206809][T26992]  ? perf_trace_event_init+0x347/0x950
[  307.212107][T26992]  dump_stack+0x15/0x17
[  307.216094][T26992]  should_fail+0x3c0/0x510
[  307.220356][T26992]  ? selinux_perf_event_alloc+0x51/0x140
[  307.225816][T26992]  __should_failslab+0x9f/0xe0
[  307.230422][T26992]  should_failslab+0x9/0x20
[  307.234857][T26992]  kmem_cache_alloc_trace+0x4a/0x310
[  307.239967][T26992]  selinux_perf_event_alloc+0x51/0x140
[  307.245259][T26992]  security_perf_event_alloc+0x50/0xb0
[  307.250552][T26992]  perf_event_alloc+0x186a/0x1a90
[  307.255416][T26992]  inherit_event+0xbb/0xbd0
[  307.259755][T26992]  inherit_task_group+0x2ad/0x650
[  307.264613][T26992]  perf_event_init_task+0x352/0x7a0
[  307.269742][T26992]  ? memset+0x35/0x40
[  307.273555][T26992]  ? perf_event_attrs+0x30/0x30
[  307.278245][T26992]  ? sched_fork+0x15f/0x7b0
[  307.282578][T26992]  copy_process+0x113f/0x3250
[  307.287093][T26992]  ? proc_fail_nth_write+0x213/0x290
[  307.292211][T26992]  ? proc_fail_nth_read+0x220/0x220
[  307.297246][T26992]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  307.302194][T26992]  ? vfs_write+0x9af/0x1050
[  307.306532][T26992]  ? vmacache_update+0xb7/0x120
[  307.311221][T26992]  kernel_clone+0x22d/0x990
[  307.315557][T26992]  ? file_end_write+0x1b0/0x1b0
[  307.320244][T26992]  ? __kasan_check_write+0x14/0x20
[  307.325223][T26992]  ? create_io_thread+0x1e0/0x1e0
[  307.330143][T26992]  ? __mutex_lock_slowpath+0x10/0x10
[  307.335269][T26992]  __x64_sys_clone+0x289/0x310
[  307.339864][T26992]  ? __do_sys_vfork+0x130/0x130
[  307.344548][T26992]  ? debug_smp_processor_id+0x17/0x20
[  307.349756][T26992]  do_syscall_64+0x44/0xd0
[  307.354010][T26992]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  307.359740][T26992] RIP: 0033:0x7f13408790c9
[  307.363991][T26992] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  307.383434][T26992] RSP: 002b:00007f133f5ec118 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  307.391805][T26992] RAX: ffffffffffffffda RBX: 00007f1340998f80 RCX: 00007f13408790c9
18:06:26 executing program 1:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 22)

18:06:26 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0xc, 0x11, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x8000}, [@kfunc={0x85, 0x0, 0x2, 0x0, 0x2}, @map_idx={0x18, 0x5, 0x5, 0x0, 0x3}, @initr0={0x18, 0x0, 0x0, 0x0, 0x8e, 0x0, 0x0, 0x0, 0x5}, @alu={0x7, 0x0, 0x7, 0x4, 0x0, 0xfffffffffffffff4, 0xfffffffffffffffc}, @initr0={0x18, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x29c3}, @ldst={0x3, 0x0, 0x0, 0x3, 0x8, 0xfffffffffffffffe, 0xfffffffffffffffc}, @exit, @map_idx_val={0x18, 0x7, 0x6, 0x0, 0x6, 0x0, 0x0, 0x0, 0x3}, @btf_id={0x18, 0x1, 0x3, 0x0, 0x5}]}, &(0x7f0000000100)='syzkaller\x00', 0x0, 0x9b, &(0x7f0000000140)=""/155, 0x41000, 0x1d, '\x00', 0x0, 0x18, r0, 0x8, &(0x7f0000000200)={0x9, 0x2}, 0x8, 0x10, &(0x7f0000000240)={0x0, 0x3, 0x4, 0x7}, 0x10, 0x0, r0}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN_UNNAMED(0x11, &(0x7f0000000300)={0x0, r1}, 0x10) (async)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0)

18:06:26 executing program 2:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x29c1b4828000, 0x0, 0x0, 0x0, 0x0, 0x0)

18:06:26 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x88)
close(r2)

[  307.399609][T26992] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  307.407439][T26992] RBP: 00007f133f5ec1d0 R08: 0000000000000000 R09: 0000000000000000
[  307.415237][T26992] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  307.423053][T26992] R13: 00007ffcbc4c66ef R14: 00007f133f5ec300 R15: 0000000000022000
[  307.430974][T26992]  </TASK>
18:06:26 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x0, 0x0, 0xa2, 0x80001, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200, 0x1, @perf_bp={&(0x7f0000000100)}, 0x80000, 0xbcf7, 0x3, 0x2, 0x1b8, 0x5, 0x0, 0x0, 0x8, 0x0, 0x51}, 0xffffffffffffffff, 0xe, r0, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

18:06:26 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0)
r1 = getpid()
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN_UNNAMED(0x11, &(0x7f0000000100)={0x0, r0}, 0x10)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x8, 0x5a, 0x8, 0x0, 0x0, 0x100000001, 0x800, 0x6, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x10001, 0x4, @perf_bp={&(0x7f0000000000), 0x7}, 0x4000, 0x7, 0x9, 0x3, 0x5, 0x9, 0x5, 0x0, 0x80000001, 0x0, 0x7}, r1, 0x6, r2, 0x8)
r3 = perf_event_open$cgroup(&(0x7f0000000180)={0x2, 0x80, 0x6, 0x3, 0x3, 0xfd, 0x0, 0xac25, 0xa0202, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x3, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x8, 0x0, @perf_config_ext={0x9, 0x400000000659}, 0x5041, 0xa9, 0x81, 0x8, 0x4, 0x9, 0x4, 0x0, 0x8000, 0x0, 0x1}, r0, 0x1, r2, 0x6)
ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x40082404, &(0x7f0000000200)=0xffff)

18:06:26 executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x4, 0x0, 0x4, 0x0, 0xc04}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000500)={0xffffffffffffffff, 0xe0, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000240)=[0x0, 0x0, 0x0], ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0x1, 0x9, &(0x7f0000000280)=[0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000700)=[{}, {}], 0x10, 0x10, &(0x7f0000000340), &(0x7f0000000380), 0x8, 0x10, 0x8, 0x8, &(0x7f00000003c0)}}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000004000f008000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0x2, 0x101, 0x720be703, 0x1000, 0xf1, r0, 0x80000000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1}, 0x48)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x4030582a, &(0x7f0000000040))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x5, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffff956, 0x0, 0x0, 0x0, 0x9}, [@map_fd={0x18, 0x6, 0x1, 0x0, r0}]}, &(0x7f0000000140)='syzkaller\x00', 0x400, 0xbc, &(0x7f0000000180)=""/188, 0x40f00, 0x2, '\x00', r1, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000540)={0x5}, 0x8, 0x10, &(0x7f0000000580)={0x0, 0x0, 0x28, 0x3f}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000640)=[0xffffffffffffffff, r2, r0, r0, r0, r0, r3, r0, r0]}, 0x80)

18:06:26 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0)
r1 = getpid() (async)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN_UNNAMED(0x11, &(0x7f0000000100)={0x0, r0}, 0x10)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x8, 0x5a, 0x8, 0x0, 0x0, 0x100000001, 0x800, 0x6, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x10001, 0x4, @perf_bp={&(0x7f0000000000), 0x7}, 0x4000, 0x7, 0x9, 0x3, 0x5, 0x9, 0x5, 0x0, 0x80000001, 0x0, 0x7}, r1, 0x6, r2, 0x8) (async)
r3 = perf_event_open$cgroup(&(0x7f0000000180)={0x2, 0x80, 0x6, 0x3, 0x3, 0xfd, 0x0, 0xac25, 0xa0202, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x3, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x8, 0x0, @perf_config_ext={0x9, 0x400000000659}, 0x5041, 0xa9, 0x81, 0x8, 0x4, 0x9, 0x4, 0x0, 0x8000, 0x0, 0x1}, r0, 0x1, r2, 0x6)
ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x40082404, &(0x7f0000000200)=0xffff)

[  307.498618][T27018] FAULT_INJECTION: forcing a failure.
[  307.498618][T27018] name failslab, interval 1, probability 0, space 0, times 0
[  307.521222][T27018] CPU: 0 PID: 27018 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0
[  307.531298][T27018] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[  307.541194][T27018] Call Trace:
[  307.544317][T27018]  <TASK>
18:06:26 executing program 2:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x553a250e6000, 0x0, 0x0, 0x0, 0x0, 0x0)

[  307.547097][T27018]  dump_stack_lvl+0x151/0x1b7
[  307.551612][T27018]  ? bfq_pos_tree_add_move+0x43e/0x43e
[  307.556907][T27018]  dump_stack+0x15/0x17
[  307.560890][T27018]  should_fail+0x3c0/0x510
[  307.565146][T27018]  __should_failslab+0x9f/0xe0
[  307.569741][T27018]  should_failslab+0x9/0x20
[  307.574081][T27018]  kmem_cache_alloc+0x4f/0x2f0
[  307.578684][T27018]  ? vm_area_dup+0x26/0x1d0
[  307.583019][T27018]  ? __kasan_check_read+0x11/0x20
[  307.587884][T27018]  vm_area_dup+0x26/0x1d0
[  307.592135][T27018]  dup_mmap+0x6b8/0xea0
[  307.596136][T27018]  ? __delayed_free_task+0x20/0x20
[  307.601191][T27018]  ? mm_init+0x807/0x960
[  307.605267][T27018]  dup_mm+0x91/0x330
[  307.608999][T27018]  copy_mm+0x108/0x1b0
[  307.612922][T27018]  copy_process+0x1295/0x3250
[  307.617417][T27018]  ? proc_fail_nth_write+0x213/0x290
[  307.622655][T27018]  ? proc_fail_nth_read+0x220/0x220
[  307.627698][T27018]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  307.632627][T27018]  ? vfs_write+0x9af/0x1050
[  307.636970][T27018]  ? vmacache_update+0xb7/0x120
[  307.641652][T27018]  kernel_clone+0x22d/0x990
[  307.645990][T27018]  ? file_end_write+0x1b0/0x1b0
[  307.650678][T27018]  ? __kasan_check_write+0x14/0x20
[  307.655626][T27018]  ? create_io_thread+0x1e0/0x1e0
[  307.660484][T27018]  ? __mutex_lock_slowpath+0x10/0x10
[  307.665705][T27018]  __x64_sys_clone+0x289/0x310
[  307.670297][T27018]  ? __do_sys_vfork+0x130/0x130
[  307.675067][T27018]  ? debug_smp_processor_id+0x17/0x20
[  307.680274][T27018]  do_syscall_64+0x44/0xd0
[  307.684529][T27018]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  307.690258][T27018] RIP: 0033:0x7f13408790c9
[  307.694510][T27018] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  307.713950][T27018] RSP: 002b:00007f133f5ec118 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  307.722196][T27018] RAX: ffffffffffffffda RBX: 00007f1340998f80 RCX: 00007f13408790c9
[  307.730268][T27018] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  307.738096][T27018] RBP: 00007f133f5ec1d0 R08: 0000000000000000 R09: 0000000000000000
18:06:27 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0xe8)
close(r2)

18:06:27 executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x4, 0x0, 0x4, 0x0, 0xc04}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000500)={0xffffffffffffffff, 0xe0, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000240)=[0x0, 0x0, 0x0], ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0x1, 0x9, &(0x7f0000000280)=[0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000700)=[{}, {}], 0x10, 0x10, &(0x7f0000000340), &(0x7f0000000380), 0x8, 0x10, 0x8, 0x8, &(0x7f00000003c0)}}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000004000f008000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0x2, 0x101, 0x720be703, 0x1000, 0xf1, r0, 0x80000000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1}, 0x48)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x4030582a, &(0x7f0000000040))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x5, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffff956, 0x0, 0x0, 0x0, 0x9}, [@map_fd={0x18, 0x6, 0x1, 0x0, r0}]}, &(0x7f0000000140)='syzkaller\x00', 0x400, 0xbc, &(0x7f0000000180)=""/188, 0x40f00, 0x2, '\x00', r1, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000540)={0x5}, 0x8, 0x10, &(0x7f0000000580)={0x0, 0x0, 0x28, 0x3f}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000640)=[0xffffffffffffffff, r2, r0, r0, r0, r0, r3, r0, r0]}, 0x80)

18:06:27 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0x0, 0x80001, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200, 0x1, @perf_bp={&(0x7f0000000100)}, 0x80000, 0xbcf7, 0x3, 0x2, 0x1b8, 0x5, 0x0, 0x0, 0x8, 0x0, 0x51}, 0xffffffffffffffff, 0xe, r0, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

18:06:27 executing program 1:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 23)

18:06:27 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0)
r1 = getpid()
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN_UNNAMED(0x11, &(0x7f0000000100)={0x0, r0}, 0x10)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x8, 0x5a, 0x8, 0x0, 0x0, 0x100000001, 0x800, 0x6, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x10001, 0x4, @perf_bp={&(0x7f0000000000), 0x7}, 0x4000, 0x7, 0x9, 0x3, 0x5, 0x9, 0x5, 0x0, 0x80000001, 0x0, 0x7}, r1, 0x6, r2, 0x8)
r3 = perf_event_open$cgroup(&(0x7f0000000180)={0x2, 0x80, 0x6, 0x3, 0x3, 0xfd, 0x0, 0xac25, 0xa0202, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x3, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x8, 0x0, @perf_config_ext={0x9, 0x400000000659}, 0x5041, 0xa9, 0x81, 0x8, 0x4, 0x9, 0x4, 0x0, 0x8000, 0x0, 0x1}, r0, 0x1, r2, 0x6)
ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x40082404, &(0x7f0000000200)=0xffff)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0) (async)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0) (async)
getpid() (async)
bpf$BPF_RAW_TRACEPOINT_OPEN_UNNAMED(0x11, &(0x7f0000000100)={0x0, r0}, 0x10) (async)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x8, 0x5a, 0x8, 0x0, 0x0, 0x100000001, 0x800, 0x6, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x10001, 0x4, @perf_bp={&(0x7f0000000000), 0x7}, 0x4000, 0x7, 0x9, 0x3, 0x5, 0x9, 0x5, 0x0, 0x80000001, 0x0, 0x7}, r1, 0x6, r2, 0x8) (async)
perf_event_open$cgroup(&(0x7f0000000180)={0x2, 0x80, 0x6, 0x3, 0x3, 0xfd, 0x0, 0xac25, 0xa0202, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x3, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x8, 0x0, @perf_config_ext={0x9, 0x400000000659}, 0x5041, 0xa9, 0x81, 0x8, 0x4, 0x9, 0x4, 0x0, 0x8000, 0x0, 0x1}, r0, 0x1, r2, 0x6) (async)
ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x40082404, &(0x7f0000000200)=0xffff) (async)

[  307.745891][T27018] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  307.753738][T27018] R13: 00007ffcbc4c66ef R14: 00007f133f5ec300 R15: 0000000000022000
[  307.761601][T27018]  </TASK>
18:06:27 executing program 2:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x2001000000000, 0x0, 0x0, 0x0, 0x0, 0x0)

18:06:27 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x106)
close(r2)

[  307.812709][T27043] FAULT_INJECTION: forcing a failure.
[  307.812709][T27043] name failslab, interval 1, probability 0, space 0, times 0
[  307.827571][T27043] CPU: 0 PID: 27043 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0
[  307.837659][T27043] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[  307.847548][T27043] Call Trace:
[  307.850664][T27043]  <TASK>
[  307.853442][T27043]  dump_stack_lvl+0x151/0x1b7
18:06:27 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x13a)
close(r2)

18:06:27 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x1b2)
close(r2)

[  307.857959][T27043]  ? bfq_pos_tree_add_move+0x43e/0x43e
[  307.863256][T27043]  dump_stack+0x15/0x17
[  307.867241][T27043]  should_fail+0x3c0/0x510
[  307.871509][T27043]  __should_failslab+0x9f/0xe0
[  307.876097][T27043]  should_failslab+0x9/0x20
[  307.880438][T27043]  kmem_cache_alloc+0x4f/0x2f0
[  307.885035][T27043]  ? perf_event_alloc+0x11e/0x1a90
[  307.889984][T27043]  perf_event_alloc+0x11e/0x1a90
[  307.894756][T27043]  ? __kasan_check_write+0x14/0x20
[  307.899704][T27043]  ? mutex_unlock+0xa2/0x110
[  307.904128][T27043]  ? __mutex_lock_slowpath+0x10/0x10
18:06:27 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x212)
close(r2)

18:06:27 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x22e)
close(r2)

[  307.909252][T27043]  inherit_event+0xbb/0xbd0
[  307.913589][T27043]  inherit_task_group+0x2ad/0x650
[  307.918450][T27043]  perf_event_init_task+0x352/0x7a0
[  307.923491][T27043]  ? memset+0x35/0x40
[  307.927308][T27043]  ? perf_event_attrs+0x30/0x30
[  307.931985][T27043]  ? sched_fork+0x15f/0x7b0
[  307.936326][T27043]  copy_process+0x113f/0x3250
[  307.940843][T27043]  ? proc_fail_nth_write+0x213/0x290
[  307.945971][T27043]  ? proc_fail_nth_read+0x220/0x220
[  307.951003][T27043]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  307.955940][T27043]  ? vfs_write+0x9af/0x1050
18:06:27 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x281)
close(r2)

18:06:27 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x2d4)
close(r2)

[  307.960368][T27043]  ? vmacache_update+0xb7/0x120
[  307.965164][T27043]  kernel_clone+0x22d/0x990
[  307.969489][T27043]  ? file_end_write+0x1b0/0x1b0
[  307.974177][T27043]  ? __kasan_check_write+0x14/0x20
[  307.979127][T27043]  ? create_io_thread+0x1e0/0x1e0
[  307.983986][T27043]  ? __mutex_lock_slowpath+0x10/0x10
[  307.989211][T27043]  __x64_sys_clone+0x289/0x310
[  307.993803][T27043]  ? __do_sys_vfork+0x130/0x130
[  307.998481][T27043]  ? debug_smp_processor_id+0x17/0x20
[  308.003687][T27043]  do_syscall_64+0x44/0xd0
[  308.007935][T27043]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  308.013668][T27043] RIP: 0033:0x7f13408790c9
[  308.017922][T27043] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  308.037815][T27043] RSP: 002b:00007f133f5ec118 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  308.046170][T27043] RAX: ffffffffffffffda RBX: 00007f1340998f80 RCX: 00007f13408790c9
[  308.054134][T27043] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
18:06:27 executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x4, 0x0, 0x4, 0x0, 0xc04}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000500)={0xffffffffffffffff, 0xe0, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000240)=[0x0, 0x0, 0x0], ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0x1, 0x9, &(0x7f0000000280)=[0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000700)=[{}, {}], 0x10, 0x10, &(0x7f0000000340), &(0x7f0000000380), 0x8, 0x10, 0x8, 0x8, &(0x7f00000003c0)}}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000004000f008000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0x2, 0x101, 0x720be703, 0x1000, 0xf1, r0, 0x80000000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1}, 0x48)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x4030582a, &(0x7f0000000040))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x5, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffff956, 0x0, 0x0, 0x0, 0x9}, [@map_fd={0x18, 0x6, 0x1, 0x0, r0}]}, &(0x7f0000000140)='syzkaller\x00', 0x400, 0xbc, &(0x7f0000000180)=""/188, 0x40f00, 0x2, '\x00', r1, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000540)={0x5, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000640)=[0xffffffffffffffff, r2, r0, r0, r0, r0, r3, r0, r0]}, 0x80)

18:06:27 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x300)
close(r2)

18:06:27 executing program 1:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 24)

18:06:27 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0x0, 0x80001, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200, 0x1, @perf_bp={&(0x7f0000000100)}, 0x80000, 0xbcf7, 0x3, 0x2, 0x1b8, 0x5, 0x0, 0x0, 0x8, 0x0, 0x51}, 0xffffffffffffffff, 0xe, r0, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

[  308.061953][T27043] RBP: 00007f133f5ec1d0 R08: 0000000000000000 R09: 0000000000000000
[  308.069763][T27043] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  308.077675][T27043] R13: 00007ffcbc4c66ef R14: 00007f133f5ec300 R15: 0000000000022000
[  308.085474][T27043]  </TASK>
[  308.136912][T27067] FAULT_INJECTION: forcing a failure.
[  308.136912][T27067] name failslab, interval 1, probability 0, space 0, times 0
[  308.151007][T27067] CPU: 0 PID: 27067 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0
[  308.161176][T27067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[  308.171062][T27067] Call Trace:
[  308.174193][T27067]  <TASK>
[  308.177153][T27067]  dump_stack_lvl+0x151/0x1b7
[  308.181648][T27067]  ? bfq_pos_tree_add_move+0x43e/0x43e
[  308.187150][T27067]  ? do_syscall_64+0x44/0xd0
[  308.191646][T27067]  dump_stack+0x15/0x17
[  308.195715][T27067]  should_fail+0x3c0/0x510
[  308.200205][T27067]  __should_failslab+0x9f/0xe0
[  308.204768][T27067]  should_failslab+0x9/0x20
[  308.209106][T27067]  kmem_cache_alloc+0x4f/0x2f0
[  308.213794][T27067]  ? anon_vma_clone+0xa1/0x4f0
[  308.218396][T27067]  anon_vma_clone+0xa1/0x4f0
[  308.222992][T27067]  anon_vma_fork+0x91/0x4f0
[  308.227330][T27067]  ? anon_vma_name+0x4c/0x70
[  308.231756][T27067]  dup_mmap+0x750/0xea0
[  308.235751][T27067]  ? __delayed_free_task+0x20/0x20
[  308.240695][T27067]  ? mm_init+0x807/0x960
[  308.244785][T27067]  dup_mm+0x91/0x330
[  308.248519][T27067]  copy_mm+0x108/0x1b0
[  308.252414][T27067]  copy_process+0x1295/0x3250
[  308.256928][T27067]  ? proc_fail_nth_write+0x213/0x290
[  308.262047][T27067]  ? proc_fail_nth_read+0x220/0x220
[  308.267087][T27067]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  308.272049][T27067]  ? vfs_write+0x9af/0x1050
[  308.276395][T27067]  ? vmacache_update+0xb7/0x120
[  308.281057][T27067]  kernel_clone+0x22d/0x990
[  308.285490][T27067]  ? file_end_write+0x1b0/0x1b0
[  308.290181][T27067]  ? __kasan_check_write+0x14/0x20
[  308.296469][T27067]  ? create_io_thread+0x1e0/0x1e0
[  308.301324][T27067]  ? __mutex_lock_slowpath+0x10/0x10
[  308.306442][T27067]  __x64_sys_clone+0x289/0x310
[  308.311043][T27067]  ? __do_sys_vfork+0x130/0x130
[  308.315834][T27067]  ? debug_smp_processor_id+0x17/0x20
[  308.321029][T27067]  do_syscall_64+0x44/0xd0
[  308.325389][T27067]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  308.331117][T27067] RIP: 0033:0x7f13408790c9
[  308.335375][T27067] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  308.355162][T27067] RSP: 002b:00007f133f5ec118 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  308.363415][T27067] RAX: ffffffffffffffda RBX: 00007f1340998f80 RCX: 00007f13408790c9
[  308.371217][T27067] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  308.379026][T27067] RBP: 00007f133f5ec1d0 R08: 0000000000000000 R09: 0000000000000000
[  308.386860][T27067] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  308.395280][T27067] R13: 00007ffcbc4c66ef R14: 00007f133f5ec300 R15: 0000000000022000
[  308.403091][T27067]  </TASK>
[  309.123324][ T1056] device bridge_slave_1 left promiscuous mode
[  309.129247][ T1056] bridge0: port 2(bridge_slave_1) entered disabled state
[  309.136780][ T1056] device bridge_slave_0 left promiscuous mode
[  309.142717][ T1056] bridge0: port 1(bridge_slave_0) entered disabled state
[  309.150274][ T1056] device veth1_macvtap left promiscuous mode
[  309.156138][ T1056] device veth0_vlan left promiscuous mode
[  309.563973][T27074] bridge0: port 1(bridge_slave_0) entered blocking state
[  309.570821][T27074] bridge0: port 1(bridge_slave_0) entered disabled state
[  309.578322][T27074] device bridge_slave_0 entered promiscuous mode
[  309.585227][T27074] bridge0: port 2(bridge_slave_1) entered blocking state
[  309.592057][T27074] bridge0: port 2(bridge_slave_1) entered disabled state
[  309.599473][T27074] device bridge_slave_1 entered promiscuous mode
[  309.635210][T27074] bridge0: port 2(bridge_slave_1) entered blocking state
[  309.642056][T27074] bridge0: port 2(bridge_slave_1) entered forwarding state
[  309.649229][T27074] bridge0: port 1(bridge_slave_0) entered blocking state
[  309.656110][T27074] bridge0: port 1(bridge_slave_0) entered forwarding state
[  309.673325][  T463] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  309.680790][  T463] bridge0: port 1(bridge_slave_0) entered disabled state
[  309.688188][  T463] bridge0: port 2(bridge_slave_1) entered disabled state
[  309.703749][  T463] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  309.711657][  T463] bridge0: port 1(bridge_slave_0) entered blocking state
[  309.718417][  T463] bridge0: port 1(bridge_slave_0) entered forwarding state
[  309.725779][  T463] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  309.733863][  T463] bridge0: port 2(bridge_slave_1) entered blocking state
[  309.740685][  T463] bridge0: port 2(bridge_slave_1) entered forwarding state
[  309.747953][  T463] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  309.755747][  T463] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  309.767427][ T1272] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  309.778199][T27074] device veth0_vlan entered promiscuous mode
[  309.784372][  T475] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  309.792226][  T475] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  309.799738][  T475] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  309.811155][T27074] device veth1_macvtap entered promiscuous mode
[  309.817949][ T4587] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
18:06:29 executing program 2:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x2020000000000, 0x0, 0x0, 0x0, 0x0, 0x0)

18:06:29 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0)
r1 = openat$cgroup(r0, &(0x7f0000000000)='syz0\x00', 0x200002, 0x0)
openat$cgroup_ro(r1, &(0x7f0000000040)='cpuacct.usage_percpu\x00', 0x0, 0x0)

18:06:29 executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x4, 0x0, 0x4, 0x0, 0xc04}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000500)={0xffffffffffffffff, 0xe0, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000240)=[0x0, 0x0, 0x0], ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0x1, 0x9, &(0x7f0000000280)=[0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000700)=[{}, {}], 0x10, 0x10, &(0x7f0000000340), &(0x7f0000000380), 0x8, 0x10, 0x8, 0x8, &(0x7f00000003c0)}}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000004000f008000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0x2, 0x101, 0x720be703, 0x1000, 0xf1, r0, 0x80000000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1}, 0x48)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x4030582a, &(0x7f0000000040))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x5, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffff956, 0x0, 0x0, 0x0, 0x9}, [@map_fd={0x18, 0x6, 0x1, 0x0, r0}]}, &(0x7f0000000140)='syzkaller\x00', 0x400, 0xbc, &(0x7f0000000180)=""/188, 0x40f00, 0x2, '\x00', r1, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000540)={0x5, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000640)=[0xffffffffffffffff, r2, r0, r0, r0, r0, r3, r0, r0]}, 0x80)

18:06:29 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x304)
close(r2)

18:06:29 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0x0, 0x80001, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200, 0x1, @perf_bp={&(0x7f0000000100)}, 0x80000, 0xbcf7, 0x3, 0x2, 0x1b8, 0x5, 0x0, 0x0, 0x8, 0x0, 0x51}, 0xffffffffffffffff, 0xe, r0, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

18:06:29 executing program 1:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 25)

18:06:29 executing program 2:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x8000000000000, 0x0, 0x0, 0x0, 0x0, 0x0)

18:06:29 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0) (async)
r1 = openat$cgroup(r0, &(0x7f0000000000)='syz0\x00', 0x200002, 0x0)
openat$cgroup_ro(r1, &(0x7f0000000040)='cpuacct.usage_percpu\x00', 0x0, 0x0)

