f4da7bed2ea5d94362200000000000000000000f296b0c1484e5f781ad26bff696b05ff0a5e2270e07618b04273bd4075ea38ab463bfa6a38e7c537498ba3e4df8dfc9e040000003c3ffad44d2a376def42e41e9fc31678257e040fa7cf32c221aaac08000000000000001a00000000000000000000173570f0c11ae694b0f7a4f9c2f6790044a357e785af6e153d5f1ea460af92c7cbbd6295afe740f5e154346d483e0d641ef02e4d5295d756e110522a7a945b93fb705b95b6aae27a8fb33732ce1da1c0b1af8eb9222a06e984ab1e6984c8bdc12360627137ab67b6b68ab08acb29a74dc36b51209cfbc87f61182bbeb2772e9d5a1ffc477179be481efe46a4ce86be0b1d8eee42a611a3d44ca450b14586ed63dd92005c79e4a8ab8a94f0c6cb4bed8594a39bd76d3ef8a7ab014e787596db796bd93a36c2880423291e3bccc86f66ba792ff4d87b3f80e5908779e51c5e9055fc5b23605cd000c723187ef09dcf4b07b06a9342f3f62ee7acddff292082c1f4d8eb9561f80873a09a1ae0c9af1121175e5600f43a1179484502009759264a5729f07c2b218fa36ba2316a99aaad0130df83d0bda1e711290f78c143ea143967b00adcd77e6ad5e48d839ea61aadb83e4d071c54691924a3830d3e7b5c198bb0ed623153590000000000000000004b985ea1702f34f2f85b168c083e810ed567e3f1979b9ed1a4bf6a10dac825c96a0828b335de445a4880bb6474157efd1a72ca46ae4cbe3ab648c9bc4867a5a4cb87d7d6d55475b34b3cb6aa9e2337d4e04a37e35109752522ac9b186ddd80c47da6a2f4ef7bb909c975520000000000000000000000219cf5c1376ab33786f6b856d354e90a"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffff97, 0x10, &(0x7f00000000c0), 0xfffffffffffffd00}, 0x48)

01:16:20 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) (async)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0) (async)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff) (async)
r0 = bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r1 = bpf$ITER_CREATE(0x21, 0x0, 0x0) (async)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0) (async)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x7f, 0x3, 0x81, 0xe3, 0x0, 0x4, 0x88000, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x200, 0x4, @perf_bp={&(0x7f0000000000), 0xa}, 0xc00, 0x1, 0x2, 0x3, 0x9, 0x2, 0x401, 0x0, 0xae4, 0x0, 0x100}, 0x0, 0x6, r0, 0x3)
openat$cgroup_procs(r1, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0) (async)
r2 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3) (async)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4) (async)
r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r5) (async)
openat$cgroup_ro(r3, 0x0, 0x0, 0x0) (async)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r2, 0x8, &(0x7f0000000240)={0xa}, 0x8}, 0x90) (async)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff) (async)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16) (async)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0)
socketpair(0x0, 0x0, 0x0, 0x0) (async)
r6 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
close(r6)

01:16:20 executing program 1:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x75848400, 0x0, 0xf, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000ec0)={0x1d, 0x0, 0x0, &(0x7f0000000280)='syzkaller\x00', 0x8e07, 0x9a, &(0x7f0000000d80)=""/154, 0x41100, 0x5, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0xfffffffffffffffc, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000e80)=[{}]}, 0x90)

[ 1145.518361][T28270]  </TASK>
01:16:20 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff) (async)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8) (async)
r0 = bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r1 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x7f, 0x3, 0x81, 0xe3, 0x0, 0x4, 0x88000, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x200, 0x4, @perf_bp={&(0x7f0000000000), 0xa}, 0xc00, 0x1, 0x2, 0x3, 0x9, 0x2, 0x401, 0x0, 0xae4, 0x0, 0x100}, 0x0, 0x6, r0, 0x3)
openat$cgroup_procs(r1, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r2 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0) (async)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0) (async)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4) (async)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r5) (async)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r5)
openat$cgroup_ro(r3, 0x0, 0x0, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r2, 0x8, &(0x7f0000000240)={0xa}, 0x8}, 0x90)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0)
socketpair(0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) (async)
r6 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
close(r6)

01:16:20 executing program 4:
syz_clone(0x75848400, 0x0, 0x2000000000000000, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

01:16:20 executing program 2:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 54)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00'}, 0x10)

01:16:20 executing program 0:
syz_clone(0x75848400, 0x0, 0x20200, 0x0, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00', r0}, 0x10)

01:16:20 executing program 5:
r0 = bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
ioctl$TUNSETIFF(r0, 0x400454ca, 0x0)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec85000000750000000400000007"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000780)={0xffffffffffffffff, 0x0, 0x0}, 0x10) (async)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000009c0)={0xffffffffffffffff, 0x6}, 0xc)
openat$cgroup(0xffffffffffffffff, 0x0, 0x200002, 0x0) (async)
r1 = perf_event_open$cgroup(&(0x7f0000000440)={0x3, 0x80, 0x46, 0x7, 0x1f, 0x0, 0x0, 0x3, 0x42010, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x3, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x8, 0x1, @perf_config_ext={0x0, 0x8}, 0x8, 0x269, 0x9, 0x9, 0x7, 0x1, 0x5, 0x0, 0x3, 0x0, 0x6}, r0, 0xd, r0, 0xc)
perf_event_open(&(0x7f00000003c0)={0x3, 0x80, 0x9e, 0x67, 0x3f, 0xab, 0x0, 0x1, 0x1203, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x4, 0x0, @perf_bp={&(0x7f0000000140), 0x8}, 0x8, 0x0, 0x80, 0x3, 0x100000001, 0x7, 0x6f16, 0x0, 0x9, 0x0, 0x2}, 0x0, 0xb, r1, 0x1) (async)
bpf$MAP_CREATE(0x0, 0x0, 0x0) (async)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000980), 0x8) (async)
bpf$OBJ_GET_MAP(0x7, 0x0, 0x0) (async)
r2 = openat$tun(0xffffffffffffff9c, 0x0, 0x2900, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000240)={'team_slave_1\x00', 0x20}) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) (async)
perf_event_open(&(0x7f00000000c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x2, 0xe, &(0x7f0000000ac0)=ANY=[@ANYBLOB="b700000062000000bca30000000000002403000020feffff720af0fff8ffffff71a4f0ff000000001f030000000000002e100200000000002604fdffff02000014010000000000001d130000000000007a0a00fe0000001f0f14000000000000b503f7fff80000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e5181554a090f300020000fe275daf51efd601b6bf01c8e8b1b526375ee4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e65440000000000000000028610643a98d9ec21ead2ed51b104d4d91af25b845b9f7d08d123deda88c658d42ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff61623604000000000000006a89adaf17b0a6041bdeebdfd1f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564163427afea62d84f3a10076443d643649393bf52d2105bd901128c7e0ec82701c8204a1deeed4155617572652d950ad31928b0b036dc2869f478341d02d0f5ad94b081fcd507acb4b9c67382f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdbb9893a5de817101ab062cd54e67051d355d84ce97bb0c6b6a595e487a2cc47c0efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599dd273863be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d91c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566d674e425da5e7f009602a9f61d3804b3e0a1053abdc31282dfb15eb6841bb64a1b3045024a982f3c48153baae244e7bf573eac34b781337ad5905c6bbf1137548c7f1a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a90144022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afcc829ba0f85da6d888f18ea40ab959f6074ab2a40d85d1501783a7ab540b8d7b4ead35a385e0b4a26b702396df7e0c1e02b88c114f244a9bf93f04bf072f0861f5c0b000000000000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba3401e6a52acb11883ad2a3b1832371fe5bc621426d1ed01b389708165b9cdbae2ed9dc7358f0ebadde0b727f27feeb7464dcd857ab15e355713767c536cbae2f5c7d951680f6f2f9a6a8346962a350845ffa0d82884f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010ae20e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ced301efeb6dc5f6a9037d2283c42efc54fa84323afc4c10eff462c8843187f1dd48ef0981000000000000ff0f40b1888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f908ba7554ba583ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fc08001011e32f80fb60e14b9eee094277bbc170882c8890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e3f753b639a924599c1f69219927ea5301fff0a6063d427180d61542c2571f983e96635600000554f327a3535e7c7542799493c31ac05a7b57f03ca91a01ba2a30ca99e969d6fd09dc28ebc15edb4d91675767999d146aef7799738b292fd64bb25b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a794963342aece449a0d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b6ef9d12096833d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ecab5d232f89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a05e41f6016ab5bbe4fe7ff5d785d0128171c90d9900ca2532b0f9d01c4b45294fbba468df3e1b393cb4e62e753b4172ba7ac1f2b51c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a881192292ffff5392ab3d1311b82432662806add87047f601fa888400000000000000000000000000006acc19808d7cf29bc974b0ea92499a41b9b9a7c2bca311a28ee4952f2d325a56397c78f12205db653a536f9f3322405d1efd78e578dc6b3fb84f3738a4b6caa800000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf79a43746979f99f6a1527f004f1e37a3926937e84fb478199dc1020f4beb98b8074bf7df8b5e783637da740800000000000000c55a4385e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae633d44086b3f03b20d546fa66a72e38207c9d20035abc46271a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1db18c472dafc5569adc282928d2a1ffe29f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a6a274000000000000000000000000000000000000000000000009dd14b38f2f4426d7cf5075047c31f6ce6adddfe3ac649c0643c8bfbeb14ba1fd7a485aa893915cf81e29aaf375e904bbe52691a4100260ffcd8f1d04166d291ebcef893e1b9ccb6797d0646fe0e7274434f28efb43e06e64f0698caca42f4e6018a455736c482a017e2b13dac4a90faa109f0e87cc94e3efb649692456463ca74aa6ad4bf50c1acb0000000000000005375e528285544d0064b98646f3109e9a4942ce42c6e7ec84b664f6c2770803f10baa804a707f0a1fcbfc309381aeba191950bae71f37f1eb7ceeffb3c0547ac6571603adbfde4c8b5f8d7f4b854441613633b48865b65bdc415e1e0dcf672d68cf4cebf04f4bc1eebf560a26d34d3757b1450fdb0a9a69f432e277f3a0386eb2bd3305c821c64757f786b79fef54dbe64c67d73934bc80b2133fb3c04cc7ea48bf97a6243c9f95dcbddecf45f008f1822c7868e1ff5a3cff5d6b6898335792749df7b1f51e91f8c1c3b1b93b33aaa3fab69cef08a9f6f6cf39dea3d878b2ed42545421970cc426e644332bc956d1c6adefdf0ede2c5c94aa632646ae225accdf031f611d01622921f1b922a5ac887cca3136133dce8d9f5f4da7bed2ea5d94362200000000000000000000f296b0c1484e5f781ad26bff696b05ff0a5e2270e07618b04273bd4075ea38ab463bfa6a38e7c537498ba3e4df8dfc9e040000003c3ffad44d2a376def42e41e9fc31678257e040fa7cf32c221aaac08000000000000001a00000000000000000000173570f0c11ae694b0f7a4f9c2f6790044a357e785af6e153d5f1ea460af92c7cbbd6295afe740f5e154346d483e0d641ef02e4d5295d756e110522a7a945b93fb705b95b6aae27a8fb33732ce1da1c0b1af8eb9222a06e984ab1e6984c8bdc12360627137ab67b6b68ab08acb29a74dc36b51209cfbc87f61182bbeb2772e9d5a1ffc477179be481efe46a4ce86be0b1d8eee42a611a3d44ca450b14586ed63dd92005c79e4a8ab8a94f0c6cb4bed8594a39bd76d3ef8a7ab014e787596db796bd93a36c2880423291e3bccc86f66ba792ff4d87b3f80e5908779e51c5e9055fc5b23605cd000c723187ef09dcf4b07b06a9342f3f62ee7acddff292082c1f4d8eb9561f80873a09a1ae0c9af1121175e5600f43a1179484502009759264a5729f07c2b218fa36ba2316a99aaad0130df83d0bda1e711290f78c143ea143967b00adcd77e6ad5e48d839ea61aadb83e4d071c54691924a3830d3e7b5c198bb0ed623153590000000000000000004b985ea1702f34f2f85b168c083e810ed567e3f1979b9ed1a4bf6a10dac825c96a0828b335de445a4880bb6474157efd1a72ca46ae4cbe3ab648c9bc4867a5a4cb87d7d6d55475b34b3cb6aa9e2337d4e04a37e35109752522ac9b186ddd80c47da6a2f4ef7bb909c975520000000000000000000000219cf5c1376ab33786f6b856d354e90a"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffff97, 0x10, &(0x7f00000000c0), 0xfffffffffffffd00}, 0x48)

01:16:20 executing program 3:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x0, 0x40, 0x80, 0x4, 0x0, 0x6, 0x402, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, @perf_bp={&(0x7f0000000300), 0x4}, 0x8b1a1, 0x4, 0x7, 0x0, 0x7fffffffffffffff, 0x0, 0x3, 0x0, 0xcfb, 0x0, 0x1f}, 0x0, 0x7, 0xffffffffffffffff, 0x8)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r1=>0xffffffffffffffff})
recvmsg$unix(r1, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYRESOCT, @ANYRES32, @ANYBLOB="00000000664e1f3e070669334953398e90e3077dc8887c0f91f6ebe905ed81b6aec16cdbfc5425b2a2546bb70500000000000000de218383d30a53e44ef57228e8003011e786e9fe90000b77af65"], 0x18}, 0x0)
perf_event_open(&(0x7f0000000780)={0x0, 0x80, 0x0, 0x8, 0x23, 0x9, 0x0, 0x79, 0x1000, 0x4, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x4, 0x1, @perf_config_ext={0xda01, 0x20}, 0x18000, 0x8, 0x2, 0x1, 0x0, 0x200, 0x5, 0x0, 0x8, 0x0, 0x6}, 0x0, 0xa, r0, 0x1)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r2 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r2, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r3 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r5)
r6 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r6)
openat$cgroup_ro(r4, 0x0, 0x0, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r3, 0x8, &(0x7f0000000240)={0xa}, 0x8}, 0x90)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff)
recvmsg$unix(r2, &(0x7f0000000400)={&(0x7f00000000c0)=@abs, 0x6e, &(0x7f0000000500)=[{&(0x7f0000000000)=""/50, 0x32}, {&(0x7f0000000140)=""/161, 0xa1}, {&(0x7f00000002c0)=""/1, 0x1}, {&(0x7f0000000300)=""/67, 0x43}, {&(0x7f0000000380)=""/81, 0x51}], 0x5, &(0x7f00000005c0)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x2c, 0x1, 0x1, [<r7=>0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0x108}, 0x40000000)
bpf$MAP_CREATE(0x0, &(0x7f0000000700)=@bloom_filter={0x1e, 0x7fffffff, 0x6f, 0x2, 0x8, r7, 0x82, '\x00', 0x0, r4, 0x0, 0x0, 0x2, 0xc}, 0x48)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0)
socketpair(0x0, 0x0, 0x0, 0x0)
r8 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
close(r8)

[ 1145.766840][T28300] FAULT_INJECTION: forcing a failure.
[ 1145.766840][T28300] name failslab, interval 1, probability 0, space 0, times 0
[ 1145.779465][T28300] CPU: 1 PID: 28300 Comm: syz-executor.2 Tainted: G        W         5.15.132-syzkaller-01173-g754f8cc9b7de #0
[ 1145.791004][T28300] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023
[ 1145.800901][T28300] Call Trace:
[ 1145.804026][T28300]  <TASK>
[ 1145.806802][T28300]  dump_stack_lvl+0x151/0x1b7
[ 1145.811313][T28300]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 1145.816787][T28300]  dump_stack+0x15/0x17
[ 1145.820773][T28300]  should_fail+0x3c6/0x510
[ 1145.825026][T28300]  __should_failslab+0xa4/0xe0
[ 1145.829626][T28300]  ? vm_area_dup+0x26/0x230
[ 1145.833964][T28300]  should_failslab+0x9/0x20
[ 1145.838303][T28300]  slab_pre_alloc_hook+0x37/0xd0
[ 1145.843077][T28300]  ? vm_area_dup+0x26/0x230
[ 1145.847417][T28300]  kmem_cache_alloc+0x44/0x200
[ 1145.852019][T28300]  vm_area_dup+0x26/0x230
[ 1145.856190][T28300]  copy_mm+0x9a1/0x13e0
[ 1145.860182][T28300]  ? copy_signal+0x610/0x610
[ 1145.864604][T28300]  ? __init_rwsem+0xd6/0x1c0
[ 1145.869031][T28300]  ? copy_signal+0x4e3/0x610
[ 1145.873541][T28300]  copy_process+0x12bc/0x3260
[ 1145.878082][T28300]  ? proc_fail_nth_write+0x20b/0x290
[ 1145.883186][T28300]  ? fsnotify_perm+0x6a/0x5d0
[ 1145.887690][T28300]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1145.892649][T28300]  ? vfs_write+0x9ec/0x1110
[ 1145.896979][T28300]  kernel_clone+0x21e/0x9e0
[ 1145.901317][T28300]  ? file_end_write+0x1c0/0x1c0
[ 1145.906000][T28300]  ? create_io_thread+0x1e0/0x1e0
[ 1145.910860][T28300]  ? mutex_unlock+0xb2/0x260
[ 1145.915290][T28300]  ? __mutex_lock_slowpath+0x10/0x10
[ 1145.920410][T28300]  __x64_sys_clone+0x23f/0x290
[ 1145.925014][T28300]  ? __do_sys_vfork+0x130/0x130
[ 1145.929696][T28300]  ? ksys_write+0x260/0x2c0
[ 1145.934038][T28300]  ? debug_smp_processor_id+0x17/0x20
[ 1145.939242][T28300]  ? fpregs_assert_state_consistent+0xb6/0xe0
[ 1145.945146][T28300]  ? exit_to_user_mode_prepare+0x39/0xa0
[ 1145.950614][T28300]  do_syscall_64+0x3d/0xb0
[ 1145.954864][T28300]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1145.960590][T28300] RIP: 0033:0x7f7962f04ae9
[ 1145.964844][T28300] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 1145.984371][T28300] RSP: 002b:00007f7961c87078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1145.992613][T28300] RAX: ffffffffffffffda RBX: 00007f7963023f80 RCX: 00007f7962f04ae9
[ 1146.000516][T28300] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000075848400
[ 1146.008326][T28300] RBP: 00007f7961c87120 R08: 0000000000000000 R09: 0000000000000000
01:16:21 executing program 1:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x75848400, 0x0, 0x41, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000ec0)={0x1d, 0x0, 0x0, &(0x7f0000000280)='syzkaller\x00', 0x8e07, 0x9a, &(0x7f0000000d80)=""/154, 0x41100, 0x5, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0xfffffffffffffffc, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000e80)=[{}]}, 0x90)

01:16:21 executing program 4:
syz_clone(0x75848400, 0x0, 0x3f00000000000000, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

[ 1146.016135][T28300] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1146.023948][T28300] R13: 000000000000000b R14: 00007f7963023f80 R15: 00007ffde0e39ef8
[ 1146.031761][T28300]  </TASK>
01:16:21 executing program 1:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x75848400, 0x0, 0x70, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000ec0)={0x1d, 0x0, 0x0, &(0x7f0000000280)='syzkaller\x00', 0x8e07, 0x9a, &(0x7f0000000d80)=""/154, 0x41100, 0x5, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0xfffffffffffffffc, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000e80)=[{}]}, 0x90)

01:16:21 executing program 4:
syz_clone(0x75848400, 0x0, 0x4000000000000000, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

01:16:21 executing program 2:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 55)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00'}, 0x10)