[  309.830579][ T1272] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  309.839160][ T1272] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
18:06:29 executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x4, 0x0, 0x4, 0x0, 0xc04}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000500)={0xffffffffffffffff, 0xe0, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000240)=[0x0, 0x0, 0x0], ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0x1, 0x9, &(0x7f0000000280)=[0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000700)=[{}, {}], 0x10, 0x10, &(0x7f0000000340), &(0x7f0000000380), 0x8, 0x10, 0x8, 0x8, &(0x7f00000003c0)}}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000004000f008000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0x2, 0x101, 0x720be703, 0x1000, 0xf1, r0, 0x80000000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1}, 0x48)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x4030582a, &(0x7f0000000040))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x5, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffff956, 0x0, 0x0, 0x0, 0x9}, [@map_fd={0x18, 0x6, 0x1, 0x0, r0}]}, &(0x7f0000000140)='syzkaller\x00', 0x400, 0xbc, &(0x7f0000000180)=""/188, 0x40f00, 0x2, '\x00', r1, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000540)={0x5, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000640)=[0xffffffffffffffff, r2, r0, r0, r0, r0, r3, r0, r0]}, 0x80)

18:06:29 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200, 0x1, @perf_bp={&(0x7f0000000100)}, 0x80000, 0xbcf7, 0x3, 0x2, 0x1b8, 0x5, 0x0, 0x0, 0x8, 0x0, 0x51}, 0xffffffffffffffff, 0xe, r0, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

18:06:29 executing program 2:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x10100000000000, 0x0, 0x0, 0x0, 0x0, 0x0)

18:06:29 executing program 2:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x600e253a550000, 0x0, 0x0, 0x0, 0x0, 0x0)

[  309.907798][T27092] FAULT_INJECTION: forcing a failure.
[  309.907798][T27092] name failslab, interval 1, probability 0, space 0, times 0
[  309.920323][T27092] CPU: 0 PID: 27092 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0
[  309.930490][T27092] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[  309.940462][T27092] Call Trace:
[  309.943586][T27092]  <TASK>
[  309.946369][T27092]  dump_stack_lvl+0x151/0x1b7
[  309.950883][T27092]  ? bfq_pos_tree_add_move+0x43e/0x43e
[  309.956169][T27092]  dump_stack+0x15/0x17
[  309.960159][T27092]  should_fail+0x3c0/0x510
[  309.964411][T27092]  __should_failslab+0x9f/0xe0
[  309.969012][T27092]  should_failslab+0x9/0x20
[  309.973448][T27092]  kmem_cache_alloc+0x4f/0x2f0
[  309.978047][T27092]  ? anon_vma_fork+0x1b9/0x4f0
[  309.982652][T27092]  anon_vma_fork+0x1b9/0x4f0
[  309.987247][T27092]  dup_mmap+0x750/0xea0
[  309.991239][T27092]  ? __delayed_free_task+0x20/0x20
[  309.996191][T27092]  ? mm_init+0x807/0x960
[  310.000267][T27092]  dup_mm+0x91/0x330
[  310.003998][T27092]  copy_mm+0x108/0x1b0
[  310.007908][T27092]  copy_process+0x1295/0x3250
[  310.012424][T27092]  ? proc_fail_nth_write+0x213/0x290
[  310.017803][T27092]  ? proc_fail_nth_read+0x220/0x220
[  310.022831][T27092]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  310.027774][T27092]  ? vfs_write+0x9af/0x1050
[  310.032113][T27092]  ? vmacache_update+0xb7/0x120
[  310.036799][T27092]  kernel_clone+0x22d/0x990
[  310.041143][T27092]  ? file_end_write+0x1b0/0x1b0
[  310.045837][T27092]  ? __kasan_check_write+0x14/0x20
[  310.050786][T27092]  ? create_io_thread+0x1e0/0x1e0
[  310.055633][T27092]  ? __mutex_lock_slowpath+0x10/0x10
[  310.060761][T27092]  __x64_sys_clone+0x289/0x310
[  310.065386][T27092]  ? __do_sys_vfork+0x130/0x130
[  310.070043][T27092]  ? debug_smp_processor_id+0x17/0x20
[  310.075252][T27092]  do_syscall_64+0x44/0xd0
[  310.079502][T27092]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  310.085227][T27092] RIP: 0033:0x7f13408790c9
[  310.090535][T27092] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  310.109966][T27092] RSP: 002b:00007f133f5ec118 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  310.118209][T27092] RAX: ffffffffffffffda RBX: 00007f1340998f80 RCX: 00007f13408790c9
[  310.126025][T27092] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  310.133833][T27092] RBP: 00007f133f5ec1d0 R08: 0000000000000000 R09: 0000000000000000
[  310.141731][T27092] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  310.149543][T27092] R13: 00007ffcbc4c66ef R14: 00007f133f5ec300 R15: 0000000000022000
18:06:29 executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x4, 0x0, 0x4, 0x0, 0xc04}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000500)={0xffffffffffffffff, 0xe0, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000240)=[0x0, 0x0, 0x0], ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0x1, 0x9, &(0x7f0000000280)=[0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000700)=[{}, {}], 0x10, 0x10, &(0x7f0000000340), &(0x7f0000000380), 0x8, 0x10, 0x8, 0x8, &(0x7f00000003c0)}}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000004000f008000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0x2, 0x101, 0x720be703, 0x1000, 0xf1, r0, 0x80000000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1}, 0x48)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x4030582a, &(0x7f0000000040))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x5, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffff956, 0x0, 0x0, 0x0, 0x9}, [@map_fd={0x18, 0x6, 0x1, 0x0, r0}]}, &(0x7f0000000140)='syzkaller\x00', 0x400, 0xbc, &(0x7f0000000180)=""/188, 0x40f00, 0x2, '\x00', r1, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000540)={0x5, 0x2}, 0x8, 0x10, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x3f}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000640)=[0xffffffffffffffff, r2, r0, r0, r0, r0, r3, r0, r0]}, 0x80)

18:06:29 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0) (async, rerun: 64)
r1 = openat$cgroup(r0, &(0x7f0000000000)='syz0\x00', 0x200002, 0x0) (rerun: 64)
openat$cgroup_ro(r1, &(0x7f0000000040)='cpuacct.usage_percpu\x00', 0x0, 0x0)

18:06:29 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x3a9)
close(r2)

18:06:29 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200, 0x1, @perf_bp={&(0x7f0000000100)}, 0x80000, 0xbcf7, 0x3, 0x2, 0x1b8, 0x5, 0x0, 0x0, 0x8, 0x0, 0x51}, 0xffffffffffffffff, 0xe, r0, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

18:06:29 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
openat$cgroup_subtree(r0, &(0x7f0000000440), 0x2, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)
r3 = openat$cgroup_ro(r1, &(0x7f0000000180)='blkio.bfq.io_queued\x00', 0x0, 0x0)
openat$cgroup_ro(r0, &(0x7f0000000000)='blkio.bfq.io_wait_time_recursive\x00', 0x0, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
openat$cgroup_ro(r3, &(0x7f0000000480)='blkio.bfq.io_service_bytes_recursive\x00', 0x0, 0x0)
r5 = openat$cgroup_ro(r4, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000004000000000000000000850000000f000000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, r5, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
ioctl$TUNSETIFINDEX(r5, 0x400454da, &(0x7f0000000280))
mkdirat$cgroup(r5, &(0x7f00000001c0)='syz0\x00', 0x1ff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0)
r6 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000300)=0xffffffffffffffff, 0x4)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000340)=ANY=[@ANYBLOB="18010000000000008000150000000000000000000000000000e54c95a6594b404f2986144891907f468f23975847da8203b544912583683a93d788e6fad4c292e8fa5ea2ba1b207b63ba43fbb1ec036ce728b0f84eb913d54fcc1b2e89e65343fe5221369c7541dfeac4b717e392456fbadcc3c67b7d83e082f0e74da948b5f196f153bbc8bcad4b0f416f666c99bc2b09010f37f5ee8feb71b7f9fef1ad898e6a59c01ee064f1da952f92c802f6e256c956a9df1df9ad2261f4450300002000"/204], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, r6, 0x8, 0x0, 0x0, 0x10, 0x0}, 0xfffffffffffffefb)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kvm_mmio\x00', r7}, 0x10)

[  310.157363][T27092]  </TASK>
18:06:29 executing program 1:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 26)

18:06:29 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200, 0x1, @perf_bp={&(0x7f0000000100)}, 0x80000, 0xbcf7, 0x3, 0x2, 0x1b8, 0x5, 0x0, 0x0, 0x8, 0x0, 0x51}, 0xffffffffffffffff, 0xe, r0, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

18:06:29 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x403)
close(r2)

18:06:29 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0) (async)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2) (async)
openat$cgroup_subtree(r0, &(0x7f0000000440), 0x2, 0x0) (async)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00') (async)
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2) (async)
r3 = openat$cgroup_ro(r1, &(0x7f0000000180)='blkio.bfq.io_queued\x00', 0x0, 0x0) (async)
openat$cgroup_ro(r0, &(0x7f0000000000)='blkio.bfq.io_wait_time_recursive\x00', 0x0, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
openat$cgroup_ro(r3, &(0x7f0000000480)='blkio.bfq.io_service_bytes_recursive\x00', 0x0, 0x0) (async)
r5 = openat$cgroup_ro(r4, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000004000000000000000000850000000f000000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, r5, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) (async)
ioctl$TUNSETIFINDEX(r5, 0x400454da, &(0x7f0000000280)) (async)
mkdirat$cgroup(r5, &(0x7f00000001c0)='syz0\x00', 0x1ff) (async)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0) (async)
r6 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000300)=0xffffffffffffffff, 0x4)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000340)=ANY=[@ANYBLOB="18010000000000008000150000000000000000000000000000e54c95a6594b404f2986144891907f468f23975847da8203b544912583683a93d788e6fad4c292e8fa5ea2ba1b207b63ba43fbb1ec036ce728b0f84eb913d54fcc1b2e89e65343fe5221369c7541dfeac4b717e392456fbadcc3c67b7d83e082f0e74da948b5f196f153bbc8bcad4b0f416f666c99bc2b09010f37f5ee8feb71b7f9fef1ad898e6a59c01ee064f1da952f92c802f6e256c956a9df1df9ad2261f4450300002000"/204], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, r6, 0x8, 0x0, 0x0, 0x10, 0x0}, 0xfffffffffffffefb)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x10) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kvm_mmio\x00', r7}, 0x10)

[  310.234456][T27123] FAULT_INJECTION: forcing a failure.
[  310.234456][T27123] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  310.249525][T27123] CPU: 1 PID: 27123 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0
[  310.259599][T27123] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[  310.269490][T27123] Call Trace:
[  310.272640][T27123]  <TASK>
[  310.275388][T27123]  dump_stack_lvl+0x151/0x1b7
[  310.279902][T27123]  ? bfq_pos_tree_add_move+0x43e/0x43e
[  310.285197][T27123]  ? stack_trace_save+0x1f0/0x1f0
[  310.290060][T27123]  ? __kernel_text_address+0x9a/0x110
[  310.295267][T27123]  dump_stack+0x15/0x17
[  310.299256][T27123]  should_fail+0x3c0/0x510
[  310.303513][T27123]  should_fail_alloc_page+0x58/0x70
[  310.308545][T27123]  __alloc_pages+0x1de/0x7c0
[  310.313067][T27123]  ? stack_trace_save+0x12d/0x1f0
[  310.317928][T27123]  ? stack_trace_snprint+0x100/0x100
[  310.323051][T27123]  ? __count_vm_events+0x30/0x30
[  310.327815][T27123]  ? __kasan_slab_alloc+0xc4/0xe0
[  310.332675][T27123]  ? __kasan_slab_alloc+0xb2/0xe0
[  310.337531][T27123]  ? kmem_cache_alloc+0x189/0x2f0
[  310.342392][T27123]  ? anon_vma_fork+0x1b9/0x4f0
[  310.346993][T27123]  get_zeroed_page+0x19/0x40
[  310.351417][T27123]  __pud_alloc+0x8b/0x260
[  310.355586][T27123]  ? do_handle_mm_fault+0x2370/0x2370
[  310.360903][T27123]  copy_page_range+0xd9e/0x1090
[  310.365572][T27123]  ? pfn_valid+0x1e0/0x1e0
[  310.369828][T27123]  dup_mmap+0x99f/0xea0
[  310.373813][T27123]  ? __delayed_free_task+0x20/0x20
[  310.378760][T27123]  ? mm_init+0x807/0x960
[  310.382841][T27123]  dup_mm+0x91/0x330
[  310.386569][T27123]  copy_mm+0x108/0x1b0
[  310.390475][T27123]  copy_process+0x1295/0x3250
[  310.394990][T27123]  ? proc_fail_nth_write+0x213/0x290
[  310.400223][T27123]  ? proc_fail_nth_read+0x220/0x220
[  310.405250][T27123]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  310.410244][T27123]  ? vfs_write+0x9af/0x1050
[  310.414541][T27123]  ? vmacache_update+0xb7/0x120
[  310.419224][T27123]  kernel_clone+0x22d/0x990
[  310.424399][T27123]  ? file_end_write+0x1b0/0x1b0
[  310.429094][T27123]  ? __kasan_check_write+0x14/0x20
[  310.434031][T27123]  ? create_io_thread+0x1e0/0x1e0
[  310.438891][T27123]  ? __mutex_lock_slowpath+0x10/0x10
[  310.444013][T27123]  __x64_sys_clone+0x289/0x310
[  310.448615][T27123]  ? __do_sys_vfork+0x130/0x130
[  310.453300][T27123]  ? debug_smp_processor_id+0x17/0x20
[  310.458511][T27123]  do_syscall_64+0x44/0xd0
[  310.462761][T27123]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  310.468579][T27123] RIP: 0033:0x7f13408790c9
[  310.472832][T27123] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  310.492442][T27123] RSP: 002b:00007f133f5ec118 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  310.500688][T27123] RAX: ffffffffffffffda RBX: 00007f1340998f80 RCX: 00007f13408790c9
[  310.508500][T27123] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  310.516322][T27123] RBP: 00007f133f5ec1d0 R08: 0000000000000000 R09: 0000000000000000
[  310.524129][T27123] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
18:06:29 executing program 2:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x8082b4c1290000, 0x0, 0x0, 0x0, 0x0, 0x0)

18:06:29 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x80001, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200, 0x1, @perf_bp={&(0x7f0000000100)}, 0x80000, 0xbcf7, 0x3, 0x2, 0x1b8, 0x5, 0x0, 0x0, 0x8, 0x0, 0x51}, 0xffffffffffffffff, 0xe, r0, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

18:06:30 executing program 1:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 27)

[  310.531933][T27123] R13: 00007ffcbc4c66ef R14: 00007f133f5ec300 R15: 0000000000022000
[  310.539748][T27123]  </TASK>
[  310.572336][T27139] FAULT_INJECTION: forcing a failure.
[  310.572336][T27139] name failslab, interval 1, probability 0, space 0, times 0
[  310.586949][T27139] CPU: 1 PID: 27139 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0
[  310.597021][T27139] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[  310.606913][T27139] Call Trace:
[  310.610036][T27139]  <TASK>
[  310.612916][T27139]  dump_stack_lvl+0x151/0x1b7
[  310.617423][T27139]  ? bfq_pos_tree_add_move+0x43e/0x43e
[  310.622889][T27139]  dump_stack+0x15/0x17
[  310.626900][T27139]  should_fail+0x3c0/0x510
[  310.631135][T27139]  ? kvmalloc_node+0x82/0x130
[  310.635645][T27139]  __should_failslab+0x9f/0xe0
[  310.640244][T27139]  should_failslab+0x9/0x20
[  310.644585][T27139]  __kmalloc+0x6d/0x350
[  310.648586][T27139]  ? kvmalloc_node+0x82/0x130
[  310.653090][T27139]  kvmalloc_node+0x82/0x130
[  310.657428][T27139]  alloc_fdtable+0x173/0x2b0
[  310.661863][T27139]  dup_fd+0x781/0xa40
[  310.665674][T27139]  ? avc_has_perm+0x16d/0x260
[  310.670192][T27139]  copy_files+0xe6/0x200
[  310.674274][T27139]  ? perf_event_attrs+0x30/0x30
[  310.678953][T27139]  ? dup_task_struct+0xa60/0xa60
[  310.683727][T27139]  ? security_task_alloc+0x132/0x150
[  310.688849][T27139]  copy_process+0x11e9/0x3250
[  310.693361][T27139]  ? proc_fail_nth_write+0x213/0x290
[  310.698482][T27139]  ? proc_fail_nth_read+0x220/0x220
[  310.703516][T27139]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  310.708462][T27139]  ? vfs_write+0x9af/0x1050
[  310.712803][T27139]  ? vmacache_update+0xb7/0x120
[  310.717490][T27139]  kernel_clone+0x22d/0x990
[  310.721831][T27139]  ? file_end_write+0x1b0/0x1b0
[  310.726525][T27139]  ? __kasan_check_write+0x14/0x20
[  310.731461][T27139]  ? create_io_thread+0x1e0/0x1e0
[  310.736323][T27139]  ? __mutex_lock_slowpath+0x10/0x10
[  310.741446][T27139]  __x64_sys_clone+0x289/0x310
[  310.746046][T27139]  ? __do_sys_vfork+0x130/0x130
[  310.750732][T27139]  ? debug_smp_processor_id+0x17/0x20
[  310.755938][T27139]  do_syscall_64+0x44/0xd0
[  310.760194][T27139]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  310.765921][T27139] RIP: 0033:0x7f13408790c9
[  310.770173][T27139] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  310.789788][T27139] RSP: 002b:00007f133f5ec118 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  310.798030][T27139] RAX: ffffffffffffffda RBX: 00007f1340998f80 RCX: 00007f13408790c9
[  310.805844][T27139] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  310.813660][T27139] RBP: 00007f133f5ec1d0 R08: 0000000000000000 R09: 0000000000000000
[  310.821467][T27139] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  310.829366][T27139] R13: 00007ffcbc4c66ef R14: 00007f133f5ec300 R15: 0000000000022000
18:06:30 executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x4, 0x0, 0x4, 0x0, 0xc04}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000500)={0xffffffffffffffff, 0xe0, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000240)=[0x0, 0x0, 0x0], ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0x1, 0x9, &(0x7f0000000280)=[0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000700)=[{}, {}], 0x10, 0x10, &(0x7f0000000340), &(0x7f0000000380), 0x8, 0x10, 0x8, 0x8, &(0x7f00000003c0)}}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000004000f008000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0x2, 0x101, 0x720be703, 0x1000, 0xf1, r0, 0x80000000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1}, 0x48)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x4030582a, &(0x7f0000000040))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x5, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffff956, 0x0, 0x0, 0x0, 0x9}, [@map_fd={0x18, 0x6, 0x1, 0x0, r0}]}, &(0x7f0000000140)='syzkaller\x00', 0x400, 0xbc, &(0x7f0000000180)=""/188, 0x40f00, 0x2, '\x00', r1, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000540)={0x5, 0x2}, 0x8, 0x10, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x3f}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000640)=[0xffffffffffffffff, r2, r0, r0, r0, r0, r3, r0, r0]}, 0x80)

18:06:30 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x408)
close(r2)

18:06:30 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x80001, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200, 0x1, @perf_bp={&(0x7f0000000100)}, 0x80000, 0xbcf7, 0x3, 0x2, 0x1b8, 0x5, 0x0, 0x0, 0x8, 0x0, 0x51}, 0xffffffffffffffff, 0xe, r0, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

18:06:30 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x500)
close(r2)

[  310.837180][T27139]  </TASK>
18:06:30 executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x4, 0x0, 0x4, 0x0, 0xc04}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000500)={0xffffffffffffffff, 0xe0, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000240)=[0x0, 0x0, 0x0], ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0x1, 0x9, &(0x7f0000000280)=[0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000700)=[{}, {}], 0x10, 0x10, &(0x7f0000000340), &(0x7f0000000380), 0x8, 0x10, 0x8, 0x8, &(0x7f00000003c0)}}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000004000f008000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0x2, 0x101, 0x720be703, 0x1000, 0xf1, r0, 0x80000000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1}, 0x48)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x4030582a, &(0x7f0000000040))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x5, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffff956, 0x0, 0x0, 0x0, 0x9}, [@map_fd={0x18, 0x6, 0x1, 0x0, r0}]}, &(0x7f0000000140)='syzkaller\x00', 0x400, 0xbc, &(0x7f0000000180)=""/188, 0x40f00, 0x2, '\x00', r1, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000540)={0x5, 0x2}, 0x8, 0x10, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x3f}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000640)=[0xffffffffffffffff, r2, r0, r0, r0, r0, r3, r0, r0]}, 0x80)

18:06:30 executing program 1:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 28)

18:06:30 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0) (async)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0) (async)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2) (async)
openat$cgroup_subtree(r0, &(0x7f0000000440), 0x2, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00') (async)
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2) (async)
r3 = openat$cgroup_ro(r1, &(0x7f0000000180)='blkio.bfq.io_queued\x00', 0x0, 0x0) (async)
openat$cgroup_ro(r0, &(0x7f0000000000)='blkio.bfq.io_wait_time_recursive\x00', 0x0, 0x0) (async)
r4 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
openat$cgroup_ro(r3, &(0x7f0000000480)='blkio.bfq.io_service_bytes_recursive\x00', 0x0, 0x0) (async)
r5 = openat$cgroup_ro(r4, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000004000000000000000000850000000f000000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, r5, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) (async)
ioctl$TUNSETIFINDEX(r5, 0x400454da, &(0x7f0000000280)) (async)
mkdirat$cgroup(r5, &(0x7f00000001c0)='syz0\x00', 0x1ff) (async)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0)
r6 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000300)=0xffffffffffffffff, 0x4)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000340)=ANY=[@ANYBLOB="18010000000000008000150000000000000000000000000000e54c95a6594b404f2986144891907f468f23975847da8203b544912583683a93d788e6fad4c292e8fa5ea2ba1b207b63ba43fbb1ec036ce728b0f84eb913d54fcc1b2e89e65343fe5221369c7541dfeac4b717e392456fbadcc3c67b7d83e082f0e74da948b5f196f153bbc8bcad4b0f416f666c99bc2b09010f37f5ee8feb71b7f9fef1ad898e6a59c01ee064f1da952f92c802f6e256c956a9df1df9ad2261f4450300002000"/204], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, r6, 0x8, 0x0, 0x0, 0x10, 0x0}, 0xfffffffffffffefb)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kvm_mmio\x00', r7}, 0x10)

18:06:30 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x80001, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200, 0x1, @perf_bp={&(0x7f0000000100)}, 0x80000, 0xbcf7, 0x3, 0x2, 0x1b8, 0x5, 0x0, 0x0, 0x8, 0x0, 0x51}, 0xffffffffffffffff, 0xe, r0, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

18:06:30 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x600)
close(r2)

[  310.984600][T27173] FAULT_INJECTION: forcing a failure.
[  310.984600][T27173] name failslab, interval 1, probability 0, space 0, times 0
[  311.037175][T27173] CPU: 0 PID: 27173 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0
[  311.047257][T27173] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[  311.057149][T27173] Call Trace:
[  311.060268][T27173]  <TASK>
[  311.063047][T27173]  dump_stack_lvl+0x151/0x1b7
[  311.067561][T27173]  ? bfq_pos_tree_add_move+0x43e/0x43e
[  311.072861][T27173]  dump_stack+0x15/0x17
[  311.076848][T27173]  should_fail+0x3c0/0x510
[  311.081110][T27173]  __should_failslab+0x9f/0xe0
[  311.085702][T27173]  should_failslab+0x9/0x20
[  311.090040][T27173]  kmem_cache_alloc+0x4f/0x2f0
[  311.094638][T27173]  ? vm_area_dup+0x26/0x1d0
[  311.098980][T27173]  vm_area_dup+0x26/0x1d0
[  311.103241][T27173]  dup_mmap+0x6b8/0xea0
[  311.107233][T27173]  ? __delayed_free_task+0x20/0x20
[  311.112180][T27173]  ? mm_init+0x807/0x960
[  311.116343][T27173]  dup_mm+0x91/0x330
[  311.120076][T27173]  copy_mm+0x108/0x1b0
[  311.123983][T27173]  copy_process+0x1295/0x3250
[  311.128496][T27173]  ? proc_fail_nth_write+0x213/0x290
[  311.133617][T27173]  ? proc_fail_nth_read+0x220/0x220
[  311.138652][T27173]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  311.145733][T27173]  ? vfs_write+0x9af/0x1050
[  311.150083][T27173]  ? vmacache_update+0xb7/0x120
[  311.154756][T27173]  kernel_clone+0x22d/0x990
[  311.159093][T27173]  ? file_end_write+0x1b0/0x1b0
[  311.163779][T27173]  ? __kasan_check_write+0x14/0x20
[  311.168725][T27173]  ? create_io_thread+0x1e0/0x1e0
[  311.173588][T27173]  ? __mutex_lock_slowpath+0x10/0x10
[  311.178708][T27173]  __x64_sys_clone+0x289/0x310
[  311.183310][T27173]  ? __do_sys_vfork+0x130/0x130
[  311.187994][T27173]  ? debug_smp_processor_id+0x17/0x20
[  311.193201][T27173]  do_syscall_64+0x44/0xd0
[  311.197457][T27173]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  311.203183][T27173] RIP: 0033:0x7f13408790c9
[  311.207439][T27173] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  311.226882][T27173] RSP: 002b:00007f133f5cb118 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  311.235128][T27173] RAX: ffffffffffffffda RBX: 00007f1340999050 RCX: 00007f13408790c9
[  311.242934][T27173] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  311.250748][T27173] RBP: 00007f133f5cb1d0 R08: 0000000000000000 R09: 0000000000000000
[  311.258556][T27173] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  311.266369][T27173] R13: 00007ffcbc4c66ef R14: 00007f133f5cb300 R15: 0000000000022000
[  311.274355][T27173]  </TASK>
[  311.703416][ T1056] device bridge_slave_1 left promiscuous mode
[  311.709364][ T1056] bridge0: port 2(bridge_slave_1) entered disabled state
[  311.716796][ T1056] device bridge_slave_0 left promiscuous mode
[  311.722731][ T1056] bridge0: port 1(bridge_slave_0) entered disabled state
[  311.730411][ T1056] device veth1_macvtap left promiscuous mode
[  311.736254][ T1056] device veth0_vlan left promiscuous mode
[  312.117963][T27177] bridge0: port 1(bridge_slave_0) entered blocking state
[  312.125053][T27177] bridge0: port 1(bridge_slave_0) entered disabled state
[  312.132111][T27177] device bridge_slave_0 entered promiscuous mode
[  312.138938][T27177] bridge0: port 2(bridge_slave_1) entered blocking state
[  312.145815][T27177] bridge0: port 2(bridge_slave_1) entered disabled state
[  312.152955][T27177] device bridge_slave_1 entered promiscuous mode
[  312.187326][T27177] bridge0: port 2(bridge_slave_1) entered blocking state
[  312.194204][T27177] bridge0: port 2(bridge_slave_1) entered forwarding state
[  312.201435][T27177] bridge0: port 1(bridge_slave_0) entered blocking state
[  312.208243][T27177] bridge0: port 1(bridge_slave_0) entered forwarding state
[  312.225868][  T454] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  312.233332][  T454] bridge0: port 1(bridge_slave_0) entered disabled state
[  312.240331][  T454] bridge0: port 2(bridge_slave_1) entered disabled state
[  312.259260][T27177] device veth0_vlan entered promiscuous mode
[  312.266730][ T1272] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  312.275308][ T1272] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  312.283225][ T1272] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  312.290373][ T1272] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  312.298351][ T1272] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  312.306357][ T1272] bridge0: port 1(bridge_slave_0) entered blocking state
[  312.313199][ T1272] bridge0: port 1(bridge_slave_0) entered forwarding state
[  312.320351][ T1272] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  312.328570][ T1272] bridge0: port 2(bridge_slave_1) entered blocking state
[  312.335454][ T1272] bridge0: port 2(bridge_slave_1) entered forwarding state
[  312.342942][ T1272] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  312.350632][ T1272] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  312.362957][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  312.371762][T27177] device veth1_macvtap entered promiscuous mode
18:06:31 executing program 2:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0xf0a10f1b000000, 0x0, 0x0, 0x0, 0x0, 0x0)