[ 1146.543784][T28329] FAULT_INJECTION: forcing a failure.
[ 1146.543784][T28329] name failslab, interval 1, probability 0, space 0, times 0
[ 1146.574978][T28329] CPU: 0 PID: 28329 Comm: syz-executor.2 Tainted: G        W         5.15.132-syzkaller-01173-g754f8cc9b7de #0
[ 1146.586529][T28329] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023
[ 1146.596425][T28329] Call Trace:
[ 1146.599556][T28329]  <TASK>
[ 1146.602327][T28329]  dump_stack_lvl+0x151/0x1b7
[ 1146.606840][T28329]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 1146.612312][T28329]  dump_stack+0x15/0x17
[ 1146.616300][T28329]  should_fail+0x3c6/0x510
[ 1146.620553][T28329]  __should_failslab+0xa4/0xe0
[ 1146.625152][T28329]  ? vm_area_dup+0x26/0x230
[ 1146.629491][T28329]  should_failslab+0x9/0x20
[ 1146.633830][T28329]  slab_pre_alloc_hook+0x37/0xd0
[ 1146.638606][T28329]  ? vm_area_dup+0x26/0x230
[ 1146.642944][T28329]  kmem_cache_alloc+0x44/0x200
[ 1146.647552][T28329]  vm_area_dup+0x26/0x230
[ 1146.651714][T28329]  copy_mm+0x9a1/0x13e0
[ 1146.655709][T28329]  ? copy_signal+0x610/0x610
[ 1146.660129][T28329]  ? __init_rwsem+0xd6/0x1c0
[ 1146.664563][T28329]  ? copy_signal+0x4e3/0x610
[ 1146.668981][T28329]  copy_process+0x12bc/0x3260
[ 1146.673499][T28329]  ? proc_fail_nth_write+0x20b/0x290
[ 1146.678615][T28329]  ? fsnotify_perm+0x6a/0x5d0
[ 1146.683131][T28329]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1146.688076][T28329]  ? vfs_write+0x9ec/0x1110
[ 1146.692421][T28329]  kernel_clone+0x21e/0x9e0
[ 1146.696758][T28329]  ? file_end_write+0x1c0/0x1c0
[ 1146.701442][T28329]  ? create_io_thread+0x1e0/0x1e0
[ 1146.706301][T28329]  ? mutex_unlock+0xb2/0x260
[ 1146.710731][T28329]  ? __mutex_lock_slowpath+0x10/0x10
[ 1146.715850][T28329]  __x64_sys_clone+0x23f/0x290
[ 1146.720450][T28329]  ? __do_sys_vfork+0x130/0x130
[ 1146.725136][T28329]  ? ksys_write+0x260/0x2c0
[ 1146.729475][T28329]  ? debug_smp_processor_id+0x17/0x20
[ 1146.734676][T28329]  ? fpregs_assert_state_consistent+0xb6/0xe0
[ 1146.740579][T28329]  ? exit_to_user_mode_prepare+0x39/0xa0
[ 1146.746045][T28329]  do_syscall_64+0x3d/0xb0
[ 1146.750737][T28329]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1146.756461][T28329] RIP: 0033:0x7f7962f04ae9
[ 1146.760714][T28329] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 1146.780159][T28329] RSP: 002b:00007f7961c87078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1146.788398][T28329] RAX: ffffffffffffffda RBX: 00007f7963023f80 RCX: 00007f7962f04ae9
[ 1146.796240][T28329] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000075848400
[ 1146.804023][T28329] RBP: 00007f7961c87120 R08: 0000000000000000 R09: 0000000000000000
[ 1146.811834][T28329] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1146.819648][T28329] R13: 000000000000000b R14: 00007f7963023f80 R15: 00007ffde0e39ef8
[ 1146.827459][T28329]  </TASK>
01:16:22 executing program 3:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x0, 0x40, 0x80, 0x4, 0x0, 0x6, 0x402, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, @perf_bp={&(0x7f0000000300), 0x4}, 0x8b1a1, 0x4, 0x7, 0x0, 0x7fffffffffffffff, 0x0, 0x3, 0x0, 0xcfb, 0x0, 0x1f}, 0x0, 0x7, 0xffffffffffffffff, 0x8) (async)
perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x0, 0x40, 0x80, 0x4, 0x0, 0x6, 0x402, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, @perf_bp={&(0x7f0000000300), 0x4}, 0x8b1a1, 0x4, 0x7, 0x0, 0x7fffffffffffffff, 0x0, 0x3, 0x0, 0xcfb, 0x0, 0x1f}, 0x0, 0x7, 0xffffffffffffffff, 0x8)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r1=>0xffffffffffffffff})
recvmsg$unix(r1, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYRESOCT, @ANYRES32, @ANYBLOB="00000000664e1f3e070669334953398e90e3077dc8887c0f91f6ebe905ed81b6aec16cdbfc5425b2a2546bb70500000000000000de218383d30a53e44ef57228e8003011e786e9fe90000b77af65"], 0x18}, 0x0)
perf_event_open(&(0x7f0000000780)={0x0, 0x80, 0x0, 0x8, 0x23, 0x9, 0x0, 0x79, 0x1000, 0x4, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x4, 0x1, @perf_config_ext={0xda01, 0x20}, 0x18000, 0x8, 0x2, 0x1, 0x0, 0x200, 0x5, 0x0, 0x8, 0x0, 0x6}, 0x0, 0xa, r0, 0x1)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff) (async)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r2 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r2, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0) (async)
openat$cgroup_procs(r2, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4) (async)
r3 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4) (async)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0) (async)
r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r5) (async)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r5)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0) (async)
r6 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r6)
openat$cgroup_ro(r4, 0x0, 0x0, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0) (async)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r3, 0x8, &(0x7f0000000240)={0xa}, 0x8}, 0x90)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff)
recvmsg$unix(r2, &(0x7f0000000400)={&(0x7f00000000c0)=@abs, 0x6e, &(0x7f0000000500)=[{&(0x7f0000000000)=""/50, 0x32}, {&(0x7f0000000140)=""/161, 0xa1}, {&(0x7f00000002c0)=""/1, 0x1}, {&(0x7f0000000300)=""/67, 0x43}, {&(0x7f0000000380)=""/81, 0x51}], 0x5, &(0x7f00000005c0)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x2c, 0x1, 0x1, [<r7=>0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0x108}, 0x40000000)
bpf$MAP_CREATE(0x0, &(0x7f0000000700)=@bloom_filter={0x1e, 0x7fffffff, 0x6f, 0x2, 0x8, r7, 0x82, '\x00', 0x0, r4, 0x0, 0x0, 0x2, 0xc}, 0x48)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0)
socketpair(0x0, 0x0, 0x0, 0x0) (async)
socketpair(0x0, 0x0, 0x0, 0x0)
r8 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
close(r8)

01:16:22 executing program 1:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x75848400, 0x0, 0x700, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000ec0)={0x1d, 0x0, 0x0, &(0x7f0000000280)='syzkaller\x00', 0x8e07, 0x9a, &(0x7f0000000d80)=""/154, 0x41100, 0x5, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0xfffffffffffffffc, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000e80)=[{}]}, 0x90)

01:16:22 executing program 4:
syz_clone(0x75848400, 0x0, 0x4100000000000000, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

01:16:22 executing program 5:
bpf$MAP_CREATE(0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, @perf_bp={0x0}, 0x0, 0x1, 0x0, 0x6}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_clone(0xa103c800, &(0x7f0000000200)="6a14294f80100910b11bfda99e21d12e0b74de2f98716e5b6a5f0aad9cfa3e4f0be9ecae7721e8b5b31fadfee32ad83fc85c9cfaade6863d5b579b7ae239b939ae551d5e2ab0bb80cbb924e0e04266363766d5b8689127fb3fd3e5a6fd55b4839a990c2f2ce7bcc2060ef085abb4d23507e41b3437df515809988fda02508911f886663390e2", 0x86, &(0x7f0000000140), &(0x7f00000002c0), &(0x7f00000003c0)="974d43622d63884d4f3efaa2ee25ea0847daa16ec02811c2c666f0ffaa6120354ad207758894e0db2073dc030e02650bf23d3ac7b27b5a58a213c059b6d3b0a0d9c53e874fe1ddb7b05046fb8217a98a97499e4d195209f1bb8e9e06")
perf_event_open(0x0, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0xa, 0x5, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x340}, [@alu={0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, @jmp={0x5, 0x0, 0x2, 0x0, 0x0, 0xfffffffffffffffe}]}, &(0x7f00000001c0)='GPL\x00'}, 0x80)
r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700)
bpf$OBJ_GET_MAP(0x7, &(0x7f00000004c0)=@generic={0x0}, 0x18)
r2 = bpf$ITER_CREATE(0x21, &(0x7f0000000000)={r1}, 0x8)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000040)={r2, 0x58, &(0x7f00000000c0)}, 0x10)

01:16:22 executing program 0:
syz_clone(0x75848400, 0x0, 0x3ffff, 0x0, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00', r0}, 0x10)

01:16:22 executing program 5:
bpf$MAP_CREATE(0x0, 0x0, 0x0) (async)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, @perf_bp={0x0}, 0x0, 0x1, 0x0, 0x6}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_clone(0xa103c800, &(0x7f0000000200)="6a14294f80100910b11bfda99e21d12e0b74de2f98716e5b6a5f0aad9cfa3e4f0be9ecae7721e8b5b31fadfee32ad83fc85c9cfaade6863d5b579b7ae239b939ae551d5e2ab0bb80cbb924e0e04266363766d5b8689127fb3fd3e5a6fd55b4839a990c2f2ce7bcc2060ef085abb4d23507e41b3437df515809988fda02508911f886663390e2", 0x86, &(0x7f0000000140), &(0x7f00000002c0), &(0x7f00000003c0)="974d43622d63884d4f3efaa2ee25ea0847daa16ec02811c2c666f0ffaa6120354ad207758894e0db2073dc030e02650bf23d3ac7b27b5a58a213c059b6d3b0a0d9c53e874fe1ddb7b05046fb8217a98a97499e4d195209f1bb8e9e06")
perf_event_open(0x0, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0xa, 0x5, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x340}, [@alu={0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, @jmp={0x5, 0x0, 0x2, 0x0, 0x0, 0xfffffffffffffffe}]}, &(0x7f00000001c0)='GPL\x00'}, 0x80) (async)
r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700)
bpf$OBJ_GET_MAP(0x7, &(0x7f00000004c0)=@generic={0x0}, 0x18) (async)
r2 = bpf$ITER_CREATE(0x21, &(0x7f0000000000)={r1}, 0x8)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000040)={r2, 0x58, &(0x7f00000000c0)}, 0x10)

01:16:22 executing program 1:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x75848400, 0x0, 0x900, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000ec0)={0x1d, 0x0, 0x0, &(0x7f0000000280)='syzkaller\x00', 0x8e07, 0x9a, &(0x7f0000000d80)=""/154, 0x41100, 0x5, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0xfffffffffffffffc, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000e80)=[{}]}, 0x90)

01:16:22 executing program 2:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 56)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00'}, 0x10)

[ 1147.529130][T28359] FAULT_INJECTION: forcing a failure.
[ 1147.529130][T28359] name failslab, interval 1, probability 0, space 0, times 0
[ 1147.561383][T28359] CPU: 0 PID: 28359 Comm: syz-executor.2 Tainted: G        W         5.15.132-syzkaller-01173-g754f8cc9b7de #0
[ 1147.572950][T28359] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023
[ 1147.582864][T28359] Call Trace:
[ 1147.585977][T28359]  <TASK>
[ 1147.588749][T28359]  dump_stack_lvl+0x151/0x1b7
[ 1147.593262][T28359]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 1147.598732][T28359]  dump_stack+0x15/0x17
[ 1147.602722][T28359]  should_fail+0x3c6/0x510
[ 1147.606975][T28359]  __should_failslab+0xa4/0xe0
[ 1147.611573][T28359]  ? anon_vma_clone+0x9a/0x500
[ 1147.616174][T28359]  should_failslab+0x9/0x20
[ 1147.620508][T28359]  slab_pre_alloc_hook+0x37/0xd0
[ 1147.625281][T28359]  ? anon_vma_clone+0x9a/0x500
[ 1147.629880][T28359]  kmem_cache_alloc+0x44/0x200
[ 1147.634481][T28359]  anon_vma_clone+0x9a/0x500
[ 1147.638909][T28359]  anon_vma_fork+0x91/0x4e0
[ 1147.643248][T28359]  ? anon_vma_name+0x43/0x70
[ 1147.647676][T28359]  ? vm_area_dup+0x17a/0x230
[ 1147.652097][T28359]  copy_mm+0xa3a/0x13e0
[ 1147.656094][T28359]  ? copy_signal+0x610/0x610
[ 1147.660515][T28359]  ? __init_rwsem+0xd6/0x1c0
[ 1147.664944][T28359]  ? copy_signal+0x4e3/0x610
[ 1147.669371][T28359]  copy_process+0x12bc/0x3260
[ 1147.673883][T28359]  ? proc_fail_nth_write+0x20b/0x290
[ 1147.679003][T28359]  ? fsnotify_perm+0x6a/0x5d0
[ 1147.683515][T28359]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1147.688464][T28359]  ? vfs_write+0x9ec/0x1110
[ 1147.692807][T28359]  kernel_clone+0x21e/0x9e0
[ 1147.697142][T28359]  ? file_end_write+0x1c0/0x1c0
[ 1147.701828][T28359]  ? create_io_thread+0x1e0/0x1e0
[ 1147.706697][T28359]  ? mutex_unlock+0xb2/0x260
[ 1147.711119][T28359]  ? __mutex_lock_slowpath+0x10/0x10
[ 1147.716237][T28359]  __x64_sys_clone+0x23f/0x290
[ 1147.720839][T28359]  ? __do_sys_vfork+0x130/0x130
[ 1147.725524][T28359]  ? ksys_write+0x260/0x2c0
[ 1147.729862][T28359]  ? debug_smp_processor_id+0x17/0x20
[ 1147.735068][T28359]  ? fpregs_assert_state_consistent+0xb6/0xe0
[ 1147.740974][T28359]  ? exit_to_user_mode_prepare+0x39/0xa0
[ 1147.746440][T28359]  do_syscall_64+0x3d/0xb0
[ 1147.750693][T28359]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1147.756426][T28359] RIP: 0033:0x7f7962f04ae9
[ 1147.760674][T28359] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
01:16:23 executing program 3:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x0, 0x40, 0x80, 0x4, 0x0, 0x6, 0x402, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, @perf_bp={&(0x7f0000000300), 0x4}, 0x8b1a1, 0x4, 0x7, 0x0, 0x7fffffffffffffff, 0x0, 0x3, 0x0, 0xcfb, 0x0, 0x1f}, 0x0, 0x7, 0xffffffffffffffff, 0x8)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r1=>0xffffffffffffffff})
recvmsg$unix(r1, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYRESOCT, @ANYRES32, @ANYBLOB="00000000664e1f3e070669334953398e90e3077dc8887c0f91f6ebe905ed81b6aec16cdbfc5425b2a2546bb70500000000000000de218383d30a53e44ef57228e8003011e786e9fe90000b77af65"], 0x18}, 0x0) (async)
recvmsg$unix(r1, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYRESOCT, @ANYRES32, @ANYBLOB="00000000664e1f3e070669334953398e90e3077dc8887c0f91f6ebe905ed81b6aec16cdbfc5425b2a2546bb70500000000000000de218383d30a53e44ef57228e8003011e786e9fe90000b77af65"], 0x18}, 0x0)
perf_event_open(&(0x7f0000000780)={0x0, 0x80, 0x0, 0x8, 0x23, 0x9, 0x0, 0x79, 0x1000, 0x4, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x4, 0x1, @perf_config_ext={0xda01, 0x20}, 0x18000, 0x8, 0x2, 0x1, 0x0, 0x200, 0x5, 0x0, 0x8, 0x0, 0x6}, 0x0, 0xa, r0, 0x1) (async)
perf_event_open(&(0x7f0000000780)={0x0, 0x80, 0x0, 0x8, 0x23, 0x9, 0x0, 0x79, 0x1000, 0x4, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x4, 0x1, @perf_config_ext={0xda01, 0x20}, 0x18000, 0x8, 0x2, 0x1, 0x0, 0x200, 0x5, 0x0, 0x8, 0x0, 0x6}, 0x0, 0xa, r0, 0x1)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0) (async)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
bpf$ITER_CREATE(0x21, 0x0, 0x0) (async)
r2 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r2, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r3 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0) (async)
r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r5)
r6 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r6)
openat$cgroup_ro(r4, 0x0, 0x0, 0x0) (async)
openat$cgroup_ro(r4, 0x0, 0x0, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0) (async)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r3, 0x8, &(0x7f0000000240)={0xa}, 0x8}, 0x90) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r3, 0x8, &(0x7f0000000240)={0xa}, 0x8}, 0x90)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff) (async)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff)
recvmsg$unix(r2, &(0x7f0000000400)={&(0x7f00000000c0)=@abs, 0x6e, &(0x7f0000000500)=[{&(0x7f0000000000)=""/50, 0x32}, {&(0x7f0000000140)=""/161, 0xa1}, {&(0x7f00000002c0)=""/1, 0x1}, {&(0x7f0000000300)=""/67, 0x43}, {&(0x7f0000000380)=""/81, 0x51}], 0x5, &(0x7f00000005c0)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x2c, 0x1, 0x1, [<r7=>0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0x108}, 0x40000000)
bpf$MAP_CREATE(0x0, &(0x7f0000000700)=@bloom_filter={0x1e, 0x7fffffff, 0x6f, 0x2, 0x8, r7, 0x82, '\x00', 0x0, r4, 0x0, 0x0, 0x2, 0xc}, 0x48)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0)
socketpair(0x0, 0x0, 0x0, 0x0) (async)
socketpair(0x0, 0x0, 0x0, 0x0)
r8 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
close(r8)

[ 1147.780117][T28359] RSP: 002b:00007f7961c87078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1147.788359][T28359] RAX: ffffffffffffffda RBX: 00007f7963023f80 RCX: 00007f7962f04ae9
[ 1147.796171][T28359] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000075848400
[ 1147.803982][T28359] RBP: 00007f7961c87120 R08: 0000000000000000 R09: 0000000000000000
[ 1147.811795][T28359] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1147.819604][T28359] R13: 000000000000000b R14: 00007f7963023f80 R15: 00007ffde0e39ef8
[ 1147.827422][T28359]  </TASK>
01:16:23 executing program 5:
bpf$MAP_CREATE(0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, @perf_bp={0x0}, 0x0, 0x1, 0x0, 0x6}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_clone(0xa103c800, &(0x7f0000000200)="6a14294f80100910b11bfda99e21d12e0b74de2f98716e5b6a5f0aad9cfa3e4f0be9ecae7721e8b5b31fadfee32ad83fc85c9cfaade6863d5b579b7ae239b939ae551d5e2ab0bb80cbb924e0e04266363766d5b8689127fb3fd3e5a6fd55b4839a990c2f2ce7bcc2060ef085abb4d23507e41b3437df515809988fda02508911f886663390e2", 0x86, &(0x7f0000000140), &(0x7f00000002c0), &(0x7f00000003c0)="974d43622d63884d4f3efaa2ee25ea0847daa16ec02811c2c666f0ffaa6120354ad207758894e0db2073dc030e02650bf23d3ac7b27b5a58a213c059b6d3b0a0d9c53e874fe1ddb7b05046fb8217a98a97499e4d195209f1bb8e9e06")
perf_event_open(0x0, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0xa, 0x5, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x340}, [@alu={0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, @jmp={0x5, 0x0, 0x2, 0x0, 0x0, 0xfffffffffffffffe}]}, &(0x7f00000001c0)='GPL\x00'}, 0x80)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700) (async)
r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700)
bpf$OBJ_GET_MAP(0x7, &(0x7f00000004c0)=@generic={0x0}, 0x18)
bpf$ITER_CREATE(0x21, &(0x7f0000000000)={r1}, 0x8) (async)
r2 = bpf$ITER_CREATE(0x21, &(0x7f0000000000)={r1}, 0x8)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000040)={r2, 0x58, &(0x7f00000000c0)}, 0x10) (async)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000040)={r2, 0x58, &(0x7f00000000c0)}, 0x10)

01:16:23 executing program 5:
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1df, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x5, 0xc}}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x0, 0x3, &(0x7f0000000640)=ANY=[@ANYBLOB="8b8bb9072df1251799a0e83800000000000010bd697ee4d28407bb9b477c4e4f0558a8650a48d80032a5b3c28d7ec062f7aee703916f3dd8428479325f0d177a8ceac3b6111cb749f49f8d3dd2c198ab26ea0de077ae3031527d087d1ffccd97e739571ad55748caca540b655559b041391421fb72cb5fe89391b0087c4902a3a26941666d53e7ed4d7a6b8629effb82a9dca27e4b79c7c868009df78c55b52d6d3b86c37c76277399ce"], &(0x7f0000000240)='GPL\x00'}, 0x80)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000140)={r0, 0x58, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r1=>0x0}}, 0x10)
r2 = bpf$OBJ_GET_MAP(0x7, 0x0, 0x0)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000740), 0x8)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cpuacct.stat\x00', 0x26e1, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000340)='memory.events.local\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r4, 0x4004662b, &(0x7f00000005c0))
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000a00)=@bpf_ext={0x1c, 0xf, &(0x7f0000000b80)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000540)={0xa, 0x2}, 0x8, 0x10, &(0x7f00000007c0)={0x2, 0x0, 0x401}, 0x10, 0x105, r4, 0x0, &(0x7f0000000840)=[0xffffffffffffffff, 0xffffffffffffffff]}, 0x80)
r5 = bpf$ITER_CREATE(0x21, &(0x7f0000000700)={r3}, 0x8)
r6 = openat$cgroup_ro(r3, &(0x7f00000008c0)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000009c0)={0x6, 0x6, &(0x7f0000000a80)=ANY=[@ANYBLOB="180000004000000000000000018000008520000001000000c4b5f0fffcffffff85100000f8ffffff9500000000000000c9c0ebee1c7629dcc0ac13bed40e8def28990ceaf307eda4ec8723d0ab188ae21d60e6619b7ea504741d91203dbedc731e6a093a97b405468b41ef1ea16ec1b80fa3df79347bd090a93037fe2897c7f449db570bbe0ec2bdbc"], &(0x7f0000000380)='syzkaller\x00', 0x19000, 0x0, 0x0, 0x40f00, 0x0, '\x00', r1, 0x25, 0xffffffffffffffff, 0x8, &(0x7f00000003c0)={0x1, 0x3}, 0x8, 0x10, &(0x7f0000000600)={0x0, 0xf, 0x78d5, 0x5}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000980)=[r5, r2, r6, 0x1, r3]}, 0x80)
ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x40086607, &(0x7f0000000040))
ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x40086607, 0x0)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000940), 0x10)
bpf$BPF_GET_MAP_INFO(0xf, 0x0, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000880)={0x0, 0x400, 0x8}, 0xc)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340), 0xc)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={&(0x7f0000000b40)=ANY=[@ANYRES32], &(0x7f0000000140)=""/23, 0x28, 0x17, 0x1}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, 0x0, &(0x7f0000000100)='GPL\x00', 0xfffffffe, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xffffffffffffff8a}, 0x43)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0xa, 0x7, 0x8000, 0x3f, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1f4, 0x2}, 0x48)
r7 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0)
r8 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18c25fd1f45e9059827d3f7423e3b5d69cce000000000000000000"], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r7, r8]}, 0x80)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a80)={0x18, 0xa, &(0x7f00000005c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x80800000, 0x0, 0x0, 0x0, 0xca}, [@jmp={0x5, 0x0, 0x1, 0x6, 0x6, 0xffffffffffffffe0, 0x4}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffb}, @call={0x85, 0x0, 0x0, 0x89}, @map_fd={0x18, 0x3}, @map_idx={0x18, 0x7, 0x5, 0x0, 0x4}]}, &(0x7f00000002c0)='GPL\x00', 0x3f, 0x86, &(0x7f0000000700)=""/134, 0x41100, 0x56, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000880)={0x1, 0x2, 0x2, 0x1f}, 0x10, 0x0, 0x0, 0x7, &(0x7f0000000940)=[0xffffffffffffffff], &(0x7f0000000980)=[{0x3, 0x3, 0xc, 0xc}, {0x0, 0x5, 0xd, 0x6}, {0x4, 0x2, 0xf, 0xa}, {0x4, 0x4, 0x0, 0x5}, {0x5, 0x3, 0x6, 0x5}, {0x3, 0x5, 0x10, 0x5}, {0x0, 0x3, 0x8, 0x2}], 0x10, 0x3}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@bloom_filter={0x1e, 0x20, 0x0, 0x4, 0x0, 0xffffffffffffffff, 0x1a47, '\x00', r1, 0xffffffffffffffff, 0x2, 0x3, 0x4, 0xf}, 0x48)

01:16:23 executing program 4:
syz_clone(0x75848400, 0x0, 0xf5ffffff00000000, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

01:16:23 executing program 0:
syz_clone(0x75848400, 0x0, 0x40000, 0x0, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00', r0}, 0x10)

01:16:23 executing program 1:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x75848400, 0x0, 0xf00, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000ec0)={0x1d, 0x0, 0x0, &(0x7f0000000280)='syzkaller\x00', 0x8e07, 0x9a, &(0x7f0000000d80)=""/154, 0x41100, 0x5, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0xfffffffffffffffc, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000e80)=[{}]}, 0x90)

01:16:23 executing program 2:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 57)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00'}, 0x10)

01:16:23 executing program 5:
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1df, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x5, 0xc}}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0) (async)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1df, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x5, 0xc}}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x0, 0x3, &(0x7f0000000640)=ANY=[@ANYBLOB="8b8bb9072df1251799a0e83800000000000010bd697ee4d28407bb9b477c4e4f0558a8650a48d80032a5b3c28d7ec062f7aee703916f3dd8428479325f0d177a8ceac3b6111cb749f49f8d3dd2c198ab26ea0de077ae3031527d087d1ffccd97e739571ad55748caca540b655559b041391421fb72cb5fe89391b0087c4902a3a26941666d53e7ed4d7a6b8629effb82a9dca27e4b79c7c868009df78c55b52d6d3b86c37c76277399ce"], &(0x7f0000000240)='GPL\x00'}, 0x80)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000140)={r0, 0x58, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r1=>0x0}}, 0x10)
r2 = bpf$OBJ_GET_MAP(0x7, 0x0, 0x0)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000740), 0x8)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cpuacct.stat\x00', 0x26e1, 0x0) (async)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cpuacct.stat\x00', 0x26e1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000340)='memory.events.local\x00', 0x26e1, 0x0) (async)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000340)='memory.events.local\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r4, 0x4004662b, &(0x7f00000005c0)) (async)
ioctl$PERF_EVENT_IOC_PERIOD(r4, 0x4004662b, &(0x7f00000005c0))
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000a00)=@bpf_ext={0x1c, 0xf, &(0x7f0000000b80)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000540)={0xa, 0x2}, 0x8, 0x10, &(0x7f00000007c0)={0x2, 0x0, 0x401}, 0x10, 0x105, r4, 0x0, &(0x7f0000000840)=[0xffffffffffffffff, 0xffffffffffffffff]}, 0x80)
bpf$ITER_CREATE(0x21, &(0x7f0000000700)={r3}, 0x8) (async)
r5 = bpf$ITER_CREATE(0x21, &(0x7f0000000700)={r3}, 0x8)
r6 = openat$cgroup_ro(r3, &(0x7f00000008c0)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000009c0)={0x6, 0x6, &(0x7f0000000a80)=ANY=[@ANYBLOB="180000004000000000000000018000008520000001000000c4b5f0fffcffffff85100000f8ffffff9500000000000000c9c0ebee1c7629dcc0ac13bed40e8def28990ceaf307eda4ec8723d0ab188ae21d60e6619b7ea504741d91203dbedc731e6a093a97b405468b41ef1ea16ec1b80fa3df79347bd090a93037fe2897c7f449db570bbe0ec2bdbc"], &(0x7f0000000380)='syzkaller\x00', 0x19000, 0x0, 0x0, 0x40f00, 0x0, '\x00', r1, 0x25, 0xffffffffffffffff, 0x8, &(0x7f00000003c0)={0x1, 0x3}, 0x8, 0x10, &(0x7f0000000600)={0x0, 0xf, 0x78d5, 0x5}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000980)=[r5, r2, r6, 0x1, r3]}, 0x80)
ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x40086607, &(0x7f0000000040))
ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x40086607, 0x0)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000940), 0x10)
bpf$BPF_GET_MAP_INFO(0xf, 0x0, 0x0) (async)
bpf$BPF_GET_MAP_INFO(0xf, 0x0, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0) (async)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000880)={0x0, 0x400, 0x8}, 0xc)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340), 0xc) (async)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340), 0xc)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={&(0x7f0000000b40)=ANY=[@ANYRES32], &(0x7f0000000140)=""/23, 0x28, 0x17, 0x1}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, 0x0, &(0x7f0000000100)='GPL\x00', 0xfffffffe, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xffffffffffffff8a}, 0x43)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0xa, 0x7, 0x8000, 0x3f, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1f4, 0x2}, 0x48)
r7 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc) (async)
r8 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18c25fd1f45e9059827d3f7423e3b5d69cce000000000000000000"], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r7, r8]}, 0x80) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18c25fd1f45e9059827d3f7423e3b5d69cce000000000000000000"], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r7, r8]}, 0x80)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a80)={0x18, 0xa, &(0x7f00000005c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x80800000, 0x0, 0x0, 0x0, 0xca}, [@jmp={0x5, 0x0, 0x1, 0x6, 0x6, 0xffffffffffffffe0, 0x4}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffb}, @call={0x85, 0x0, 0x0, 0x89}, @map_fd={0x18, 0x3}, @map_idx={0x18, 0x7, 0x5, 0x0, 0x4}]}, &(0x7f00000002c0)='GPL\x00', 0x3f, 0x86, &(0x7f0000000700)=""/134, 0x41100, 0x56, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000880)={0x1, 0x2, 0x2, 0x1f}, 0x10, 0x0, 0x0, 0x7, &(0x7f0000000940)=[0xffffffffffffffff], &(0x7f0000000980)=[{0x3, 0x3, 0xc, 0xc}, {0x0, 0x5, 0xd, 0x6}, {0x4, 0x2, 0xf, 0xa}, {0x4, 0x4, 0x0, 0x5}, {0x5, 0x3, 0x6, 0x5}, {0x3, 0x5, 0x10, 0x5}, {0x0, 0x3, 0x8, 0x2}], 0x10, 0x3}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@bloom_filter={0x1e, 0x20, 0x0, 0x4, 0x0, 0xffffffffffffffff, 0x1a47, '\x00', r1, 0xffffffffffffffff, 0x2, 0x3, 0x4, 0xf}, 0x48)

[ 1148.235120][T28381] FAULT_INJECTION: forcing a failure.
[ 1148.235120][T28381] name failslab, interval 1, probability 0, space 0, times 0
[ 1148.269884][T28381] CPU: 0 PID: 28381 Comm: syz-executor.2 Tainted: G        W         5.15.132-syzkaller-01173-g754f8cc9b7de #0
[ 1148.281451][T28381] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023
[ 1148.291351][T28381] Call Trace:
[ 1148.294470][T28381]  <TASK>
[ 1148.297251][T28381]  dump_stack_lvl+0x151/0x1b7
[ 1148.301762][T28381]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 1148.307236][T28381]  dump_stack+0x15/0x17
[ 1148.311222][T28381]  should_fail+0x3c6/0x510
[ 1148.315479][T28381]  __should_failslab+0xa4/0xe0
[ 1148.320076][T28381]  ? anon_vma_clone+0x9a/0x500
[ 1148.324672][T28381]  should_failslab+0x9/0x20
[ 1148.329020][T28381]  slab_pre_alloc_hook+0x37/0xd0
[ 1148.333790][T28381]  ? anon_vma_clone+0x9a/0x500
[ 1148.338391][T28381]  kmem_cache_alloc+0x44/0x200
[ 1148.342990][T28381]  anon_vma_clone+0x9a/0x500
[ 1148.347419][T28381]  anon_vma_fork+0x91/0x4e0
[ 1148.351753][T28381]  ? anon_vma_name+0x43/0x70
[ 1148.356182][T28381]  ? vm_area_dup+0x17a/0x230
[ 1148.360608][T28381]  copy_mm+0xa3a/0x13e0
[ 1148.364606][T28381]  ? copy_signal+0x610/0x610
[ 1148.369030][T28381]  ? __init_rwsem+0xd6/0x1c0
[ 1148.373455][T28381]  ? copy_signal+0x4e3/0x610
[ 1148.377880][T28381]  copy_process+0x12bc/0x3260
[ 1148.382393][T28381]  ? proc_fail_nth_write+0x20b/0x290
[ 1148.387518][T28381]  ? fsnotify_perm+0x6a/0x5d0
[ 1148.392027][T28381]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1148.396973][T28381]  ? vfs_write+0x9ec/0x1110
[ 1148.401318][T28381]  kernel_clone+0x21e/0x9e0
[ 1148.405652][T28381]  ? file_end_write+0x1c0/0x1c0
[ 1148.410339][T28381]  ? create_io_thread+0x1e0/0x1e0
[ 1148.415208][T28381]  ? mutex_unlock+0xb2/0x260
[ 1148.419625][T28381]  ? __mutex_lock_slowpath+0x10/0x10
[ 1148.424746][T28381]  __x64_sys_clone+0x23f/0x290
[ 1148.429349][T28381]  ? __do_sys_vfork+0x130/0x130
[ 1148.434034][T28381]  ? ksys_write+0x260/0x2c0
[ 1148.438374][T28381]  ? debug_smp_processor_id+0x17/0x20
[ 1148.443580][T28381]  ? fpregs_assert_state_consistent+0xb6/0xe0
[ 1148.449484][T28381]  ? exit_to_user_mode_prepare+0x39/0xa0
[ 1148.454954][T28381]  do_syscall_64+0x3d/0xb0
[ 1148.459203][T28381]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1148.464929][T28381] RIP: 0033:0x7f7962f04ae9
[ 1148.469185][T28381] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 1148.488627][T28381] RSP: 002b:00007f7961c87078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1148.496872][T28381] RAX: ffffffffffffffda RBX: 00007f7963023f80 RCX: 00007f7962f04ae9
[ 1148.504682][T28381] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000075848400
[ 1148.512493][T28381] RBP: 00007f7961c87120 R08: 0000000000000000 R09: 0000000000000000
[ 1148.520306][T28381] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1148.528116][T28381] R13: 000000000000000b R14: 00007f7963023f80 R15: 00007ffde0e39ef8
[ 1148.535932][T28381]  </TASK>
01:16:23 executing program 5:
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1df, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x5, 0xc}}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x0, 0x3, &(0x7f0000000640)=ANY=[@ANYBLOB="8b8bb9072df1251799a0e83800000000000010bd697ee4d28407bb9b477c4e4f0558a8650a48d80032a5b3c28d7ec062f7aee703916f3dd8428479325f0d177a8ceac3b6111cb749f49f8d3dd2c198ab26ea0de077ae3031527d087d1ffccd97e739571ad55748caca540b655559b041391421fb72cb5fe89391b0087c4902a3a26941666d53e7ed4d7a6b8629effb82a9dca27e4b79c7c868009df78c55b52d6d3b86c37c76277399ce"], &(0x7f0000000240)='GPL\x00'}, 0x80)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000140)={r0, 0x58, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r1=>0x0}}, 0x10)
bpf$OBJ_GET_MAP(0x7, 0x0, 0x0) (async)
r2 = bpf$OBJ_GET_MAP(0x7, 0x0, 0x0)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000740), 0x8)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cpuacct.stat\x00', 0x26e1, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000340)='memory.events.local\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r4, 0x4004662b, &(0x7f00000005c0))
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000a00)=@bpf_ext={0x1c, 0xf, &(0x7f0000000b80)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000540)={0xa, 0x2}, 0x8, 0x10, &(0x7f00000007c0)={0x2, 0x0, 0x401}, 0x10, 0x105, r4, 0x0, &(0x7f0000000840)=[0xffffffffffffffff, 0xffffffffffffffff]}, 0x80) (async)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000a00)=@bpf_ext={0x1c, 0xf, &(0x7f0000000b80)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000540)={0xa, 0x2}, 0x8, 0x10, &(0x7f00000007c0)={0x2, 0x0, 0x401}, 0x10, 0x105, r4, 0x0, &(0x7f0000000840)=[0xffffffffffffffff, 0xffffffffffffffff]}, 0x80)
r5 = bpf$ITER_CREATE(0x21, &(0x7f0000000700)={r3}, 0x8)
openat$cgroup_ro(r3, &(0x7f00000008c0)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0) (async)
r6 = openat$cgroup_ro(r3, &(0x7f00000008c0)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000009c0)={0x6, 0x6, &(0x7f0000000a80)=ANY=[@ANYBLOB="180000004000000000000000018000008520000001000000c4b5f0fffcffffff85100000f8ffffff9500000000000000c9c0ebee1c7629dcc0ac13bed40e8def28990ceaf307eda4ec8723d0ab188ae21d60e6619b7ea504741d91203dbedc731e6a093a97b405468b41ef1ea16ec1b80fa3df79347bd090a93037fe2897c7f449db570bbe0ec2bdbc"], &(0x7f0000000380)='syzkaller\x00', 0x19000, 0x0, 0x0, 0x40f00, 0x0, '\x00', r1, 0x25, 0xffffffffffffffff, 0x8, &(0x7f00000003c0)={0x1, 0x3}, 0x8, 0x10, &(0x7f0000000600)={0x0, 0xf, 0x78d5, 0x5}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000980)=[r5, r2, r6, 0x1, r3]}, 0x80) (async)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000009c0)={0x6, 0x6, &(0x7f0000000a80)=ANY=[@ANYBLOB="180000004000000000000000018000008520000001000000c4b5f0fffcffffff85100000f8ffffff9500000000000000c9c0ebee1c7629dcc0ac13bed40e8def28990ceaf307eda4ec8723d0ab188ae21d60e6619b7ea504741d91203dbedc731e6a093a97b405468b41ef1ea16ec1b80fa3df79347bd090a93037fe2897c7f449db570bbe0ec2bdbc"], &(0x7f0000000380)='syzkaller\x00', 0x19000, 0x0, 0x0, 0x40f00, 0x0, '\x00', r1, 0x25, 0xffffffffffffffff, 0x8, &(0x7f00000003c0)={0x1, 0x3}, 0x8, 0x10, &(0x7f0000000600)={0x0, 0xf, 0x78d5, 0x5}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000980)=[r5, r2, r6, 0x1, r3]}, 0x80)
ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x40086607, &(0x7f0000000040)) (async)
ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x40086607, &(0x7f0000000040))
ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x40086607, 0x0)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000940), 0x10)
bpf$BPF_GET_MAP_INFO(0xf, 0x0, 0x0) (async)
bpf$BPF_GET_MAP_INFO(0xf, 0x0, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000880)={0x0, 0x400, 0x8}, 0xc)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340), 0xc)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={&(0x7f0000000b40)=ANY=[@ANYRES32], &(0x7f0000000140)=""/23, 0x28, 0x17, 0x1}, 0x20) (async)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={&(0x7f0000000b40)=ANY=[@ANYRES32], &(0x7f0000000140)=""/23, 0x28, 0x17, 0x1}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, 0x0, &(0x7f0000000100)='GPL\x00', 0xfffffffe, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xffffffffffffff8a}, 0x43)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0xa, 0x7, 0x8000, 0x3f, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1f4, 0x2}, 0x48)
r7 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc) (async)
r8 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18c25fd1f45e9059827d3f7423e3b5d69cce000000000000000000"], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r7, r8]}, 0x80)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a80)={0x18, 0xa, &(0x7f00000005c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x80800000, 0x0, 0x0, 0x0, 0xca}, [@jmp={0x5, 0x0, 0x1, 0x6, 0x6, 0xffffffffffffffe0, 0x4}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffb}, @call={0x85, 0x0, 0x0, 0x89}, @map_fd={0x18, 0x3}, @map_idx={0x18, 0x7, 0x5, 0x0, 0x4}]}, &(0x7f00000002c0)='GPL\x00', 0x3f, 0x86, &(0x7f0000000700)=""/134, 0x41100, 0x56, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000880)={0x1, 0x2, 0x2, 0x1f}, 0x10, 0x0, 0x0, 0x7, &(0x7f0000000940)=[0xffffffffffffffff], &(0x7f0000000980)=[{0x3, 0x3, 0xc, 0xc}, {0x0, 0x5, 0xd, 0x6}, {0x4, 0x2, 0xf, 0xa}, {0x4, 0x4, 0x0, 0x5}, {0x5, 0x3, 0x6, 0x5}, {0x3, 0x5, 0x10, 0x5}, {0x0, 0x3, 0x8, 0x2}], 0x10, 0x3}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@bloom_filter={0x1e, 0x20, 0x0, 0x4, 0x0, 0xffffffffffffffff, 0x1a47, '\x00', r1, 0xffffffffffffffff, 0x2, 0x3, 0x4, 0xf}, 0x48)

01:16:23 executing program 3:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r1 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r1, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r2 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
r6 = syz_clone(0x8041400, 0x0, 0x0, 0x0, &(0x7f0000000a40), 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x0, 0x40, 0x80, 0x4, 0x0, 0x6, 0x402, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, @perf_bp={&(0x7f0000000300), 0x4}, 0x8b1a1, 0x4, 0x7, 0x0, 0x7fffffffffffffff, 0x0, 0x3, 0x0, 0xcfb, 0x0, 0x1f}, r6, 0x7, 0xffffffffffffffff, 0x8)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r7=>0xffffffffffffffff})
recvmsg$unix(r7, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYRESOCT=r6, @ANYRES32=r6, @ANYBLOB="00000000664e1f3e070669334953398e90e3077dc8887c0f91f6ebe905ed81b6aec16cdbfc5425b2a2546bb70500000000000000de218383d30a53e44ef57228e8003011e786e9fe90000b77af65"], 0x18}, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x80, 0x38, 0x0, 0x7, 0x1, 0x0, 0xff, 0x20094, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000180), 0x1}, 0x904c6, 0x2, 0x1, 0x8, 0x3, 0x8, 0x4, 0x0, 0x7fffffff, 0x0, 0x4}, r6, 0x5, r0, 0x1)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r5)
openat$cgroup_ro(r3, 0x0, 0x0, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup/syz1\x00', 0x200002, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r2, 0x8, &(0x7f0000000240)={0xa}, 0x8}, 0x90)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0)
socketpair(0x0, 0x0, 0x0, 0x0)
r8 = perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x81, 0x0, 0x0, 0x4, 0x0, 0x3, 0x80001, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000, 0x0, @perf_bp, 0x2, 0x367, 0x12, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x40000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x1)
close(r8)

01:16:23 executing program 2:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 58)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00'}, 0x10)