18:06:31 executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x4, 0x0, 0x4, 0x0, 0xc04}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000500)={0xffffffffffffffff, 0xe0, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000240)=[0x0, 0x0, 0x0], ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0x1, 0x9, &(0x7f0000000280)=[0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000700)=[{}, {}], 0x10, 0x10, &(0x7f0000000340), &(0x7f0000000380), 0x8, 0x10, 0x8, 0x8, &(0x7f00000003c0)}}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000004000f008000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0x2, 0x101, 0x720be703, 0x1000, 0xf1, r0, 0x80000000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1}, 0x48)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x4030582a, &(0x7f0000000040))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x5, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffff956, 0x0, 0x0, 0x0, 0x9}, [@map_fd={0x18, 0x6, 0x1, 0x0, r0}]}, &(0x7f0000000140)='syzkaller\x00', 0x400, 0xbc, &(0x7f0000000180)=""/188, 0x40f00, 0x2, '\x00', r1, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000540)={0x5, 0x2}, 0x8, 0x10, &(0x7f0000000580)={0x0, 0x0, 0x28}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000640)=[0xffffffffffffffff, r2, r0, r0, r0, r0, r3, r0, r0]}, 0x80)

18:06:31 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x601)
close(r2)

18:06:31 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0)
r1 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
ioctl$TUNSETSTEERINGEBPF(r1, 0x800454e0, &(0x7f0000000080))
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000001500)=@bpf_lsm={0x1d, 0x6, &(0x7f00000003c0)=@raw=[@initr0={0x18, 0x0, 0x0, 0x0, 0x838, 0x0, 0x0, 0x0, 0x5}, @ldst={0x0, 0x1, 0x2, 0x2, 0xa, 0x30, 0xffffffffffffffff}, @exit, @map_idx={0x18, 0x4, 0x5, 0x0, 0x4}], &(0x7f0000000400)='GPL\x00', 0x7, 0x8a, &(0x7f0000000440)=""/138, 0x40f00, 0x0, '\x00', 0x0, 0x1b, r1, 0x8, &(0x7f0000000500)={0x7, 0x5}, 0x8, 0x10, 0x0}, 0x80)
r2 = bpf$ITER_CREATE(0x21, &(0x7f0000000300)={r1}, 0x8)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
openat$cgroup(r3, &(0x7f0000000100)='syz1\x00', 0x200002, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x6611, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001cc0)={0xffffffffffffffff, 0xe0, &(0x7f0000001bc0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, &(0x7f0000000500)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, <r4=>0x0, 0x0, 0x0, 0x0, 0x8, 0xa, &(0x7f0000000540)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000001640)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000001700)=[{}], 0x8, 0x10, &(0x7f0000001780), &(0x7f0000001b40), 0x8, 0x10, 0x8, 0x8, &(0x7f0000001b80)}}, 0x10)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000001580)={0xffffffffffffffff, 0x58, &(0x7f0000002380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r6=>0x0}}, 0xb6)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001900)={r5, 0xfffffffffffffd18, &(0x7f0000001800)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, &(0x7f00000016c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x9, 0x5, &(0x7f0000001a00)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000017c0)=[0x0, 0x0, 0x0, 0x0, 0x0], <r7=>0x0, 0x8, &(0x7f00000003c0)=[{}, {}, {}, {}, {}, {}], 0x30, 0x10, &(0x7f0000001740), &(0x7f0000001680), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000440)}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000001980)={0xd, 0xa, &(0x7f0000002400)=ANY=[@ANYBLOB="57a00e34a9180000718300005659ad03e287d85855a012000000000007000000ff320600050000000000001810000000001869000002000095d01e39b54b17dcc388275d044bb253b5e1ab171cb71c012b5efadffb92f669d0560e61589606c5e28b7a5fb2df6525691a9054e594f1faeb87b973dc0d2f29df0e245bf2a005c0ba784255f3860d608500c245907a280260b9e159f7ab9ff89aa9dd86adc7000000000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x50000, 0x1000, &(0x7f0000000580)=""/4096, 0x41000, 0xc, '\x00', r6, 0xb, 0xffffffffffffffff, 0x8, &(0x7f00000015c0)={0x7}, 0x8, 0x10, &(0x7f0000001600)={0x5, 0x0, 0xf28f, 0x4}, 0x10, r7, r5, 0x0, &(0x7f0000001940)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}, 0x80)
r8 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000001d80), 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000001dc0)={0x16, 0x2, &(0x7f0000000480)=@raw=[@map_val={0x18, 0x2, 0x2, 0x0, r3, 0x0, 0x0, 0x0, 0x9}], &(0x7f00000004c0)='GPL\x00', 0x7, 0xb0, &(0x7f0000001a80)=""/176, 0x40f00, 0x2, '\x00', r4, 0x26, 0xffffffffffffffff, 0x8, &(0x7f0000001d00)={0x1, 0x5}, 0x8, 0x10, &(0x7f0000001d40)={0x4, 0xf, 0x3, 0x3}, 0x10, r7, r8}, 0x80)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=@bloom_filter={0x1e, 0x5, 0xfffffffa, 0x3444df30, 0x120c, r1, 0x3, '\x00', 0x0, r2, 0x0, 0x4, 0x2, 0xc}, 0x48)
r10 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
ioctl$TUNSETSTEERINGEBPF(r10, 0x800454e0, &(0x7f0000000080))
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000001500)=@bpf_lsm={0x1d, 0x6, &(0x7f00000003c0)=@raw=[@initr0={0x18, 0x0, 0x0, 0x0, 0x838, 0x0, 0x0, 0x0, 0x5}, @ldst={0x0, 0x1, 0x2, 0x2, 0xa, 0x30, 0xffffffffffffffff}, @exit, @map_idx={0x18, 0x4, 0x5, 0x0, 0x4}], &(0x7f0000000400)='GPL\x00', 0x7, 0x8a, &(0x7f0000000440)=""/138, 0x40f00, 0x0, '\x00', 0x0, 0x1b, r10, 0x8, &(0x7f0000000500)={0x7, 0x5}, 0x8, 0x10, 0x0}, 0x80)
r11 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000b80)={0x0, 0x9, 0x10}, 0xc)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000c00)=@bpf_lsm={0x1d, 0x3, &(0x7f0000000600)=@raw=[@initr0={0x18, 0x0, 0x0, 0x0, 0x10001, 0x0, 0x0, 0x0, 0x3ff}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffc}], &(0x7f00000008c0)='GPL\x00', 0x3bd, 0x74, &(0x7f0000000900)=""/116, 0x41100, 0x10, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, &(0x7f0000000a80)={0xa, 0x2}, 0x8, 0x10, &(0x7f0000000ac0)={0x2, 0x0, 0xfffffff8, 0x1f}, 0x10, r7, 0x0, 0x0, &(0x7f0000000bc0)=[r1, r9, r10, r11, r1, r1, r0, r2, r1, r2]}, 0x80)
r12 = bpf$ITER_CREATE(0x21, &(0x7f0000000340)={r1}, 0x8)
r13 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000380)={0xffffffffffffffff, 0x239, 0x8}, 0xc)
r14 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
openat$cgroup_ro(r14, 0x0, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000880)={r14, 0xe0, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000580)=[0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, &(0x7f00000005c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000640)=[0x0], 0x0, 0x8, &(0x7f0000000680)=[{}, {}, {}, {}, {}, {}, {}], 0x38, 0x10, &(0x7f00000006c0), &(0x7f0000000700), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000740)}}, 0x10)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000580)=@bpf_ext={0x1c, 0x7, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfff, 0x0, 0x0, 0x0, 0xdc0}, [@alu={0x7, 0x1, 0x1, 0x5, 0x6, 0x2, 0xfffffffffffffffc}, @map_idx_val={0x18, 0x6, 0x6, 0x0, 0x6, 0x0, 0x0, 0x0, 0x61d9}, @call={0x85, 0x0, 0x0, 0x42}]}, &(0x7f0000000140)='syzkaller\x00', 0x4, 0xdb, &(0x7f0000000180)=""/219, 0x0, 0x0, '\x00', 0x0, 0x0, r0, 0x8, &(0x7f0000000280)={0xa, 0x2}, 0x8, 0x10, &(0x7f00000002c0)={0x2, 0x3, 0xbb2, 0x80000000}, 0x10, 0x17715, 0xffffffffffffffff, 0x0, &(0x7f0000000540)=[r2, r12, 0xffffffffffffffff, r13, r14]}, 0x80)
perf_event_open(&(0x7f0000000040)={0x4, 0x80, 0x7f, 0x1, 0x20, 0x1, 0x0, 0x0, 0x10, 0x4, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x2, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x80, 0x4, @perf_bp={&(0x7f0000000000), 0x2}, 0x1, 0x81, 0x6, 0x7, 0x40, 0x5, 0x2, 0x0, 0x1000, 0x0, 0x5}, 0x0, 0x5, r1, 0x1)

18:06:31 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x80001, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200, 0x1, @perf_bp={&(0x7f0000000100)}, 0x80000, 0xbcf7, 0x3, 0x2, 0x1b8, 0x5, 0x0, 0x0, 0x8, 0x0, 0x51}, 0xffffffffffffffff, 0xe, r0, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

18:06:31 executing program 1:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 29)

[  312.382751][  T454] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  312.391114][  T454] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
18:06:31 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0)
r1 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
ioctl$TUNSETSTEERINGEBPF(r1, 0x800454e0, &(0x7f0000000080)) (async)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000001500)=@bpf_lsm={0x1d, 0x6, &(0x7f00000003c0)=@raw=[@initr0={0x18, 0x0, 0x0, 0x0, 0x838, 0x0, 0x0, 0x0, 0x5}, @ldst={0x0, 0x1, 0x2, 0x2, 0xa, 0x30, 0xffffffffffffffff}, @exit, @map_idx={0x18, 0x4, 0x5, 0x0, 0x4}], &(0x7f0000000400)='GPL\x00', 0x7, 0x8a, &(0x7f0000000440)=""/138, 0x40f00, 0x0, '\x00', 0x0, 0x1b, r1, 0x8, &(0x7f0000000500)={0x7, 0x5}, 0x8, 0x10, 0x0}, 0x80)
r2 = bpf$ITER_CREATE(0x21, &(0x7f0000000300)={r1}, 0x8)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
openat$cgroup(r3, &(0x7f0000000100)='syz1\x00', 0x200002, 0x0) (async)
ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x6611, 0x0) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001cc0)={0xffffffffffffffff, 0xe0, &(0x7f0000001bc0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, &(0x7f0000000500)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, <r4=>0x0, 0x0, 0x0, 0x0, 0x8, 0xa, &(0x7f0000000540)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000001640)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000001700)=[{}], 0x8, 0x10, &(0x7f0000001780), &(0x7f0000001b40), 0x8, 0x10, 0x8, 0x8, &(0x7f0000001b80)}}, 0x10)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000001580)={0xffffffffffffffff, 0x58, &(0x7f0000002380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r6=>0x0}}, 0xb6) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001900)={r5, 0xfffffffffffffd18, &(0x7f0000001800)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, &(0x7f00000016c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x9, 0x5, &(0x7f0000001a00)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000017c0)=[0x0, 0x0, 0x0, 0x0, 0x0], <r7=>0x0, 0x8, &(0x7f00000003c0)=[{}, {}, {}, {}, {}, {}], 0x30, 0x10, &(0x7f0000001740), &(0x7f0000001680), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000440)}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000001980)={0xd, 0xa, &(0x7f0000002400)=ANY=[@ANYBLOB="57a00e34a9180000718300005659ad03e287d85855a012000000000007000000ff320600050000000000001810000000001869000002000095d01e39b54b17dcc388275d044bb253b5e1ab171cb71c012b5efadffb92f669d0560e61589606c5e28b7a5fb2df6525691a9054e594f1faeb87b973dc0d2f29df0e245bf2a005c0ba784255f3860d608500c245907a280260b9e159f7ab9ff89aa9dd86adc7000000000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x50000, 0x1000, &(0x7f0000000580)=""/4096, 0x41000, 0xc, '\x00', r6, 0xb, 0xffffffffffffffff, 0x8, &(0x7f00000015c0)={0x7}, 0x8, 0x10, &(0x7f0000001600)={0x5, 0x0, 0xf28f, 0x4}, 0x10, r7, r5, 0x0, &(0x7f0000001940)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}, 0x80) (async)
r8 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000001d80), 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000001dc0)={0x16, 0x2, &(0x7f0000000480)=@raw=[@map_val={0x18, 0x2, 0x2, 0x0, r3, 0x0, 0x0, 0x0, 0x9}], &(0x7f00000004c0)='GPL\x00', 0x7, 0xb0, &(0x7f0000001a80)=""/176, 0x40f00, 0x2, '\x00', r4, 0x26, 0xffffffffffffffff, 0x8, &(0x7f0000001d00)={0x1, 0x5}, 0x8, 0x10, &(0x7f0000001d40)={0x4, 0xf, 0x3, 0x3}, 0x10, r7, r8}, 0x80)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=@bloom_filter={0x1e, 0x5, 0xfffffffa, 0x3444df30, 0x120c, r1, 0x3, '\x00', 0x0, r2, 0x0, 0x4, 0x2, 0xc}, 0x48) (async)
r10 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
ioctl$TUNSETSTEERINGEBPF(r10, 0x800454e0, &(0x7f0000000080)) (async)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000001500)=@bpf_lsm={0x1d, 0x6, &(0x7f00000003c0)=@raw=[@initr0={0x18, 0x0, 0x0, 0x0, 0x838, 0x0, 0x0, 0x0, 0x5}, @ldst={0x0, 0x1, 0x2, 0x2, 0xa, 0x30, 0xffffffffffffffff}, @exit, @map_idx={0x18, 0x4, 0x5, 0x0, 0x4}], &(0x7f0000000400)='GPL\x00', 0x7, 0x8a, &(0x7f0000000440)=""/138, 0x40f00, 0x0, '\x00', 0x0, 0x1b, r10, 0x8, &(0x7f0000000500)={0x7, 0x5}, 0x8, 0x10, 0x0}, 0x80)
r11 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000b80)={0x0, 0x9, 0x10}, 0xc)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000c00)=@bpf_lsm={0x1d, 0x3, &(0x7f0000000600)=@raw=[@initr0={0x18, 0x0, 0x0, 0x0, 0x10001, 0x0, 0x0, 0x0, 0x3ff}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffc}], &(0x7f00000008c0)='GPL\x00', 0x3bd, 0x74, &(0x7f0000000900)=""/116, 0x41100, 0x10, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, &(0x7f0000000a80)={0xa, 0x2}, 0x8, 0x10, &(0x7f0000000ac0)={0x2, 0x0, 0xfffffff8, 0x1f}, 0x10, r7, 0x0, 0x0, &(0x7f0000000bc0)=[r1, r9, r10, r11, r1, r1, r0, r2, r1, r2]}, 0x80)
r12 = bpf$ITER_CREATE(0x21, &(0x7f0000000340)={r1}, 0x8) (async)
r13 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000380)={0xffffffffffffffff, 0x239, 0x8}, 0xc) (async)
r14 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
openat$cgroup_ro(r14, 0x0, 0x0, 0x0) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000880)={r14, 0xe0, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000580)=[0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, &(0x7f00000005c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000640)=[0x0], 0x0, 0x8, &(0x7f0000000680)=[{}, {}, {}, {}, {}, {}, {}], 0x38, 0x10, &(0x7f00000006c0), &(0x7f0000000700), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000740)}}, 0x10) (async)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000580)=@bpf_ext={0x1c, 0x7, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfff, 0x0, 0x0, 0x0, 0xdc0}, [@alu={0x7, 0x1, 0x1, 0x5, 0x6, 0x2, 0xfffffffffffffffc}, @map_idx_val={0x18, 0x6, 0x6, 0x0, 0x6, 0x0, 0x0, 0x0, 0x61d9}, @call={0x85, 0x0, 0x0, 0x42}]}, &(0x7f0000000140)='syzkaller\x00', 0x4, 0xdb, &(0x7f0000000180)=""/219, 0x0, 0x0, '\x00', 0x0, 0x0, r0, 0x8, &(0x7f0000000280)={0xa, 0x2}, 0x8, 0x10, &(0x7f00000002c0)={0x2, 0x3, 0xbb2, 0x80000000}, 0x10, 0x17715, 0xffffffffffffffff, 0x0, &(0x7f0000000540)=[r2, r12, 0xffffffffffffffff, r13, r14]}, 0x80) (async)
perf_event_open(&(0x7f0000000040)={0x4, 0x80, 0x7f, 0x1, 0x20, 0x1, 0x0, 0x0, 0x10, 0x4, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x2, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x80, 0x4, @perf_bp={&(0x7f0000000000), 0x2}, 0x1, 0x81, 0x6, 0x7, 0x40, 0x5, 0x2, 0x0, 0x1000, 0x0, 0x5}, 0x0, 0x5, r1, 0x1)

[  312.443044][T27193] FAULT_INJECTION: forcing a failure.
[  312.443044][T27193] name failslab, interval 1, probability 0, space 0, times 0
[  312.461452][T27193] CPU: 0 PID: 27193 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0
[  312.471534][T27193] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[  312.481426][T27193] Call Trace:
[  312.484547][T27193]  <TASK>
[  312.487368][T27193]  dump_stack_lvl+0x151/0x1b7
[  312.491836][T27193]  ? bfq_pos_tree_add_move+0x43e/0x43e
[  312.497129][T27193]  ? _raw_spin_lock+0xa3/0x1b0
[  312.501734][T27193]  ? dup_fd+0x51f/0xa40
[  312.505719][T27193]  dump_stack+0x15/0x17
[  312.509710][T27193]  should_fail+0x3c0/0x510
[  312.513962][T27193]  __should_failslab+0x9f/0xe0
[  312.518561][T27193]  should_failslab+0x9/0x20
[  312.522904][T27193]  kmem_cache_alloc+0x4f/0x2f0
[  312.527507][T27193]  ? copy_fs_struct+0x4e/0x230
[  312.532111][T27193]  copy_fs_struct+0x4e/0x230
[  312.536528][T27193]  copy_fs+0x72/0x140
[  312.540437][T27193]  copy_process+0x1214/0x3250
[  312.544948][T27193]  ? proc_fail_nth_write+0x213/0x290
[  312.550069][T27193]  ? proc_fail_nth_read+0x220/0x220
[  312.555103][T27193]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  312.560049][T27193]  ? vfs_write+0x9af/0x1050
[  312.564391][T27193]  ? vmacache_update+0xb7/0x120
[  312.569075][T27193]  kernel_clone+0x22d/0x990
[  312.573415][T27193]  ? file_end_write+0x1b0/0x1b0
[  312.578102][T27193]  ? __kasan_check_write+0x14/0x20
[  312.583050][T27193]  ? create_io_thread+0x1e0/0x1e0
[  312.587919][T27193]  ? __mutex_lock_slowpath+0x10/0x10
[  312.593032][T27193]  __x64_sys_clone+0x289/0x310
[  312.597631][T27193]  ? __do_sys_vfork+0x130/0x130
[  312.602326][T27193]  ? debug_smp_processor_id+0x17/0x20
[  312.607527][T27193]  do_syscall_64+0x44/0xd0
[  312.611778][T27193]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  312.617506][T27193] RIP: 0033:0x7f13408790c9
[  312.621763][T27193] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
18:06:32 executing program 2:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0xf0ff1f00000000, 0x0, 0x0, 0x0, 0x0, 0x0)

18:06:32 executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x4, 0x0, 0x4, 0x0, 0xc04}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000500)={0xffffffffffffffff, 0xe0, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000240)=[0x0, 0x0, 0x0], ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0x1, 0x9, &(0x7f0000000280)=[0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000700)=[{}, {}], 0x10, 0x10, &(0x7f0000000340), &(0x7f0000000380), 0x8, 0x10, 0x8, 0x8, &(0x7f00000003c0)}}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000004000f008000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0x2, 0x101, 0x720be703, 0x1000, 0xf1, r0, 0x80000000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1}, 0x48)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x4030582a, &(0x7f0000000040))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x5, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffff956, 0x0, 0x0, 0x0, 0x9}, [@map_fd={0x18, 0x6, 0x1, 0x0, r0}]}, &(0x7f0000000140)='syzkaller\x00', 0x400, 0xbc, &(0x7f0000000180)=""/188, 0x40f00, 0x2, '\x00', r1, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000540)={0x5, 0x2}, 0x8, 0x10, &(0x7f0000000580)={0x0, 0x0, 0x28}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000640)=[0xffffffffffffffff, r2, r0, r0, r0, r0, r3, r0, r0]}, 0x80)

18:06:32 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0) (async)
r1 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
ioctl$TUNSETSTEERINGEBPF(r1, 0x800454e0, &(0x7f0000000080)) (async)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000001500)=@bpf_lsm={0x1d, 0x6, &(0x7f00000003c0)=@raw=[@initr0={0x18, 0x0, 0x0, 0x0, 0x838, 0x0, 0x0, 0x0, 0x5}, @ldst={0x0, 0x1, 0x2, 0x2, 0xa, 0x30, 0xffffffffffffffff}, @exit, @map_idx={0x18, 0x4, 0x5, 0x0, 0x4}], &(0x7f0000000400)='GPL\x00', 0x7, 0x8a, &(0x7f0000000440)=""/138, 0x40f00, 0x0, '\x00', 0x0, 0x1b, r1, 0x8, &(0x7f0000000500)={0x7, 0x5}, 0x8, 0x10, 0x0}, 0x80) (async)
r2 = bpf$ITER_CREATE(0x21, &(0x7f0000000300)={r1}, 0x8)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
openat$cgroup(r3, &(0x7f0000000100)='syz1\x00', 0x200002, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x40086602, &(0x7f0000000140)=0xff) (async)
ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x6611, 0x0) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001cc0)={0xffffffffffffffff, 0xe0, &(0x7f0000001bc0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, &(0x7f0000000500)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, <r4=>0x0, 0x0, 0x0, 0x0, 0x8, 0xa, &(0x7f0000000540)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000001640)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000001700)=[{}], 0x8, 0x10, &(0x7f0000001780), &(0x7f0000001b40), 0x8, 0x10, 0x8, 0x8, &(0x7f0000001b80)}}, 0x10)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000001580)={0xffffffffffffffff, 0x58, &(0x7f0000002380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r6=>0x0}}, 0xb6) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001900)={r5, 0xfffffffffffffd18, &(0x7f0000001800)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, &(0x7f00000016c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x9, 0x5, &(0x7f0000001a00)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000017c0)=[0x0, 0x0, 0x0, 0x0, 0x0], <r7=>0x0, 0x8, &(0x7f00000003c0)=[{}, {}, {}, {}, {}, {}], 0x30, 0x10, &(0x7f0000001740), &(0x7f0000001680), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000440)}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000001980)={0xd, 0xa, &(0x7f0000002400)=ANY=[@ANYBLOB="57a00e34a9180000718300005659ad03e287d85855a012000000000007000000ff320600050000000000001810000000001869000002000095d01e39b54b17dcc388275d044bb253b5e1ab171cb71c012b5efadffb92f669d0560e61589606c5e28b7a5fb2df6525691a9054e594f1faeb87b973dc0d2f29df0e245bf2a005c0ba784255f3860d608500c245907a280260b9e159f7ab9ff89aa9dd86adc7000000000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x50000, 0x1000, &(0x7f0000000580)=""/4096, 0x41000, 0xc, '\x00', r6, 0xb, 0xffffffffffffffff, 0x8, &(0x7f00000015c0)={0x7}, 0x8, 0x10, &(0x7f0000001600)={0x5, 0x0, 0xf28f, 0x4}, 0x10, r7, r5, 0x0, &(0x7f0000001940)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}, 0x80) (async)
r8 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000001d80), 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000001dc0)={0x16, 0x2, &(0x7f0000000480)=@raw=[@map_val={0x18, 0x2, 0x2, 0x0, r3, 0x0, 0x0, 0x0, 0x9}], &(0x7f00000004c0)='GPL\x00', 0x7, 0xb0, &(0x7f0000001a80)=""/176, 0x40f00, 0x2, '\x00', r4, 0x26, 0xffffffffffffffff, 0x8, &(0x7f0000001d00)={0x1, 0x5}, 0x8, 0x10, &(0x7f0000001d40)={0x4, 0xf, 0x3, 0x3}, 0x10, r7, r8}, 0x80)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=@bloom_filter={0x1e, 0x5, 0xfffffffa, 0x3444df30, 0x120c, r1, 0x3, '\x00', 0x0, r2, 0x0, 0x4, 0x2, 0xc}, 0x48)
r10 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
ioctl$TUNSETSTEERINGEBPF(r10, 0x800454e0, &(0x7f0000000080))
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000001500)=@bpf_lsm={0x1d, 0x6, &(0x7f00000003c0)=@raw=[@initr0={0x18, 0x0, 0x0, 0x0, 0x838, 0x0, 0x0, 0x0, 0x5}, @ldst={0x0, 0x1, 0x2, 0x2, 0xa, 0x30, 0xffffffffffffffff}, @exit, @map_idx={0x18, 0x4, 0x5, 0x0, 0x4}], &(0x7f0000000400)='GPL\x00', 0x7, 0x8a, &(0x7f0000000440)=""/138, 0x40f00, 0x0, '\x00', 0x0, 0x1b, r10, 0x8, &(0x7f0000000500)={0x7, 0x5}, 0x8, 0x10, 0x0}, 0x80)
r11 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000b80)={0x0, 0x9, 0x10}, 0xc)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000c00)=@bpf_lsm={0x1d, 0x3, &(0x7f0000000600)=@raw=[@initr0={0x18, 0x0, 0x0, 0x0, 0x10001, 0x0, 0x0, 0x0, 0x3ff}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffc}], &(0x7f00000008c0)='GPL\x00', 0x3bd, 0x74, &(0x7f0000000900)=""/116, 0x41100, 0x10, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, &(0x7f0000000a80)={0xa, 0x2}, 0x8, 0x10, &(0x7f0000000ac0)={0x2, 0x0, 0xfffffff8, 0x1f}, 0x10, r7, 0x0, 0x0, &(0x7f0000000bc0)=[r1, r9, r10, r11, r1, r1, r0, r2, r1, r2]}, 0x80)
r12 = bpf$ITER_CREATE(0x21, &(0x7f0000000340)={r1}, 0x8) (async)
r13 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000380)={0xffffffffffffffff, 0x239, 0x8}, 0xc)
r14 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
openat$cgroup_ro(r14, 0x0, 0x0, 0x0) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000880)={r14, 0xe0, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000580)=[0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, &(0x7f00000005c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000640)=[0x0], 0x0, 0x8, &(0x7f0000000680)=[{}, {}, {}, {}, {}, {}, {}], 0x38, 0x10, &(0x7f00000006c0), &(0x7f0000000700), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000740)}}, 0x10) (async)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000580)=@bpf_ext={0x1c, 0x7, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfff, 0x0, 0x0, 0x0, 0xdc0}, [@alu={0x7, 0x1, 0x1, 0x5, 0x6, 0x2, 0xfffffffffffffffc}, @map_idx_val={0x18, 0x6, 0x6, 0x0, 0x6, 0x0, 0x0, 0x0, 0x61d9}, @call={0x85, 0x0, 0x0, 0x42}]}, &(0x7f0000000140)='syzkaller\x00', 0x4, 0xdb, &(0x7f0000000180)=""/219, 0x0, 0x0, '\x00', 0x0, 0x0, r0, 0x8, &(0x7f0000000280)={0xa, 0x2}, 0x8, 0x10, &(0x7f00000002c0)={0x2, 0x3, 0xbb2, 0x80000000}, 0x10, 0x17715, 0xffffffffffffffff, 0x0, &(0x7f0000000540)=[r2, r12, 0xffffffffffffffff, r13, r14]}, 0x80)
perf_event_open(&(0x7f0000000040)={0x4, 0x80, 0x7f, 0x1, 0x20, 0x1, 0x0, 0x0, 0x10, 0x4, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x2, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x80, 0x4, @perf_bp={&(0x7f0000000000), 0x2}, 0x1, 0x81, 0x6, 0x7, 0x40, 0x5, 0x2, 0x0, 0x1000, 0x0, 0x5}, 0x0, 0x5, r1, 0x1)