01:16:23 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x7a05, 0x1700)
ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x40086602, 0x0)
r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffeffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
getpid()
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x8)
r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000780)={&(0x7f0000000340)=ANY=[@ANYRES16, @ANYRES32], 0x0, 0xcb, 0x0, 0xfffffffd}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f0000000a00)=@bloom_filter={0x1e, 0x3, 0x20a, 0x1, 0x812, 0xffffffffffffffff, 0x400, '\x00', 0x0, r3, 0x3, 0x1, 0x3, 0xa}, 0x48)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x40082406, 0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x80000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x4, 0x8, 0x3}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
socketpair(0x1, 0x2, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, &(0x7f0000000240)=0x20)
r4 = bpf$BPF_RAW_TRACEPOINT_OPEN_UNNAMED(0x11, &(0x7f0000000000)={0x0, r1}, 0x10)
ioctl$PERF_EVENT_IOC_SET_FILTER(r4, 0x40082406, &(0x7f0000000200)='memory.events\x00')
perf_event_open$cgroup(&(0x7f0000000080)={0x4, 0x80, 0x1, 0x0, 0xff, 0x4, 0x0, 0x7, 0x106250, 0x2, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff9, 0x0, @perf_bp={&(0x7f0000000040), 0x1}, 0x2008, 0xf553, 0xe3dd, 0x6, 0x400, 0xfffff621, 0x0, 0x0, 0x6, 0x0, 0x100000001}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000480)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffdffffffffff, 0xffffffffffffffff, 0x0)
getpid()
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000001880)=ANY=[@ANYBLOB="61127400000000006113380000000000bfa000000000000007000000070000002d0301000000000095006900000000006916000000000000bf67000000000000350607000fff07206706000002000000150300000ee60060bf050000000000000f650000000000006507f9ff01000000070700004ddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd399703cac4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562eff4ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916df0a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c29dfda44221b235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d57c4e9b2ad9bc1142ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932b3a6aa57f1ad2e99e0a44346f2e67ab93716d20000009f0f53acbb40b4f8e2738270b31562ed838b9df97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f674629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1f3472f4445d253887a5ad103649afa17690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43ea0ffb567b40407d000000210000000000000000005f37d8703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5480a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000000000000000000000e4007be511fe32fbc90e2364a55e9bb66ad2d00fea2594e190deae46e26c596f84eba90000000000000000fffb0000000082fb0d3cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c693962895496d4f6e9cc54db6c7205a6b068fff496d2da7d6327f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6106f117b062df67d3a6473265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7a43c8da0c44d2ebf2f3f2b87be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db89da3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d78854ca4d3116dbc7e2bf2402a75fd7a5573336004084d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff139604faf0453bedf0c5d744b527c4dfa108cbb88202eeb81f428a5b3c299848649e1a57ff52f657a67463d7dbf85ae93234c2cc17dc4a5dfacba8ded5de8206c812439ab129ae818837ee15620789c524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2b3bc87b0da80000d9ef418cf19e7a8cf8ffffffce91798adc2dca87ddd9d064e081383409ed2912c811c600f03212a5331c2a4ead000000000000000000008d4496dc862fcdb0ee67fdd006d4e466e8b32b3afdaecee9862edf61cd0dd24ff2dba562c5ae5c053355abb762ef2a5ee5f285e333b522ca09b0626c6e4ad1c685165388000015de7f2077cd6d96a8a687c97e7d1d5cc25ffebc53b2ef9d57cf5d995bad3de6f555e9616d0e7c258205668dcfb35c3550ef80e0a704a7d9dc23e1742dc9e7d7d8c3b3cba2229cd1c0d8046981789493b26c611c40b86157d7c383285d6c2048c229d1fd67791bff7fa758b953b41cf077028716a411afef49f51d490f09ce0781f2d1769551bb8f882dfe8d1491142666de72b230356376b60abc0b7494a683ecf96463e89744ea228ac17f7ac5a06b103ea8c78d82d48d7700b661357224b847a6adced04d87e0f4019cae065b48be01956d7c279e8232e7f7e7b4b0c7c740cb7920823c26ad3ec97db1e09c347db220851d1e280ea6bce40c16193a89719b74be9456afef6b6b56ee88b878404a308b4e9471e11bc250c36c154c20c8533376e347c89020b7ef9599ea49ee6d3b9b355ad9fbda34625d243168d788bf9a681b09aa85e0da7d76f2cd029ee3df5d3a00f9d70b5b2de3f10a4dc32bae403901ba760cd9c9b5fe625827edae4e7c19dc6c2fe701797df47324cad92d8ea62270f89d04141e89bee3c3611a996d9d9db00508adc93d7bb21dfe1174ab2f31d075e30ee07e16d28aaa70a35c55370a3af315cf25a6cce2cae3d6c75906290d55a2a2447bb571d6991522136ed013b8f6f4cf0a91931f0a7d88d4e69729a77a6e76433c1a0668677f8c7683f779d3301db1f43bd7dd0b301098f522437ec5ff0c35899ecf98404d8b5892ae938235e4baa3198c5fe346286fd9adf26e6df86f4f84c75b5a0f5d843d7355b46f786a57423da243756a033204988a6d5c55798e5c183d223f8c3a1a58f3011657f52a49f78b6669fe5cfd369b4b0f9fd352aad178a39a2f3bd7d3b1c3abf1eb70ae0fc386136856dfa16320a75d2cc7e9bf9e6dc41930d1d0fac2a00a9d10fee6dafd012b9fcbb5d123f793e9a6724abae5c4e764c9aac7c83379d65fd88354858d7ac516bd27d1a659032cb910ccaf838198ae342fec8d5bc44508545fbe995983d3ef93"], &(0x7f0000000100)='GPL\x00'}, 0x48)
perf_event_open(&(0x7f00000002c0)={0x0, 0x80, 0xb6, 0x81, 0x1, 0x20, 0x0, 0x6, 0x40000, 0x5, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, @perf_config_ext={0x9, 0x1306fa65}, 0x4333, 0x2, 0xae, 0x5, 0x200, 0xef4, 0x1, 0x0, 0x81}, 0x0, 0x0, 0xffffffffffffffff, 0x2)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000340)='memory.events.local\x00', 0x26e1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)

[ 1148.764654][T28405] FAULT_INJECTION: forcing a failure.
[ 1148.764654][T28405] name failslab, interval 1, probability 0, space 0, times 0
[ 1148.889346][T28405] CPU: 1 PID: 28405 Comm: syz-executor.2 Tainted: G        W         5.15.132-syzkaller-01173-g754f8cc9b7de #0
[ 1148.900919][T28405] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023
[ 1148.910810][T28405] Call Trace:
[ 1148.913934][T28405]  <TASK>
[ 1148.916711][T28405]  dump_stack_lvl+0x151/0x1b7
[ 1148.921229][T28405]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 1148.926701][T28405]  dump_stack+0x15/0x17
[ 1148.930687][T28405]  should_fail+0x3c6/0x510
[ 1148.934941][T28405]  __should_failslab+0xa4/0xe0
[ 1148.939536][T28405]  ? anon_vma_fork+0xf7/0x4e0
[ 1148.944048][T28405]  should_failslab+0x9/0x20
[ 1148.948393][T28405]  slab_pre_alloc_hook+0x37/0xd0
[ 1148.953169][T28405]  ? anon_vma_fork+0xf7/0x4e0
[ 1148.957687][T28405]  kmem_cache_alloc+0x44/0x200
[ 1148.962277][T28405]  anon_vma_fork+0xf7/0x4e0
[ 1148.966614][T28405]  ? anon_vma_name+0x43/0x70
[ 1148.971044][T28405]  ? vm_area_dup+0x17a/0x230
[ 1148.975473][T28405]  copy_mm+0xa3a/0x13e0
[ 1148.979465][T28405]  ? copy_signal+0x610/0x610
[ 1148.983890][T28405]  ? __init_rwsem+0xd6/0x1c0
01:16:24 executing program 4:
syz_clone(0x75848400, 0x0, 0xfbffffff00000000, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

[ 1148.988318][T28405]  ? copy_signal+0x4e3/0x610
[ 1148.992743][T28405]  copy_process+0x12bc/0x3260
[ 1148.997261][T28405]  ? proc_fail_nth_write+0x20b/0x290
[ 1149.002380][T28405]  ? fsnotify_perm+0x6a/0x5d0
[ 1149.006892][T28405]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1149.011838][T28405]  ? vfs_write+0x9ec/0x1110
[ 1149.016175][T28405]  kernel_clone+0x21e/0x9e0
[ 1149.020514][T28405]  ? file_end_write+0x1c0/0x1c0
[ 1149.025204][T28405]  ? create_io_thread+0x1e0/0x1e0
[ 1149.030062][T28405]  ? mutex_unlock+0xb2/0x260
[ 1149.034493][T28405]  ? __mutex_lock_slowpath+0x10/0x10
[ 1149.039618][T28405]  __x64_sys_clone+0x23f/0x290
[ 1149.044212][T28405]  ? __do_sys_vfork+0x130/0x130
[ 1149.048896][T28405]  ? ksys_write+0x260/0x2c0
[ 1149.053255][T28405]  ? debug_smp_processor_id+0x17/0x20
[ 1149.058444][T28405]  ? fpregs_assert_state_consistent+0xb6/0xe0
[ 1149.064354][T28405]  ? exit_to_user_mode_prepare+0x39/0xa0
[ 1149.069834][T28405]  do_syscall_64+0x3d/0xb0
[ 1149.074068][T28405]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1149.079794][T28405] RIP: 0033:0x7f7962f04ae9
[ 1149.084046][T28405] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 1149.103492][T28405] RSP: 002b:00007f7961c87078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1149.111730][T28405] RAX: ffffffffffffffda RBX: 00007f7963023f80 RCX: 00007f7962f04ae9
[ 1149.119543][T28405] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000075848400
[ 1149.127355][T28405] RBP: 00007f7961c87120 R08: 0000000000000000 R09: 0000000000000000
[ 1149.135164][T28405] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1149.142976][T28405] R13: 000000000000000b R14: 00007f7963023f80 R15: 00007ffde0e39ef8
[ 1149.150793][T28405]  </TASK>
01:16:24 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) (async)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x7a05, 0x1700)
ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x40086602, 0x0) (async)
r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffeffffffffffff, 0xffffffffffffffff, 0x0) (async)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0) (async)
getpid() (async)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x8) (async)
r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000780)={&(0x7f0000000340)=ANY=[@ANYRES16, @ANYRES32], 0x0, 0xcb, 0x0, 0xfffffffd}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f0000000a00)=@bloom_filter={0x1e, 0x3, 0x20a, 0x1, 0x812, 0xffffffffffffffff, 0x400, '\x00', 0x0, r3, 0x3, 0x1, 0x3, 0xa}, 0x48)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) (async)
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x40082406, 0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x80000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x4, 0x8, 0x3}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
socketpair(0x1, 0x2, 0x0, &(0x7f0000000140)) (async)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, &(0x7f0000000240)=0x20)
r4 = bpf$BPF_RAW_TRACEPOINT_OPEN_UNNAMED(0x11, &(0x7f0000000000)={0x0, r1}, 0x10)
ioctl$PERF_EVENT_IOC_SET_FILTER(r4, 0x40082406, &(0x7f0000000200)='memory.events\x00') (async)
perf_event_open$cgroup(&(0x7f0000000080)={0x4, 0x80, 0x1, 0x0, 0xff, 0x4, 0x0, 0x7, 0x106250, 0x2, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff9, 0x0, @perf_bp={&(0x7f0000000040), 0x1}, 0x2008, 0xf553, 0xe3dd, 0x6, 0x400, 0xfffff621, 0x0, 0x0, 0x6, 0x0, 0x100000001}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000480)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffdffffffffff, 0xffffffffffffffff, 0x0)
getpid() (async)
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (async)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000001880)=ANY=[@ANYBLOB="61127400000000006113380000000000bfa000000000000007000000070000002d0301000000000095006900000000006916000000000000bf67000000000000350607000fff07206706000002000000150300000ee60060bf050000000000000f650000000000006507f9ff01000000070700004ddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd399703cac4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562eff4ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916df0a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c29dfda44221b235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d57c4e9b2ad9bc1142ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932b3a6aa57f1ad2e99e0a44346f2e67ab93716d20000009f0f53acbb40b4f8e2738270b31562ed838b9df97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f674629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1f3472f4445d253887a5ad103649afa17690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43ea0ffb567b40407d000000210000000000000000005f37d8703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5480a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000000000000000000000e4007be511fe32fbc90e2364a55e9bb66ad2d00fea2594e190deae46e26c596f84eba90000000000000000fffb0000000082fb0d3cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c693962895496d4f6e9cc54db6c7205a6b068fff496d2da7d6327f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6106f117b062df67d3a6473265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7a43c8da0c44d2ebf2f3f2b87be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db89da3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d78854ca4d3116dbc7e2bf2402a75fd7a5573336004084d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff139604faf0453bedf0c5d744b527c4dfa108cbb88202eeb81f428a5b3c299848649e1a57ff52f657a67463d7dbf85ae93234c2cc17dc4a5dfacba8ded5de8206c812439ab129ae818837ee15620789c524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2b3bc87b0da80000d9ef418cf19e7a8cf8ffffffce91798adc2dca87ddd9d064e081383409ed2912c811c600f03212a5331c2a4ead000000000000000000008d4496dc862fcdb0ee67fdd006d4e466e8b32b3afdaecee9862edf61cd0dd24ff2dba562c5ae5c053355abb762ef2a5ee5f285e333b522ca09b0626c6e4ad1c685165388000015de7f2077cd6d96a8a687c97e7d1d5cc25ffebc53b2ef9d57cf5d995bad3de6f555e9616d0e7c258205668dcfb35c3550ef80e0a704a7d9dc23e1742dc9e7d7d8c3b3cba2229cd1c0d8046981789493b26c611c40b86157d7c383285d6c2048c229d1fd67791bff7fa758b953b41cf077028716a411afef49f51d490f09ce0781f2d1769551bb8f882dfe8d1491142666de72b230356376b60abc0b7494a683ecf96463e89744ea228ac17f7ac5a06b103ea8c78d82d48d7700b661357224b847a6adced04d87e0f4019cae065b48be01956d7c279e8232e7f7e7b4b0c7c740cb7920823c26ad3ec97db1e09c347db220851d1e280ea6bce40c16193a89719b74be9456afef6b6b56ee88b878404a308b4e9471e11bc250c36c154c20c8533376e347c89020b7ef9599ea49ee6d3b9b355ad9fbda34625d243168d788bf9a681b09aa85e0da7d76f2cd029ee3df5d3a00f9d70b5b2de3f10a4dc32bae403901ba760cd9c9b5fe625827edae4e7c19dc6c2fe701797df47324cad92d8ea62270f89d04141e89bee3c3611a996d9d9db00508adc93d7bb21dfe1174ab2f31d075e30ee07e16d28aaa70a35c55370a3af315cf25a6cce2cae3d6c75906290d55a2a2447bb571d6991522136ed013b8f6f4cf0a91931f0a7d88d4e69729a77a6e76433c1a0668677f8c7683f779d3301db1f43bd7dd0b301098f522437ec5ff0c35899ecf98404d8b5892ae938235e4baa3198c5fe346286fd9adf26e6df86f4f84c75b5a0f5d843d7355b46f786a57423da243756a033204988a6d5c55798e5c183d223f8c3a1a58f3011657f52a49f78b6669fe5cfd369b4b0f9fd352aad178a39a2f3bd7d3b1c3abf1eb70ae0fc386136856dfa16320a75d2cc7e9bf9e6dc41930d1d0fac2a00a9d10fee6dafd012b9fcbb5d123f793e9a6724abae5c4e764c9aac7c83379d65fd88354858d7ac516bd27d1a659032cb910ccaf838198ae342fec8d5bc44508545fbe995983d3ef93"], &(0x7f0000000100)='GPL\x00'}, 0x48) (async)
perf_event_open(&(0x7f00000002c0)={0x0, 0x80, 0xb6, 0x81, 0x1, 0x20, 0x0, 0x6, 0x40000, 0x5, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, @perf_config_ext={0x9, 0x1306fa65}, 0x4333, 0x2, 0xae, 0x5, 0x200, 0xef4, 0x1, 0x0, 0x81}, 0x0, 0x0, 0xffffffffffffffff, 0x2)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000340)='memory.events.local\x00', 0x26e1, 0x0) (async)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)

01:16:24 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x7a05, 0x1700)
ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x40086602, 0x0) (async)
r2 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffeffffffffffff, 0xffffffffffffffff, 0x0) (async)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0) (async)
getpid() (async)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x8) (async)
r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000780)={&(0x7f0000000340)=ANY=[@ANYRES16, @ANYRES32], 0x0, 0xcb, 0x0, 0xfffffffd}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f0000000a00)=@bloom_filter={0x1e, 0x3, 0x20a, 0x1, 0x812, 0xffffffffffffffff, 0x400, '\x00', 0x0, r3, 0x3, 0x1, 0x3, 0xa}, 0x48) (async)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x40082406, 0x0) (async)
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x80000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x4, 0x8, 0x3}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0) (async)
socketpair(0x1, 0x2, 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, &(0x7f0000000240)=0x20) (async)
r4 = bpf$BPF_RAW_TRACEPOINT_OPEN_UNNAMED(0x11, &(0x7f0000000000)={0x0, r1}, 0x10)
ioctl$PERF_EVENT_IOC_SET_FILTER(r4, 0x40082406, &(0x7f0000000200)='memory.events\x00') (async)
perf_event_open$cgroup(&(0x7f0000000080)={0x4, 0x80, 0x1, 0x0, 0xff, 0x4, 0x0, 0x7, 0x106250, 0x2, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffff9, 0x0, @perf_bp={&(0x7f0000000040), 0x1}, 0x2008, 0xf553, 0xe3dd, 0x6, 0x400, 0xfffff621, 0x0, 0x0, 0x6, 0x0, 0x100000001}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
perf_event_open(&(0x7f0000000480)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffdffffffffff, 0xffffffffffffffff, 0x0)
getpid() (async)
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000001880)=ANY=[@ANYBLOB="61127400000000006113380000000000bfa000000000000007000000070000002d0301000000000095006900000000006916000000000000bf67000000000000350607000fff07206706000002000000150300000ee60060bf050000000000000f650000000000006507f9ff01000000070700004ddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd399703cac4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562eff4ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916df0a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c29dfda44221b235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d57c4e9b2ad9bc1142ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932b3a6aa57f1ad2e99e0a44346f2e67ab93716d20000009f0f53acbb40b4f8e2738270b31562ed838b9df97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f674629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1f3472f4445d253887a5ad103649afa17690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43ea0ffb567b40407d000000210000000000000000005f37d8703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5480a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000000000000000000000e4007be511fe32fbc90e2364a55e9bb66ad2d00fea2594e190deae46e26c596f84eba90000000000000000fffb0000000082fb0d3cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c693962895496d4f6e9cc54db6c7205a6b068fff496d2da7d6327f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6106f117b062df67d3a6473265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7a43c8da0c44d2ebf2f3f2b87be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db89da3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d78854ca4d3116dbc7e2bf2402a75fd7a5573336004084d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff139604faf0453bedf0c5d744b527c4dfa108cbb88202eeb81f428a5b3c299848649e1a57ff52f657a67463d7dbf85ae93234c2cc17dc4a5dfacba8ded5de8206c812439ab129ae818837ee15620789c524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2b3bc87b0da80000d9ef418cf19e7a8cf8ffffffce91798adc2dca87ddd9d064e081383409ed2912c811c600f03212a5331c2a4ead000000000000000000008d4496dc862fcdb0ee67fdd006d4e466e8b32b3afdaecee9862edf61cd0dd24ff2dba562c5ae5c053355abb762ef2a5ee5f285e333b522ca09b0626c6e4ad1c685165388000015de7f2077cd6d96a8a687c97e7d1d5cc25ffebc53b2ef9d57cf5d995bad3de6f555e9616d0e7c258205668dcfb35c3550ef80e0a704a7d9dc23e1742dc9e7d7d8c3b3cba2229cd1c0d8046981789493b26c611c40b86157d7c383285d6c2048c229d1fd67791bff7fa758b953b41cf077028716a411afef49f51d490f09ce0781f2d1769551bb8f882dfe8d1491142666de72b230356376b60abc0b7494a683ecf96463e89744ea228ac17f7ac5a06b103ea8c78d82d48d7700b661357224b847a6adced04d87e0f4019cae065b48be01956d7c279e8232e7f7e7b4b0c7c740cb7920823c26ad3ec97db1e09c347db220851d1e280ea6bce40c16193a89719b74be9456afef6b6b56ee88b878404a308b4e9471e11bc250c36c154c20c8533376e347c89020b7ef9599ea49ee6d3b9b355ad9fbda34625d243168d788bf9a681b09aa85e0da7d76f2cd029ee3df5d3a00f9d70b5b2de3f10a4dc32bae403901ba760cd9c9b5fe625827edae4e7c19dc6c2fe701797df47324cad92d8ea62270f89d04141e89bee3c3611a996d9d9db00508adc93d7bb21dfe1174ab2f31d075e30ee07e16d28aaa70a35c55370a3af315cf25a6cce2cae3d6c75906290d55a2a2447bb571d6991522136ed013b8f6f4cf0a91931f0a7d88d4e69729a77a6e76433c1a0668677f8c7683f779d3301db1f43bd7dd0b301098f522437ec5ff0c35899ecf98404d8b5892ae938235e4baa3198c5fe346286fd9adf26e6df86f4f84c75b5a0f5d843d7355b46f786a57423da243756a033204988a6d5c55798e5c183d223f8c3a1a58f3011657f52a49f78b6669fe5cfd369b4b0f9fd352aad178a39a2f3bd7d3b1c3abf1eb70ae0fc386136856dfa16320a75d2cc7e9bf9e6dc41930d1d0fac2a00a9d10fee6dafd012b9fcbb5d123f793e9a6724abae5c4e764c9aac7c83379d65fd88354858d7ac516bd27d1a659032cb910ccaf838198ae342fec8d5bc44508545fbe995983d3ef93"], &(0x7f0000000100)='GPL\x00'}, 0x48) (async)
perf_event_open(&(0x7f00000002c0)={0x0, 0x80, 0xb6, 0x81, 0x1, 0x20, 0x0, 0x6, 0x40000, 0x5, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x2, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, @perf_config_ext={0x9, 0x1306fa65}, 0x4333, 0x2, 0xae, 0x5, 0x200, 0xef4, 0x1, 0x0, 0x81}, 0x0, 0x0, 0xffffffffffffffff, 0x2) (async)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000340)='memory.events.local\x00', 0x26e1, 0x0) (async)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)

[ 1149.266533][T28405] ==================================================================
[ 1149.274433][T28405] BUG: KASAN: use-after-free in vm_area_free_no_check+0x7e/0x130
[ 1149.281984][T28405] Write of size 4 at addr ffff88811eb43ac0 by task syz-executor.2/28405
[ 1149.290140][T28405] 
[ 1149.292315][T28405] CPU: 0 PID: 28405 Comm: syz-executor.2 Tainted: G        W         5.15.132-syzkaller-01173-g754f8cc9b7de #0
[ 1149.303857][T28405] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023
01:16:24 executing program 0:
syz_clone(0x75848400, 0x0, 0x80000, 0x0, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00', r0}, 0x10)

[ 1149.313750][T28405] Call Trace:
[ 1149.316873][T28405]  <TASK>
[ 1149.319649][T28405]  dump_stack_lvl+0x151/0x1b7
[ 1149.324166][T28405]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 1149.329634][T28405]  ? panic+0x751/0x751
[ 1149.333536][T28405]  ? slab_free_freelist_hook+0xbd/0x190
[ 1149.338922][T28405]  print_address_description+0x87/0x3b0
[ 1149.344300][T28405]  kasan_report+0x179/0x1c0
[ 1149.348899][T28405]  ? vm_area_free_no_check+0x7e/0x130
[ 1149.354109][T28405]  ? vm_area_free_no_check+0x7e/0x130
[ 1149.359315][T28405]  kasan_check_range+0x293/0x2a0
[ 1149.364088][T28405]  __kasan_check_write+0x14/0x20
[ 1149.368859][T28405]  vm_area_free_no_check+0x7e/0x130
[ 1149.373897][T28405]  copy_mm+0xefb/0x13e0
[ 1149.377890][T28405]  ? copy_signal+0x610/0x610
[ 1149.382315][T28405]  ? __init_rwsem+0xd6/0x1c0
[ 1149.386743][T28405]  ? copy_signal+0x4e3/0x610
[ 1149.391170][T28405]  copy_process+0x12bc/0x3260
[ 1149.395683][T28405]  ? proc_fail_nth_write+0x20b/0x290
[ 1149.400811][T28405]  ? fsnotify_perm+0x6a/0x5d0
[ 1149.405316][T28405]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1149.410262][T28405]  ? vfs_write+0x9ec/0x1110
[ 1149.414603][T28405]  kernel_clone+0x21e/0x9e0
[ 1149.418945][T28405]  ? file_end_write+0x1c0/0x1c0
[ 1149.423627][T28405]  ? create_io_thread+0x1e0/0x1e0
[ 1149.428489][T28405]  ? mutex_unlock+0xb2/0x260
[ 1149.432915][T28405]  ? __mutex_lock_slowpath+0x10/0x10
[ 1149.438037][T28405]  __x64_sys_clone+0x23f/0x290
[ 1149.442636][T28405]  ? __do_sys_vfork+0x130/0x130
[ 1149.447325][T28405]  ? ksys_write+0x260/0x2c0
[ 1149.451665][T28405]  ? debug_smp_processor_id+0x17/0x20
[ 1149.456873][T28405]  ? fpregs_assert_state_consistent+0xb6/0xe0
[ 1149.462773][T28405]  ? exit_to_user_mode_prepare+0x39/0xa0
[ 1149.468243][T28405]  do_syscall_64+0x3d/0xb0
[ 1149.472492][T28405]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1149.478218][T28405] RIP: 0033:0x7f7962f04ae9
[ 1149.482471][T28405] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 1149.501915][T28405] RSP: 002b:00007f7961c87078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1149.510158][T28405] RAX: ffffffffffffffda RBX: 00007f7963023f80 RCX: 00007f7962f04ae9
[ 1149.517970][T28405] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000075848400
[ 1149.525793][T28405] RBP: 00007f7961c87120 R08: 0000000000000000 R09: 0000000000000000
[ 1149.533591][T28405] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1149.541402][T28405] R13: 000000000000000b R14: 00007f7963023f80 R15: 00007ffde0e39ef8
[ 1149.549222][T28405]  </TASK>
[ 1149.552075][T28405] 
[ 1149.554240][T28405] Allocated by task 28381:
[ 1149.558494][T28405]  __kasan_slab_alloc+0xb1/0xe0
[ 1149.563180][T28405]  slab_post_alloc_hook+0x53/0x2c0
[ 1149.568129][T28405]  kmem_cache_alloc+0xf5/0x200
[ 1149.572728][T28405]  vm_area_dup+0x26/0x230
[ 1149.576894][T28405]  copy_mm+0x9a1/0x13e0
[ 1149.580887][T28405]  copy_process+0x12bc/0x3260
[ 1149.585398][T28405]  kernel_clone+0x21e/0x9e0
[ 1149.589742][T28405]  __x64_sys_clone+0x23f/0x290
[ 1149.594337][T28405]  do_syscall_64+0x3d/0xb0
[ 1149.598680][T28405]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1149.604407][T28405] 
[ 1149.606577][T28405] Freed by task 22525:
[ 1149.610482][T28405]  kasan_set_track+0x4b/0x70
[ 1149.614910][T28405]  kasan_set_free_info+0x23/0x40
[ 1149.619683][T28405]  ____kasan_slab_free+0x126/0x160
[ 1149.624628][T28405]  __kasan_slab_free+0x11/0x20
[ 1149.629229][T28405]  slab_free_freelist_hook+0xbd/0x190
[ 1149.634437][T28405]  kmem_cache_free+0x116/0x2e0
[ 1149.639036][T28405]  __free_vm_area_struct+0x1c/0x20
[ 1149.643987][T28405]  rcu_do_batch+0x57a/0xc10
[ 1149.648324][T28405]  rcu_core+0x517/0x1020
[ 1149.652409][T28405]  rcu_core_si+0x9/0x10
[ 1149.656396][T28405]  __do_softirq+0x26d/0x5bf
[ 1149.660737][T28405] 
[ 1149.662904][T28405] Last potentially related work creation:
[ 1149.668459][T28405]  kasan_save_stack+0x3b/0x60
[ 1149.672974][T28405]  __kasan_record_aux_stack+0xd3/0xf0
[ 1149.678178][T28405]  kasan_record_aux_stack_noalloc+0xb/0x10
[ 1149.683819][T28405]  call_rcu+0x133/0x12a0
[ 1149.687899][T28405]  vm_area_free_no_check+0xff/0x130
[ 1149.692943][T28405]  vm_area_free+0x53/0x60
[ 1149.697103][T28405]  exit_mmap+0x50d/0x6f0
[ 1149.701182][T28405]  __mmput+0x95/0x310
[ 1149.704998][T28405]  mmput+0x5b/0x170
[ 1149.708641][T28405]  do_exit+0xbb4/0x2b60
[ 1149.712641][T28405]  __ia32_sys_exit+0x0/0x40
[ 1149.716976][T28405]  do_syscall_64+0x3d/0xb0
[ 1149.721228][T28405]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1149.726957][T28405] 
[ 1149.729128][T28405] Second to last potentially related work creation:
[ 1149.735548][T28405]  kasan_save_stack+0x3b/0x60
[ 1149.740071][T28405]  __kasan_record_aux_stack+0xd3/0xf0
[ 1149.745458][T28405]  kasan_record_aux_stack_noalloc+0xb/0x10
[ 1149.751096][T28405]  call_rcu+0x133/0x12a0
[ 1149.755174][T28405]  vm_area_free_no_check+0xff/0x130
[ 1149.760210][T28405]  vm_area_free+0x53/0x60
[ 1149.764376][T28405]  exit_mmap+0x50d/0x6f0
[ 1149.768456][T28405]  __mmput+0x95/0x310
[ 1149.772274][T28405]  mmput+0x5b/0x170
[ 1149.775919][T28405]  do_exit+0xbb4/0x2b60
[ 1149.779911][T28405]  do_group_exit+0x141/0x310
[ 1149.784339][T28405]  get_signal+0x7a3/0x1630
[ 1149.788591][T28405]  arch_do_signal_or_restart+0xbd/0x1680
[ 1149.794057][T28405]  exit_to_user_mode_loop+0xa0/0xe0
[ 1149.799094][T28405]  exit_to_user_mode_prepare+0x5a/0xa0
[ 1149.804387][T28405]  syscall_exit_to_user_mode+0x26/0x160
[ 1149.809770][T28405]  do_syscall_64+0x49/0xb0
[ 1149.814020][T28405]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1149.819752][T28405] 
[ 1149.821924][T28405] The buggy address belongs to the object at ffff88811eb43a68
[ 1149.821924][T28405]  which belongs to the cache vm_area_struct of size 232
[ 1149.836066][T28405] The buggy address is located 88 bytes inside of
[ 1149.836066][T28405]  232-byte region [ffff88811eb43a68, ffff88811eb43b50)
[ 1149.849084][T28405] The buggy address belongs to the page:
[ 1149.854554][T28405] page:ffffea00047ad0c0 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x11eb43
[ 1149.864620][T28405] flags: 0x4000000000000200(slab|zone=1)
[ 1149.870096][T28405] raw: 4000000000000200 dead000000000100 dead000000000122 ffff8881001bc300
[ 1149.878512][T28405] raw: 0000000000000000 00000000000d000d 00000001ffffffff 0000000000000000
[ 1149.886927][T28405] page dumped because: kasan: bad access detected
[ 1149.893177][T28405] page_owner tracks the page as allocated
[ 1149.898822][T28405] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x112cc0(GFP_USER|__GFP_NOWARN|__GFP_NORETRY), pid 827, ts 66648488422, free_ts 66578103360
[ 1149.914533][T28405]  post_alloc_hook+0x1a3/0x1b0
[ 1149.919124][T28405]  prep_new_page+0x1b/0x110
[ 1149.923467][T28405]  get_page_from_freelist+0x3550/0x35d0
[ 1149.928846][T28405]  __alloc_pages+0x206/0x5e0
[ 1149.933273][T28405]  new_slab+0x9a/0x4e0
[ 1149.937176][T28405]  ___slab_alloc+0x39e/0x830
[ 1149.941604][T28405]  __slab_alloc+0x4a/0x90
[ 1149.945770][T28405]  kmem_cache_alloc+0x134/0x200
[ 1149.950454][T28405]  vm_area_dup+0x26/0x230
[ 1149.954621][T28405]  copy_mm+0x9a1/0x13e0
[ 1149.958613][T28405]  copy_process+0x12bc/0x3260
[ 1149.963127][T28405]  kernel_clone+0x21e/0x9e0
[ 1149.967475][T28405]  __x64_sys_clone+0x23f/0x290
[ 1149.972065][T28405]  do_syscall_64+0x3d/0xb0
[ 1149.976319][T28405]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1149.982049][T28405] page last free stack trace:
[ 1149.986561][T28405]  free_unref_page_prepare+0x7c8/0x7d0
[ 1149.991854][T28405]  free_unref_page_list+0x14b/0xa60
[ 1149.996894][T28405]  release_pages+0x1310/0x1370
[ 1150.001490][T28405]  free_pages_and_swap_cache+0x8a/0xa0
[ 1150.006784][T28405]  tlb_finish_mmu+0x177/0x320
[ 1150.011298][T28405]  exit_mmap+0x3ef/0x6f0
[ 1150.015393][T28405]  __mmput+0x95/0x310
[ 1150.019195][T28405]  mmput+0x5b/0x170
[ 1150.022840][T28405]  do_exit+0xbb4/0x2b60
[ 1150.026830][T28405]  __ia32_sys_exit+0x0/0x40
[ 1150.031180][T28405]  do_syscall_64+0x3d/0xb0
[ 1150.035429][T28405]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1150.041155][T28405] 
[ 1150.043321][T28405] Memory state around the buggy address:
[ 1150.048795][T28405]  ffff88811eb43980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1150.056694][T28405]  ffff88811eb43a00: fb fb fb fb fb fc fc fc fc fc fc fc fc fa fb fb
01:16:25 executing program 3:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0) (async)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8) (async)
r1 = bpf$ITER_CREATE(0x21, 0x0, 0x0) (async)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r1, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0) (async)
r2 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4) (async)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3) (async, rerun: 64)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0) (rerun: 64)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
r6 = syz_clone(0x8041400, 0x0, 0x0, 0x0, &(0x7f0000000a40), 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x0, 0x40, 0x80, 0x4, 0x0, 0x6, 0x402, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, @perf_bp={&(0x7f0000000300), 0x4}, 0x8b1a1, 0x4, 0x7, 0x0, 0x7fffffffffffffff, 0x0, 0x3, 0x0, 0xcfb, 0x0, 0x1f}, r6, 0x7, 0xffffffffffffffff, 0x8) (async)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r7=>0xffffffffffffffff})
recvmsg$unix(r7, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYRESOCT=r6, @ANYRES32=r6, @ANYBLOB="00000000664e1f3e070669334953398e90e3077dc8887c0f91f6ebe905ed81b6aec16cdbfc5425b2a2546bb70500000000000000de218383d30a53e44ef57228e8003011e786e9fe90000b77af65"], 0x18}, 0x0) (async)
perf_event_open(&(0x7f00000002c0)={0x1, 0x80, 0x38, 0x0, 0x7, 0x1, 0x0, 0xff, 0x20094, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000180), 0x1}, 0x904c6, 0x2, 0x1, 0x8, 0x3, 0x8, 0x4, 0x0, 0x7fffffff, 0x0, 0x4}, r6, 0x5, r0, 0x1)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r5) (async)
openat$cgroup_ro(r3, 0x0, 0x0, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup/syz1\x00', 0x200002, 0x0) (async, rerun: 32)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r2, 0x8, &(0x7f0000000240)={0xa}, 0x8}, 0x90) (async, rerun: 32)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff) (async, rerun: 64)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16) (rerun: 64)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0) (async)
socketpair(0x0, 0x0, 0x0, 0x0) (async)
r8 = perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x81, 0x0, 0x0, 0x4, 0x0, 0x3, 0x80001, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000, 0x0, @perf_bp, 0x2, 0x367, 0x12, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x40000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x1)
close(r8)

[ 1150.064589][T28405] >ffff88811eb43a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1150.072484][T28405]                                            ^
[ 1150.078479][T28405]  ffff88811eb43b00: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc
[ 1150.086375][T28405]  ffff88811eb43b80: fc fc fa fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1150.094270][T28405] ==================================================================
[ 1150.102169][T28405] Disabling lock debugging due to kernel taint
01:16:25 executing program 1:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x75848400, 0x0, 0x1f00, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000ec0)={0x1d, 0x0, 0x0, &(0x7f0000000280)='syzkaller\x00', 0x8e07, 0x9a, &(0x7f0000000d80)=""/154, 0x41100, 0x5, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0xfffffffffffffffc, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000e80)=[{}]}, 0x90)

01:16:25 executing program 4:
syz_clone(0x75848400, 0x0, 0xfeffffff00000000, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

01:16:26 executing program 1:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x75848400, 0x0, 0x2000, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000ec0)={0x1d, 0x0, 0x0, &(0x7f0000000280)='syzkaller\x00', 0x8e07, 0x9a, &(0x7f0000000d80)=""/154, 0x41100, 0x5, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0xfffffffffffffffc, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000e80)=[{}]}, 0x90)

01:16:26 executing program 4:
syz_clone(0x75848400, 0x0, 0xffff030000000000, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

01:16:26 executing program 1:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x75848400, 0x0, 0x3f00, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000ec0)={0x1d, 0x0, 0x0, &(0x7f0000000280)='syzkaller\x00', 0x8e07, 0x9a, &(0x7f0000000d80)=""/154, 0x41100, 0x5, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0xfffffffffffffffc, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000e80)=[{}]}, 0x90)

01:16:26 executing program 2:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 59)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00'}, 0x10)

01:16:26 executing program 3:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) (async)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0) (async)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff) (async)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8) (async)
r1 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0) (async)
openat$cgroup_procs(r1, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r2 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
r6 = syz_clone(0x8041400, 0x0, 0x0, 0x0, &(0x7f0000000a40), 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x0, 0x40, 0x80, 0x4, 0x0, 0x6, 0x402, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, @perf_bp={&(0x7f0000000300), 0x4}, 0x8b1a1, 0x4, 0x7, 0x0, 0x7fffffffffffffff, 0x0, 0x3, 0x0, 0xcfb, 0x0, 0x1f}, r6, 0x7, 0xffffffffffffffff, 0x8) (async)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r7=>0xffffffffffffffff})
recvmsg$unix(r7, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYRESOCT=r6, @ANYRES32=r6, @ANYBLOB="00000000664e1f3e070669334953398e90e3077dc8887c0f91f6ebe905ed81b6aec16cdbfc5425b2a2546bb70500000000000000de218383d30a53e44ef57228e8003011e786e9fe90000b77af65"], 0x18}, 0x0)
perf_event_open(&(0x7f00000002c0)={0x1, 0x80, 0x38, 0x0, 0x7, 0x1, 0x0, 0xff, 0x20094, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000180), 0x1}, 0x904c6, 0x2, 0x1, 0x8, 0x3, 0x8, 0x4, 0x0, 0x7fffffff, 0x0, 0x4}, r6, 0x5, r0, 0x1)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r5)
openat$cgroup_ro(r3, 0x0, 0x0, 0x0) (async)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup/syz1\x00', 0x200002, 0x0) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r2, 0x8, &(0x7f0000000240)={0xa}, 0x8}, 0x90) (async)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff) (async)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16) (async)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0) (async)
socketpair(0x0, 0x0, 0x0, 0x0) (async)
r8 = perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x81, 0x0, 0x0, 0x4, 0x0, 0x3, 0x80001, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000, 0x0, @perf_bp, 0x2, 0x367, 0x12, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x40000000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x1)
close(r8)

01:16:26 executing program 1:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x75848400, 0x0, 0x4000, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000ec0)={0x1d, 0x0, 0x0, &(0x7f0000000280)='syzkaller\x00', 0x8e07, 0x9a, &(0x7f0000000d80)=""/154, 0x41100, 0x5, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0xfffffffffffffffc, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000e80)=[{}]}, 0x90)

01:16:26 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x7a05, 0x1700)
ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x40086602, &(0x7f0000000040))
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x4}, 0x0, 0xfffeffffffffffff, 0xffffffffffffffff, 0x0)
r2 = getpid()
r3 = perf_event_open(0x0, 0x0, 0xa, 0xffffffffffffffff, 0x3)
r4 = getpid()
perf_event_open(&(0x7f0000000600)={0x5, 0x80, 0x6, 0xda, 0x3, 0x4, 0x0, 0x2, 0xc040, 0x5, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x3, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0xd48, 0x4, @perf_config_ext={0x8}, 0x2064, 0x7, 0xfff, 0x1, 0xfffffffffffffc01, 0x9, 0x3, 0x0, 0x3f5, 0x0, 0x3f}, r2, 0xffffffffffffffff, r3, 0xa)
r5 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x8)
perf_event_open(&(0x7f0000000540)={0x4, 0x80, 0x81, 0x1, 0x4, 0x2, 0x0, 0x0, 0x210, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x5, 0x2, @perf_config_ext={0x8, 0x5000000000000}, 0x0, 0x8001, 0x9, 0x0, 0x0, 0x401, 0x3, 0x0, 0x2, 0x0, 0x6}, r4, 0x3, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@bloom_filter={0x1e, 0x1, 0xffff, 0x5, 0x200, r1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x1000001, 0x4, 0xd}, 0x48)
r6 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000780)={&(0x7f0000000340)=ANY=[@ANYRES16, @ANYRES32], 0x0, 0xcb, 0x0, 0xfffffffd}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f0000000a00)=@bloom_filter={0x1e, 0x3, 0x20a, 0x1, 0x812, 0xffffffffffffffff, 0x400, '\x00', 0x0, r6, 0x3, 0x1, 0x3, 0xa}, 0x48)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f00000002c0)=ANY=[@ANYBLOB="9feb010018000000000000002700000001006b1a53a9ad52ee09830048d9596ecf7dd7f6594850b43bf4340200000000"], 0x0, 0x47}, 0x20)
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x40082406, &(0x7f0000000100)='\x00')
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x80000, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1f, 0xd43}, 0x8003, 0x0, 0x0, 0x0, 0x4, 0x8}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x40082404, 0x0)
socketpair(0x1, 0x2, 0x0, &(0x7f0000000140))
perf_event_open(&(0x7f00000003c0)={0x3, 0x80, 0xff, 0x80, 0x1f, 0x7, 0x0, 0xfffffffffffffffe, 0xe019d, 0x9, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x2, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, @perf_bp={&(0x7f0000000080), 0x1}, 0x1002, 0x8, 0x2000000, 0x5, 0xfffffffffffc0000, 0x0, 0x0, 0x0, 0x5}, r2, 0xa, r5, 0x8)
perf_event_open(&(0x7f0000000480)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffdffffffffff, 0xffffffffffffffff, 0x0)
r7 = openat$cgroup_ro(r0, &(0x7f00000000c0)='blkio.bfq.time\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r7, 0x40082404, &(0x7f0000000280)=0x200)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000340)='memory.events.local\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r8, 0x4004662b, &(0x7f00000005c0)=0x1)
socketpair(0x1, 0x2, 0x0, &(0x7f0000000000))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000c00)={0x2b, 0x8, &(0x7f0000001fc0)=ANY=[@ANYBLOB="f9122966", @ANYRES32, @ANYRES16, @ANYRES64, @ANYBLOB="0000000000000000180000170400000000004000ff0f000018160000", @ANYRES64, @ANYBLOB="abc142ddbc454b3216a68b04a88e3b48332524540c63a0b8b610dc67e0203616bb2bda2e9b910038af28ba075988a6ce7e035be822393b987675079149d5c0aa6e7ca74abdca5f367a2907cce57a761c86197be117a33b1b61249e3918ad52b3434d9d1a854c250544fdb4b96e304d7644f82483c0ed89b6ea24600cba819e86ab125fe056b6c556f9a072daf75ebcbba97f5ee5511037858a0225c2486d7e3874762bbe90850db107a5352e5a34f68efd72f1b92dc76b8e8ef250a3a8f6f2bbd331f5c38bd1b5"], &(0x7f0000001d80)='GPL\x00', 0x200, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000880)={0x8, 0x5}, 0x8, 0x10, &(0x7f00000008c0)={0x0, 0x4, 0x7fffffff, 0x2}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000b00)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}, 0x90)
perf_event_open(&(0x7f0000000680)={0x5, 0x80, 0x7, 0x6, 0x4f, 0x4, 0x0, 0x6, 0x6000, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x3, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2, 0x2, @perf_bp={&(0x7f0000000300), 0xc}, 0x1004, 0x3ff, 0x1, 0x0, 0x6, 0x81, 0xcdd, 0x0, 0x0, 0x0, 0xe0}, 0x0, 0x10, 0xffffffffffffffff, 0xa)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000500)='blkio.bfq.time\x00', 0x0, 0x0)
close(0xffffffffffffffff)
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0)