18:06:32 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x700)
close(r2)

18:06:32 executing program 1:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 30)

[  312.641200][T27193] RSP: 002b:00007f133f5ec118 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  312.649533][T27193] RAX: ffffffffffffffda RBX: 00007f1340998f80 RCX: 00007f13408790c9
[  312.657353][T27193] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  312.665153][T27193] RBP: 00007f133f5ec1d0 R08: 0000000000000000 R09: 0000000000000000
[  312.672964][T27193] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  312.680774][T27193] R13: 00007ffcbc4c66ef R14: 00007f133f5ec300 R15: 0000000000022000
[  312.688590][T27193]  </TASK>
18:06:32 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x80001, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200, 0x1, @perf_bp={&(0x7f0000000100)}, 0x80000, 0xbcf7, 0x3, 0x2, 0x1b8, 0x5, 0x0, 0x0, 0x8, 0x0, 0x51}, 0xffffffffffffffff, 0xe, r0, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

18:06:32 executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x4, 0x0, 0x4, 0x0, 0xc04}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000500)={0xffffffffffffffff, 0xe0, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000240)=[0x0, 0x0, 0x0], ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0x1, 0x9, &(0x7f0000000280)=[0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000700)=[{}, {}], 0x10, 0x10, &(0x7f0000000340), &(0x7f0000000380), 0x8, 0x10, 0x8, 0x8, &(0x7f00000003c0)}}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000004000f008000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0x2, 0x101, 0x720be703, 0x1000, 0xf1, r0, 0x80000000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1}, 0x48)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x4030582a, &(0x7f0000000040))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x5, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffff956, 0x0, 0x0, 0x0, 0x9}, [@map_fd={0x18, 0x6, 0x1, 0x0, r0}]}, &(0x7f0000000140)='syzkaller\x00', 0x400, 0xbc, &(0x7f0000000180)=""/188, 0x40f00, 0x2, '\x00', r1, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000540)={0x5, 0x2}, 0x8, 0x10, &(0x7f0000000580)={0x0, 0x0, 0x28}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000640)=[0xffffffffffffffff, r2, r0, r0, r0, r0, r3, r0, r0]}, 0x80)

18:06:32 executing program 2:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x100000000000000, 0x0, 0x0, 0x0, 0x0, 0x0)

18:06:32 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
r1 = openat$cgroup(r0, &(0x7f0000000080)='syz1\x00', 0x200002, 0x0)
perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x80, 0x1, 0x9, 0x1f, 0x4, 0x0, 0x7, 0x844, 0x4, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0xd5f, 0x0, @perf_config_ext={0xd71, 0x80}, 0x80000, 0x6, 0x0, 0x6, 0xffffffff, 0x1000, 0x144, 0x0, 0x7fff, 0x0, 0x100}, r1, 0x10, r0, 0x1)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0)

[  312.755605][T27209] FAULT_INJECTION: forcing a failure.
[  312.755605][T27209] name failslab, interval 1, probability 0, space 0, times 0
[  312.768559][T27209] CPU: 1 PID: 27209 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0
[  312.778621][T27209] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[  312.788510][T27209] Call Trace:
[  312.791632][T27209]  <TASK>
[  312.794414][T27209]  dump_stack_lvl+0x151/0x1b7
[  312.798924][T27209]  ? bfq_pos_tree_add_move+0x43e/0x43e
[  312.804219][T27209]  dump_stack+0x15/0x17
[  312.808209][T27209]  should_fail+0x3c0/0x510
[  312.812466][T27209]  __should_failslab+0x9f/0xe0
[  312.817064][T27209]  should_failslab+0x9/0x20
[  312.821408][T27209]  kmem_cache_alloc+0x4f/0x2f0
[  312.826003][T27209]  ? vm_area_dup+0x26/0x1d0
[  312.830352][T27209]  vm_area_dup+0x26/0x1d0
[  312.834508][T27209]  dup_mmap+0x6b8/0xea0
[  312.838504][T27209]  ? __delayed_free_task+0x20/0x20
[  312.843453][T27209]  ? mm_init+0x807/0x960
[  312.847533][T27209]  dup_mm+0x91/0x330
[  312.851266][T27209]  copy_mm+0x108/0x1b0
[  312.855166][T27209]  copy_process+0x1295/0x3250
[  312.859680][T27209]  ? proc_fail_nth_write+0x213/0x290
[  312.864806][T27209]  ? proc_fail_nth_read+0x220/0x220
[  312.869835][T27209]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  312.874781][T27209]  ? vfs_write+0x9af/0x1050
[  312.879122][T27209]  ? vmacache_update+0xb7/0x120
[  312.883807][T27209]  kernel_clone+0x22d/0x990
[  312.888233][T27209]  ? file_end_write+0x1b0/0x1b0
[  312.892918][T27209]  ? __kasan_check_write+0x14/0x20
[  312.897866][T27209]  ? create_io_thread+0x1e0/0x1e0
[  312.902728][T27209]  ? __mutex_lock_slowpath+0x10/0x10
[  312.907851][T27209]  __x64_sys_clone+0x289/0x310
[  312.912448][T27209]  ? __do_sys_vfork+0x130/0x130
[  312.917137][T27209]  ? debug_smp_processor_id+0x17/0x20
[  312.922342][T27209]  do_syscall_64+0x44/0xd0
[  312.926603][T27209]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  312.932429][T27209] RIP: 0033:0x7f13408790c9
[  312.936664][T27209] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
18:06:32 executing program 1:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 31)

18:06:32 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
r1 = openat$cgroup(r0, &(0x7f0000000080)='syz1\x00', 0x200002, 0x0)
perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x80, 0x1, 0x9, 0x1f, 0x4, 0x0, 0x7, 0x844, 0x4, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0xd5f, 0x0, @perf_config_ext={0xd71, 0x80}, 0x80000, 0x6, 0x0, 0x6, 0xffffffff, 0x1000, 0x144, 0x0, 0x7fff, 0x0, 0x100}, r1, 0x10, r0, 0x1)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0)

[  312.956104][T27209] RSP: 002b:00007f133f5ec118 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  312.964355][T27209] RAX: ffffffffffffffda RBX: 00007f1340998f80 RCX: 00007f13408790c9
[  312.972161][T27209] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  312.979970][T27209] RBP: 00007f133f5ec1d0 R08: 0000000000000000 R09: 0000000000000000
[  312.987784][T27209] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  312.995596][T27209] R13: 00007ffcbc4c66ef R14: 00007f133f5ec300 R15: 0000000000022000
[  313.003412][T27209]  </TASK>
18:06:32 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x804)
close(r2)

18:06:32 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
r1 = openat$cgroup(r0, &(0x7f0000000080)='syz1\x00', 0x200002, 0x0)
perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0x80, 0x1, 0x9, 0x1f, 0x4, 0x0, 0x7, 0x844, 0x4, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0xd5f, 0x0, @perf_config_ext={0xd71, 0x80}, 0x80000, 0x6, 0x0, 0x6, 0xffffffff, 0x1000, 0x144, 0x0, 0x7fff, 0x0, 0x100}, r1, 0x10, r0, 0x1)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0)

18:06:32 executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x4, 0x0, 0x4, 0x0, 0xc04}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000500)={0xffffffffffffffff, 0xe0, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000240)=[0x0, 0x0, 0x0], ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0x1, 0x9, &(0x7f0000000280)=[0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000700)=[{}, {}], 0x10, 0x10, &(0x7f0000000340), &(0x7f0000000380), 0x8, 0x10, 0x8, 0x8, &(0x7f00000003c0)}}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000004000f008000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0x2, 0x101, 0x720be703, 0x1000, 0xf1, r0, 0x80000000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1}, 0x48)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x5, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffff956, 0x0, 0x0, 0x0, 0x9}, [@map_fd={0x18, 0x6, 0x1, 0x0, r0}]}, &(0x7f0000000140)='syzkaller\x00', 0x400, 0xbc, &(0x7f0000000180)=""/188, 0x40f00, 0x2, '\x00', r1, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000540)={0x5, 0x2}, 0x8, 0x10, &(0x7f0000000580)={0x0, 0x0, 0x28, 0x3f}, 0x10}, 0x80)

18:06:32 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x80001, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200, 0x1, @perf_bp={&(0x7f0000000100)}, 0x80000, 0xbcf7, 0x3, 0x2, 0x1b8, 0x5, 0x0, 0x0, 0x8, 0x0, 0x51}, 0xffffffffffffffff, 0xe, r0, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

18:06:32 executing program 2:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x200000000000000, 0x0, 0x0, 0x0, 0x0, 0x0)

18:06:32 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000004000000000000000000850000000f000000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f0000000280))
setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000000000), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40806685, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
openat$cgroup_ro(r3, 0x0, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000880)={r3, 0xe0, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000580)=[0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, &(0x7f00000005c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000640)=[0x0], 0x0, 0x8, &(0x7f0000000680)=[{}, {}, {}, {}, {}, {}, {}], 0x38, 0x10, &(0x7f00000006c0), &(0x7f0000000700), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000740)}}, 0x10)
openat$cgroup_ro(r3, &(0x7f0000000100)='io.stat\x00', 0x0, 0x0)

[  313.059189][T27230] FAULT_INJECTION: forcing a failure.
[  313.059189][T27230] name failslab, interval 1, probability 0, space 0, times 0
[  313.088491][T27230] CPU: 0 PID: 27230 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0
[  313.098564][T27230] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[  313.108459][T27230] Call Trace:
[  313.111589][T27230]  <TASK>
[  313.114375][T27230]  dump_stack_lvl+0x151/0x1b7
[  313.118964][T27230]  ? bfq_pos_tree_add_move+0x43e/0x43e
[  313.124269][T27230]  dump_stack+0x15/0x17
[  313.128247][T27230]  should_fail+0x3c0/0x510
[  313.132504][T27230]  __should_failslab+0x9f/0xe0
[  313.137100][T27230]  should_failslab+0x9/0x20
[  313.141438][T27230]  kmem_cache_alloc+0x4f/0x2f0
[  313.146040][T27230]  ? vm_area_dup+0x26/0x1d0
[  313.150465][T27230]  ? __kasan_check_read+0x11/0x20
[  313.155327][T27230]  vm_area_dup+0x26/0x1d0
18:06:32 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000004000000000000000000850000000f000000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) (async)
ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f0000000280)) (async, rerun: 64)
setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000000000), 0x4) (async, rerun: 64)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40806685, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
openat$cgroup_ro(r3, 0x0, 0x0, 0x0) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000880)={r3, 0xe0, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000580)=[0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, &(0x7f00000005c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000640)=[0x0], 0x0, 0x8, &(0x7f0000000680)=[{}, {}, {}, {}, {}, {}, {}], 0x38, 0x10, &(0x7f00000006c0), &(0x7f0000000700), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000740)}}, 0x10) (async)
openat$cgroup_ro(r3, &(0x7f0000000100)='io.stat\x00', 0x0, 0x0)

18:06:32 executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x4, 0x0, 0x4, 0x0, 0xc04}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000500)={0xffffffffffffffff, 0xe0, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000240)=[0x0, 0x0, 0x0], ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0x1, 0x9, &(0x7f0000000280)=[0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000700)=[{}, {}], 0x10, 0x10, &(0x7f0000000340), &(0x7f0000000380), 0x8, 0x10, 0x8, 0x8, &(0x7f00000003c0)}}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000004000f008000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0x2, 0x101, 0x720be703, 0x1000, 0xf1, r0, 0x80000000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1}, 0x48)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x5, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffff956, 0x0, 0x0, 0x0, 0x9}, [@map_fd={0x18, 0x6, 0x1, 0x0, r0}]}, &(0x7f0000000140)='syzkaller\x00', 0x400, 0xbc, &(0x7f0000000180)=""/188, 0x40f00, 0x2, '\x00', r1, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000540)={0x5, 0x2}, 0x8, 0x10, &(0x7f0000000580)={0x0, 0x0, 0x28, 0x3f}, 0x10}, 0x80)

18:06:32 executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x4, 0x0, 0x4, 0x0, 0xc04}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000500)={0xffffffffffffffff, 0xe0, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000240)=[0x0, 0x0, 0x0], ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0x1, 0x9, &(0x7f0000000280)=[0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000700)=[{}, {}], 0x10, 0x10, &(0x7f0000000340), &(0x7f0000000380), 0x8, 0x10, 0x8, 0x8, &(0x7f00000003c0)}}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000004000f008000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0x2, 0x101, 0x720be703, 0x1000, 0xf1, r0, 0x80000000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1}, 0x48)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x5, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffff956, 0x0, 0x0, 0x0, 0x9}, [@map_fd={0x18, 0x6, 0x1, 0x0, r0}]}, &(0x7f0000000140)='syzkaller\x00', 0x400, 0xbc, &(0x7f0000000180)=""/188, 0x40f00, 0x2, '\x00', r1, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000540)={0x5, 0x2}, 0x8, 0x10, &(0x7f0000000580)={0x0, 0x0, 0x28, 0x3f}, 0x10}, 0x80)

18:06:32 executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x4, 0x0, 0x4, 0x0, 0xc04}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000500)={0xffffffffffffffff, 0xe0, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000240)=[0x0, 0x0, 0x0], ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0x1, 0x9, &(0x7f0000000280)=[0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000700)=[{}, {}], 0x10, 0x10, &(0x7f0000000340), &(0x7f0000000380), 0x8, 0x10, 0x8, 0x8, &(0x7f00000003c0)}}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000004000f008000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0x2, 0x101, 0x720be703, 0x1000, 0xf1, r0, 0x80000000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1}, 0x48)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x4030582a, &(0x7f0000000040))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x5, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffff956, 0x0, 0x0, 0x0, 0x9}, [@map_fd={0x18, 0x6, 0x1, 0x0, r0}]}, &(0x7f0000000140)='syzkaller\x00', 0x400, 0xbc, &(0x7f0000000180)=""/188, 0x40f00, 0x2, '\x00', r1, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000540)={0x5, 0x2}, 0x8, 0x10, &(0x7f0000000580)={0x0, 0x0, 0x28, 0x3f}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000640)=[0xffffffffffffffff, r2, r0, r0, r0, r0, r3, r0]}, 0x80)

[  313.159494][T27230]  dup_mmap+0x6b8/0xea0
[  313.163490][T27230]  ? __delayed_free_task+0x20/0x20
[  313.168432][T27230]  ? mm_init+0x807/0x960
[  313.172510][T27230]  dup_mm+0x91/0x330
[  313.176244][T27230]  copy_mm+0x108/0x1b0
[  313.180149][T27230]  copy_process+0x1295/0x3250
[  313.184663][T27230]  ? proc_fail_nth_write+0x213/0x290
[  313.189783][T27230]  ? proc_fail_nth_read+0x220/0x220
[  313.194822][T27230]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  313.199763][T27230]  ? vfs_write+0x9af/0x1050
[  313.204106][T27230]  ? vmacache_update+0xb7/0x120
[  313.210267][T27230]  kernel_clone+0x22d/0x990
[  313.214612][T27230]  ? file_end_write+0x1b0/0x1b0
[  313.219288][T27230]  ? __kasan_check_write+0x14/0x20
[  313.224233][T27230]  ? create_io_thread+0x1e0/0x1e0
[  313.229096][T27230]  ? __mutex_lock_slowpath+0x10/0x10
[  313.234216][T27230]  __x64_sys_clone+0x289/0x310
[  313.238993][T27230]  ? __do_sys_vfork+0x130/0x130
[  313.243686][T27230]  ? debug_smp_processor_id+0x17/0x20
[  313.248886][T27230]  do_syscall_64+0x44/0xd0
[  313.253143][T27230]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  313.258872][T27230] RIP: 0033:0x7f13408790c9
[  313.263120][T27230] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  313.282577][T27230] RSP: 002b:00007f133f5ec118 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  313.290803][T27230] RAX: ffffffffffffffda RBX: 00007f1340998f80 RCX: 00007f13408790c9
[  313.298613][T27230] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
18:06:32 executing program 1:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 32)

18:06:32 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x812)
close(r2)

18:06:32 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000004000000000000000000850000000f000000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f0000000280)) (async)
setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000000000), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40806685, 0x0) (async)
r3 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
openat$cgroup_ro(r3, 0x0, 0x0, 0x0) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000880)={r3, 0xe0, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000580)=[0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, &(0x7f00000005c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000640)=[0x0], 0x0, 0x8, &(0x7f0000000680)=[{}, {}, {}, {}, {}, {}, {}], 0x38, 0x10, &(0x7f00000006c0), &(0x7f0000000700), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000740)}}, 0x10)
openat$cgroup_ro(r3, &(0x7f0000000100)='io.stat\x00', 0x0, 0x0)

18:06:32 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x80001, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200, 0x1, @perf_bp={&(0x7f0000000100)}, 0x80000, 0xbcf7, 0x3, 0x2, 0x1b8, 0x5, 0x0, 0x0, 0x8, 0x0, 0x51}, 0xffffffffffffffff, 0xe, r0, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

[  313.306426][T27230] RBP: 00007f133f5ec1d0 R08: 0000000000000000 R09: 0000000000000000
[  313.314234][T27230] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  313.322048][T27230] R13: 00007ffcbc4c66ef R14: 00007f133f5ec300 R15: 0000000000022000
[  313.329870][T27230]  </TASK>
18:06:32 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r2, 0x4008240b, &(0x7f0000000180)={0x5, 0x80, 0x4, 0x80, 0x1, 0x2, 0x0, 0x3518, 0x144c, 0x4, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2, 0x4, @perf_bp={&(0x7f0000000040), 0x1}, 0xc33, 0x4, 0x39c, 0x1, 0x7, 0x5, 0x1000, 0x0, 0x4, 0x0, 0xaa6f})
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
r3 = perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)
ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x40082404, &(0x7f0000000000)=0x10000)

18:06:32 executing program 2:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x700000000000000, 0x0, 0x0, 0x0, 0x0, 0x0)

18:06:32 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x80001, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200, 0x1, @perf_bp={&(0x7f0000000100)}, 0x80000, 0xbcf7, 0x3, 0x2, 0x1b8, 0x5, 0x0, 0x0, 0x8, 0x0, 0x51}, 0xffffffffffffffff, 0xe, r0, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

18:06:32 executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x4, 0x0, 0x4, 0x0, 0xc04}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000500)={0xffffffffffffffff, 0xe0, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000240)=[0x0, 0x0, 0x0], ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0x1, 0x9, &(0x7f0000000280)=[0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000700)=[{}, {}], 0x10, 0x10, &(0x7f0000000340), &(0x7f0000000380), 0x8, 0x10, 0x8, 0x8, &(0x7f00000003c0)}}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000004000f008000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0x2, 0x101, 0x720be703, 0x1000, 0xf1, r0, 0x80000000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1}, 0x48)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x4030582a, &(0x7f0000000040))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x5, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffff956, 0x0, 0x0, 0x0, 0x9}, [@map_fd={0x18, 0x6, 0x1, 0x0, r0}]}, &(0x7f0000000140)='syzkaller\x00', 0x400, 0xbc, &(0x7f0000000180)=""/188, 0x40f00, 0x2, '\x00', r1, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000540)={0x5, 0x2}, 0x8, 0x10, &(0x7f0000000580)={0x0, 0x0, 0x28, 0x3f}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000640)=[0xffffffffffffffff, r2, r0, r0, r0, r0, r3, r0]}, 0x80)

18:06:32 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0xa00)
close(r2)

18:06:32 executing program 2:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x900000000000000, 0x0, 0x0, 0x0, 0x0, 0x0)

[  313.398998][T27269] FAULT_INJECTION: forcing a failure.
[  313.398998][T27269] name failslab, interval 1, probability 0, space 0, times 0
[  313.416886][T27269] CPU: 1 PID: 27269 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0
[  313.427065][T27269] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[  313.436967][T27269] Call Trace:
[  313.440169][T27269]  <TASK>
[  313.442943][T27269]  dump_stack_lvl+0x151/0x1b7
[  313.447455][T27269]  ? bfq_pos_tree_add_move+0x43e/0x43e
[  313.452924][T27269]  dump_stack+0x15/0x17
[  313.456909][T27269]  should_fail+0x3c0/0x510
[  313.461161][T27269]  __should_failslab+0x9f/0xe0
[  313.465760][T27269]  should_failslab+0x9/0x20
[  313.470099][T27269]  kmem_cache_alloc+0x4f/0x2f0
[  313.474701][T27269]  ? dup_mm+0x29/0x330
[  313.478606][T27269]  dup_mm+0x29/0x330
[  313.482341][T27269]  copy_mm+0x108/0x1b0
[  313.488252][T27269]  copy_process+0x1295/0x3250
[  313.492756][T27269]  ? proc_fail_nth_write+0x213/0x290
[  313.497883][T27269]  ? proc_fail_nth_read+0x220/0x220
[  313.502909][T27269]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  313.507853][T27269]  ? vfs_write+0x9af/0x1050
[  313.512197][T27269]  ? vmacache_update+0xb7/0x120
[  313.516883][T27269]  kernel_clone+0x22d/0x990
[  313.521219][T27269]  ? file_end_write+0x1b0/0x1b0
[  313.525906][T27269]  ? __kasan_check_write+0x14/0x20
[  313.530857][T27269]  ? create_io_thread+0x1e0/0x1e0
[  313.535714][T27269]  ? __mutex_lock_slowpath+0x10/0x10
[  313.540834][T27269]  __x64_sys_clone+0x289/0x310
[  313.545451][T27269]  ? __do_sys_vfork+0x130/0x130
[  313.550128][T27269]  ? debug_smp_processor_id+0x17/0x20
[  313.555333][T27269]  do_syscall_64+0x44/0xd0
[  313.559589][T27269]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  313.565310][T27269] RIP: 0033:0x7f13408790c9
[  313.569570][T27269] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  313.589091][T27269] RSP: 002b:00007f133f5ec118 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
18:06:33 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2) (async)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r2, 0x4008240b, &(0x7f0000000180)={0x5, 0x80, 0x4, 0x80, 0x1, 0x2, 0x0, 0x3518, 0x144c, 0x4, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2, 0x4, @perf_bp={&(0x7f0000000040), 0x1}, 0xc33, 0x4, 0x39c, 0x1, 0x7, 0x5, 0x1000, 0x0, 0x4, 0x0, 0xaa6f}) (async)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00') (async)
r3 = perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)
ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x40082404, &(0x7f0000000000)=0x10000)

18:06:33 executing program 1:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 33)

[  313.597339][T27269] RAX: ffffffffffffffda RBX: 00007f1340998f80 RCX: 00007f13408790c9
[  313.605155][T27269] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  313.613082][T27269] RBP: 00007f133f5ec1d0 R08: 0000000000000000 R09: 0000000000000000
[  313.620980][T27269] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  313.628779][T27269] R13: 00007ffcbc4c66ef R14: 00007f133f5ec300 R15: 0000000000022000
[  313.636593][T27269]  </TASK>
18:06:33 executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x4, 0x0, 0x4, 0x0, 0xc04}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000500)={0xffffffffffffffff, 0xe0, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000240)=[0x0, 0x0, 0x0], ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0x1, 0x9, &(0x7f0000000280)=[0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000700)=[{}, {}], 0x10, 0x10, &(0x7f0000000340), &(0x7f0000000380), 0x8, 0x10, 0x8, 0x8, &(0x7f00000003c0)}}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000004000f008000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0x2, 0x101, 0x720be703, 0x1000, 0xf1, r0, 0x80000000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1}, 0x48)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x4030582a, &(0x7f0000000040))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x5, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffff956, 0x0, 0x0, 0x0, 0x9}, [@map_fd={0x18, 0x6, 0x1, 0x0, r0}]}, &(0x7f0000000140)='syzkaller\x00', 0x400, 0xbc, &(0x7f0000000180)=""/188, 0x40f00, 0x2, '\x00', r1, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000540)={0x5, 0x2}, 0x8, 0x10, &(0x7f0000000580)={0x0, 0x0, 0x28, 0x3f}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000640)=[0xffffffffffffffff, r2, r0, r0, r0, r0, r3, r0]}, 0x80)

18:06:33 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0xc00)
close(r2)

18:06:33 executing program 2:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x1100000000000000, 0x0, 0x0, 0x0, 0x0, 0x0)

18:06:33 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x80001, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200, 0x1, @perf_bp={&(0x7f0000000100)}, 0x80000, 0xbcf7, 0x3, 0x2, 0x1b8, 0x5, 0x0, 0x0, 0x8, 0x0, 0x51}, 0xffffffffffffffff, 0xe, r0, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

[  313.701735][T27293] FAULT_INJECTION: forcing a failure.
[  313.701735][T27293] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  313.717681][T27293] CPU: 0 PID: 27293 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0
[  313.727746][T27293] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[  313.737646][T27293] Call Trace:
[  313.740767][T27293]  <TASK>
[  313.743545][T27293]  dump_stack_lvl+0x151/0x1b7
18:06:33 executing program 2:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x1f00000000000000, 0x0, 0x0, 0x0, 0x0, 0x0)

[  313.748068][T27293]  ? bfq_pos_tree_add_move+0x43e/0x43e
[  313.753355][T27293]  ? pcpu_block_update_hint_alloc+0x972/0xd00
[  313.759265][T27293]  dump_stack+0x15/0x17
[  313.763250][T27293]  should_fail+0x3c0/0x510
[  313.767505][T27293]  should_fail_alloc_page+0x58/0x70
[  313.772534][T27293]  __alloc_pages+0x1de/0x7c0
[  313.776961][T27293]  ? __count_vm_events+0x30/0x30
[  313.781735][T27293]  __get_free_pages+0xe/0x30
[  313.786158][T27293]  pgd_alloc+0x22/0x2c0
[  313.790154][T27293]  mm_init+0x5bf/0x960
[  313.794175][T27293]  dup_mm+0x7d/0x330
[  313.797906][T27293]  copy_mm+0x108/0x1b0
[  313.801813][T27293]  copy_process+0x1295/0x3250
[  313.806328][T27293]  ? irqentry_exit_cond_resched+0x2b/0x30
[  313.811885][T27293]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  313.816828][T27293]  ? vfs_write+0x9af/0x1050
[  313.821170][T27293]  ? vmacache_update+0xb7/0x120
[  313.825858][T27293]  kernel_clone+0x22d/0x990
[  313.830250][T27293]  ? file_end_write+0x1b0/0x1b0
[  313.834883][T27293]  ? __kasan_check_write+0x14/0x20
[  313.839831][T27293]  ? create_io_thread+0x1e0/0x1e0
[  313.844696][T27293]  ? __mutex_lock_slowpath+0x10/0x10
[  313.849814][T27293]  __x64_sys_clone+0x289/0x310
[  313.854408][T27293]  ? __do_sys_vfork+0x130/0x130
[  313.859094][T27293]  ? fpregs_restore_userregs+0x1f0/0x3a0
[  313.864568][T27293]  ? switch_fpu_return+0xe/0x10
[  313.869250][T27293]  do_syscall_64+0x44/0xd0
[  313.873503][T27293]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  313.879238][T27293] RIP: 0033:0x7f13408790c9
18:06:33 executing program 2:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x2000000000000000, 0x0, 0x0, 0x0, 0x0, 0x0)

18:06:33 executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x4, 0x0, 0x4, 0x0, 0xc04}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000500)={0xffffffffffffffff, 0xe0, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000240)=[0x0, 0x0, 0x0], ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0x1, 0x9, &(0x7f0000000280)=[0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000700)=[{}, {}], 0x10, 0x10, &(0x7f0000000340), &(0x7f0000000380), 0x8, 0x10, 0x8, 0x8, &(0x7f00000003c0)}}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000004000f008000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0x2, 0x101, 0x720be703, 0x1000, 0xf1, r0, 0x80000000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1}, 0x48)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x4030582a, &(0x7f0000000040))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x5, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffff956, 0x0, 0x0, 0x0, 0x9}, [@map_fd={0x18, 0x6, 0x1, 0x0, r0}]}, &(0x7f0000000140)='syzkaller\x00', 0x400, 0xbc, &(0x7f0000000180)=""/188, 0x40f00, 0x2, '\x00', r1, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000540)={0x5, 0x2}, 0x8, 0x10, &(0x7f0000000580)={0x0, 0x0, 0x28, 0x3f}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000640)=[0xffffffffffffffff, r2, r0, r0, r0, r0, r3, r0, 0xffffffffffffffff]}, 0x80)