01:16:26 executing program 0:
syz_clone(0x75848400, 0x0, 0x101000, 0x0, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00', r0}, 0x10)

01:16:26 executing program 4:
syz_clone(0x75848400, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

[ 1151.696516][T28467] FAULT_INJECTION: forcing a failure.
[ 1151.696516][T28467] name failslab, interval 1, probability 0, space 0, times 0
[ 1151.725510][T28467] CPU: 0 PID: 28467 Comm: syz-executor.2 Tainted: G    B   W         5.15.132-syzkaller-01173-g754f8cc9b7de #0
[ 1151.737067][T28467] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023
[ 1151.747227][T28467] Call Trace:
[ 1151.750345][T28467]  <TASK>
[ 1151.753123][T28467]  dump_stack_lvl+0x151/0x1b7
[ 1151.757637][T28467]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 1151.763107][T28467]  dump_stack+0x15/0x17
[ 1151.767099][T28467]  should_fail+0x3c6/0x510
[ 1151.771350][T28467]  __should_failslab+0xa4/0xe0
[ 1151.775949][T28467]  ? vm_area_dup+0x26/0x230
[ 1151.780295][T28467]  should_failslab+0x9/0x20
[ 1151.784630][T28467]  slab_pre_alloc_hook+0x37/0xd0
[ 1151.789405][T28467]  ? vm_area_dup+0x26/0x230
[ 1151.793742][T28467]  kmem_cache_alloc+0x44/0x200
[ 1151.798342][T28467]  vm_area_dup+0x26/0x230
[ 1151.802506][T28467]  copy_mm+0x9a1/0x13e0
[ 1151.806505][T28467]  ? copy_signal+0x610/0x610
[ 1151.810923][T28467]  ? __init_rwsem+0xd6/0x1c0
[ 1151.815349][T28467]  ? copy_signal+0x4e3/0x610
[ 1151.819781][T28467]  copy_process+0x12bc/0x3260
[ 1151.824294][T28467]  ? proc_fail_nth_write+0x20b/0x290
[ 1151.829413][T28467]  ? fsnotify_perm+0x6a/0x5d0
[ 1151.833926][T28467]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1151.838869][T28467]  ? vfs_write+0x9ec/0x1110
[ 1151.843211][T28467]  kernel_clone+0x21e/0x9e0
[ 1151.847550][T28467]  ? file_end_write+0x1c0/0x1c0
[ 1151.852241][T28467]  ? create_io_thread+0x1e0/0x1e0
[ 1151.857100][T28467]  ? mutex_unlock+0xb2/0x260
[ 1151.861525][T28467]  ? __mutex_lock_slowpath+0x10/0x10
[ 1151.866736][T28467]  __x64_sys_clone+0x23f/0x290
[ 1151.871385][T28467]  ? __do_sys_vfork+0x130/0x130
[ 1151.876018][T28467]  ? ksys_write+0x260/0x2c0
[ 1151.880364][T28467]  ? debug_smp_processor_id+0x17/0x20
[ 1151.885566][T28467]  ? fpregs_assert_state_consistent+0xb6/0xe0
[ 1151.891619][T28467]  ? exit_to_user_mode_prepare+0x39/0xa0
[ 1151.897086][T28467]  do_syscall_64+0x3d/0xb0
[ 1151.901334][T28467]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1151.907061][T28467] RIP: 0033:0x7f7962f04ae9
[ 1151.911317][T28467] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 1151.930758][T28467] RSP: 002b:00007f7961c87078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1151.938998][T28467] RAX: ffffffffffffffda RBX: 00007f7963023f80 RCX: 00007f7962f04ae9
[ 1151.946811][T28467] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000075848400
[ 1151.954627][T28467] RBP: 00007f7961c87120 R08: 0000000000000000 R09: 0000000000000000
[ 1151.962435][T28467] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1151.970247][T28467] R13: 000000000000000b R14: 00007f7963023f80 R15: 00007ffde0e39ef8
[ 1151.978064][T28467]  </TASK>
01:16:27 executing program 2:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 60)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00'}, 0x10)

01:16:27 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
openat$cgroup_ro(r2, 0x0, 0x0, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa}, 0x8}, 0x90)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0)
socketpair(0x0, 0x0, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, 0xffffffffffffffff)
r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0)
r6 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000100)=ANY=[], &(0x7f00000000c0)='GPL\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000240)={0x7, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x2, 0xffffffff, 0xfffffffc}, 0x74, 0x0, 0x0, 0x0, &(0x7f0000000380)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r5, r6]}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a80)={0x18, 0xa, &(0x7f00000005c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x80800000, 0x0, 0x0, 0x0, 0xca}, [@jmp={0x5, 0x0, 0x1, 0x6, 0x6, 0xffffffffffffffe0, 0x4}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffb}, @call={0x85, 0x0, 0x0, 0x89}, @map_fd={0x18, 0x3}, @map_idx={0x18, 0x7, 0x5, 0x0, 0x4}]}, &(0x7f00000002c0)='GPL\x00', 0x3f, 0x86, &(0x7f0000000700)=""/134, 0x41100, 0x56, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000880)={0x1, 0x2, 0x2, 0x1f}, 0x10, 0x0, 0x0, 0x7, &(0x7f0000000940)=[0xffffffffffffffff], &(0x7f0000000980)=[{0x3, 0x3, 0xc, 0xc}, {0x0, 0x5, 0xd, 0x6}, {0x4, 0x2, 0xf, 0xa}, {0x4, 0x4, 0x0, 0x5}, {0x5, 0x3, 0x6, 0x5}, {0x3, 0x5, 0x10, 0x5}, {0x0, 0x3, 0x8, 0x2}], 0x10, 0x3}, 0x90)
bpf$ITER_CREATE(0x21, &(0x7f0000000000), 0x8)
r7 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
close(r7)

01:16:27 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff) (async, rerun: 32)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8) (async, rerun: 32)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0) (async)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2) (async)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
openat$cgroup_ro(r2, 0x0, 0x0, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa}, 0x8}, 0x90) (async, rerun: 64)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff) (async, rerun: 64)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16) (async)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0) (async)
socketpair(0x0, 0x0, 0x0, 0x0) (async)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, 0xffffffffffffffff) (async)
r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0) (async)
r6 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000100)=ANY=[], &(0x7f00000000c0)='GPL\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000240)={0x7, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x2, 0xffffffff, 0xfffffffc}, 0x74, 0x0, 0x0, 0x0, &(0x7f0000000380)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r5, r6]}, 0x90) (async, rerun: 64)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a80)={0x18, 0xa, &(0x7f00000005c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x80800000, 0x0, 0x0, 0x0, 0xca}, [@jmp={0x5, 0x0, 0x1, 0x6, 0x6, 0xffffffffffffffe0, 0x4}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffb}, @call={0x85, 0x0, 0x0, 0x89}, @map_fd={0x18, 0x3}, @map_idx={0x18, 0x7, 0x5, 0x0, 0x4}]}, &(0x7f00000002c0)='GPL\x00', 0x3f, 0x86, &(0x7f0000000700)=""/134, 0x41100, 0x56, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000880)={0x1, 0x2, 0x2, 0x1f}, 0x10, 0x0, 0x0, 0x7, &(0x7f0000000940)=[0xffffffffffffffff], &(0x7f0000000980)=[{0x3, 0x3, 0xc, 0xc}, {0x0, 0x5, 0xd, 0x6}, {0x4, 0x2, 0xf, 0xa}, {0x4, 0x4, 0x0, 0x5}, {0x5, 0x3, 0x6, 0x5}, {0x3, 0x5, 0x10, 0x5}, {0x0, 0x3, 0x8, 0x2}], 0x10, 0x3}, 0x90) (async, rerun: 64)
bpf$ITER_CREATE(0x21, &(0x7f0000000000), 0x8) (async)
r7 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
close(r7)

[ 1152.104964][T28486] FAULT_INJECTION: forcing a failure.
[ 1152.104964][T28486] name failslab, interval 1, probability 0, space 0, times 0
01:16:27 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) (async, rerun: 64)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0) (rerun: 64)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff) (async, rerun: 32)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8) (async, rerun: 32)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0) (async)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4) (async)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2) (async, rerun: 32)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0) (rerun: 32)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4) (async)
openat$cgroup_ro(r2, 0x0, 0x0, 0x0) (async, rerun: 32)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0) (async, rerun: 32)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa}, 0x8}, 0x90) (async, rerun: 64)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff) (async, rerun: 64)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0) (async, rerun: 32)
socketpair(0x0, 0x0, 0x0, 0x0) (rerun: 32)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, 0xffffffffffffffff)
r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0) (async)
r6 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000100)=ANY=[], &(0x7f00000000c0)='GPL\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000240)={0x7, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x2, 0xffffffff, 0xfffffffc}, 0x74, 0x0, 0x0, 0x0, &(0x7f0000000380)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r5, r6]}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a80)={0x18, 0xa, &(0x7f00000005c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x80800000, 0x0, 0x0, 0x0, 0xca}, [@jmp={0x5, 0x0, 0x1, 0x6, 0x6, 0xffffffffffffffe0, 0x4}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffb}, @call={0x85, 0x0, 0x0, 0x89}, @map_fd={0x18, 0x3}, @map_idx={0x18, 0x7, 0x5, 0x0, 0x4}]}, &(0x7f00000002c0)='GPL\x00', 0x3f, 0x86, &(0x7f0000000700)=""/134, 0x41100, 0x56, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000880)={0x1, 0x2, 0x2, 0x1f}, 0x10, 0x0, 0x0, 0x7, &(0x7f0000000940)=[0xffffffffffffffff], &(0x7f0000000980)=[{0x3, 0x3, 0xc, 0xc}, {0x0, 0x5, 0xd, 0x6}, {0x4, 0x2, 0xf, 0xa}, {0x4, 0x4, 0x0, 0x5}, {0x5, 0x3, 0x6, 0x5}, {0x3, 0x5, 0x10, 0x5}, {0x0, 0x3, 0x8, 0x2}], 0x10, 0x3}, 0x90)
bpf$ITER_CREATE(0x21, &(0x7f0000000000), 0x8) (async)
r7 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
close(r7)

[ 1152.185017][T28486] CPU: 0 PID: 28486 Comm: syz-executor.2 Tainted: G    B   W         5.15.132-syzkaller-01173-g754f8cc9b7de #0
[ 1152.196587][T28486] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023
[ 1152.206486][T28486] Call Trace:
[ 1152.209602][T28486]  <TASK>
[ 1152.212381][T28486]  dump_stack_lvl+0x151/0x1b7
[ 1152.216900][T28486]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 1152.222362][T28486]  dump_stack+0x15/0x17
[ 1152.226353][T28486]  should_fail+0x3c6/0x510
[ 1152.230605][T28486]  __should_failslab+0xa4/0xe0
[ 1152.235207][T28486]  ? vm_area_dup+0x26/0x230
[ 1152.239544][T28486]  should_failslab+0x9/0x20
[ 1152.243886][T28486]  slab_pre_alloc_hook+0x37/0xd0
[ 1152.248922][T28486]  ? vm_area_dup+0x26/0x230
[ 1152.253255][T28486]  kmem_cache_alloc+0x44/0x200
[ 1152.257857][T28486]  vm_area_dup+0x26/0x230
[ 1152.262025][T28486]  copy_mm+0x9a1/0x13e0
[ 1152.266019][T28486]  ? copy_signal+0x610/0x610
[ 1152.270443][T28486]  ? __init_rwsem+0xd6/0x1c0
[ 1152.274869][T28486]  ? copy_signal+0x4e3/0x610
[ 1152.279298][T28486]  copy_process+0x12bc/0x3260
[ 1152.283810][T28486]  ? proc_fail_nth_write+0x20b/0x290
[ 1152.288930][T28486]  ? fsnotify_perm+0x6a/0x5d0
[ 1152.293441][T28486]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1152.298484][T28486]  ? vfs_write+0x9ec/0x1110
[ 1152.302821][T28486]  kernel_clone+0x21e/0x9e0
[ 1152.307161][T28486]  ? file_end_write+0x1c0/0x1c0
[ 1152.311844][T28486]  ? create_io_thread+0x1e0/0x1e0
[ 1152.316703][T28486]  ? mutex_unlock+0xb2/0x260
[ 1152.321131][T28486]  ? __mutex_lock_slowpath+0x10/0x10
[ 1152.326250][T28486]  __x64_sys_clone+0x23f/0x290
[ 1152.330850][T28486]  ? __do_sys_vfork+0x130/0x130
[ 1152.335538][T28486]  ? ksys_write+0x260/0x2c0
[ 1152.339877][T28486]  ? debug_smp_processor_id+0x17/0x20
[ 1152.345083][T28486]  ? fpregs_assert_state_consistent+0xb6/0xe0
[ 1152.350984][T28486]  ? exit_to_user_mode_prepare+0x39/0xa0
[ 1152.356458][T28486]  do_syscall_64+0x3d/0xb0
[ 1152.360705][T28486]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1152.366432][T28486] RIP: 0033:0x7f7962f04ae9
[ 1152.370687][T28486] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 1152.390131][T28486] RSP: 002b:00007f7961c87078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1152.398373][T28486] RAX: ffffffffffffffda RBX: 00007f7963023f80 RCX: 00007f7962f04ae9
[ 1152.406190][T28486] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000075848400
[ 1152.413993][T28486] RBP: 00007f7961c87120 R08: 0000000000000000 R09: 0000000000000000
[ 1152.421806][T28486] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
01:16:27 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) (async)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x7a05, 0x1700)
ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x40086602, &(0x7f0000000040)) (async, rerun: 64)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x4}, 0x0, 0xfffeffffffffffff, 0xffffffffffffffff, 0x0) (async, rerun: 64)
r2 = getpid() (async)
r3 = perf_event_open(0x0, 0x0, 0xa, 0xffffffffffffffff, 0x3)
r4 = getpid()
perf_event_open(&(0x7f0000000600)={0x5, 0x80, 0x6, 0xda, 0x3, 0x4, 0x0, 0x2, 0xc040, 0x5, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x3, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0xd48, 0x4, @perf_config_ext={0x8}, 0x2064, 0x7, 0xfff, 0x1, 0xfffffffffffffc01, 0x9, 0x3, 0x0, 0x3f5, 0x0, 0x3f}, r2, 0xffffffffffffffff, r3, 0xa) (async)
r5 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x8)
perf_event_open(&(0x7f0000000540)={0x4, 0x80, 0x81, 0x1, 0x4, 0x2, 0x0, 0x0, 0x210, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x5, 0x2, @perf_config_ext={0x8, 0x5000000000000}, 0x0, 0x8001, 0x9, 0x0, 0x0, 0x401, 0x3, 0x0, 0x2, 0x0, 0x6}, r4, 0x3, 0xffffffffffffffff, 0x0) (async, rerun: 32)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@bloom_filter={0x1e, 0x1, 0xffff, 0x5, 0x200, r1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x1000001, 0x4, 0xd}, 0x48) (async, rerun: 32)
r6 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000780)={&(0x7f0000000340)=ANY=[@ANYRES16, @ANYRES32], 0x0, 0xcb, 0x0, 0xfffffffd}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f0000000a00)=@bloom_filter={0x1e, 0x3, 0x20a, 0x1, 0x812, 0xffffffffffffffff, 0x400, '\x00', 0x0, r6, 0x3, 0x1, 0x3, 0xa}, 0x48)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f00000002c0)=ANY=[@ANYBLOB="9feb010018000000000000002700000001006b1a53a9ad52ee09830048d9596ecf7dd7f6594850b43bf4340200000000"], 0x0, 0x47}, 0x20) (async)
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x40082406, &(0x7f0000000100)='\x00') (async)
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x80000, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1f, 0xd43}, 0x8003, 0x0, 0x0, 0x0, 0x4, 0x8}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x40082404, 0x0) (async)
socketpair(0x1, 0x2, 0x0, &(0x7f0000000140))
perf_event_open(&(0x7f00000003c0)={0x3, 0x80, 0xff, 0x80, 0x1f, 0x7, 0x0, 0xfffffffffffffffe, 0xe019d, 0x9, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x2, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, @perf_bp={&(0x7f0000000080), 0x1}, 0x1002, 0x8, 0x2000000, 0x5, 0xfffffffffffc0000, 0x0, 0x0, 0x0, 0x5}, r2, 0xa, r5, 0x8) (async)
perf_event_open(&(0x7f0000000480)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffdffffffffff, 0xffffffffffffffff, 0x0) (async)
r7 = openat$cgroup_ro(r0, &(0x7f00000000c0)='blkio.bfq.time\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r7, 0x40082404, &(0x7f0000000280)=0x200) (async)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000340)='memory.events.local\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r8, 0x4004662b, &(0x7f00000005c0)=0x1) (async)
socketpair(0x1, 0x2, 0x0, &(0x7f0000000000)) (async, rerun: 32)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000c00)={0x2b, 0x8, &(0x7f0000001fc0)=ANY=[@ANYBLOB="f9122966", @ANYRES32, @ANYRES16, @ANYRES64, @ANYBLOB="0000000000000000180000170400000000004000ff0f000018160000", @ANYRES64, @ANYBLOB="abc142ddbc454b3216a68b04a88e3b48332524540c63a0b8b610dc67e0203616bb2bda2e9b910038af28ba075988a6ce7e035be822393b987675079149d5c0aa6e7ca74abdca5f367a2907cce57a761c86197be117a33b1b61249e3918ad52b3434d9d1a854c250544fdb4b96e304d7644f82483c0ed89b6ea24600cba819e86ab125fe056b6c556f9a072daf75ebcbba97f5ee5511037858a0225c2486d7e3874762bbe90850db107a5352e5a34f68efd72f1b92dc76b8e8ef250a3a8f6f2bbd331f5c38bd1b5"], &(0x7f0000001d80)='GPL\x00', 0x200, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000880)={0x8, 0x5}, 0x8, 0x10, &(0x7f00000008c0)={0x0, 0x4, 0x7fffffff, 0x2}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000b00)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}, 0x90) (async, rerun: 32)
perf_event_open(&(0x7f0000000680)={0x5, 0x80, 0x7, 0x6, 0x4f, 0x4, 0x0, 0x6, 0x6000, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x3, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2, 0x2, @perf_bp={&(0x7f0000000300), 0xc}, 0x1004, 0x3ff, 0x1, 0x0, 0x6, 0x81, 0xcdd, 0x0, 0x0, 0x0, 0xe0}, 0x0, 0x10, 0xffffffffffffffff, 0xa) (async)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000500)='blkio.bfq.time\x00', 0x0, 0x0) (async)
close(0xffffffffffffffff) (async)
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0)

01:16:27 executing program 2:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 61)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00'}, 0x10)

[ 1152.429620][T28486] R13: 000000000000000b R14: 00007f7963023f80 R15: 00007ffde0e39ef8
[ 1152.437431][T28486]  </TASK>
01:16:27 executing program 4:
syz_clone(0x75848400, 0x0, 0xffffffffa002a000, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

01:16:27 executing program 1:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x75848400, 0x0, 0x4100, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000ec0)={0x1d, 0x0, 0x0, &(0x7f0000000280)='syzkaller\x00', 0x8e07, 0x9a, &(0x7f0000000d80)=""/154, 0x41100, 0x5, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0xfffffffffffffffc, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000e80)=[{}]}, 0x90)

01:16:27 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) (async)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x7a05, 0x1700) (async)
ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x40086602, &(0x7f0000000040))
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x4}, 0x0, 0xfffeffffffffffff, 0xffffffffffffffff, 0x0) (async, rerun: 64)
r2 = getpid() (async, rerun: 64)
r3 = perf_event_open(0x0, 0x0, 0xa, 0xffffffffffffffff, 0x3) (async)
r4 = getpid()
perf_event_open(&(0x7f0000000600)={0x5, 0x80, 0x6, 0xda, 0x3, 0x4, 0x0, 0x2, 0xc040, 0x5, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x3, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0xd48, 0x4, @perf_config_ext={0x8}, 0x2064, 0x7, 0xfff, 0x1, 0xfffffffffffffc01, 0x9, 0x3, 0x0, 0x3f5, 0x0, 0x3f}, r2, 0xffffffffffffffff, r3, 0xa) (async)
r5 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x8) (async)
perf_event_open(&(0x7f0000000540)={0x4, 0x80, 0x81, 0x1, 0x4, 0x2, 0x0, 0x0, 0x210, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x5, 0x2, @perf_config_ext={0x8, 0x5000000000000}, 0x0, 0x8001, 0x9, 0x0, 0x0, 0x401, 0x3, 0x0, 0x2, 0x0, 0x6}, r4, 0x3, 0xffffffffffffffff, 0x0) (async)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@bloom_filter={0x1e, 0x1, 0xffff, 0x5, 0x200, r1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x1000001, 0x4, 0xd}, 0x48) (async)
r6 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000780)={&(0x7f0000000340)=ANY=[@ANYRES16, @ANYRES32], 0x0, 0xcb, 0x0, 0xfffffffd}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f0000000a00)=@bloom_filter={0x1e, 0x3, 0x20a, 0x1, 0x812, 0xffffffffffffffff, 0x400, '\x00', 0x0, r6, 0x3, 0x1, 0x3, 0xa}, 0x48) (async, rerun: 64)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f00000002c0)=ANY=[@ANYBLOB="9feb010018000000000000002700000001006b1a53a9ad52ee09830048d9596ecf7dd7f6594850b43bf4340200000000"], 0x0, 0x47}, 0x20) (async, rerun: 64)
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x40082406, &(0x7f0000000100)='\x00') (async, rerun: 64)
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x80000, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1f, 0xd43}, 0x8003, 0x0, 0x0, 0x0, 0x4, 0x8}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0) (async, rerun: 64)
ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x40082404, 0x0)
socketpair(0x1, 0x2, 0x0, &(0x7f0000000140))
perf_event_open(&(0x7f00000003c0)={0x3, 0x80, 0xff, 0x80, 0x1f, 0x7, 0x0, 0xfffffffffffffffe, 0xe019d, 0x9, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x2, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, @perf_bp={&(0x7f0000000080), 0x1}, 0x1002, 0x8, 0x2000000, 0x5, 0xfffffffffffc0000, 0x0, 0x0, 0x0, 0x5}, r2, 0xa, r5, 0x8)
perf_event_open(&(0x7f0000000480)={0x2, 0x80, 0xd7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfffffdffffffffff, 0xffffffffffffffff, 0x0) (async)
r7 = openat$cgroup_ro(r0, &(0x7f00000000c0)='blkio.bfq.time\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r7, 0x40082404, &(0x7f0000000280)=0x200) (async)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000340)='memory.events.local\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r8, 0x4004662b, &(0x7f00000005c0)=0x1)
socketpair(0x1, 0x2, 0x0, &(0x7f0000000000)) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000c00)={0x2b, 0x8, &(0x7f0000001fc0)=ANY=[@ANYBLOB="f9122966", @ANYRES32, @ANYRES16, @ANYRES64, @ANYBLOB="0000000000000000180000170400000000004000ff0f000018160000", @ANYRES64, @ANYBLOB="abc142ddbc454b3216a68b04a88e3b48332524540c63a0b8b610dc67e0203616bb2bda2e9b910038af28ba075988a6ce7e035be822393b987675079149d5c0aa6e7ca74abdca5f367a2907cce57a761c86197be117a33b1b61249e3918ad52b3434d9d1a854c250544fdb4b96e304d7644f82483c0ed89b6ea24600cba819e86ab125fe056b6c556f9a072daf75ebcbba97f5ee5511037858a0225c2486d7e3874762bbe90850db107a5352e5a34f68efd72f1b92dc76b8e8ef250a3a8f6f2bbd331f5c38bd1b5"], &(0x7f0000001d80)='GPL\x00', 0x200, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000880)={0x8, 0x5}, 0x8, 0x10, &(0x7f00000008c0)={0x0, 0x4, 0x7fffffff, 0x2}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000b00)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}, 0x90) (async)
perf_event_open(&(0x7f0000000680)={0x5, 0x80, 0x7, 0x6, 0x4f, 0x4, 0x0, 0x6, 0x6000, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x3, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2, 0x2, @perf_bp={&(0x7f0000000300), 0xc}, 0x1004, 0x3ff, 0x1, 0x0, 0x6, 0x81, 0xcdd, 0x0, 0x0, 0x0, 0xe0}, 0x0, 0x10, 0xffffffffffffffff, 0xa)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000500)='blkio.bfq.time\x00', 0x0, 0x0) (async)
close(0xffffffffffffffff)
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0)

01:16:27 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
openat$cgroup_ro(r2, 0x0, 0x0, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa}, 0x8}, 0x90)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x200002, 0x0)
socketpair(0x0, 0x0, 0x0, 0x0)
r5 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
close(r5)

[ 1152.605828][T28523] FAULT_INJECTION: forcing a failure.
[ 1152.605828][T28523] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1152.670857][T28523] CPU: 1 PID: 28523 Comm: syz-executor.2 Tainted: G    B   W         5.15.132-syzkaller-01173-g754f8cc9b7de #0
[ 1152.682423][T28523] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023
[ 1152.692325][T28523] Call Trace:
[ 1152.695441][T28523]  <TASK>
[ 1152.698221][T28523]  dump_stack_lvl+0x151/0x1b7
[ 1152.702734][T28523]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 1152.708199][T28523]  ? __update_load_avg_cfs_rq+0xb1/0x2f0
[ 1152.713669][T28523]  dump_stack+0x15/0x17
[ 1152.717664][T28523]  should_fail+0x3c6/0x510
[ 1152.721919][T28523]  should_fail_alloc_page+0x5a/0x80
[ 1152.726949][T28523]  prepare_alloc_pages+0x15c/0x700
[ 1152.731903][T28523]  ? __alloc_pages_bulk+0xe60/0xe60
[ 1152.736928][T28523]  ? sched_clock+0x9/0x10
[ 1152.741099][T28523]  __alloc_pages+0x138/0x5e0
[ 1152.745523][T28523]  ? prep_new_page+0x110/0x110
[ 1152.750556][T28523]  ? 0xffffffffa002a000
[ 1152.754549][T28523]  ? is_bpf_text_address+0x172/0x190
[ 1152.759671][T28523]  pte_alloc_one+0x73/0x1b0
[ 1152.764008][T28523]  ? pfn_modify_allowed+0x2f0/0x2f0
[ 1152.769040][T28523]  ? arch_stack_walk+0xf3/0x140
[ 1152.773727][T28523]  __pte_alloc+0x86/0x350
[ 1152.777894][T28523]  ? free_pgtables+0x280/0x280
[ 1152.782494][T28523]  ? _raw_spin_lock+0xa4/0x1b0
[ 1152.787096][T28523]  ? __kasan_check_write+0x14/0x20
[ 1152.792044][T28523]  copy_page_range+0x28a8/0x2f90
[ 1152.796814][T28523]  ? __kasan_slab_alloc+0xb1/0xe0
[ 1152.801686][T28523]  ? pfn_valid+0x1e0/0x1e0
[ 1152.805927][T28523]  ? vma_gap_callbacks_rotate+0x1e2/0x210
[ 1152.811483][T28523]  ? __rb_insert_augmented+0x5de/0x610
[ 1152.816782][T28523]  copy_mm+0xc7e/0x13e0
[ 1152.820773][T28523]  ? copy_signal+0x610/0x610
[ 1152.825194][T28523]  ? __init_rwsem+0xd6/0x1c0
[ 1152.829622][T28523]  ? copy_signal+0x4e3/0x610
[ 1152.834049][T28523]  copy_process+0x12bc/0x3260
[ 1152.838560][T28523]  ? irqentry_exit+0x30/0x40
[ 1152.842988][T28523]  ? proc_fail_nth_read+0x210/0x210
[ 1152.848368][T28523]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1152.853313][T28523]  ? vfs_write+0x9ec/0x1110
[ 1152.857738][T28523]  kernel_clone+0x21e/0x9e0
[ 1152.862076][T28523]  ? file_end_write+0x1c0/0x1c0
[ 1152.866761][T28523]  ? create_io_thread+0x1e0/0x1e0
[ 1152.871625][T28523]  ? mutex_unlock+0xb2/0x260
[ 1152.876048][T28523]  ? __mutex_lock_slowpath+0x10/0x10
[ 1152.881170][T28523]  __x64_sys_clone+0x23f/0x290
[ 1152.885771][T28523]  ? __do_sys_vfork+0x130/0x130
[ 1152.890456][T28523]  ? switch_fpu_return+0x1ed/0x3d0
[ 1152.895405][T28523]  ? __kasan_check_read+0x11/0x20
[ 1152.900265][T28523]  ? exit_to_user_mode_prepare+0x7e/0xa0
[ 1152.905731][T28523]  do_syscall_64+0x3d/0xb0
[ 1152.909988][T28523]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1152.915714][T28523] RIP: 0033:0x7f7962f04ae9
[ 1152.919968][T28523] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 1152.939406][T28523] RSP: 002b:00007f7961c87078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1152.947653][T28523] RAX: ffffffffffffffda RBX: 00007f7963023f80 RCX: 00007f7962f04ae9
[ 1152.955461][T28523] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000075848400
[ 1152.963273][T28523] RBP: 00007f7961c87120 R08: 0000000000000000 R09: 0000000000000000
[ 1152.971085][T28523] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1152.978898][T28523] R13: 000000000000000b R14: 00007f7963023f80 R15: 00007ffde0e39ef8
[ 1152.986715][T28523]  </TASK>
01:16:29 executing program 0:
syz_clone(0x75848400, 0x0, 0x700000, 0x0, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00', r0}, 0x10)

01:16:29 executing program 5:
perf_event_open(&(0x7f0000000800)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x5, 0x5, &(0x7f0000000000)=@framed={{}, [@alu={0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, @jmp={0x5, 0x0, 0x7, 0x0, 0x0, 0xfffffffffffffffe, 0xa0010000}], {0x95, 0x0, 0x0, 0x1a03d3}}, &(0x7f0000000100)='GPL\x00', 0x3, 0xfa, &(0x7f0000000140)=""/250}, 0x80)
perf_event_open(&(0x7f0000000040)={0x4, 0x80, 0x1, 0x5, 0x2, 0x9, 0x0, 0x100000001, 0x4060, 0x4, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x3, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x4, 0x4, @perf_config_ext={0x4, 0x8}, 0x18401, 0x607, 0x80000000, 0x8, 0x81, 0x10000, 0x8000, 0x0, 0x1, 0x0, 0x6}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x3)
ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x401c5820, 0x0)
r0 = syz_clone(0x8041400, 0x0, 0x0, 0x0, &(0x7f0000000a40), 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x0, 0x40, 0x80, 0x4, 0x0, 0x6, 0x402, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, @perf_bp={&(0x7f0000000300), 0x4}, 0x8b1a1, 0x4, 0x7, 0x0, 0x7fffffffffffffff, 0x0, 0x3, 0x0, 0xcfb, 0x0, 0x1f}, r0, 0x7, 0xffffffffffffffff, 0x8)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r1=>0xffffffffffffffff})
recvmsg$unix(r1, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYRESOCT=r0, @ANYRES32=r0, @ANYBLOB="00000000664e1f3e070669334953398e90e3077dc8887c0f91f6ebe905ed81b6aec16cdbfc5425b2a2546bb70500000000000000de218383d30a53e44ef57228e8003011e786e9fe90000b77af65"], 0x18}, 0x0)
r2 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r5)
r6 = openat$cgroup_ro(r3, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0)
r7 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18c25fd1f45e9059827d3f7423e3b5d69cce000000000000000000"], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r2, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r3, r4, r5, 0xffffffffffffffff, r6, r7]}, 0x80)
perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x9, 0x1, 0xb4, 0x0, 0x0, 0x4, 0x10, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x3ff, 0x1}, 0x5500, 0x7f, 0x200, 0x7, 0x2, 0x6, 0x5, 0x0, 0xff, 0x0, 0x9}, r0, 0x10, r6, 0x2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
perf_event_open$cgroup(&(0x7f0000000300)={0x3, 0x80, 0x1a, 0x0, 0x0, 0x0, 0x0, 0x7ff, 0x20a, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x4}, 0x81252, 0xfe2, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x6, 0x0, 0xa39}, 0xffffffffffffffff, 0xe, 0xffffffffffffffff, 0xc)

01:16:29 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) (async)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0) (async)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff) (async)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8) (async)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0) (async)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4) (async)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3) (async)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
openat$cgroup_ro(r2, 0x0, 0x0, 0x0) (async)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa}, 0x8}, 0x90)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0) (async)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x200002, 0x0) (async)
socketpair(0x0, 0x0, 0x0, 0x0) (async)
r5 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
close(r5)

01:16:29 executing program 1:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x75848400, 0x0, 0x7000, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000ec0)={0x1d, 0x0, 0x0, &(0x7f0000000280)='syzkaller\x00', 0x8e07, 0x9a, &(0x7f0000000d80)=""/154, 0x41100, 0x5, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0xfffffffffffffffc, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000e80)=[{}]}, 0x90)

01:16:29 executing program 2:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 62)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00'}, 0x10)

01:16:29 executing program 4:
syz_clone(0x901000, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

[ 1153.962819][T28553] FAULT_INJECTION: forcing a failure.
[ 1153.962819][T28553] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1153.985824][T28553] CPU: 0 PID: 28553 Comm: syz-executor.2 Tainted: G    B   W         5.15.132-syzkaller-01173-g754f8cc9b7de #0
[ 1153.997381][T28553] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023
[ 1154.007270][T28553] Call Trace:
[ 1154.010393][T28553]  <TASK>
[ 1154.013170][T28553]  dump_stack_lvl+0x151/0x1b7
[ 1154.017685][T28553]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 1154.023152][T28553]  dump_stack+0x15/0x17
[ 1154.027143][T28553]  should_fail+0x3c6/0x510
[ 1154.031397][T28553]  should_fail_alloc_page+0x5a/0x80
[ 1154.036433][T28553]  prepare_alloc_pages+0x15c/0x700
[ 1154.041378][T28553]  ? __alloc_pages+0x5e0/0x5e0
[ 1154.045978][T28553]  ? __alloc_pages_bulk+0xe60/0xe60
[ 1154.051010][T28553]  ? sched_clock+0x9/0x10
[ 1154.055176][T28553]  __alloc_pages+0x138/0x5e0
[ 1154.059625][T28553]  ? prep_new_page+0x110/0x110
[ 1154.064218][T28553]  ? 0xffffffffa002a000
[ 1154.068199][T28553]  ? is_bpf_text_address+0x172/0x190
[ 1154.073406][T28553]  pte_alloc_one+0x73/0x1b0
[ 1154.077744][T28553]  ? pfn_modify_allowed+0x2f0/0x2f0
[ 1154.082777][T28553]  ? arch_stack_walk+0xf3/0x140
[ 1154.087464][T28553]  __pte_alloc+0x86/0x350
[ 1154.091637][T28553]  ? free_pgtables+0x280/0x280
[ 1154.096228][T28553]  ? _raw_spin_lock+0xa4/0x1b0
[ 1154.100834][T28553]  ? __kasan_check_write+0x14/0x20
[ 1154.105779][T28553]  copy_page_range+0x28a8/0x2f90
[ 1154.110553][T28553]  ? __kasan_slab_alloc+0xb1/0xe0
[ 1154.115415][T28553]  ? pfn_valid+0x1e0/0x1e0
[ 1154.119673][T28553]  ? rwsem_write_trylock+0x15b/0x290
[ 1154.124789][T28553]  copy_mm+0xc7e/0x13e0
[ 1154.128780][T28553]  ? copy_signal+0x610/0x610
[ 1154.133203][T28553]  ? __init_rwsem+0xd6/0x1c0
[ 1154.137631][T28553]  ? copy_signal+0x4e3/0x610
[ 1154.142062][T28553]  copy_process+0x12bc/0x3260
[ 1154.146574][T28553]  ? proc_fail_nth_write+0x20b/0x290
[ 1154.151812][T28553]  ? fsnotify_perm+0x6a/0x5d0
[ 1154.156323][T28553]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1154.161267][T28553]  ? vfs_write+0x9ec/0x1110
[ 1154.165612][T28553]  kernel_clone+0x21e/0x9e0
[ 1154.170034][T28553]  ? file_end_write+0x1c0/0x1c0
[ 1154.174722][T28553]  ? create_io_thread+0x1e0/0x1e0
[ 1154.179584][T28553]  ? mutex_unlock+0xb2/0x260
[ 1154.184007][T28553]  ? __mutex_lock_slowpath+0x10/0x10
[ 1154.189130][T28553]  __x64_sys_clone+0x23f/0x290
[ 1154.193729][T28553]  ? __do_sys_vfork+0x130/0x130
[ 1154.198417][T28553]  ? ksys_write+0x260/0x2c0
[ 1154.202754][T28553]  ? debug_smp_processor_id+0x17/0x20
[ 1154.207962][T28553]  ? fpregs_assert_state_consistent+0xb6/0xe0
[ 1154.213894][T28553]  ? exit_to_user_mode_prepare+0x39/0xa0
[ 1154.219333][T28553]  do_syscall_64+0x3d/0xb0
[ 1154.223581][T28553]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1154.229344][T28553] RIP: 0033:0x7f7962f04ae9
[ 1154.233571][T28553] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 1154.253032][T28553] RSP: 002b:00007f7961c87078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
01:16:29 executing program 2:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 63)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00'}, 0x10)

[ 1154.261364][T28553] RAX: ffffffffffffffda RBX: 00007f7963023f80 RCX: 00007f7962f04ae9
[ 1154.269327][T28553] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000075848400
[ 1154.277132][T28553] RBP: 00007f7961c87120 R08: 0000000000000000 R09: 0000000000000000
[ 1154.284944][T28553] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1154.292754][T28553] R13: 000000000000000b R14: 00007f7963023f80 R15: 00007ffde0e39ef8
[ 1154.300571][T28553]  </TASK>
01:16:29 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) (async)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff) (async)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8) (async)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0) (async)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0) (async)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2) (async, rerun: 64)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0) (rerun: 64)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4) (async, rerun: 32)
openat$cgroup_ro(r2, 0x0, 0x0, 0x0) (async, rerun: 32)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa}, 0x8}, 0x90) (async)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x200002, 0x0) (async, rerun: 32)
socketpair(0x0, 0x0, 0x0, 0x0) (rerun: 32)
r5 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
close(r5)

01:16:29 executing program 4:
syz_clone(0x901000, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

01:16:29 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000003, 0x82100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x7, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
r0 = bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r1 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r1, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r2 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
close(r0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r5)
ioctl$PERF_EVENT_IOC_QUERY_BPF(r0, 0xc008240a, &(0x7f0000000000)={0x5, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0]})
openat$cgroup_ro(r3, 0x0, 0x0, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r2, 0x8, &(0x7f0000000240)={0xa}, 0x8}, 0x90)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff)
write$cgroup_subtree(r0, 0x0, 0x0)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x40010011)
socketpair(0x0, 0x0, 0x0, 0x0)
r6 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
close(r6)

01:16:29 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000003, 0x82100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x7, 0xffffffffffffffff, 0x0) (async)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) (async)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff) (async)
r0 = bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8) (async)
r1 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0) (async)
openat$cgroup_procs(r1, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r2 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4) (async)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
close(r0) (async)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3) (async)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4) (async, rerun: 32)
r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0) (rerun: 32)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r5) (async, rerun: 32)
ioctl$PERF_EVENT_IOC_QUERY_BPF(r0, 0xc008240a, &(0x7f0000000000)={0x5, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0]}) (rerun: 32)
openat$cgroup_ro(r3, 0x0, 0x0, 0x0) (async, rerun: 32)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0) (async, rerun: 32)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r2, 0x8, &(0x7f0000000240)={0xa}, 0x8}, 0x90) (async, rerun: 64)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff) (async, rerun: 64)
write$cgroup_subtree(r0, 0x0, 0x0) (async, rerun: 64)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x40010011) (async, rerun: 64)
socketpair(0x0, 0x0, 0x0, 0x0) (async)
r6 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
close(r6)

01:16:29 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000003, 0x82100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x7, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
r0 = bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r1 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r1, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0) (async)
openat$cgroup_procs(r1, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4) (async)
r2 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
close(r0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0) (async)
r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r5) (async)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r5)
ioctl$PERF_EVENT_IOC_QUERY_BPF(r0, 0xc008240a, &(0x7f0000000000)={0x5, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0]})
openat$cgroup_ro(r3, 0x0, 0x0, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r2, 0x8, &(0x7f0000000240)={0xa}, 0x8}, 0x90)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff) (async)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff)
write$cgroup_subtree(r0, 0x0, 0x0) (async)
write$cgroup_subtree(r0, 0x0, 0x0)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x40010011) (async)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x40010011)
socketpair(0x0, 0x0, 0x0, 0x0) (async)
socketpair(0x0, 0x0, 0x0, 0x0)
r6 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
close(r6)

01:16:29 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r0)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0)
r2 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18c25fd1f45e9059827d3f7423e3b5d69cce000000000000000000"], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[0xffffffffffffffff, 0xffffffffffffffff, r0, 0xffffffffffffffff, r1, r2]}, 0x80)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='rdma.current\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r3 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r3, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r4 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r5)
r6 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r6)
r7 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r7)
openat$cgroup_ro(r5, 0x0, 0x0, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r4, 0x8, &(0x7f0000000240)={0xa}, 0x8}, 0x90)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0)
socketpair(0x0, 0x0, 0x0, 0x0)
r8 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
close(r8)