[  313.883487][T27293] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  313.902926][T27293] RSP: 002b:00007f133f5ec118 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  313.911171][T27293] RAX: ffffffffffffffda RBX: 00007f1340998f80 RCX: 00007f13408790c9
[  313.918980][T27293] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  313.926792][T27293] RBP: 00007f133f5ec1d0 R08: 0000000000000000 R09: 0000000000000000
[  313.934603][T27293] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  313.942413][T27293] R13: 00007ffcbc4c66ef R14: 00007f133f5ec300 R15: 0000000000022000
18:06:33 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0xd00)
close(r2)

18:06:33 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x80001, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200, 0x1, @perf_bp={&(0x7f0000000100)}, 0x80000, 0xbcf7, 0x3, 0x2, 0x1b8, 0x5, 0x0, 0x0, 0x8, 0x0, 0x51}, 0xffffffffffffffff, 0xe, r0, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

[  313.950230][T27293]  </TASK>
18:06:33 executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x4, 0x0, 0x4, 0x0, 0xc04}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000500)={0xffffffffffffffff, 0xe0, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000240)=[0x0, 0x0, 0x0], ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0x1, 0x9, &(0x7f0000000280)=[0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000700)=[{}, {}], 0x10, 0x10, &(0x7f0000000340), &(0x7f0000000380), 0x8, 0x10, 0x8, 0x8, &(0x7f00000003c0)}}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000004000f008000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0x2, 0x101, 0x720be703, 0x1000, 0xf1, r0, 0x80000000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1}, 0x48)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x4030582a, &(0x7f0000000040))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x5, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffff956, 0x0, 0x0, 0x0, 0x9}, [@map_fd={0x18, 0x6, 0x1, 0x0, r0}]}, &(0x7f0000000140)='syzkaller\x00', 0x400, 0xbc, &(0x7f0000000180)=""/188, 0x40f00, 0x2, '\x00', r1, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000540)={0x5, 0x2}, 0x8, 0x10, &(0x7f0000000580)={0x0, 0x0, 0x28, 0x3f}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000640)=[0xffffffffffffffff, r2, r0, r0, r0, r0, r3, r0, 0xffffffffffffffff]}, 0x80)

[  314.473617][  T474] device bridge_slave_1 left promiscuous mode
[  314.479536][  T474] bridge0: port 2(bridge_slave_1) entered disabled state
[  314.486925][  T474] device bridge_slave_0 left promiscuous mode
[  314.492964][  T474] bridge0: port 1(bridge_slave_0) entered disabled state
[  314.500516][  T474] device veth1_macvtap left promiscuous mode
[  314.506448][  T474] device veth0_vlan left promiscuous mode
[  314.946099][T27318] bridge0: port 1(bridge_slave_0) entered blocking state
[  314.952961][T27318] bridge0: port 1(bridge_slave_0) entered disabled state
[  314.960067][T27318] device bridge_slave_0 entered promiscuous mode
[  314.966955][T27318] bridge0: port 2(bridge_slave_1) entered blocking state
[  314.973835][T27318] bridge0: port 2(bridge_slave_1) entered disabled state
[  314.981196][T27318] device bridge_slave_1 entered promiscuous mode
[  315.020666][T27318] bridge0: port 2(bridge_slave_1) entered blocking state
[  315.027517][T27318] bridge0: port 2(bridge_slave_1) entered forwarding state
[  315.034621][T27318] bridge0: port 1(bridge_slave_0) entered blocking state
[  315.041481][T27318] bridge0: port 1(bridge_slave_0) entered forwarding state
[  315.058814][  T475] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  315.066910][  T475] bridge0: port 1(bridge_slave_0) entered disabled state
[  315.074578][  T475] bridge0: port 2(bridge_slave_1) entered disabled state
[  315.095614][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  315.105447][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  315.113459][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  315.120765][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  315.128892][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  315.136921][   T26] bridge0: port 1(bridge_slave_0) entered blocking state
[  315.143773][   T26] bridge0: port 1(bridge_slave_0) entered forwarding state
[  315.151032][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  315.159087][   T26] bridge0: port 2(bridge_slave_1) entered blocking state
[  315.165936][   T26] bridge0: port 2(bridge_slave_1) entered forwarding state
[  315.173154][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  315.181005][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  315.191894][T27318] device veth0_vlan entered promiscuous mode
[  315.209732][  T475] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  315.226848][T27318] device veth1_macvtap entered promiscuous mode
[  315.242184][  T463] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  315.250573][  T463] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
18:06:34 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r2, 0x4008240b, &(0x7f0000000180)={0x5, 0x80, 0x4, 0x80, 0x1, 0x2, 0x0, 0x3518, 0x144c, 0x4, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2, 0x4, @perf_bp={&(0x7f0000000040), 0x1}, 0xc33, 0x4, 0x39c, 0x1, 0x7, 0x5, 0x1000, 0x0, 0x4, 0x0, 0xaa6f})
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
r3 = perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)
ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x40082404, &(0x7f0000000000)=0x10000)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0) (async)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0) (async)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0) (async)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0) (async)
perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (async)
close(r2) (async)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r2, 0x4008240b, &(0x7f0000000180)={0x5, 0x80, 0x4, 0x80, 0x1, 0x2, 0x0, 0x3518, 0x144c, 0x4, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2, 0x4, @perf_bp={&(0x7f0000000040), 0x1}, 0xc33, 0x4, 0x39c, 0x1, 0x7, 0x5, 0x1000, 0x0, 0x4, 0x0, 0xaa6f}) (async)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00') (async)
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2) (async)
ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x40082404, &(0x7f0000000000)=0x10000) (async)

18:06:34 executing program 1:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 34)

18:06:34 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x80001, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200, 0x1, @perf_bp={&(0x7f0000000100)}, 0x80000, 0xbcf7, 0x3, 0x2, 0x1b8, 0x5, 0x0, 0x0, 0x8, 0x0, 0x51}, 0xffffffffffffffff, 0xe, r0, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

18:06:34 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x11c8)
close(r2)

18:06:34 executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x4, 0x0, 0x4, 0x0, 0xc04}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000500)={0xffffffffffffffff, 0xe0, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000240)=[0x0, 0x0, 0x0], ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0x1, 0x9, &(0x7f0000000280)=[0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000700)=[{}, {}], 0x10, 0x10, &(0x7f0000000340), &(0x7f0000000380), 0x8, 0x10, 0x8, 0x8, &(0x7f00000003c0)}}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000004000f008000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0x2, 0x101, 0x720be703, 0x1000, 0xf1, r0, 0x80000000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1}, 0x48)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x4030582a, &(0x7f0000000040))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x5, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffff956, 0x0, 0x0, 0x0, 0x9}, [@map_fd={0x18, 0x6, 0x1, 0x0, r0}]}, &(0x7f0000000140)='syzkaller\x00', 0x400, 0xbc, &(0x7f0000000180)=""/188, 0x40f00, 0x2, '\x00', r1, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000540)={0x5, 0x2}, 0x8, 0x10, &(0x7f0000000580)={0x0, 0x0, 0x28, 0x3f}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000640)=[0xffffffffffffffff, r2, r0, r0, r0, r0, r3, r0, 0xffffffffffffffff]}, 0x80)

18:06:34 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x80001, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200, 0x1, @perf_bp={&(0x7f0000000100)}, 0x80000, 0xbcf7, 0x3, 0x2, 0x1b8, 0x5, 0x0, 0x0, 0x8, 0x0, 0x51}, 0xffffffffffffffff, 0xe, r0, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

[  315.272747][T27323] bridge0: port 1(bridge_slave_0) entered blocking state
[  315.282403][T27323] bridge0: port 1(bridge_slave_0) entered disabled state
[  315.289691][T27323] device bridge_slave_0 entered promiscuous mode
[  315.299616][T27323] bridge0: port 2(bridge_slave_1) entered blocking state
[  315.308453][T27323] bridge0: port 2(bridge_slave_1) entered disabled state
[  315.317263][T27323] device bridge_slave_1 entered promiscuous mode
[  315.338173][T27338] FAULT_INJECTION: forcing a failure.
[  315.338173][T27338] name failslab, interval 1, probability 0, space 0, times 0
[  315.351696][T27338] CPU: 0 PID: 27338 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0
[  315.361757][T27338] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[  315.371652][T27338] Call Trace:
[  315.374772][T27338]  <TASK>
[  315.377640][T27338]  dump_stack_lvl+0x151/0x1b7
[  315.382244][T27338]  ? bfq_pos_tree_add_move+0x43e/0x43e
[  315.387541][T27338]  dump_stack+0x15/0x17
[  315.391531][T27338]  should_fail+0x3c0/0x510
[  315.395782][T27338]  __should_failslab+0x9f/0xe0
[  315.400381][T27338]  should_failslab+0x9/0x20
[  315.404725][T27338]  kmem_cache_alloc+0x4f/0x2f0
[  315.409323][T27338]  ? anon_vma_clone+0xa1/0x4f0
[  315.413922][T27338]  anon_vma_clone+0xa1/0x4f0
[  315.418348][T27338]  anon_vma_fork+0x91/0x4f0
[  315.422688][T27338]  ? anon_vma_name+0x4c/0x70
[  315.427114][T27338]  dup_mmap+0x750/0xea0
[  315.431110][T27338]  ? __delayed_free_task+0x20/0x20
[  315.436153][T27338]  ? mm_init+0x807/0x960
[  315.440225][T27338]  dup_mm+0x91/0x330
[  315.443957][T27338]  copy_mm+0x108/0x1b0
[  315.448904][T27338]  copy_process+0x1295/0x3250
[  315.453427][T27338]  ? proc_fail_nth_write+0x213/0x290
[  315.458549][T27338]  ? proc_fail_nth_read+0x220/0x220
[  315.463581][T27338]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  315.468531][T27338]  ? vfs_write+0x9af/0x1050
[  315.472991][T27338]  ? vmacache_update+0xb7/0x120
[  315.477677][T27338]  kernel_clone+0x22d/0x990
[  315.482011][T27338]  ? file_end_write+0x1b0/0x1b0
[  315.486698][T27338]  ? __kasan_check_write+0x14/0x20
[  315.491645][T27338]  ? create_io_thread+0x1e0/0x1e0
[  315.496511][T27338]  ? __mutex_lock_slowpath+0x10/0x10
[  315.501744][T27338]  __x64_sys_clone+0x289/0x310
[  315.506345][T27338]  ? __do_sys_vfork+0x130/0x130
[  315.511032][T27338]  ? debug_smp_processor_id+0x17/0x20
[  315.516262][T27338]  do_syscall_64+0x44/0xd0
[  315.520488][T27338]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  315.526216][T27338] RIP: 0033:0x7f13408790c9
[  315.530473][T27338] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  315.549910][T27338] RSP: 002b:00007f133f5ec118 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  315.558155][T27338] RAX: ffffffffffffffda RBX: 00007f1340998f80 RCX: 00007f13408790c9
[  315.565967][T27338] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  315.573779][T27338] RBP: 00007f133f5ec1d0 R08: 0000000000000000 R09: 0000000000000000
[  315.581590][T27338] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
18:06:35 executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x4, 0x0, 0x4, 0x0, 0xc04}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000500)={0xffffffffffffffff, 0xe0, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000240)=[0x0, 0x0, 0x0], ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0x1, 0x9, &(0x7f0000000280)=[0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000700)=[{}, {}], 0x10, 0x10, &(0x7f0000000340), &(0x7f0000000380), 0x8, 0x10, 0x8, 0x8, &(0x7f00000003c0)}}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000004000f008000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0x2, 0x101, 0x720be703, 0x1000, 0xf1, r0, 0x80000000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1}, 0x48)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x4030582a, &(0x7f0000000040))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x5, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffff956, 0x0, 0x0, 0x0, 0x9}, [@map_fd={0x18, 0x6, 0x1, 0x0, r0}]}, &(0x7f0000000140)='syzkaller\x00', 0x400, 0xbc, &(0x7f0000000180)=""/188, 0x40f00, 0x2, '\x00', r1, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000540)={0x5, 0x2}, 0x8, 0x10, &(0x7f0000000580)={0x0, 0x0, 0x28, 0x3f}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000640)=[0xffffffffffffffff, r2, r0, r0, r0, r0, r3, r0]}, 0x80)

[  315.589400][T27338] R13: 00007ffcbc4c66ef R14: 00007f133f5ec300 R15: 0000000000022000
[  315.597225][T27338]  </TASK>
[  315.679191][T27323] bridge0: port 2(bridge_slave_1) entered blocking state
[  315.686054][T27323] bridge0: port 2(bridge_slave_1) entered forwarding state
[  315.693181][T27323] bridge0: port 1(bridge_slave_0) entered blocking state
[  315.699929][T27323] bridge0: port 1(bridge_slave_0) entered forwarding state
[  315.720041][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  315.727348][   T26] bridge0: port 1(bridge_slave_0) entered disabled state
[  315.734672][   T26] bridge0: port 2(bridge_slave_1) entered disabled state
[  315.743485][  T475] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  315.751365][  T475] bridge0: port 1(bridge_slave_0) entered blocking state
[  315.758153][  T475] bridge0: port 1(bridge_slave_0) entered forwarding state
[  315.767155][  T474] device bridge_slave_1 left promiscuous mode
[  315.773616][  T474] bridge0: port 2(bridge_slave_1) entered disabled state
[  315.780745][  T474] device bridge_slave_0 left promiscuous mode
[  315.786885][  T474] bridge0: port 1(bridge_slave_0) entered disabled state
[  315.794498][  T474] device veth1_macvtap left promiscuous mode
[  315.800287][  T474] device veth0_vlan left promiscuous mode
[  315.862886][  T475] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  315.871460][  T475] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  315.879800][  T475] bridge0: port 2(bridge_slave_1) entered blocking state
[  315.886841][  T475] bridge0: port 2(bridge_slave_1) entered forwarding state
[  315.893980][  T475] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  315.901737][  T475] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  315.909528][  T475] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  315.917422][  T475] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  315.928316][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  315.936411][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  315.948191][T27323] device veth0_vlan entered promiscuous mode
[  315.954354][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  315.961929][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  315.970076][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  315.977348][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  315.988071][  T475] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  315.996078][  T475] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  316.005124][T27323] device veth1_macvtap entered promiscuous mode
18:06:35 executing program 2:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0xf5ffffff00000000, 0x0, 0x0, 0x0, 0x0, 0x0)

18:06:35 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x1200)
close(r2)

18:06:35 executing program 1:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 35)

18:06:35 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x80001, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200, 0x1, @perf_bp={&(0x7f0000000100)}, 0x80000, 0xbcf7, 0x3, 0x2, 0x1b8, 0x5, 0x0, 0x0, 0x8, 0x0, 0x51}, 0xffffffffffffffff, 0xe, r0, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

18:06:35 executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x4, 0x0, 0x4, 0x0, 0xc04}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000500)={0xffffffffffffffff, 0xe0, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000240)=[0x0, 0x0, 0x0], ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0x1, 0x9, &(0x7f0000000280)=[0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000700)=[{}, {}], 0x10, 0x10, &(0x7f0000000340), &(0x7f0000000380), 0x8, 0x10, 0x8, 0x8, &(0x7f00000003c0)}}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000004000f008000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0x2, 0x101, 0x720be703, 0x1000, 0xf1, r0, 0x80000000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1}, 0x48)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x4030582a, &(0x7f0000000040))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x5, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffff956, 0x0, 0x0, 0x0, 0x9}, [@map_fd={0x18, 0x6, 0x1, 0x0, r0}]}, &(0x7f0000000140)='syzkaller\x00', 0x400, 0xbc, &(0x7f0000000180)=""/188, 0x40f00, 0x2, '\x00', r1, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000540)={0x5, 0x2}, 0x8, 0x10, &(0x7f0000000580)={0x0, 0x0, 0x28, 0x3f}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000640)=[0xffffffffffffffff, r2, r0, r0, r0, r0, r3, r0]}, 0x80)

18:06:35 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, &(0x7f0000000000)='memory.events.local\x00', 0x0, 0x0)
openat$cgroup_ro(r1, &(0x7f0000000040)='pids.current\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0)

[  316.014083][  T475] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  316.021409][  T475] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  316.029924][  T475] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  316.041643][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  316.049720][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
18:06:35 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, &(0x7f0000000000)='memory.events.local\x00', 0x0, 0x0)
openat$cgroup_ro(r1, &(0x7f0000000040)='pids.current\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0) (async)
openat$cgroup_ro(r0, &(0x7f0000000000)='memory.events.local\x00', 0x0, 0x0) (async)
openat$cgroup_ro(r1, &(0x7f0000000040)='pids.current\x00', 0x0, 0x0) (async)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0) (async)

18:06:35 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, &(0x7f0000000000)='memory.events.local\x00', 0x0, 0x0)
openat$cgroup_ro(r1, &(0x7f0000000040)='pids.current\x00', 0x0, 0x0) (async)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0)

18:06:35 executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x4, 0x0, 0x4, 0x0, 0xc04}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000500)={0xffffffffffffffff, 0xe0, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000240)=[0x0, 0x0, 0x0], ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0x1, 0x9, &(0x7f0000000280)=[0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000700)=[{}, {}], 0x10, 0x10, &(0x7f0000000340), &(0x7f0000000380), 0x8, 0x10, 0x8, 0x8, &(0x7f00000003c0)}}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000004000f008000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0x2, 0x101, 0x720be703, 0x1000, 0xf1, r0, 0x80000000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1}, 0x48)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x4030582a, &(0x7f0000000040))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x5, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffff956, 0x0, 0x0, 0x0, 0x9}, [@map_fd={0x18, 0x6, 0x1, 0x0, r0}]}, &(0x7f0000000140)='syzkaller\x00', 0x400, 0xbc, &(0x7f0000000180)=""/188, 0x40f00, 0x2, '\x00', r1, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000540)={0x5, 0x2}, 0x8, 0x10, &(0x7f0000000580)={0x0, 0x0, 0x28, 0x3f}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000640)=[0xffffffffffffffff, r2, r0, r0, r0, r0, r3, r0]}, 0x80)

18:06:35 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x80001, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200, 0x1, @perf_bp={&(0x7f0000000100)}, 0x80000, 0xbcf7, 0x3, 0x2, 0x1b8, 0x5, 0x0, 0x0, 0x8, 0x0, 0x51}, 0xffffffffffffffff, 0xe, r0, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

18:06:35 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x1202)
close(r2)

[  316.114568][T27370] FAULT_INJECTION: forcing a failure.
[  316.114568][T27370] name failslab, interval 1, probability 0, space 0, times 0
18:06:35 executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x4, 0x0, 0x4, 0x0, 0xc04}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000500)={0xffffffffffffffff, 0xe0, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000240)=[0x0, 0x0, 0x0], ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0x1, 0x9, &(0x7f0000000280)=[0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000700)=[{}, {}], 0x10, 0x10, &(0x7f0000000340), &(0x7f0000000380), 0x8, 0x10, 0x8, 0x8, &(0x7f00000003c0)}}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000004000f008000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0x2, 0x101, 0x720be703, 0x1000, 0xf1, r0, 0x80000000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1}, 0x48)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x4030582a, &(0x7f0000000040))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x5, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffff956, 0x0, 0x0, 0x0, 0x9}, [@map_fd={0x18, 0x6, 0x1, 0x0, r0}]}, &(0x7f0000000140)='syzkaller\x00', 0x400, 0xbc, &(0x7f0000000180)=""/188, 0x40f00, 0x2, '\x00', r1, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000540)={0x5, 0x2}, 0x8, 0x10, &(0x7f0000000580)={0x0, 0x0, 0x28, 0x3f}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000640)=[0xffffffffffffffff, r2, r0, r0, r0, r0, r3, 0xffffffffffffffff, r0]}, 0x80)

[  316.165373][T27370] CPU: 0 PID: 27370 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0
[  316.175456][T27370] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[  316.185352][T27370] Call Trace:
[  316.188490][T27370]  <TASK>
[  316.191425][T27370]  dump_stack_lvl+0x151/0x1b7
[  316.195941][T27370]  ? bfq_pos_tree_add_move+0x43e/0x43e
[  316.201236][T27370]  ? vma_interval_tree_augment_rotate+0x210/0x210
[  316.207483][T27370]  dump_stack+0x15/0x17
[  316.211475][T27370]  should_fail+0x3c0/0x510
[  316.215732][T27370]  __should_failslab+0x9f/0xe0
[  316.220325][T27370]  should_failslab+0x9/0x20
[  316.224666][T27370]  kmem_cache_alloc+0x4f/0x2f0
[  316.229266][T27370]  ? anon_vma_fork+0xf7/0x4f0
[  316.233781][T27370]  anon_vma_fork+0xf7/0x4f0
[  316.238118][T27370]  ? anon_vma_name+0x4c/0x70
[  316.242545][T27370]  dup_mmap+0x750/0xea0
[  316.246538][T27370]  ? __delayed_free_task+0x20/0x20
[  316.251484][T27370]  ? mm_init+0x807/0x960
[  316.255561][T27370]  dup_mm+0x91/0x330
[  316.259288][T27370]  copy_mm+0x108/0x1b0
[  316.263198][T27370]  copy_process+0x1295/0x3250
[  316.267711][T27370]  ? proc_fail_nth_write+0x213/0x290
[  316.272836][T27370]  ? proc_fail_nth_read+0x220/0x220
[  316.277870][T27370]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  316.282813][T27370]  ? vfs_write+0x9af/0x1050
[  316.287153][T27370]  ? vmacache_update+0xb7/0x120
[  316.291836][T27370]  kernel_clone+0x22d/0x990
[  316.296179][T27370]  ? file_end_write+0x1b0/0x1b0
[  316.300873][T27370]  ? __kasan_check_write+0x14/0x20
[  316.305820][T27370]  ? create_io_thread+0x1e0/0x1e0
[  316.310678][T27370]  ? __mutex_lock_slowpath+0x10/0x10
[  316.315792][T27370]  __x64_sys_clone+0x289/0x310
[  316.320394][T27370]  ? __do_sys_vfork+0x130/0x130
[  316.325080][T27370]  ? debug_smp_processor_id+0x17/0x20
[  316.330289][T27370]  do_syscall_64+0x44/0xd0
[  316.334626][T27370]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  316.340439][T27370] RIP: 0033:0x7f13408790c9
[  316.344695][T27370] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
18:06:35 executing program 2:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0xfbffffff00000000, 0x0, 0x0, 0x0, 0x0, 0x0)

18:06:35 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x1208)
close(r2)

[  316.364230][T27370] RSP: 002b:00007f133f5ec118 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  316.372471][T27370] RAX: ffffffffffffffda RBX: 00007f1340998f80 RCX: 00007f13408790c9
[  316.380278][T27370] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  316.388094][T27370] RBP: 00007f133f5ec1d0 R08: 0000000000000000 R09: 0000000000000000
[  316.395905][T27370] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  316.403720][T27370] R13: 00007ffcbc4c66ef R14: 00007f133f5ec300 R15: 0000000000022000
[  316.411525][T27370]  </TASK>
18:06:35 executing program 1:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 36)

18:06:35 executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x4, 0x0, 0x4, 0x0, 0xc04}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000500)={0xffffffffffffffff, 0xe0, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000240)=[0x0, 0x0, 0x0], ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0x1, 0x9, &(0x7f0000000280)=[0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000700)=[{}, {}], 0x10, 0x10, &(0x7f0000000340), &(0x7f0000000380), 0x8, 0x10, 0x8, 0x8, &(0x7f00000003c0)}}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000004000f008000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0x2, 0x101, 0x720be703, 0x1000, 0xf1, r0, 0x80000000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1}, 0x48)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x4030582a, &(0x7f0000000040))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x5, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffff956, 0x0, 0x0, 0x0, 0x9}, [@map_fd={0x18, 0x6, 0x1, 0x0, r0}]}, &(0x7f0000000140)='syzkaller\x00', 0x400, 0xbc, &(0x7f0000000180)=""/188, 0x40f00, 0x2, '\x00', r1, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000540)={0x5, 0x2}, 0x8, 0x10, &(0x7f0000000580)={0x0, 0x0, 0x28, 0x3f}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000640)=[0xffffffffffffffff, r2, r0, r0, r0, r0, r3, 0xffffffffffffffff, r0]}, 0x80)

18:06:35 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='cpuacct.usage_percpu_sys\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0)

18:06:35 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x80001, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200, 0x1, @perf_bp={&(0x7f0000000100)}, 0x80000, 0xbcf7, 0x3, 0x2, 0x1b8, 0x5, 0x0, 0x0, 0x8, 0x0, 0x51}, 0xffffffffffffffff, 0xe, r0, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

18:06:35 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x1280)
close(r2)

18:06:35 executing program 2:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0xfcffffff00000000, 0x0, 0x0, 0x0, 0x0, 0x0)

18:06:35 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='cpuacct.usage_percpu_sys\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0)

18:06:35 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x80001, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200, 0x1, @perf_bp={&(0x7f0000000100)}, 0x80000, 0xbcf7, 0x3, 0x2, 0x1b8, 0x5, 0x0, 0x0, 0x8, 0x0, 0x51}, 0xffffffffffffffff, 0xe, r0, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

18:06:35 executing program 2:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0xffffffff00000000, 0x0, 0x0, 0x0, 0x0, 0x0)

18:06:35 executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x4, 0x0, 0x4, 0x0, 0xc04}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000500)={0xffffffffffffffff, 0xe0, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000240)=[0x0, 0x0, 0x0], ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0x1, 0x9, &(0x7f0000000280)=[0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000700)=[{}, {}], 0x10, 0x10, &(0x7f0000000340), &(0x7f0000000380), 0x8, 0x10, 0x8, 0x8, &(0x7f00000003c0)}}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000004000f008000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0x2, 0x101, 0x720be703, 0x1000, 0xf1, r0, 0x80000000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1}, 0x48)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x4030582a, &(0x7f0000000040))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x5, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffff956, 0x0, 0x0, 0x0, 0x9}, [@map_fd={0x18, 0x6, 0x1, 0x0, r0}]}, &(0x7f0000000140)='syzkaller\x00', 0x400, 0xbc, &(0x7f0000000180)=""/188, 0x40f00, 0x2, '\x00', r1, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000540)={0x5, 0x2}, 0x8, 0x10, &(0x7f0000000580)={0x0, 0x0, 0x28, 0x3f}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000640)=[0xffffffffffffffff, r2, r0, r0, r0, r0, r3, 0xffffffffffffffff, r0]}, 0x80)

[  316.478285][T27405] FAULT_INJECTION: forcing a failure.
[  316.478285][T27405] name failslab, interval 1, probability 0, space 0, times 0
[  316.491134][T27405] CPU: 0 PID: 27405 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0
[  316.501201][T27405] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[  316.511182][T27405] Call Trace:
[  316.514308][T27405]  <TASK>
[  316.517102][T27405]  dump_stack_lvl+0x151/0x1b7
[  316.521594][T27405]  ? bfq_pos_tree_add_move+0x43e/0x43e
[  316.526980][T27405]  dump_stack+0x15/0x17
[  316.530971][T27405]  should_fail+0x3c0/0x510
[  316.535223][T27405]  __should_failslab+0x9f/0xe0
[  316.539832][T27405]  should_failslab+0x9/0x20
[  316.544229][T27405]  kmem_cache_alloc+0x4f/0x2f0
[  316.548766][T27405]  ? anon_vma_fork+0x1b9/0x4f0
[  316.553374][T27405]  anon_vma_fork+0x1b9/0x4f0
[  316.557790][T27405]  dup_mmap+0x750/0xea0
[  316.561783][T27405]  ? __delayed_free_task+0x20/0x20
[  316.566738][T27405]  ? mm_init+0x807/0x960
[  316.570815][T27405]  dup_mm+0x91/0x330
[  316.574544][T27405]  copy_mm+0x108/0x1b0
18:06:36 executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x4, 0x0, 0x4, 0x0, 0xc04}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000500)={0xffffffffffffffff, 0xe0, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000240)=[0x0, 0x0, 0x0], ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0x1, 0x9, &(0x7f0000000280)=[0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000700)=[{}, {}], 0x10, 0x10, &(0x7f0000000340), &(0x7f0000000380), 0x8, 0x10, 0x8, 0x8, &(0x7f00000003c0)}}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000004000f008000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0x2, 0x101, 0x720be703, 0x1000, 0xf1, r0, 0x80000000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1}, 0x48)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x4030582a, &(0x7f0000000040))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x5, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffff956, 0x0, 0x0, 0x0, 0x9}, [@map_fd={0x18, 0x6, 0x1, 0x0, r0}]}, &(0x7f0000000140)='syzkaller\x00', 0x400, 0xbc, &(0x7f0000000180)=""/188, 0x40f00, 0x2, '\x00', r1, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000540)={0x5, 0x2}, 0x8, 0x10, &(0x7f0000000580)={0x0, 0x0, 0x28, 0x3f}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000640)=[0xffffffffffffffff, r2, r0, r0, r0, r0, r0, r0]}, 0x80)

18:06:36 executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x4, 0x0, 0x4, 0x0, 0xc04}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000500)={0xffffffffffffffff, 0xe0, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000240)=[0x0, 0x0, 0x0], ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0x1, 0x9, &(0x7f0000000280)=[0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000700)=[{}, {}], 0x10, 0x10, &(0x7f0000000340), &(0x7f0000000380), 0x8, 0x10, 0x8, 0x8, &(0x7f00000003c0)}}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000004000f008000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0x2, 0x101, 0x720be703, 0x1000, 0xf1, r0, 0x80000000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1}, 0x48)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x4030582a, &(0x7f0000000040))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x5, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffff956, 0x0, 0x0, 0x0, 0x9}, [@map_fd={0x18, 0x6, 0x1, 0x0, r0}]}, &(0x7f0000000140)='syzkaller\x00', 0x400, 0xbc, &(0x7f0000000180)=""/188, 0x40f00, 0x2, '\x00', r1, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000540)={0x5, 0x2}, 0x8, 0x10, &(0x7f0000000580)={0x0, 0x0, 0x28, 0x3f}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000640)=[0xffffffffffffffff, r2, r0, r0, r0, r0, r0, r0]}, 0x80)

[  316.578447][T27405]  copy_process+0x1295/0x3250
[  316.582960][T27405]  ? proc_fail_nth_write+0x213/0x290
[  316.588078][T27405]  ? proc_fail_nth_read+0x220/0x220
[  316.593111][T27405]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  316.598057][T27405]  ? vfs_write+0x9af/0x1050
[  316.602484][T27405]  ? vmacache_update+0xb7/0x120
[  316.607172][T27405]  kernel_clone+0x22d/0x990
[  316.611510][T27405]  ? file_end_write+0x1b0/0x1b0
[  316.616285][T27405]  ? __kasan_check_write+0x14/0x20
[  316.621234][T27405]  ? create_io_thread+0x1e0/0x1e0
[  316.626095][T27405]  ? __mutex_lock_slowpath+0x10/0x10
[  316.631212][T27405]  __x64_sys_clone+0x289/0x310
[  316.635811][T27405]  ? __do_sys_vfork+0x130/0x130
[  316.640501][T27405]  ? debug_smp_processor_id+0x17/0x20
[  316.645710][T27405]  do_syscall_64+0x44/0xd0
[  316.649963][T27405]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  316.655688][T27405] RIP: 0033:0x7f13408790c9
[  316.659941][T27405] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  316.679382][T27405] RSP: 002b:00007f133f5ec118 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  316.687665][T27405] RAX: ffffffffffffffda RBX: 00007f1340998f80 RCX: 00007f13408790c9
[  316.695443][T27405] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  316.703244][T27405] RBP: 00007f133f5ec1d0 R08: 0000000000000000 R09: 0000000000000000
[  316.711056][T27405] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  316.718866][T27405] R13: 00007ffcbc4c66ef R14: 00007f133f5ec300 R15: 0000000000022000
18:06:36 executing program 1:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 37)

18:06:36 executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x4, 0x0, 0x4, 0x0, 0xc04}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000500)={0xffffffffffffffff, 0xe0, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000240)=[0x0, 0x0, 0x0], ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0x1, 0x9, &(0x7f0000000280)=[0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000700)=[{}, {}], 0x10, 0x10, &(0x7f0000000340), &(0x7f0000000380), 0x8, 0x10, 0x8, 0x8, &(0x7f00000003c0)}}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000004000f008000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0x2, 0x101, 0x720be703, 0x1000, 0xf1, r0, 0x80000000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1}, 0x48)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x4030582a, &(0x7f0000000040))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x5, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffff956, 0x0, 0x0, 0x0, 0x9}, [@map_fd={0x18, 0x6, 0x1, 0x0, r0}]}, &(0x7f0000000140)='syzkaller\x00', 0x400, 0xbc, &(0x7f0000000180)=""/188, 0x40f00, 0x2, '\x00', r1, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000540)={0x5, 0x2}, 0x8, 0x10, &(0x7f0000000580)={0x0, 0x0, 0x28, 0x3f}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000640)=[0xffffffffffffffff, r2, r0, r0, r0, r0, r0, r0]}, 0x80)

18:06:36 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x1282)
close(r2)

18:06:36 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x80001, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200, 0x1, @perf_bp={&(0x7f0000000100)}, 0x80000, 0xbcf7, 0x3, 0x2, 0x1b8, 0x5, 0x0, 0x0, 0x8, 0x0, 0x51}, 0xffffffffffffffff, 0xe, r0, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

[  316.726680][T27405]  </TASK>
18:06:36 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x80001, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200, 0x1, @perf_bp={&(0x7f0000000100)}, 0x80000, 0xbcf7, 0x3, 0x2, 0x1b8, 0x5, 0x0, 0x0, 0x8, 0x0, 0x51}, 0xffffffffffffffff, 0xe, r0, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

[  316.775214][T27424] FAULT_INJECTION: forcing a failure.
[  316.775214][T27424] name failslab, interval 1, probability 0, space 0, times 0
[  316.795743][T27424] CPU: 0 PID: 27424 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0
[  316.805824][T27424] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[  316.815717][T27424] Call Trace:
[  316.818930][T27424]  <TASK>
[  316.821701][T27424]  dump_stack_lvl+0x151/0x1b7
[  316.826323][T27424]  ? bfq_pos_tree_add_move+0x43e/0x43e
[  316.831610][T27424]  ? vma_interval_tree_augment_rotate+0x210/0x210
[  316.837857][T27424]  dump_stack+0x15/0x17
[  316.841844][T27424]  should_fail+0x3c0/0x510
[  316.846098][T27424]  __should_failslab+0x9f/0xe0
[  316.850698][T27424]  should_failslab+0x9/0x20
[  316.855040][T27424]  kmem_cache_alloc+0x4f/0x2f0
[  316.859637][T27424]  ? anon_vma_fork+0xf7/0x4f0
[  316.864150][T27424]  anon_vma_fork+0xf7/0x4f0
[  316.868493][T27424]  ? anon_vma_name+0x4c/0x70
[  316.872916][T27424]  dup_mmap+0x750/0xea0
[  316.876914][T27424]  ? __delayed_free_task+0x20/0x20
[  316.881859][T27424]  ? mm_init+0x807/0x960
[  316.885936][T27424]  dup_mm+0x91/0x330
[  316.889670][T27424]  copy_mm+0x108/0x1b0
[  316.893574][T27424]  copy_process+0x1295/0x3250
[  316.898087][T27424]  ? proc_fail_nth_write+0x213/0x290
[  316.903208][T27424]  ? proc_fail_nth_read+0x220/0x220
[  316.908243][T27424]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  316.913186][T27424]  ? vfs_write+0x9af/0x1050
[  316.917533][T27424]  ? vmacache_update+0xb7/0x120
[  316.922218][T27424]  kernel_clone+0x22d/0x990
[  316.926548][T27424]  ? file_end_write+0x1b0/0x1b0
[  316.931243][T27424]  ? __kasan_check_write+0x14/0x20
[  316.936188][T27424]  ? create_io_thread+0x1e0/0x1e0
[  316.941044][T27424]  ? __mutex_lock_slowpath+0x10/0x10
[  316.946164][T27424]  __x64_sys_clone+0x289/0x310
[  316.950765][T27424]  ? __do_sys_vfork+0x130/0x130
[  316.955461][T27424]  ? debug_smp_processor_id+0x17/0x20
[  316.960661][T27424]  do_syscall_64+0x44/0xd0
[  316.964909][T27424]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  316.970639][T27424] RIP: 0033:0x7f13408790c9
[  316.974892][T27424] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  316.994336][T27424] RSP: 002b:00007f133f5ec118 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  317.002577][T27424] RAX: ffffffffffffffda RBX: 00007f1340998f80 RCX: 00007f13408790c9
[  317.010391][T27424] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  317.018199][T27424] RBP: 00007f133f5ec1d0 R08: 0000000000000000 R09: 0000000000000000
18:06:36 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x1286)
close(r2)

[  317.026010][T27424] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  317.033821][T27424] R13: 00007ffcbc4c66ef R14: 00007f133f5ec300 R15: 0000000000022000
[  317.041637][T27424]  </TASK>
[  317.623836][  T474] device bridge_slave_1 left promiscuous mode
[  317.629781][  T474] bridge0: port 2(bridge_slave_1) entered disabled state
[  317.637170][  T474] device bridge_slave_0 left promiscuous mode
[  317.643383][  T474] bridge0: port 1(bridge_slave_0) entered disabled state
[  317.650817][  T474] device veth1_macvtap left promiscuous mode
[  317.656934][  T474] device veth0_vlan left promiscuous mode
[  317.981796][T27435] bridge0: port 1(bridge_slave_0) entered blocking state
[  317.988714][T27435] bridge0: port 1(bridge_slave_0) entered disabled state
[  317.995961][T27435] device bridge_slave_0 entered promiscuous mode
[  318.002574][T27435] bridge0: port 2(bridge_slave_1) entered blocking state
[  318.009490][T27435] bridge0: port 2(bridge_slave_1) entered disabled state
[  318.016541][T27435] device bridge_slave_1 entered promiscuous mode
[  318.060996][T27435] bridge0: port 2(bridge_slave_1) entered blocking state
[  318.067863][T27435] bridge0: port 2(bridge_slave_1) entered forwarding state
[  318.075010][T27435] bridge0: port 1(bridge_slave_0) entered blocking state
[  318.081848][T27435] bridge0: port 1(bridge_slave_0) entered forwarding state
[  318.099680][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  318.107000][   T26] bridge0: port 1(bridge_slave_0) entered disabled state
[  318.114733][   T26] bridge0: port 2(bridge_slave_1) entered disabled state
[  318.124279][  T475] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  318.132343][  T475] bridge0: port 1(bridge_slave_0) entered blocking state
[  318.139197][  T475] bridge0: port 1(bridge_slave_0) entered forwarding state
[  318.153550][  T454] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  318.161687][  T454] bridge0: port 2(bridge_slave_1) entered blocking state
[  318.168557][  T454] bridge0: port 2(bridge_slave_1) entered forwarding state
[  318.190981][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  318.199050][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  318.213991][  T454] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  318.225725][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  318.233611][T27435] device veth0_vlan entered promiscuous mode
[  318.243259][  T475] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  318.250614][  T475] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  318.266694][T27435] device veth1_macvtap entered promiscuous mode
[  318.273560][  T475] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  318.293012][  T475] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  318.301290][  T475] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
18:06:37 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='cpuacct.usage_percpu_sys\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0)

18:06:37 executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x4, 0x0, 0x4, 0x0, 0xc04}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000500)={0xffffffffffffffff, 0xe0, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000240)=[0x0, 0x0, 0x0], ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0x1, 0x9, &(0x7f0000000280)=[0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000700)=[{}, {}], 0x10, 0x10, &(0x7f0000000340), &(0x7f0000000380), 0x8, 0x10, 0x8, 0x8, &(0x7f00000003c0)}}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000004000f008000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0x2, 0x101, 0x720be703, 0x1000, 0xf1, r0, 0x80000000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1}, 0x48)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x4030582a, &(0x7f0000000040))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x5, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffff956, 0x0, 0x0, 0x0, 0x9}, [@map_fd={0x18, 0x6, 0x1, 0x0, r0}]}, &(0x7f0000000140)='syzkaller\x00', 0x400, 0xbc, &(0x7f0000000180)=""/188, 0x40f00, 0x2, '\x00', r1, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000540)={0x5, 0x2}, 0x8, 0x10, &(0x7f0000000580)={0x0, 0x0, 0x28, 0x3f}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000640)=[0xffffffffffffffff, r2, r0, r0, r0, r0, 0xffffffffffffffff, r0, r0]}, 0x80)

[  318.323970][T27440] bridge0: port 1(bridge_slave_0) entered blocking state
[  318.332124][T27440] bridge0: port 1(bridge_slave_0) entered disabled state
[  318.339913][T27440] device bridge_slave_0 entered promiscuous mode
[  318.347267][T27440] bridge0: port 2(bridge_slave_1) entered blocking state
[  318.354592][T27440] bridge0: port 2(bridge_slave_1) entered disabled state
[  318.362182][T27440] device bridge_slave_1 entered promiscuous mode
[  318.428625][T27440] bridge0: port 2(bridge_slave_1) entered blocking state
[  318.435573][T27440] bridge0: port 2(bridge_slave_1) entered forwarding state
[  318.442635][T27440] bridge0: port 1(bridge_slave_0) entered blocking state
[  318.449475][T27440] bridge0: port 1(bridge_slave_0) entered forwarding state
[  318.468828][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  318.476138][   T26] bridge0: port 1(bridge_slave_0) entered disabled state
[  318.483719][   T26] bridge0: port 2(bridge_slave_1) entered disabled state
[  318.492264][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  318.500225][   T20] bridge0: port 1(bridge_slave_0) entered blocking state
[  318.507069][   T20] bridge0: port 1(bridge_slave_0) entered forwarding state
[  318.523655][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  318.531555][   T26] bridge0: port 2(bridge_slave_1) entered blocking state
[  318.538329][   T26] bridge0: port 2(bridge_slave_1) entered forwarding state
[  318.545494][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  318.553329][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  318.564902][   T88] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  318.578062][T27440] device veth0_vlan entered promiscuous mode
[  318.584613][   T88] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  318.592520][   T88] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  318.599865][   T88] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  318.613778][T27440] device veth1_macvtap entered promiscuous mode
[  318.623291][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  318.631387][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  318.639821][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  318.650542][  T474] device bridge_slave_1 left promiscuous mode
[  318.656556][  T474] bridge0: port 2(bridge_slave_1) entered disabled state
[  318.664117][  T474] device bridge_slave_0 left promiscuous mode
[  318.670028][  T474] bridge0: port 1(bridge_slave_0) entered disabled state
[  318.677593][  T474] device veth1_macvtap left promiscuous mode
[  318.683779][  T474] device veth0_vlan left promiscuous mode
18:06:38 executing program 2:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x2, 0x0, 0x0, 0x0)

18:06:38 executing program 1:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 38)

18:06:38 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x2000)
close(r2)

18:06:38 executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x4, 0x0, 0x4, 0x0, 0xc04}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000500)={0xffffffffffffffff, 0xe0, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000240)=[0x0, 0x0, 0x0], ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0x1, 0x9, &(0x7f0000000280)=[0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000700)=[{}, {}], 0x10, 0x10, &(0x7f0000000340), &(0x7f0000000380), 0x8, 0x10, 0x8, 0x8, &(0x7f00000003c0)}}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000004000f008000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0x2, 0x101, 0x720be703, 0x1000, 0xf1, r0, 0x80000000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1}, 0x48)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x4030582a, &(0x7f0000000040))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x5, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffff956, 0x0, 0x0, 0x0, 0x9}, [@map_fd={0x18, 0x6, 0x1, 0x0, r0}]}, &(0x7f0000000140)='syzkaller\x00', 0x400, 0xbc, &(0x7f0000000180)=""/188, 0x40f00, 0x2, '\x00', r1, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000540)={0x5, 0x2}, 0x8, 0x10, &(0x7f0000000580)={0x0, 0x0, 0x28, 0x3f}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000640)=[0xffffffffffffffff, r2, r0, r0, r0, r0, 0xffffffffffffffff, r0, r0]}, 0x80)

18:06:38 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000000c0)='net_prio.prioidx\x00', 0x26e1, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000001f00)={0x1, 0x58, &(0x7f0000002380)={0x0, <r2=>0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r3=>0x0}}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001900)={r1, 0xfffffffffffffd18, &(0x7f0000001800)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, &(0x7f00000016c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x9, 0x5, &(0x7f0000001a00)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000017c0)=[0x0, 0x0, 0x0, 0x0, 0x0], <r4=>0x0, 0x8, &(0x7f00000003c0)=[{}, {}, {}, {}, {}, {}], 0x30, 0x10, &(0x7f0000001740), &(0x7f0000001680), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000440)}}, 0x10)
r5 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r6 = openat$cgroup_ro(r5, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f0000001ac0)=ANY=[@ANYBLOB="18010000000004000000000000000000850000000734f1afef4df90f000000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, r6, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
ioctl$TUNSETIFINDEX(r6, 0x400454da, &(0x7f0000000280))
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d40)={r1, 0xe0, &(0x7f0000001c40)={0x0, <r7=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000001a80)=[0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, &(0x7f0000001b00)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000001b00), <r8=>0x0, 0x8, &(0x7f0000001b40)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f0000001b80), &(0x7f0000001bc0), 0x8, 0x10, 0x8, 0x8, &(0x7f0000001c00)}}, 0x10)
r9 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000001f40)={0x6, 0x1, &(0x7f0000001d80)=@raw=[@call={0x85, 0x0, 0x0, 0x8f}], &(0x7f0000001dc0)='syzkaller\x00', 0x7, 0x0, 0x0, 0x40f00, 0x10, '\x00', r3, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000001e00)={0x7, 0x4}, 0x8, 0x10, &(0x7f0000001e40)={0x1, 0xe, 0x5e047fe9, 0x2}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000001e80)=[r0]}, 0x80)
r10 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000001ec0)={r2, 0x7, 0x10}, 0xc)
ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x6611, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001cc0)={0xffffffffffffffff, 0xe0, &(0x7f0000001bc0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, &(0x7f0000000500)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, <r11=>0x0, 0x0, 0x0, 0x0, 0x8, 0xa, &(0x7f0000000540)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000001640)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000001700)=[{}], 0x8, 0x10, &(0x7f0000001780), &(0x7f0000001b40), 0x8, 0x10, 0x8, 0x8, &(0x7f0000001b80)}}, 0x10)
r12 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000001580)={0xffffffffffffffff, 0x58, &(0x7f0000002380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r13=>0x0}}, 0xb6)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001900)={r12, 0xfffffffffffffd18, &(0x7f0000001800)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, &(0x7f00000016c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x9, 0x5, &(0x7f0000001a00)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000017c0)=[0x0, 0x0, 0x0, 0x0, 0x0], <r14=>0x0, 0x8, &(0x7f00000003c0)=[{}, {}, {}, {}, {}, {}], 0x30, 0x10, &(0x7f0000001740), &(0x7f0000001680), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000440)}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000001980)={0xd, 0xa, &(0x7f0000002400)=ANY=[@ANYBLOB="57a00e34a9180000718300005659ad03e287d85855a012000000000007000000ff320600050000000000001810000000001869000002000095d01e39b54b17dcc388275d044bb253b5e1ab171cb71c012b5efadffb92f669d0560e61589606c5e28b7a5fb2df6525691a9054e594f1faeb87b973dc0d2f29df0e245bf2a005c0ba784255f3860d608500c245907a280260b9e159f7ab9ff89aa9dd86adc7000000000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x50000, 0x1000, &(0x7f0000000580)=""/4096, 0x41000, 0xc, '\x00', r13, 0xb, 0xffffffffffffffff, 0x8, &(0x7f00000015c0)={0x7}, 0x8, 0x10, &(0x7f0000001600)={0x5, 0x0, 0xf28f, 0x4}, 0x10, r14, r12, 0x0, &(0x7f0000001940)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}, 0x80)
r15 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000001d80), 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000001dc0)={0x16, 0x2, &(0x7f0000000480)=@raw=[@map_val={0x18, 0x2, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x9}], &(0x7f00000004c0)='GPL\x00', 0x7, 0xb0, &(0x7f0000001a80)=""/176, 0x40f00, 0x2, '\x00', r11, 0x26, 0xffffffffffffffff, 0x8, &(0x7f0000001d00)={0x1, 0x5}, 0x8, 0x10, &(0x7f0000001d40)={0x4, 0xf, 0x3, 0x3}, 0x10, r14, r15}, 0x80)
r16 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000002280)={r7}, 0x4)
r17 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r18 = openat$cgroup_ro(r17, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000004000000000000000000850000000f000000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, r18, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
ioctl$TUNSETIFINDEX(r18, 0x400454da, &(0x7f0000000280))
bpf$PROG_LOAD(0x5, &(0x7f0000002300)={0x3, 0x9, &(0x7f0000002080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x9}, [@map_fd={0x18, 0x3}, @map_val={0x18, 0x0, 0x2, 0x0, r0, 0x0, 0x0, 0x0, 0x2}, @exit, @func={0x85, 0x0, 0x1, 0x0, 0x3}]}, &(0x7f0000002100)='GPL\x00', 0x3, 0xa4, &(0x7f0000002140)=""/164, 0x0, 0x8, '\x00', 0x0, 0x1a, r5, 0x8, &(0x7f0000002200)={0x1, 0x3}, 0x8, 0x10, &(0x7f0000002240)={0x1, 0xf, 0x4, 0x332a}, 0x10, r14, r16, 0x0, &(0x7f00000022c0)=[r0, r5, r18, r0]}, 0x80)
bpf$PROG_LOAD(0x5, &(0x7f0000002000)={0x15, 0x7, &(0x7f0000001580)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x714}, [@alu={0x0, 0x0, 0xac1750fc9e66e570, 0x9, 0x6, 0xc}, @call={0x85, 0x0, 0x0, 0x8a}, @map_idx_val={0x18, 0x5, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}]}, &(0x7f0000001640)='GPL\x00', 0x8001, 0x0, 0x0, 0x41000, 0x8, '\x00', 0x0, 0xa, r6, 0x8, &(0x7f0000001700)={0x7, 0x5}, 0x8, 0x10, &(0x7f0000001780)={0x2, 0xb, 0x6, 0x1}, 0x10, r8, r9, 0x0, &(0x7f0000001fc0)=[r10]}, 0x80)
bpf$PROG_LOAD(0x5, &(0x7f0000001980)={0xd, 0xa, &(0x7f0000002400)=ANY=[@ANYBLOB="57a00e34a9180000718300005659ad03e287d85855a012000000000007000000ff320600050000000000001810000000001869000002000095d01e39b54b17dcc388275d044bb253b5e1ab171cb71c012b5efadffb92f669d0560e61589606c5e28b7a5fb2df6525691a9054e594f1faeb87b973dc0d2f29df0e245bf2a005c0ba784255f3860d608500c245907a280260b9e159f7ab9ff89aa9dd86adc7000000000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x50000, 0x1000, &(0x7f0000000580)=""/4096, 0x41000, 0xc, '\x00', r3, 0xb, 0xffffffffffffffff, 0x8, &(0x7f00000015c0)={0x7}, 0x8, 0x10, &(0x7f0000001600)={0x5, 0x0, 0xf28f, 0x4}, 0x10, r4, r1, 0x0, &(0x7f0000001940)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}, 0x80)
r19 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000000)=r4, 0x4)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000080)={r19, 0x20, &(0x7f0000000040)={&(0x7f0000000100)=""/211, 0xd3, 0x0, &(0x7f0000000200)=""/4096, 0x1000}}, 0x10)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0)

18:06:38 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x80001, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200, 0x1, @perf_bp={&(0x7f0000000100)}, 0x80000, 0xbcf7, 0x3, 0x2, 0x1b8, 0x5, 0x0, 0x0, 0x8, 0x0, 0x51}, 0xffffffffffffffff, 0xe, r0, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