[ 1155.071360][T28601] FAULT_INJECTION: forcing a failure.
[ 1155.071360][T28601] name failslab, interval 1, probability 0, space 0, times 0
[ 1155.105508][T28601] CPU: 0 PID: 28601 Comm: syz-executor.2 Tainted: G    B   W         5.15.132-syzkaller-01173-g754f8cc9b7de #0
[ 1155.117114][T28601] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023
[ 1155.126959][T28601] Call Trace:
[ 1155.130085][T28601]  <TASK>
[ 1155.132857][T28601]  dump_stack_lvl+0x151/0x1b7
[ 1155.137375][T28601]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 1155.142842][T28601]  dump_stack+0x15/0x17
[ 1155.146829][T28601]  should_fail+0x3c6/0x510
[ 1155.151089][T28601]  __should_failslab+0xa4/0xe0
[ 1155.155686][T28601]  ? anon_vma_clone+0x9a/0x500
[ 1155.160283][T28601]  should_failslab+0x9/0x20
[ 1155.164623][T28601]  slab_pre_alloc_hook+0x37/0xd0
[ 1155.169400][T28601]  ? anon_vma_clone+0x9a/0x500
[ 1155.173995][T28601]  kmem_cache_alloc+0x44/0x200
[ 1155.178596][T28601]  anon_vma_clone+0x9a/0x500
[ 1155.183028][T28601]  anon_vma_fork+0x91/0x4e0
[ 1155.187363][T28601]  ? anon_vma_name+0x43/0x70
[ 1155.191789][T28601]  ? vm_area_dup+0x17a/0x230
[ 1155.196218][T28601]  copy_mm+0xa3a/0x13e0
[ 1155.200211][T28601]  ? copy_signal+0x610/0x610
[ 1155.204632][T28601]  ? __init_rwsem+0xd6/0x1c0
[ 1155.209059][T28601]  ? copy_signal+0x4e3/0x610
[ 1155.213489][T28601]  copy_process+0x12bc/0x3260
[ 1155.218004][T28601]  ? proc_fail_nth_write+0x20b/0x290
[ 1155.223124][T28601]  ? fsnotify_perm+0x6a/0x5d0
[ 1155.227639][T28601]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1155.232585][T28601]  ? vfs_write+0x9ec/0x1110
[ 1155.236922][T28601]  kernel_clone+0x21e/0x9e0
[ 1155.241266][T28601]  ? file_end_write+0x1c0/0x1c0
[ 1155.245949][T28601]  ? create_io_thread+0x1e0/0x1e0
[ 1155.250810][T28601]  ? mutex_unlock+0xb2/0x260
[ 1155.255233][T28601]  ? __mutex_lock_slowpath+0x10/0x10
[ 1155.260365][T28601]  __x64_sys_clone+0x23f/0x290
[ 1155.264959][T28601]  ? __do_sys_vfork+0x130/0x130
[ 1155.269641][T28601]  ? ksys_write+0x260/0x2c0
[ 1155.273980][T28601]  ? debug_smp_processor_id+0x17/0x20
[ 1155.279193][T28601]  ? fpregs_assert_state_consistent+0xb6/0xe0
[ 1155.285089][T28601]  ? exit_to_user_mode_prepare+0x39/0xa0
[ 1155.290558][T28601]  do_syscall_64+0x3d/0xb0
[ 1155.294813][T28601]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1155.300538][T28601] RIP: 0033:0x7f7962f04ae9
[ 1155.304792][T28601] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 1155.324408][T28601] RSP: 002b:00007f7961c87078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1155.332650][T28601] RAX: ffffffffffffffda RBX: 00007f7963023f80 RCX: 00007f7962f04ae9
[ 1155.340465][T28601] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000075848400
[ 1155.348275][T28601] RBP: 00007f7961c87120 R08: 0000000000000000 R09: 0000000000000000
[ 1155.356088][T28601] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1155.364018][T28601] R13: 000000000000000b R14: 00007f7963023f80 R15: 00007ffde0e39ef8
[ 1155.371833][T28601]  </TASK>
01:16:30 executing program 5:
perf_event_open(&(0x7f0000000800)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async, rerun: 32)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0) (rerun: 32)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x5, 0x5, &(0x7f0000000000)=@framed={{}, [@alu={0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, @jmp={0x5, 0x0, 0x7, 0x0, 0x0, 0xfffffffffffffffe, 0xa0010000}], {0x95, 0x0, 0x0, 0x1a03d3}}, &(0x7f0000000100)='GPL\x00', 0x3, 0xfa, &(0x7f0000000140)=""/250}, 0x80)
perf_event_open(&(0x7f0000000040)={0x4, 0x80, 0x1, 0x5, 0x2, 0x9, 0x0, 0x100000001, 0x4060, 0x4, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x3, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x4, 0x4, @perf_config_ext={0x4, 0x8}, 0x18401, 0x607, 0x80000000, 0x8, 0x81, 0x10000, 0x8000, 0x0, 0x1, 0x0, 0x6}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x3)
ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x401c5820, 0x0)
r0 = syz_clone(0x8041400, 0x0, 0x0, 0x0, &(0x7f0000000a40), 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x0, 0x40, 0x80, 0x4, 0x0, 0x6, 0x402, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, @perf_bp={&(0x7f0000000300), 0x4}, 0x8b1a1, 0x4, 0x7, 0x0, 0x7fffffffffffffff, 0x0, 0x3, 0x0, 0xcfb, 0x0, 0x1f}, r0, 0x7, 0xffffffffffffffff, 0x8) (async)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r1=>0xffffffffffffffff})
recvmsg$unix(r1, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYRESOCT=r0, @ANYRES32=r0, @ANYBLOB="00000000664e1f3e070669334953398e90e3077dc8887c0f91f6ebe905ed81b6aec16cdbfc5425b2a2546bb70500000000000000de218383d30a53e44ef57228e8003011e786e9fe90000b77af65"], 0x18}, 0x0) (async)
r2 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3) (async, rerun: 32)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0) (rerun: 32)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r5)
r6 = openat$cgroup_ro(r3, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0) (async)
r7 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18c25fd1f45e9059827d3f7423e3b5d69cce000000000000000000"], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r2, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r3, r4, r5, 0xffffffffffffffff, r6, r7]}, 0x80) (async, rerun: 64)
perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x9, 0x1, 0xb4, 0x0, 0x0, 0x4, 0x10, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x3ff, 0x1}, 0x5500, 0x7f, 0x200, 0x7, 0x2, 0x6, 0x5, 0x0, 0xff, 0x0, 0x9}, r0, 0x10, r6, 0x2) (async, rerun: 64)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) (async)
perf_event_open$cgroup(&(0x7f0000000300)={0x3, 0x80, 0x1a, 0x0, 0x0, 0x0, 0x0, 0x7ff, 0x20a, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x4}, 0x81252, 0xfe2, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x6, 0x0, 0xa39}, 0xffffffffffffffff, 0xe, 0xffffffffffffffff, 0xc)

01:16:30 executing program 1:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x75848400, 0x0, 0x10fff, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000ec0)={0x1d, 0x0, 0x0, &(0x7f0000000280)='syzkaller\x00', 0x8e07, 0x9a, &(0x7f0000000d80)=""/154, 0x41100, 0x5, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0xfffffffffffffffc, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000e80)=[{}]}, 0x90)

01:16:30 executing program 0:
syz_clone(0x75848400, 0x0, 0xa002a0, 0x0, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00', r0}, 0x10)

01:16:30 executing program 4:
syz_clone(0x901000, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

01:16:30 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r0) (async)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0) (async)
r2 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18c25fd1f45e9059827d3f7423e3b5d69cce000000000000000000"], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[0xffffffffffffffff, 0xffffffffffffffff, r0, 0xffffffffffffffff, r1, r2]}, 0x80) (async)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='rdma.current\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) (async)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0) (async)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff) (async)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8) (async)
r3 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0) (async)
openat$cgroup_procs(r3, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r4 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4) (async)
r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r5)
r6 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r6) (async)
r7 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r7) (async)
openat$cgroup_ro(r5, 0x0, 0x0, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r4, 0x8, &(0x7f0000000240)={0xa}, 0x8}, 0x90) (async)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16) (async)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0) (async)
socketpair(0x0, 0x0, 0x0, 0x0) (async)
r8 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
close(r8)

01:16:31 executing program 2:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 64)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00'}, 0x10)

01:16:31 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r0) (async)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0)
r2 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18c25fd1f45e9059827d3f7423e3b5d69cce000000000000000000"], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[0xffffffffffffffff, 0xffffffffffffffff, r0, 0xffffffffffffffff, r1, r2]}, 0x80) (async)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='rdma.current\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) (async)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000280)='syz0\x00', 0x1ff) (async)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8) (async)
r3 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0) (async)
openat$cgroup_procs(r3, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0) (async)
r4 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r5) (async)
r6 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r6) (async)
r7 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r7) (async)
openat$cgroup_ro(r5, 0x0, 0x0, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r4, 0x8, &(0x7f0000000240)={0xa}, 0x8}, 0x90)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff) (async)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16) (async)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0) (async)
socketpair(0x0, 0x0, 0x0, 0x0)
r8 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
close(r8)

01:16:31 executing program 4:
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = syz_clone(0x8041400, 0x0, 0x0, 0x0, &(0x7f0000000a40), 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x0, 0x40, 0x80, 0x4, 0x0, 0x6, 0x402, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, @perf_bp={&(0x7f0000000300), 0x4}, 0x8b1a1, 0x4, 0x7, 0x0, 0x7fffffffffffffff, 0x0, 0x3, 0x0, 0xcfb, 0x0, 0x1f}, r0, 0x7, 0xffffffffffffffff, 0x8)
perf_event_open(&(0x7f00000000c0)={0x5, 0x80, 0xeb, 0x8, 0x0, 0x1, 0x0, 0xf3, 0x4002, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x7, 0x2, @perf_config_ext={0x5, 0x7ff}, 0x8e42, 0x8, 0x400, 0x7, 0xfffffffffffff705, 0x4, 0x7a, 0x0, 0x7, 0x0, 0x5}, 0xffffffffffffffff, 0x6, 0xffffffffffffffff, 0x0)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYRESOCT=r0, @ANYRES32=r0, @ANYBLOB="00000000664e1f3e070669334953398e90e3077dc8887c0f91f6ebe905ed81b6aec16cdbfc5425b2a2546bb70500000000000000de218383d30a53e44ef57228e8003011e786e9fe90000b77af65"], 0x18}, 0x0)
perf_event_open(&(0x7f0000000000)={0x4, 0x80, 0x81, 0x81, 0x3, 0x7f, 0x0, 0x9, 0x10, 0x8, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x2, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0xaec, 0x2, @perf_config_ext={0x1000}, 0x840, 0x1, 0x4, 0x3, 0x8, 0x7f, 0x23, 0x0, 0x5, 0x0, 0x8}, r0, 0x3, 0xffffffffffffffff, 0x1)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r5)
r6 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r6)
r7 = openat$cgroup_ro(r4, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0)
r8 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18c25fd1f45e9059827d3f7423e3b5d69cce000000000000000000"], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r4, r5, r6, 0xffffffffffffffff, r7, r8]}, 0x80)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a80)={0x18, 0xa, &(0x7f00000008c0)=ANY=[@ANYBLOB="e8ce629123c04b91a696f770180000000000808000000000ca0000001566e0ff0400000085100000fbffffff850000008900000018130000", @ANYRES32, @ANYBLOB="0000000000000000185700000400000000000000000000009500000000000000"], &(0x7f00000002c0)='GPL\x00', 0x3f, 0x86, &(0x7f0000000700)=""/134, 0x41100, 0x56, '\x00', 0x0, 0x0, r6, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000880)={0x1, 0x2, 0x2, 0x1f}, 0x10, 0x0, 0x0, 0x7, &(0x7f0000000940)=[0xffffffffffffffff], &(0x7f0000000980)=[{0x3, 0x3, 0xc, 0xc}, {0x0, 0x5, 0xd, 0x6}, {0x4, 0x2, 0xf, 0xa}, {0x4, 0x4, 0x0, 0x5}, {0x5, 0x3, 0x6, 0x5}, {0x3, 0x5, 0x10, 0x5}, {0x0, 0x3, 0x8, 0x2}], 0x10, 0x3}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000007c0)={0x6, 0xb, &(0x7f00000005c0)=@raw=[@map_idx_val={0x18, 0x6, 0x6, 0x0, 0x5, 0x0, 0x0, 0x0, 0x800}, @btf_id={0x18, 0xb, 0x3, 0x0, 0x4}, @cb_func={0x18, 0x0, 0x4, 0x0, 0x4}, @map_val={0x18, 0x3, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x6}, @ldst={0x1, 0x1, 0x1, 0x1, 0x3, 0x30, 0xfffffffffffffffc}, @alu={0x7, 0x1, 0x2, 0x7, 0x6, 0xfffffffffffffffc, 0x8}, @ldst={0x2, 0x3, 0x0, 0x8, 0x2, 0x100, 0x4}], &(0x7f00000002c0)='GPL\x00', 0x3, 0xa0, &(0x7f0000000700)=""/160, 0x41000, 0x46, '\x00', 0x0, 0x25, r3, 0x8, 0x0, 0x0, 0x10, &(0x7f00000003c0)={0x1, 0x3, 0x6, 0x40}, 0x10, 0x0, 0x0, 0x2, &(0x7f0000000540)=[r3, r2, r3], &(0x7f0000000640)=[{0x3, 0x3, 0x7, 0x8}, {0x0, 0x3, 0x0, 0x3}], 0x10, 0x9d}, 0x90)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r9 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r9)
r10 = openat$cgroup_ro(r2, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0)
r11 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18c25fd1f45e9059827d3f7423e3b5d69cce000000000000000000"], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r2, r3, r9, 0xffffffffffffffff, r10, r11]}, 0x80)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x8, 0x19, 0x20, 0x20, 0x0, 0xa3, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x9, 0x4, @perf_bp={&(0x7f0000000140), 0xf}, 0x19400, 0x5, 0x7, 0x9, 0x5, 0x0, 0x3, 0x0, 0x800, 0x0, 0x7}, 0xffffffffffffffff, 0x10, r10, 0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

01:16:31 executing program 1:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x75848400, 0x0, 0x20200, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000ec0)={0x1d, 0x0, 0x0, &(0x7f0000000280)='syzkaller\x00', 0x8e07, 0x9a, &(0x7f0000000d80)=""/154, 0x41100, 0x5, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0xfffffffffffffffc, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000e80)=[{}]}, 0x90)

01:16:31 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000000)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
openat$cgroup_ro(r2, 0x0, 0x0, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa}, 0x8}, 0x90)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0)
socketpair(0x0, 0x0, 0x0, 0x0)
r5 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
close(r5)

[ 1156.106381][T28632] FAULT_INJECTION: forcing a failure.
[ 1156.106381][T28632] name failslab, interval 1, probability 0, space 0, times 0
[ 1156.161326][T28632] CPU: 1 PID: 28632 Comm: syz-executor.2 Tainted: G    B   W         5.15.132-syzkaller-01173-g754f8cc9b7de #0
[ 1156.172884][T28632] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023
[ 1156.182794][T28632] Call Trace:
[ 1156.185922][T28632]  <TASK>
[ 1156.188682][T28632]  dump_stack_lvl+0x151/0x1b7
[ 1156.193198][T28632]  ? io_uring_drop_tctx_refs+0x190/0x190
[ 1156.198664][T28632]  dump_stack+0x15/0x17
[ 1156.202657][T28632]  should_fail+0x3c6/0x510
[ 1156.206909][T28632]  __should_failslab+0xa4/0xe0
[ 1156.211508][T28632]  ? vm_area_dup+0x26/0x230
[ 1156.215841][T28632]  should_failslab+0x9/0x20
[ 1156.220185][T28632]  slab_pre_alloc_hook+0x37/0xd0
[ 1156.224967][T28632]  ? vm_area_dup+0x26/0x230
[ 1156.229313][T28632]  kmem_cache_alloc+0x44/0x200
[ 1156.233898][T28632]  vm_area_dup+0x26/0x230
[ 1156.238073][T28632]  copy_mm+0x9a1/0x13e0
[ 1156.242060][T28632]  ? copy_signal+0x610/0x610
[ 1156.246483][T28632]  ? __init_rwsem+0xd6/0x1c0
[ 1156.250909][T28632]  ? copy_signal+0x4e3/0x610
[ 1156.255335][T28632]  copy_process+0x12bc/0x3260
[ 1156.259851][T28632]  ? proc_fail_nth_write+0x20b/0x290
[ 1156.264971][T28632]  ? fsnotify_perm+0x6a/0x5d0
[ 1156.269487][T28632]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[ 1156.274432][T28632]  ? vfs_write+0x9ec/0x1110
[ 1156.278768][T28632]  kernel_clone+0x21e/0x9e0
[ 1156.283111][T28632]  ? file_end_write+0x1c0/0x1c0
[ 1156.287797][T28632]  ? create_io_thread+0x1e0/0x1e0
[ 1156.292654][T28632]  ? mutex_unlock+0xb2/0x260
[ 1156.297082][T28632]  ? __mutex_lock_slowpath+0x10/0x10
[ 1156.302208][T28632]  __x64_sys_clone+0x23f/0x290
[ 1156.306803][T28632]  ? __do_sys_vfork+0x130/0x130
[ 1156.311487][T28632]  ? ksys_write+0x260/0x2c0
[ 1156.315829][T28632]  ? debug_smp_processor_id+0x17/0x20
[ 1156.321032][T28632]  ? fpregs_assert_state_consistent+0xb6/0xe0
[ 1156.326933][T28632]  ? exit_to_user_mode_prepare+0x39/0xa0
[ 1156.332401][T28632]  do_syscall_64+0x3d/0xb0
[ 1156.336657][T28632]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[ 1156.342382][T28632] RIP: 0033:0x7f7962f04ae9
[ 1156.346638][T28632] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 1156.366078][T28632] RSP: 002b:00007f7961c87078 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1156.374322][T28632] RAX: ffffffffffffffda RBX: 00007f7963023f80 RCX: 00007f7962f04ae9
[ 1156.382132][T28632] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000075848400
[ 1156.389944][T28632] RBP: 00007f7961c87120 R08: 0000000000000000 R09: 0000000000000000
[ 1156.397754][T28632] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
01:16:31 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) (async)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0) (async)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000000)='syz0\x00', 0x1ff) (async)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8) (async)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0) (async)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0) (async)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3) (async)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4) (async)
openat$cgroup_ro(r2, 0x0, 0x0, 0x0) (async)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa}, 0x8}, 0x90) (async)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff) (async)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0) (async)
socketpair(0x0, 0x0, 0x0, 0x0) (async)
r5 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
close(r5)

[ 1156.405565][T28632] R13: 000000000000000b R14: 00007f7963023f80 R15: 00007ffde0e39ef8
[ 1156.413383][T28632]  </TASK>
01:16:31 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000000)='syz0\x00', 0x1ff) (async)
mkdirat$cgroup(0xffffffffffffffff, &(0x7f0000000000)='syz0\x00', 0x1ff)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0) (async)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r2)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3) (async)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0) (async)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
openat$cgroup_ro(r2, 0x0, 0x0, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0) (async)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000240)={0xa}, 0x8}, 0x90)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff) (async)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16) (async)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x16)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0)
socketpair(0x0, 0x0, 0x0, 0x0) (async)
socketpair(0x0, 0x0, 0x0, 0x0)
r5 = perf_event_open(&(0x7f0000000b00)={0x2, 0x80, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
close(r5)

01:16:32 executing program 5:
perf_event_open(&(0x7f0000000800)={0x2, 0x80, 0xca, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x5, 0x5, &(0x7f0000000000)=@framed={{}, [@alu={0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, @jmp={0x5, 0x0, 0x7, 0x0, 0x0, 0xfffffffffffffffe, 0xa0010000}], {0x95, 0x0, 0x0, 0x1a03d3}}, &(0x7f0000000100)='GPL\x00', 0x3, 0xfa, &(0x7f0000000140)=""/250}, 0x80)
perf_event_open(&(0x7f0000000040)={0x4, 0x80, 0x1, 0x5, 0x2, 0x9, 0x0, 0x100000001, 0x4060, 0x4, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x3, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x4, 0x4, @perf_config_ext={0x4, 0x8}, 0x18401, 0x607, 0x80000000, 0x8, 0x81, 0x10000, 0x8000, 0x0, 0x1, 0x0, 0x6}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x3)
ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x401c5820, 0x0)
r0 = syz_clone(0x8041400, 0x0, 0x0, 0x0, &(0x7f0000000a40), 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x0, 0x40, 0x80, 0x4, 0x0, 0x6, 0x402, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, @perf_bp={&(0x7f0000000300), 0x4}, 0x8b1a1, 0x4, 0x7, 0x0, 0x7fffffffffffffff, 0x0, 0x3, 0x0, 0xcfb, 0x0, 0x1f}, r0, 0x7, 0xffffffffffffffff, 0x8)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r1=>0xffffffffffffffff})
recvmsg$unix(r1, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYRESOCT=r0, @ANYRES32=r0, @ANYBLOB="00000000664e1f3e070669334953398e90e3077dc8887c0f91f6ebe905ed81b6aec16cdbfc5425b2a2546bb70500000000000000de218383d30a53e44ef57228e8003011e786e9fe90000b77af65"], 0x18}, 0x0) (async)
r2 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200), 0x4)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r3)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r4)
r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000580)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r5) (async)
r6 = openat$cgroup_ro(r3, &(0x7f00000004c0)='io.stat\x00', 0x0, 0x0) (async)
r7 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x28}, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x2000000000000154, &(0x7f0000000500)=ANY=[@ANYBLOB="18c25fd1f45e9059827d3f7423e3b5d69cce000000000000000000"], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x67, &(0x7f0000000180)=""/103, 0x41000, 0x17, '\x00', 0x0, 0x0, r2, 0x8, &(0x7f0000000240)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000000280)={0x4, 0x3, 0xffffffff, 0xfffffffc}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000380)=[r3, r4, r5, 0xffffffffffffffff, r6, r7]}, 0x80) (async)
perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x9, 0x1, 0xb4, 0x0, 0x0, 0x4, 0x10, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x3ff, 0x1}, 0x5500, 0x7f, 0x200, 0x7, 0x2, 0x6, 0x5, 0x0, 0xff, 0x0, 0x9}, r0, 0x10, r6, 0x2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) (async, rerun: 32)
perf_event_open$cgroup(&(0x7f0000000300)={0x3, 0x80, 0x1a, 0x0, 0x0, 0x0, 0x0, 0x7ff, 0x20a, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x4}, 0x81252, 0xfe2, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x6, 0x0, 0xa39}, 0xffffffffffffffff, 0xe, 0xffffffffffffffff, 0xc) (rerun: 32)

01:16:32 executing program 1:
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0x75848400, 0x0, 0x3ffff, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000ec0)={0x1d, 0x0, 0x0, &(0x7f0000000280)='syzkaller\x00', 0x8e07, 0x9a, &(0x7f0000000d80)=""/154, 0x41100, 0x5, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0xfffffffffffffffc, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000e80)=[{}]}, 0x90)

01:16:32 executing program 4:
syz_clone(0x75848400, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
r0 = syz_clone(0x8041400, 0x0, 0x0, 0x0, &(0x7f0000000a40), 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x0, 0x40, 0x80, 0x4, 0x0, 0x6, 0x402,