18:06:38 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000000c0)='net_prio.prioidx\x00', 0x26e1, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000001f00)={0x1, 0x58, &(0x7f0000002380)={0x0, <r2=>0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r3=>0x0}}, 0x10) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001900)={r1, 0xfffffffffffffd18, &(0x7f0000001800)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, &(0x7f00000016c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x9, 0x5, &(0x7f0000001a00)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000017c0)=[0x0, 0x0, 0x0, 0x0, 0x0], <r4=>0x0, 0x8, &(0x7f00000003c0)=[{}, {}, {}, {}, {}, {}], 0x30, 0x10, &(0x7f0000001740), &(0x7f0000001680), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000440)}}, 0x10) (async)
r5 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r6 = openat$cgroup_ro(r5, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f0000001ac0)=ANY=[@ANYBLOB="18010000000004000000000000000000850000000734f1afef4df90f000000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, r6, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) (async, rerun: 64)
ioctl$TUNSETIFINDEX(r6, 0x400454da, &(0x7f0000000280)) (async, rerun: 64)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d40)={r1, 0xe0, &(0x7f0000001c40)={0x0, <r7=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000001a80)=[0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, &(0x7f0000001b00)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000001b00), <r8=>0x0, 0x8, &(0x7f0000001b40)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f0000001b80), &(0x7f0000001bc0), 0x8, 0x10, 0x8, 0x8, &(0x7f0000001c00)}}, 0x10) (async)
r9 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000001f40)={0x6, 0x1, &(0x7f0000001d80)=@raw=[@call={0x85, 0x0, 0x0, 0x8f}], &(0x7f0000001dc0)='syzkaller\x00', 0x7, 0x0, 0x0, 0x40f00, 0x10, '\x00', r3, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000001e00)={0x7, 0x4}, 0x8, 0x10, &(0x7f0000001e40)={0x1, 0xe, 0x5e047fe9, 0x2}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000001e80)=[r0]}, 0x80) (async)
r10 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000001ec0)={r2, 0x7, 0x10}, 0xc)
ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x6611, 0x0) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001cc0)={0xffffffffffffffff, 0xe0, &(0x7f0000001bc0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, &(0x7f0000000500)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, <r11=>0x0, 0x0, 0x0, 0x0, 0x8, 0xa, &(0x7f0000000540)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000001640)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000001700)=[{}], 0x8, 0x10, &(0x7f0000001780), &(0x7f0000001b40), 0x8, 0x10, 0x8, 0x8, &(0x7f0000001b80)}}, 0x10) (async)
r12 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) (async, rerun: 64)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000001580)={0xffffffffffffffff, 0x58, &(0x7f0000002380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r13=>0x0}}, 0xb6) (rerun: 64)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001900)={r12, 0xfffffffffffffd18, &(0x7f0000001800)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, &(0x7f00000016c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x9, 0x5, &(0x7f0000001a00)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000017c0)=[0x0, 0x0, 0x0, 0x0, 0x0], <r14=>0x0, 0x8, &(0x7f00000003c0)=[{}, {}, {}, {}, {}, {}], 0x30, 0x10, &(0x7f0000001740), &(0x7f0000001680), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000440)}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000001980)={0xd, 0xa, &(0x7f0000002400)=ANY=[@ANYBLOB="57a00e34a9180000718300005659ad03e287d85855a012000000000007000000ff320600050000000000001810000000001869000002000095d01e39b54b17dcc388275d044bb253b5e1ab171cb71c012b5efadffb92f669d0560e61589606c5e28b7a5fb2df6525691a9054e594f1faeb87b973dc0d2f29df0e245bf2a005c0ba784255f3860d608500c245907a280260b9e159f7ab9ff89aa9dd86adc7000000000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x50000, 0x1000, &(0x7f0000000580)=""/4096, 0x41000, 0xc, '\x00', r13, 0xb, 0xffffffffffffffff, 0x8, &(0x7f00000015c0)={0x7}, 0x8, 0x10, &(0x7f0000001600)={0x5, 0x0, 0xf28f, 0x4}, 0x10, r14, r12, 0x0, &(0x7f0000001940)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}, 0x80)
r15 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000001d80), 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000001dc0)={0x16, 0x2, &(0x7f0000000480)=@raw=[@map_val={0x18, 0x2, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x9}], &(0x7f00000004c0)='GPL\x00', 0x7, 0xb0, &(0x7f0000001a80)=""/176, 0x40f00, 0x2, '\x00', r11, 0x26, 0xffffffffffffffff, 0x8, &(0x7f0000001d00)={0x1, 0x5}, 0x8, 0x10, &(0x7f0000001d40)={0x4, 0xf, 0x3, 0x3}, 0x10, r14, r15}, 0x80) (async)
r16 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000002280)={r7}, 0x4)
r17 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r18 = openat$cgroup_ro(r17, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000004000000000000000000850000000f000000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, r18, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) (async)
ioctl$TUNSETIFINDEX(r18, 0x400454da, &(0x7f0000000280)) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000002300)={0x3, 0x9, &(0x7f0000002080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x9}, [@map_fd={0x18, 0x3}, @map_val={0x18, 0x0, 0x2, 0x0, r0, 0x0, 0x0, 0x0, 0x2}, @exit, @func={0x85, 0x0, 0x1, 0x0, 0x3}]}, &(0x7f0000002100)='GPL\x00', 0x3, 0xa4, &(0x7f0000002140)=""/164, 0x0, 0x8, '\x00', 0x0, 0x1a, r5, 0x8, &(0x7f0000002200)={0x1, 0x3}, 0x8, 0x10, &(0x7f0000002240)={0x1, 0xf, 0x4, 0x332a}, 0x10, r14, r16, 0x0, &(0x7f00000022c0)=[r0, r5, r18, r0]}, 0x80) (async, rerun: 32)
bpf$PROG_LOAD(0x5, &(0x7f0000002000)={0x15, 0x7, &(0x7f0000001580)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x714}, [@alu={0x0, 0x0, 0xac1750fc9e66e570, 0x9, 0x6, 0xc}, @call={0x85, 0x0, 0x0, 0x8a}, @map_idx_val={0x18, 0x5, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}]}, &(0x7f0000001640)='GPL\x00', 0x8001, 0x0, 0x0, 0x41000, 0x8, '\x00', 0x0, 0xa, r6, 0x8, &(0x7f0000001700)={0x7, 0x5}, 0x8, 0x10, &(0x7f0000001780)={0x2, 0xb, 0x6, 0x1}, 0x10, r8, r9, 0x0, &(0x7f0000001fc0)=[r10]}, 0x80) (rerun: 32)
bpf$PROG_LOAD(0x5, &(0x7f0000001980)={0xd, 0xa, &(0x7f0000002400)=ANY=[@ANYBLOB="57a00e34a9180000718300005659ad03e287d85855a012000000000007000000ff320600050000000000001810000000001869000002000095d01e39b54b17dcc388275d044bb253b5e1ab171cb71c012b5efadffb92f669d0560e61589606c5e28b7a5fb2df6525691a9054e594f1faeb87b973dc0d2f29df0e245bf2a005c0ba784255f3860d608500c245907a280260b9e159f7ab9ff89aa9dd86adc7000000000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x50000, 0x1000, &(0x7f0000000580)=""/4096, 0x41000, 0xc, '\x00', r3, 0xb, 0xffffffffffffffff, 0x8, &(0x7f00000015c0)={0x7}, 0x8, 0x10, &(0x7f0000001600)={0x5, 0x0, 0xf28f, 0x4}, 0x10, r4, r1, 0x0, &(0x7f0000001940)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}, 0x80) (async)
r19 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000000)=r4, 0x4)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000080)={r19, 0x20, &(0x7f0000000040)={&(0x7f0000000100)=""/211, 0xd3, 0x0, &(0x7f0000000200)=""/4096, 0x1000}}, 0x10) (async)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0)

18:06:38 executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x4, 0x0, 0x4, 0x0, 0xc04}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000500)={0xffffffffffffffff, 0xe0, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000240)=[0x0, 0x0, 0x0], ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0x1, 0x9, &(0x7f0000000280)=[0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000700)=[{}, {}], 0x10, 0x10, &(0x7f0000000340), &(0x7f0000000380), 0x8, 0x10, 0x8, 0x8, &(0x7f00000003c0)}}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000004000f008000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0x2, 0x101, 0x720be703, 0x1000, 0xf1, r0, 0x80000000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1}, 0x48)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x4030582a, &(0x7f0000000040))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x5, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffff956, 0x0, 0x0, 0x0, 0x9}, [@map_fd={0x18, 0x6, 0x1, 0x0, r0}]}, &(0x7f0000000140)='syzkaller\x00', 0x400, 0xbc, &(0x7f0000000180)=""/188, 0x40f00, 0x2, '\x00', r1, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000540)={0x5, 0x2}, 0x8, 0x10, &(0x7f0000000580)={0x0, 0x0, 0x28, 0x3f}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000640)=[0xffffffffffffffff, r2, r0, r0, r0, r0, 0xffffffffffffffff, r0, r0]}, 0x80)

[  318.776570][T27462] FAULT_INJECTION: forcing a failure.
[  318.776570][T27462] name failslab, interval 1, probability 0, space 0, times 0
[  318.803683][T27462] CPU: 1 PID: 27462 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0
[  318.813780][T27462] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[  318.823659][T27462] Call Trace:
18:06:38 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000000c0)='net_prio.prioidx\x00', 0x26e1, 0x0) (async)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000001f00)={0x1, 0x58, &(0x7f0000002380)={0x0, <r2=>0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r3=>0x0}}, 0x10) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001900)={r1, 0xfffffffffffffd18, &(0x7f0000001800)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, &(0x7f00000016c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x9, 0x5, &(0x7f0000001a00)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000017c0)=[0x0, 0x0, 0x0, 0x0, 0x0], <r4=>0x0, 0x8, &(0x7f00000003c0)=[{}, {}, {}, {}, {}, {}], 0x30, 0x10, &(0x7f0000001740), &(0x7f0000001680), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000440)}}, 0x10)
r5 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r6 = openat$cgroup_ro(r5, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f0000001ac0)=ANY=[@ANYBLOB="18010000000004000000000000000000850000000734f1afef4df90f000000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, r6, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) (async)
ioctl$TUNSETIFINDEX(r6, 0x400454da, &(0x7f0000000280)) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001d40)={r1, 0xe0, &(0x7f0000001c40)={0x0, <r7=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000001a80)=[0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, &(0x7f0000001b00)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000001b00), <r8=>0x0, 0x8, &(0x7f0000001b40)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f0000001b80), &(0x7f0000001bc0), 0x8, 0x10, 0x8, 0x8, &(0x7f0000001c00)}}, 0x10) (async)
r9 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000001f40)={0x6, 0x1, &(0x7f0000001d80)=@raw=[@call={0x85, 0x0, 0x0, 0x8f}], &(0x7f0000001dc0)='syzkaller\x00', 0x7, 0x0, 0x0, 0x40f00, 0x10, '\x00', r3, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000001e00)={0x7, 0x4}, 0x8, 0x10, &(0x7f0000001e40)={0x1, 0xe, 0x5e047fe9, 0x2}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000001e80)=[r0]}, 0x80) (async)
r10 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000001ec0)={r2, 0x7, 0x10}, 0xc)
ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x6611, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001cc0)={0xffffffffffffffff, 0xe0, &(0x7f0000001bc0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, &(0x7f0000000500)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, <r11=>0x0, 0x0, 0x0, 0x0, 0x8, 0xa, &(0x7f0000000540)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000001640)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000001700)=[{}], 0x8, 0x10, &(0x7f0000001780), &(0x7f0000001b40), 0x8, 0x10, 0x8, 0x8, &(0x7f0000001b80)}}, 0x10)
r12 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000001580)={0xffffffffffffffff, 0x58, &(0x7f0000002380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r13=>0x0}}, 0xb6) (async, rerun: 64)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001900)={r12, 0xfffffffffffffd18, &(0x7f0000001800)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, &(0x7f00000016c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x9, 0x5, &(0x7f0000001a00)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000017c0)=[0x0, 0x0, 0x0, 0x0, 0x0], <r14=>0x0, 0x8, &(0x7f00000003c0)=[{}, {}, {}, {}, {}, {}], 0x30, 0x10, &(0x7f0000001740), &(0x7f0000001680), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000440)}}, 0x10) (rerun: 64)
bpf$PROG_LOAD(0x5, &(0x7f0000001980)={0xd, 0xa, &(0x7f0000002400)=ANY=[@ANYBLOB="57a00e34a9180000718300005659ad03e287d85855a012000000000007000000ff320600050000000000001810000000001869000002000095d01e39b54b17dcc388275d044bb253b5e1ab171cb71c012b5efadffb92f669d0560e61589606c5e28b7a5fb2df6525691a9054e594f1faeb87b973dc0d2f29df0e245bf2a005c0ba784255f3860d608500c245907a280260b9e159f7ab9ff89aa9dd86adc7000000000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x50000, 0x1000, &(0x7f0000000580)=""/4096, 0x41000, 0xc, '\x00', r13, 0xb, 0xffffffffffffffff, 0x8, &(0x7f00000015c0)={0x7}, 0x8, 0x10, &(0x7f0000001600)={0x5, 0x0, 0xf28f, 0x4}, 0x10, r14, r12, 0x0, &(0x7f0000001940)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}, 0x80) (async, rerun: 64)
r15 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000001d80), 0x4) (rerun: 64)
bpf$PROG_LOAD(0x5, &(0x7f0000001dc0)={0x16, 0x2, &(0x7f0000000480)=@raw=[@map_val={0x18, 0x2, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x9}], &(0x7f00000004c0)='GPL\x00', 0x7, 0xb0, &(0x7f0000001a80)=""/176, 0x40f00, 0x2, '\x00', r11, 0x26, 0xffffffffffffffff, 0x8, &(0x7f0000001d00)={0x1, 0x5}, 0x8, 0x10, &(0x7f0000001d40)={0x4, 0xf, 0x3, 0x3}, 0x10, r14, r15}, 0x80) (async)
r16 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000002280)={r7}, 0x4) (async)
r17 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r18 = openat$cgroup_ro(r17, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000004000000000000000000850000000f000000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, r18, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) (async)
ioctl$TUNSETIFINDEX(r18, 0x400454da, &(0x7f0000000280)) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000002300)={0x3, 0x9, &(0x7f0000002080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x9}, [@map_fd={0x18, 0x3}, @map_val={0x18, 0x0, 0x2, 0x0, r0, 0x0, 0x0, 0x0, 0x2}, @exit, @func={0x85, 0x0, 0x1, 0x0, 0x3}]}, &(0x7f0000002100)='GPL\x00', 0x3, 0xa4, &(0x7f0000002140)=""/164, 0x0, 0x8, '\x00', 0x0, 0x1a, r5, 0x8, &(0x7f0000002200)={0x1, 0x3}, 0x8, 0x10, &(0x7f0000002240)={0x1, 0xf, 0x4, 0x332a}, 0x10, r14, r16, 0x0, &(0x7f00000022c0)=[r0, r5, r18, r0]}, 0x80) (async, rerun: 64)
bpf$PROG_LOAD(0x5, &(0x7f0000002000)={0x15, 0x7, &(0x7f0000001580)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x714}, [@alu={0x0, 0x0, 0xac1750fc9e66e570, 0x9, 0x6, 0xc}, @call={0x85, 0x0, 0x0, 0x8a}, @map_idx_val={0x18, 0x5, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}]}, &(0x7f0000001640)='GPL\x00', 0x8001, 0x0, 0x0, 0x41000, 0x8, '\x00', 0x0, 0xa, r6, 0x8, &(0x7f0000001700)={0x7, 0x5}, 0x8, 0x10, &(0x7f0000001780)={0x2, 0xb, 0x6, 0x1}, 0x10, r8, r9, 0x0, &(0x7f0000001fc0)=[r10]}, 0x80) (async, rerun: 64)
bpf$PROG_LOAD(0x5, &(0x7f0000001980)={0xd, 0xa, &(0x7f0000002400)=ANY=[@ANYBLOB="57a00e34a9180000718300005659ad03e287d85855a012000000000007000000ff320600050000000000001810000000001869000002000095d01e39b54b17dcc388275d044bb253b5e1ab171cb71c012b5efadffb92f669d0560e61589606c5e28b7a5fb2df6525691a9054e594f1faeb87b973dc0d2f29df0e245bf2a005c0ba784255f3860d608500c245907a280260b9e159f7ab9ff89aa9dd86adc7000000000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x50000, 0x1000, &(0x7f0000000580)=""/4096, 0x41000, 0xc, '\x00', r3, 0xb, 0xffffffffffffffff, 0x8, &(0x7f00000015c0)={0x7}, 0x8, 0x10, &(0x7f0000001600)={0x5, 0x0, 0xf28f, 0x4}, 0x10, r4, r1, 0x0, &(0x7f0000001940)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}, 0x80)
r19 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000000)=r4, 0x4)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000080)={r19, 0x20, &(0x7f0000000040)={&(0x7f0000000100)=""/211, 0xd3, 0x0, &(0x7f0000000200)=""/4096, 0x1000}}, 0x10) (async)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0)

[  318.826784][T27462]  <TASK>
[  318.829560][T27462]  dump_stack_lvl+0x151/0x1b7
[  318.834069][T27462]  ? bfq_pos_tree_add_move+0x43e/0x43e
[  318.839370][T27462]  ? vma_interval_tree_augment_rotate+0x210/0x210
[  318.845721][T27462]  dump_stack+0x15/0x17
[  318.849711][T27462]  should_fail+0x3c0/0x510
[  318.853965][T27462]  __should_failslab+0x9f/0xe0
[  318.858561][T27462]  should_failslab+0x9/0x20
[  318.862902][T27462]  kmem_cache_alloc+0x4f/0x2f0
[  318.867510][T27462]  ? anon_vma_fork+0xf7/0x4f0
[  318.872102][T27462]  anon_vma_fork+0xf7/0x4f0
[  318.876439][T27462]  ? anon_vma_name+0x4c/0x70
[  318.880867][T27462]  dup_mmap+0x750/0xea0
[  318.884863][T27462]  ? __delayed_free_task+0x20/0x20
[  318.889827][T27462]  ? mm_init+0x807/0x960
[  318.893885][T27462]  dup_mm+0x91/0x330
[  318.897616][T27462]  copy_mm+0x108/0x1b0
[  318.901523][T27462]  copy_process+0x1295/0x3250
[  318.906040][T27462]  ? proc_fail_nth_write+0x213/0x290
[  318.911166][T27462]  ? proc_fail_nth_read+0x220/0x220
[  318.916190][T27462]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  318.921137][T27462]  ? vfs_write+0x9af/0x1050
[  318.925476][T27462]  ? vmacache_update+0xb7/0x120
[  318.930164][T27462]  kernel_clone+0x22d/0x990
[  318.934505][T27462]  ? file_end_write+0x1b0/0x1b0
[  318.939191][T27462]  ? __kasan_check_write+0x14/0x20
[  318.944226][T27462]  ? create_io_thread+0x1e0/0x1e0
[  318.949087][T27462]  ? __mutex_lock_slowpath+0x10/0x10
[  318.954206][T27462]  __x64_sys_clone+0x289/0x310
[  318.958806][T27462]  ? __do_sys_vfork+0x130/0x130
[  318.963496][T27462]  ? debug_smp_processor_id+0x17/0x20
[  318.968700][T27462]  do_syscall_64+0x44/0xd0
[  318.972952][T27462]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  318.978681][T27462] RIP: 0033:0x7f13408790c9
[  318.982935][T27462] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  319.002375][T27462] RSP: 002b:00007f133f5ec118 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  319.010621][T27462] RAX: ffffffffffffffda RBX: 00007f1340998f80 RCX: 00007f13408790c9
[  319.018432][T27462] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
18:06:38 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x80001, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200, 0x1, @perf_bp={&(0x7f0000000100)}, 0x80000, 0xbcf7, 0x3, 0x2, 0x1b8, 0x5, 0x0, 0x0, 0x8, 0x0, 0x51}, 0xffffffffffffffff, 0xe, r0, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

[  319.026243][T27462] RBP: 00007f133f5ec1d0 R08: 0000000000000000 R09: 0000000000000000
[  319.034055][T27462] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  319.041864][T27462] R13: 00007ffcbc4c66ef R14: 00007f133f5ec300 R15: 0000000000022000
[  319.049677][T27462]  </TASK>
18:06:38 executing program 2:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x7, 0x0, 0x0, 0x0)

18:06:38 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x28eb)
close(r2)

18:06:38 executing program 1:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 39)

18:06:38 executing program 3:
ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x40806685, 0x0)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
ioctl$TUNSETSTEERINGEBPF(r0, 0x800454e0, &(0x7f0000000080))
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000001500)=@bpf_lsm={0x1d, 0x6, &(0x7f0000000100)=ANY=[@ANYBLOB="1800000038080008000000000500000048a23000ffffffff95000000000000000000000f959c694d77f206e38f80f20293c435b3c80c7b9637ed898795db71e4eb1ff5fe999db70ed05fc49c175114948930c6ee5c57"], &(0x7f0000000400)='GPL\x00', 0x7, 0x8a, &(0x7f0000000440)=""/138, 0x40f00, 0x0, '\x00', 0x0, 0x1b, r0, 0x8, &(0x7f0000000500)={0x7, 0x5}, 0x8, 0x10, 0x0}, 0x80)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40082404, &(0x7f00000000c0)=0x80000001)
r1 = getpid()
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r2, &(0x7f0000000080), 0x2, 0x0)
r3 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r3)
ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r2, 0x3, r3, 0x2)
perf_event_open(&(0x7f00000001c0)={0x1, 0x80, 0xa3, 0x8, 0x93, 0x1, 0x0, 0xf0f, 0x30, 0x5, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x6, 0x1, @perf_bp={&(0x7f0000000180), 0x3}, 0x200, 0xffff, 0x3, 0x0, 0x1, 0x5, 0x401, 0x0, 0x9, 0x0, 0x9}, 0x0, 0x1, r3, 0x7aa53c0b6b10df1a)
r4 = bpf$ITER_CREATE(0x21, &(0x7f0000000080), 0x8)
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x3, 0x1f, 0x3f, 0x8, 0x0, 0x9, 0x81004, 0xc, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x3, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x1, @perf_config_ext={0x7fff, 0x400}, 0x3, 0x28, 0x5, 0x3, 0x7f, 0x3ff, 0x4, 0x0, 0x5a, 0x0, 0xbbbc}, r1, 0xe, r4, 0x0)

[  319.115951][T27492] FAULT_INJECTION: forcing a failure.
[  319.115951][T27492] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  319.133608][T27492] CPU: 1 PID: 27492 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0
[  319.143680][T27492] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[  319.153575][T27492] Call Trace:
[  319.156695][T27492]  <TASK>
[  319.159472][T27492]  dump_stack_lvl+0x151/0x1b7
[  319.163986][T27492]  ? bfq_pos_tree_add_move+0x43e/0x43e
[  319.169278][T27492]  ? stack_trace_save+0x1f0/0x1f0
[  319.174144][T27492]  ? __kernel_text_address+0x9a/0x110
[  319.179349][T27492]  dump_stack+0x15/0x17
[  319.183339][T27492]  should_fail+0x3c0/0x510
[  319.187624][T27492]  should_fail_alloc_page+0x58/0x70
[  319.192629][T27492]  __alloc_pages+0x1de/0x7c0
[  319.197054][T27492]  ? stack_trace_save+0x12d/0x1f0
[  319.201931][T27492]  ? stack_trace_snprint+0x100/0x100
[  319.207035][T27492]  ? __count_vm_events+0x30/0x30
[  319.211812][T27492]  ? __kasan_slab_alloc+0xc4/0xe0
[  319.216691][T27492]  ? __kasan_slab_alloc+0xb2/0xe0
[  319.221618][T27492]  ? kmem_cache_alloc+0x189/0x2f0
[  319.226493][T27492]  ? anon_vma_fork+0x1b9/0x4f0
[  319.231086][T27492]  get_zeroed_page+0x19/0x40
[  319.235856][T27492]  __pud_alloc+0x8b/0x260
[  319.240021][T27492]  ? do_handle_mm_fault+0x2370/0x2370
[  319.245223][T27492]  copy_page_range+0xd9e/0x1090
[  319.249918][T27492]  ? pfn_valid+0x1e0/0x1e0
[  319.254164][T27492]  dup_mmap+0x99f/0xea0
[  319.258161][T27492]  ? __delayed_free_task+0x20/0x20
[  319.263101][T27492]  ? mm_init+0x807/0x960
[  319.267181][T27492]  dup_mm+0x91/0x330
[  319.270915][T27492]  copy_mm+0x108/0x1b0
[  319.274819][T27492]  copy_process+0x1295/0x3250
[  319.279334][T27492]  ? proc_fail_nth_write+0x213/0x290
[  319.284463][T27492]  ? proc_fail_nth_read+0x220/0x220
[  319.289488][T27492]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  319.294440][T27492]  ? vfs_write+0x9af/0x1050
[  319.298773][T27492]  ? vmacache_update+0xb7/0x120
[  319.303463][T27492]  kernel_clone+0x22d/0x990
[  319.307814][T27492]  ? file_end_write+0x1b0/0x1b0
[  319.312484][T27492]  ? __kasan_check_write+0x14/0x20
[  319.317435][T27492]  ? create_io_thread+0x1e0/0x1e0
[  319.322303][T27492]  ? __mutex_lock_slowpath+0x10/0x10
[  319.327421][T27492]  __x64_sys_clone+0x289/0x310
[  319.332015][T27492]  ? __do_sys_vfork+0x130/0x130
[  319.336710][T27492]  ? debug_smp_processor_id+0x17/0x20
[  319.341911][T27492]  do_syscall_64+0x44/0xd0
[  319.346162][T27492]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  319.351890][T27492] RIP: 0033:0x7f13408790c9
[  319.356142][T27492] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  319.375591][T27492] RSP: 002b:00007f133f5ec118 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  319.383833][T27492] RAX: ffffffffffffffda RBX: 00007f1340998f80 RCX: 00007f13408790c9
[  319.391642][T27492] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  319.399450][T27492] RBP: 00007f133f5ec1d0 R08: 0000000000000000 R09: 0000000000000000
[  319.407263][T27492] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
18:06:38 executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x4, 0x0, 0x4, 0x0, 0xc04}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000500)={0xffffffffffffffff, 0xe0, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000240)=[0x0, 0x0, 0x0], ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0x1, 0x9, &(0x7f0000000280)=[0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000700)=[{}, {}], 0x10, 0x10, &(0x7f0000000340), &(0x7f0000000380), 0x8, 0x10, 0x8, 0x8, &(0x7f00000003c0)}}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000004000f008000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0x2, 0x101, 0x720be703, 0x1000, 0xf1, r0, 0x80000000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1}, 0x48)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x4030582a, &(0x7f0000000040))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x5, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffff956, 0x0, 0x0, 0x0, 0x9}, [@map_fd={0x18, 0x6, 0x1, 0x0, r0}]}, &(0x7f0000000140)='syzkaller\x00', 0x400, 0xbc, &(0x7f0000000180)=""/188, 0x40f00, 0x2, '\x00', r1, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000540)={0x5, 0x2}, 0x8, 0x10, &(0x7f0000000580)={0x0, 0x0, 0x28, 0x3f}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000640)=[0xffffffffffffffff, r2, r0, r0, r0, r3, r0, r0]}, 0x80)

18:06:38 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x2e02)
close(r2)

18:06:38 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x80001, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200, 0x1, @perf_bp={&(0x7f0000000100)}, 0x80000, 0xbcf7, 0x3, 0x2, 0x1b8, 0x5, 0x0, 0x0, 0x8, 0x0, 0x51}, 0xffffffffffffffff, 0xe, r0, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

18:06:38 executing program 2:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x8, 0x0, 0x0, 0x0)

18:06:38 executing program 1:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 40)

[  319.415076][T27492] R13: 00007ffcbc4c66ef R14: 00007f133f5ec300 R15: 0000000000022000
[  319.422888][T27492]  </TASK>
18:06:38 executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x4, 0x0, 0x4, 0x0, 0xc04}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000500)={0xffffffffffffffff, 0xe0, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000240)=[0x0, 0x0, 0x0], ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0x1, 0x9, &(0x7f0000000280)=[0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000700)=[{}, {}], 0x10, 0x10, &(0x7f0000000340), &(0x7f0000000380), 0x8, 0x10, 0x8, 0x8, &(0x7f00000003c0)}}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000004000f008000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0x2, 0x101, 0x720be703, 0x1000, 0xf1, r0, 0x80000000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1}, 0x48)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x4030582a, &(0x7f0000000040))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x5, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffff956, 0x0, 0x0, 0x0, 0x9}, [@map_fd={0x18, 0x6, 0x1, 0x0, r0}]}, &(0x7f0000000140)='syzkaller\x00', 0x400, 0xbc, &(0x7f0000000180)=""/188, 0x40f00, 0x2, '\x00', r1, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000540)={0x5, 0x2}, 0x8, 0x10, &(0x7f0000000580)={0x0, 0x0, 0x28, 0x3f}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000640)=[0xffffffffffffffff, r2, r0, r0, r0, r3, r0, r0]}, 0x80)

18:06:38 executing program 3:
ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x40806685, 0x0)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
ioctl$TUNSETSTEERINGEBPF(r0, 0x800454e0, &(0x7f0000000080))
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000001500)=@bpf_lsm={0x1d, 0x6, &(0x7f0000000100)=ANY=[@ANYBLOB="1800000038080008000000000500000048a23000ffffffff95000000000000000000000f959c694d77f206e38f80f20293c435b3c80c7b9637ed898795db71e4eb1ff5fe999db70ed05fc49c175114948930c6ee5c57"], &(0x7f0000000400)='GPL\x00', 0x7, 0x8a, &(0x7f0000000440)=""/138, 0x40f00, 0x0, '\x00', 0x0, 0x1b, r0, 0x8, &(0x7f0000000500)={0x7, 0x5}, 0x8, 0x10, 0x0}, 0x80)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40082404, &(0x7f00000000c0)=0x80000001)
r1 = getpid()
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r2, &(0x7f0000000080), 0x2, 0x0)
r3 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r3)
ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r2, 0x3, r3, 0x2)
perf_event_open(&(0x7f00000001c0)={0x1, 0x80, 0xa3, 0x8, 0x93, 0x1, 0x0, 0xf0f, 0x30, 0x5, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x6, 0x1, @perf_bp={&(0x7f0000000180), 0x3}, 0x200, 0xffff, 0x3, 0x0, 0x1, 0x5, 0x401, 0x0, 0x9, 0x0, 0x9}, 0x0, 0x1, r3, 0x7aa53c0b6b10df1a)
r4 = bpf$ITER_CREATE(0x21, &(0x7f0000000080), 0x8)
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x3, 0x1f, 0x3f, 0x8, 0x0, 0x9, 0x81004, 0xc, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x3, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x1, @perf_config_ext={0x7fff, 0x400}, 0x3, 0x28, 0x5, 0x3, 0x7f, 0x3ff, 0x4, 0x0, 0x5a, 0x0, 0xbbbc}, r1, 0xe, r4, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x40806685, 0x0) (async)
bpf$ITER_CREATE(0x21, 0x0, 0x0) (async)
ioctl$TUNSETSTEERINGEBPF(r0, 0x800454e0, &(0x7f0000000080)) (async)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000001500)=@bpf_lsm={0x1d, 0x6, &(0x7f0000000100)=ANY=[@ANYBLOB="1800000038080008000000000500000048a23000ffffffff95000000000000000000000f959c694d77f206e38f80f20293c435b3c80c7b9637ed898795db71e4eb1ff5fe999db70ed05fc49c175114948930c6ee5c57"], &(0x7f0000000400)='GPL\x00', 0x7, 0x8a, &(0x7f0000000440)=""/138, 0x40f00, 0x0, '\x00', 0x0, 0x1b, r0, 0x8, &(0x7f0000000500)={0x7, 0x5}, 0x8, 0x10, 0x0}, 0x80) (async)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40082404, &(0x7f00000000c0)=0x80000001) (async)
getpid() (async)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0) (async)
openat$cgroup_freezer_state(r2, &(0x7f0000000080), 0x2, 0x0) (async)
perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (async)
close(r3) (async)
ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0xc004743e, &(0x7f0000000680)='&@[\x00') (async)
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r2, 0x3, r3, 0x2) (async)
perf_event_open(&(0x7f00000001c0)={0x1, 0x80, 0xa3, 0x8, 0x93, 0x1, 0x0, 0xf0f, 0x30, 0x5, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x6, 0x1, @perf_bp={&(0x7f0000000180), 0x3}, 0x200, 0xffff, 0x3, 0x0, 0x1, 0x5, 0x401, 0x0, 0x9, 0x0, 0x9}, 0x0, 0x1, r3, 0x7aa53c0b6b10df1a) (async)
bpf$ITER_CREATE(0x21, &(0x7f0000000080), 0x8) (async)
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x3, 0x1f, 0x3f, 0x8, 0x0, 0x9, 0x81004, 0xc, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x3, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x1, @perf_config_ext={0x7fff, 0x400}, 0x3, 0x28, 0x5, 0x3, 0x7f, 0x3ff, 0x4, 0x0, 0x5a, 0x0, 0xbbbc}, r1, 0xe, r4, 0x0) (async)

18:06:38 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x3a01)
close(r2)

18:06:38 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x80001, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200, 0x1, @perf_bp={&(0x7f0000000100)}, 0x80000, 0xbcf7, 0x3, 0x2, 0x1b8, 0x5, 0x0, 0x0, 0x8, 0x0, 0x51}, 0xffffffffffffffff, 0xe, r0, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

18:06:38 executing program 2:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x9, 0x0, 0x0, 0x0)

18:06:38 executing program 3:
ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x40806685, 0x0)
r0 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
ioctl$TUNSETSTEERINGEBPF(r0, 0x800454e0, &(0x7f0000000080))
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000001500)=@bpf_lsm={0x1d, 0x6, &(0x7f0000000100)=ANY=[@ANYBLOB="1800000038080008000000000500000048a23000ffffffff95000000000000000000000f959c694d77f206e38f80f20293c435b3c80c7b9637ed898795db71e4eb1ff5fe999db70ed05fc49c175114948930c6ee5c57"], &(0x7f0000000400)='GPL\x00', 0x7, 0x8a, &(0x7f0000000440)=""/138, 0x40f00, 0x0, '\x00', 0x0, 0x1b, r0, 0x8, &(0x7f0000000500)={0x7, 0x5}, 0x8, 0x10, 0x0}, 0x80)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40082404, &(0x7f00000000c0)=0x80000001)
r1 = getpid()
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r2, &(0x7f0000000080), 0x2, 0x0)
r3 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r3)
ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r2, 0x3, r3, 0x2)
perf_event_open(&(0x7f00000001c0)={0x1, 0x80, 0xa3, 0x8, 0x93, 0x1, 0x0, 0xf0f, 0x30, 0x5, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x6, 0x1, @perf_bp={&(0x7f0000000180), 0x3}, 0x200, 0xffff, 0x3, 0x0, 0x1, 0x5, 0x401, 0x0, 0x9, 0x0, 0x9}, 0x0, 0x1, r3, 0x7aa53c0b6b10df1a)
r4 = bpf$ITER_CREATE(0x21, &(0x7f0000000080), 0x8)
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x3, 0x1f, 0x3f, 0x8, 0x0, 0x9, 0x81004, 0xc, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x3, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x1, @perf_config_ext={0x7fff, 0x400}, 0x3, 0x28, 0x5, 0x3, 0x7f, 0x3ff, 0x4, 0x0, 0x5a, 0x0, 0xbbbc}, r1, 0xe, r4, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x40806685, 0x0) (async)
bpf$ITER_CREATE(0x21, 0x0, 0x0) (async)
ioctl$TUNSETSTEERINGEBPF(r0, 0x800454e0, &(0x7f0000000080)) (async)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000001500)=@bpf_lsm={0x1d, 0x6, &(0x7f0000000100)=ANY=[@ANYBLOB="1800000038080008000000000500000048a23000ffffffff95000000000000000000000f959c694d77f206e38f80f20293c435b3c80c7b9637ed898795db71e4eb1ff5fe999db70ed05fc49c175114948930c6ee5c57"], &(0x7f0000000400)='GPL\x00', 0x7, 0x8a, &(0x7f0000000440)=""/138, 0x40f00, 0x0, '\x00', 0x0, 0x1b, r0, 0x8, &(0x7f0000000500)={0x7, 0x5}, 0x8, 0x10, 0x0}, 0x80) (async)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40082404, &(0x7f00000000c0)=0x80000001) (async)
getpid() (async)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0) (async)
openat$cgroup_freezer_state(r2, &(0x7f0000000080), 0x2, 0x0) (async)
perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (async)
close(r3) (async)
ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0xc004743e, &(0x7f0000000680)='&@[\x00') (async)
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r2, 0x3, r3, 0x2) (async)
perf_event_open(&(0x7f00000001c0)={0x1, 0x80, 0xa3, 0x8, 0x93, 0x1, 0x0, 0xf0f, 0x30, 0x5, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x6, 0x1, @perf_bp={&(0x7f0000000180), 0x3}, 0x200, 0xffff, 0x3, 0x0, 0x1, 0x5, 0x401, 0x0, 0x9, 0x0, 0x9}, 0x0, 0x1, r3, 0x7aa53c0b6b10df1a) (async)
bpf$ITER_CREATE(0x21, &(0x7f0000000080), 0x8) (async)
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x3, 0x1f, 0x3f, 0x8, 0x0, 0x9, 0x81004, 0xc, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x3, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x1, @perf_config_ext={0x7fff, 0x400}, 0x3, 0x28, 0x5, 0x3, 0x7f, 0x3ff, 0x4, 0x0, 0x5a, 0x0, 0xbbbc}, r1, 0xe, r4, 0x0) (async)

18:06:39 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x3f00)
close(r2)

[  319.525085][T27511] FAULT_INJECTION: forcing a failure.
[  319.525085][T27511] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  319.540811][T27511] CPU: 0 PID: 27511 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0
[  319.550967][T27511] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[  319.560862][T27511] Call Trace:
[  319.563986][T27511]  <TASK>
[  319.566767][T27511]  dump_stack_lvl+0x151/0x1b7
[  319.571276][T27511]  ? bfq_pos_tree_add_move+0x43e/0x43e
[  319.576575][T27511]  ? stack_trace_save+0x1f0/0x1f0
[  319.581432][T27511]  ? __kernel_text_address+0x9a/0x110
[  319.586633][T27511]  dump_stack+0x15/0x17
[  319.590626][T27511]  should_fail+0x3c0/0x510
[  319.594876][T27511]  should_fail_alloc_page+0x58/0x70
[  319.599910][T27511]  __alloc_pages+0x1de/0x7c0
[  319.604340][T27511]  ? stack_trace_save+0x12d/0x1f0
[  319.609198][T27511]  ? stack_trace_snprint+0x100/0x100
[  319.614322][T27511]  ? __count_vm_events+0x30/0x30
[  319.619106][T27511]  ? __kasan_slab_alloc+0xc4/0xe0
[  319.623952][T27511]  ? __kasan_slab_alloc+0xb2/0xe0
[  319.628817][T27511]  ? kmem_cache_alloc+0x189/0x2f0
[  319.633672][T27511]  ? anon_vma_fork+0x1b9/0x4f0
[  319.638275][T27511]  get_zeroed_page+0x19/0x40
[  319.642702][T27511]  __pud_alloc+0x8b/0x260
[  319.646869][T27511]  ? do_handle_mm_fault+0x2370/0x2370
[  319.652082][T27511]  copy_page_range+0xd9e/0x1090
[  319.656772][T27511]  ? pfn_valid+0x1e0/0x1e0
[  319.661015][T27511]  dup_mmap+0x99f/0xea0
[  319.665006][T27511]  ? __delayed_free_task+0x20/0x20
[  319.669954][T27511]  ? mm_init+0x807/0x960
[  319.674035][T27511]  dup_mm+0x91/0x330
[  319.677762][T27511]  copy_mm+0x108/0x1b0
[  319.681685][T27511]  copy_process+0x1295/0x3250
[  319.686182][T27511]  ? proc_fail_nth_write+0x213/0x290
[  319.691306][T27511]  ? proc_fail_nth_read+0x220/0x220
[  319.696338][T27511]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  319.701282][T27511]  ? vfs_write+0x9af/0x1050
[  319.705625][T27511]  ? vmacache_update+0xb7/0x120
[  319.710311][T27511]  kernel_clone+0x22d/0x990
[  319.714649][T27511]  ? file_end_write+0x1b0/0x1b0
[  319.719338][T27511]  ? __kasan_check_write+0x14/0x20
[  319.724283][T27511]  ? create_io_thread+0x1e0/0x1e0
[  319.729143][T27511]  ? __mutex_lock_slowpath+0x10/0x10
[  319.734265][T27511]  __x64_sys_clone+0x289/0x310
[  319.738878][T27511]  ? __do_sys_vfork+0x130/0x130
[  319.743551][T27511]  ? debug_smp_processor_id+0x17/0x20
[  319.748758][T27511]  do_syscall_64+0x44/0xd0
[  319.753018][T27511]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  319.758750][T27511] RIP: 0033:0x7f13408790c9
[  319.762995][T27511] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  319.782525][T27511] RSP: 002b:00007f133f5ec118 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  319.790766][T27511] RAX: ffffffffffffffda RBX: 00007f1340998f80 RCX: 00007f13408790c9
[  319.798576][T27511] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  319.806392][T27511] RBP: 00007f133f5ec1d0 R08: 0000000000000000 R09: 0000000000000000
[  319.814206][T27511] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
18:06:39 executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x4, 0x0, 0x4, 0x0, 0xc04}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000500)={0xffffffffffffffff, 0xe0, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000240)=[0x0, 0x0, 0x0], ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0x1, 0x9, &(0x7f0000000280)=[0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000700)=[{}, {}], 0x10, 0x10, &(0x7f0000000340), &(0x7f0000000380), 0x8, 0x10, 0x8, 0x8, &(0x7f00000003c0)}}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000004000f008000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0x2, 0x101, 0x720be703, 0x1000, 0xf1, r0, 0x80000000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1}, 0x48)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x4030582a, &(0x7f0000000040))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x5, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffff956, 0x0, 0x0, 0x0, 0x9}, [@map_fd={0x18, 0x6, 0x1, 0x0, r0}]}, &(0x7f0000000140)='syzkaller\x00', 0x400, 0xbc, &(0x7f0000000180)=""/188, 0x40f00, 0x2, '\x00', r1, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000540)={0x5, 0x2}, 0x8, 0x10, &(0x7f0000000580)={0x0, 0x0, 0x28, 0x3f}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000640)=[0xffffffffffffffff, r2, r0, r0, r0, r3, r0, r0]}, 0x80)

18:06:39 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x80001, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200, 0x1, @perf_bp={&(0x7f0000000100)}, 0x80000, 0xbcf7, 0x3, 0x2, 0x1b8, 0x5, 0x0, 0x0, 0x8, 0x0, 0x51}, 0xffffffffffffffff, 0xe, r0, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

18:06:39 executing program 1:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 41)

[  319.822012][T27511] R13: 00007ffcbc4c66ef R14: 00007f133f5ec300 R15: 0000000000022000
[  319.829915][T27511]  </TASK>
18:06:39 executing program 3:
openat$cgroup_type(0xffffffffffffffff, &(0x7f0000000040), 0x2, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='pids.current\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000100)='blkio.bfq.io_wait_time\x00', 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000140)={'veth0_macvtap\x00', 0x100})
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'rose0\x00', 0x1000})

[  319.879242][T27560] FAULT_INJECTION: forcing a failure.
[  319.879242][T27560] name failslab, interval 1, probability 0, space 0, times 0
[  319.898648][T27560] CPU: 1 PID: 27560 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0
[  319.908721][T27560] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[  319.918617][T27560] Call Trace:
[  319.921742][T27560]  <TASK>
[  319.924518][T27560]  dump_stack_lvl+0x151/0x1b7
18:06:39 executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x4, 0x0, 0x4, 0x0, 0xc04}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000500)={0xffffffffffffffff, 0xe0, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000240)=[0x0, 0x0, 0x0], ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0x1, 0x9, &(0x7f0000000280)=[0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000700)=[{}, {}], 0x10, 0x10, &(0x7f0000000340), &(0x7f0000000380), 0x8, 0x10, 0x8, 0x8, &(0x7f00000003c0)}}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000004000f008000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0x2, 0x101, 0x720be703, 0x1000, 0xf1, r0, 0x80000000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1}, 0x48)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x4030582a, &(0x7f0000000040))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x5, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffff956, 0x0, 0x0, 0x0, 0x9}, [@map_fd={0x18, 0x6, 0x1, 0x0, r0}]}, &(0x7f0000000140)='syzkaller\x00', 0x400, 0xbc, &(0x7f0000000180)=""/188, 0x40f00, 0x2, '\x00', r1, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000540)={0x5, 0x2}, 0x8, 0x10, &(0x7f0000000580)={0x0, 0x0, 0x28, 0x3f}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000640)=[0xffffffffffffffff, r2, r0, r0, r0, 0xffffffffffffffff, r3, r0, r0]}, 0x80)

18:06:39 executing program 2:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x11, 0x0, 0x0, 0x0)

18:06:39 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x4000)
close(r2)

18:06:39 executing program 3:
openat$cgroup_type(0xffffffffffffffff, &(0x7f0000000040), 0x2, 0x0) (async, rerun: 64)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='pids.current\x00', 0x26e1, 0x0) (rerun: 64)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0) (async)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async)
r2 = openat$cgroup_ro(r0, &(0x7f0000000100)='blkio.bfq.io_wait_time\x00', 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000140)={'veth0_macvtap\x00', 0x100})
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'rose0\x00', 0x1000})

18:06:39 executing program 3:
openat$cgroup_type(0xffffffffffffffff, &(0x7f0000000040), 0x2, 0x0) (async)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='pids.current\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = openat$cgroup_ro(r0, &(0x7f0000000100)='blkio.bfq.io_wait_time\x00', 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000140)={'veth0_macvtap\x00', 0x100}) (async)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'rose0\x00', 0x1000})

[  319.929038][T27560]  ? bfq_pos_tree_add_move+0x43e/0x43e
[  319.934328][T27560]  dump_stack+0x15/0x17
[  319.938323][T27560]  should_fail+0x3c0/0x510
[  319.942572][T27560]  __should_failslab+0x9f/0xe0
[  319.947172][T27560]  should_failslab+0x9/0x20
[  319.951507][T27560]  kmem_cache_alloc+0x4f/0x2f0
[  319.956106][T27560]  ? vm_area_dup+0x26/0x1d0
[  319.960444][T27560]  ? __kasan_check_read+0x11/0x20
[  319.965311][T27560]  vm_area_dup+0x26/0x1d0
[  319.969470][T27560]  dup_mmap+0x6b8/0xea0
[  319.973464][T27560]  ? __delayed_free_task+0x20/0x20
[  319.978415][T27560]  ? mm_init+0x807/0x960
[  319.982580][T27560]  dup_mm+0x91/0x330
[  319.986307][T27560]  copy_mm+0x108/0x1b0
[  319.990214][T27560]  copy_process+0x1295/0x3250
[  319.994819][T27560]  ? proc_fail_nth_write+0x213/0x290
[  319.999943][T27560]  ? proc_fail_nth_read+0x220/0x220
[  320.004970][T27560]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  320.009917][T27560]  ? vfs_write+0x9af/0x1050
[  320.014258][T27560]  ? vmacache_update+0xb7/0x120
[  320.018942][T27560]  kernel_clone+0x22d/0x990
[  320.023288][T27560]  ? file_end_write+0x1b0/0x1b0
[  320.027975][T27560]  ? __kasan_check_write+0x14/0x20
[  320.032919][T27560]  ? create_io_thread+0x1e0/0x1e0
[  320.037782][T27560]  ? __mutex_lock_slowpath+0x10/0x10
[  320.042899][T27560]  __x64_sys_clone+0x289/0x310
[  320.047501][T27560]  ? __do_sys_vfork+0x130/0x130
[  320.052182][T27560]  ? debug_smp_processor_id+0x17/0x20
[  320.057393][T27560]  do_syscall_64+0x44/0xd0
[  320.061655][T27560]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  320.067373][T27560] RIP: 0033:0x7f13408790c9
[  320.071630][T27560] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  320.091068][T27560] RSP: 002b:00007f133f5ec118 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  320.099403][T27560] RAX: ffffffffffffffda RBX: 00007f1340998f80 RCX: 00007f13408790c9
[  320.107229][T27560] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  320.115031][T27560] RBP: 00007f133f5ec1d0 R08: 0000000000000000 R09: 0000000000000000
18:06:39 executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x4, 0x0, 0x4, 0x0, 0xc04}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000500)={0xffffffffffffffff, 0xe0, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000240)=[0x0, 0x0, 0x0], ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0x1, 0x9, &(0x7f0000000280)=[0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000700)=[{}, {}], 0x10, 0x10, &(0x7f0000000340), &(0x7f0000000380), 0x8, 0x10, 0x8, 0x8, &(0x7f00000003c0)}}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000004000f008000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0x2, 0x101, 0x720be703, 0x1000, 0xf1, r0, 0x80000000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1}, 0x48)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x4030582a, &(0x7f0000000040))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x5, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffff956, 0x0, 0x0, 0x0, 0x9}, [@map_fd={0x18, 0x6, 0x1, 0x0, r0}]}, &(0x7f0000000140)='syzkaller\x00', 0x400, 0xbc, &(0x7f0000000180)=""/188, 0x40f00, 0x2, '\x00', r1, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000540)={0x5, 0x2}, 0x8, 0x10, &(0x7f0000000580)={0x0, 0x0, 0x28, 0x3f}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000640)=[0xffffffffffffffff, r2, r0, r0, r0, 0xffffffffffffffff, r3, r0, r0]}, 0x80)

18:06:39 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x80001, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200, 0x1, @perf_bp={&(0x7f0000000100)}, 0x80000, 0xbcf7, 0x3, 0x2, 0x1b8, 0x5, 0x0, 0x0, 0x8, 0x0, 0x51}, 0xffffffffffffffff, 0xe, r0, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

18:06:39 executing program 1:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 42)

18:06:39 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
openat$cgroup_ro(r0, &(0x7f0000000000)='blkio.bfq.dequeue\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0)

[  320.122976][T27560] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  320.130782][T27560] R13: 00007ffcbc4c66ef R14: 00007f133f5ec300 R15: 0000000000022000
[  320.138594][T27560]  </TASK>
18:06:39 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
openat$cgroup_ro(r0, &(0x7f0000000000)='blkio.bfq.dequeue\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0) (async)
openat$cgroup_ro(r0, &(0x7f0000000000)='blkio.bfq.dequeue\x00', 0x0, 0x0) (async)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0) (async)

18:06:39 executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x4, 0x0, 0x4, 0x0, 0xc04}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000500)={0xffffffffffffffff, 0xe0, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000240)=[0x0, 0x0, 0x0], ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0x1, 0x9, &(0x7f0000000280)=[0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000700)=[{}, {}], 0x10, 0x10, &(0x7f0000000340), &(0x7f0000000380), 0x8, 0x10, 0x8, 0x8, &(0x7f00000003c0)}}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000004000f008000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0x2, 0x101, 0x720be703, 0x1000, 0xf1, r0, 0x80000000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1}, 0x48)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x4030582a, &(0x7f0000000040))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x5, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffff956, 0x0, 0x0, 0x0, 0x9}, [@map_fd={0x18, 0x6, 0x1, 0x0, r0}]}, &(0x7f0000000140)='syzkaller\x00', 0x400, 0xbc, &(0x7f0000000180)=""/188, 0x40f00, 0x2, '\x00', r1, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000540)={0x5, 0x2}, 0x8, 0x10, &(0x7f0000000580)={0x0, 0x0, 0x28, 0x3f}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000640)=[0xffffffffffffffff, r2, r0, r0, r0, 0xffffffffffffffff, r3, r0, r0]}, 0x80)

18:06:39 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x5784)
close(r2)

18:06:39 executing program 2:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x700, 0x0, 0x0, 0x0)

18:06:39 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x80001, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200, 0x1, @perf_bp={&(0x7f0000000100)}, 0x80000, 0xbcf7, 0x3, 0x2, 0x1b8, 0x5, 0x0, 0x0, 0x8, 0x0, 0x51}, 0xffffffffffffffff, 0xe, r0, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

18:06:39 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
openat$cgroup_ro(r0, &(0x7f0000000000)='blkio.bfq.dequeue\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0)

18:06:39 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x80001, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200, 0x1, @perf_bp={&(0x7f0000000100)}, 0x80000, 0xbcf7, 0x3, 0x2, 0x1b8, 0x5, 0x0, 0x0, 0x8, 0x0, 0x51}, 0xffffffffffffffff, 0xe, r0, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

[  320.233918][T27593] FAULT_INJECTION: forcing a failure.
[  320.233918][T27593] name failslab, interval 1, probability 0, space 0, times 0
[  320.268416][T27593] CPU: 0 PID: 27593 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0
18:06:39 executing program 3:
r0 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000001c0)=0xffffffffffffffff, 0x4)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000002c0)={0x6, 0x12, &(0x7f0000000340)=@framed={{0x18, 0x0, 0x0, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x5}, [@ldst={0x0, 0x2, 0x2, 0x0, 0x8, 0xffffffffffffffc0, 0x1}, @call={0x85, 0x0, 0x0, 0xc5}, @cb_func={0x18, 0x2, 0x4, 0x0, 0x4}, @jmp={0x5, 0x0, 0x0, 0x6, 0x3, 0x80, 0x4}, @map_idx={0x18, 0x2, 0x5, 0x0, 0x47}, @btf_id={0x18, 0xb, 0x3, 0x0, 0x4}, @initr0={0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0xfffffffb}, @call={0x85, 0x0, 0x0, 0xa2}, @alu={0x4, 0x1, 0x3, 0x1, 0x1, 0x6, 0x8}, @cb_func={0x18, 0xa, 0x4, 0x0, 0x3}]}, &(0x7f0000000100)='GPL\x00', 0x4, 0x5a, &(0x7f0000000140)=""/90, 0x41000, 0x1, '\x00', 0x0, 0x25, r0, 0x8, &(0x7f0000000200)={0x2, 0x1}, 0x8, 0x10, &(0x7f0000000240)={0x4, 0x7, 0x6, 0x4}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000280)=[0x1]}, 0x80)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40806685, 0x0)

18:06:39 executing program 3:
r0 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000001c0)=0xffffffffffffffff, 0x4)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000002c0)={0x6, 0x12, &(0x7f0000000340)=@framed={{0x18, 0x0, 0x0, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x5}, [@ldst={0x0, 0x2, 0x2, 0x0, 0x8, 0xffffffffffffffc0, 0x1}, @call={0x85, 0x0, 0x0, 0xc5}, @cb_func={0x18, 0x2, 0x4, 0x0, 0x4}, @jmp={0x5, 0x0, 0x0, 0x6, 0x3, 0x80, 0x4}, @map_idx={0x18, 0x2, 0x5, 0x0, 0x47}, @btf_id={0x18, 0xb, 0x3, 0x0, 0x4}, @initr0={0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0xfffffffb}, @call={0x85, 0x0, 0x0, 0xa2}, @alu={0x4, 0x1, 0x3, 0x1, 0x1, 0x6, 0x8}, @cb_func={0x18, 0xa, 0x4, 0x0, 0x3}]}, &(0x7f0000000100)='GPL\x00', 0x4, 0x5a, &(0x7f0000000140)=""/90, 0x41000, 0x1, '\x00', 0x0, 0x25, r0, 0x8, &(0x7f0000000200)={0x2, 0x1}, 0x8, 0x10, &(0x7f0000000240)={0x4, 0x7, 0x6, 0x4}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000280)=[0x1]}, 0x80)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40806685, 0x0)

18:06:39 executing program 2:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x900, 0x0, 0x0, 0x0)

[  320.278603][T27593] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[  320.288499][T27593] Call Trace:
[  320.291619][T27593]  <TASK>
[  320.294402][T27593]  dump_stack_lvl+0x151/0x1b7
[  320.299000][T27593]  ? bfq_pos_tree_add_move+0x43e/0x43e
[  320.304292][T27593]  ? do_syscall_64+0x44/0xd0
[  320.308726][T27593]  dump_stack+0x15/0x17
[  320.312713][T27593]  should_fail+0x3c0/0x510
[  320.316967][T27593]  __should_failslab+0x9f/0xe0
[  320.321572][T27593]  should_failslab+0x9/0x20
[  320.325932][T27593]  kmem_cache_alloc+0x4f/0x2f0
[  320.330506][T27593]  ? anon_vma_clone+0xa1/0x4f0
[  320.335105][T27593]  anon_vma_clone+0xa1/0x4f0
[  320.339618][T27593]  anon_vma_fork+0x91/0x4f0
[  320.343955][T27593]  ? anon_vma_name+0x4c/0x70
[  320.348645][T27593]  dup_mmap+0x750/0xea0
[  320.352640][T27593]  ? __delayed_free_task+0x20/0x20
[  320.357585][T27593]  ? mm_init+0x807/0x960
[  320.361673][T27593]  dup_mm+0x91/0x330
[  320.365392][T27593]  copy_mm+0x108/0x1b0
[  320.369301][T27593]  copy_process+0x1295/0x3250
[  320.373825][T27593]  ? proc_fail_nth_write+0x213/0x290
[  320.378928][T27593]  ? proc_fail_nth_read+0x220/0x220
[  320.383961][T27593]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  320.388910][T27593]  ? vfs_write+0x9af/0x1050
[  320.393251][T27593]  ? vmacache_update+0xb7/0x120
[  320.397936][T27593]  kernel_clone+0x22d/0x990
[  320.402276][T27593]  ? file_end_write+0x1b0/0x1b0
[  320.406963][T27593]  ? __kasan_check_write+0x14/0x20
[  320.411936][T27593]  ? create_io_thread+0x1e0/0x1e0
[  320.416771][T27593]  ? __mutex_lock_slowpath+0x10/0x10
[  320.421891][T27593]  __x64_sys_clone+0x289/0x310
[  320.426518][T27593]  ? __do_sys_vfork+0x130/0x130
[  320.431190][T27593]  ? debug_smp_processor_id+0x17/0x20
[  320.436386][T27593]  do_syscall_64+0x44/0xd0
[  320.440636][T27593]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  320.446370][T27593] RIP: 0033:0x7f13408790c9
[  320.450620][T27593] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  320.470149][T27593] RSP: 002b:00007f133f5ec118 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
18:06:39 executing program 1:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 43)

18:06:39 executing program 3:
r0 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000001c0)=0xffffffffffffffff, 0x4)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000002c0)={0x6, 0x12, &(0x7f0000000340)=@framed={{0x18, 0x0, 0x0, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x5}, [@ldst={0x0, 0x2, 0x2, 0x0, 0x8, 0xffffffffffffffc0, 0x1}, @call={0x85, 0x0, 0x0, 0xc5}, @cb_func={0x18, 0x2, 0x4, 0x0, 0x4}, @jmp={0x5, 0x0, 0x0, 0x6, 0x3, 0x80, 0x4}, @map_idx={0x18, 0x2, 0x5, 0x0, 0x47}, @btf_id={0x18, 0xb, 0x3, 0x0, 0x4}, @initr0={0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0xfffffffb}, @call={0x85, 0x0, 0x0, 0xa2}, @alu={0x4, 0x1, 0x3, 0x1, 0x1, 0x6, 0x8}, @cb_func={0x18, 0xa, 0x4, 0x0, 0x3}]}, &(0x7f0000000100)='GPL\x00', 0x4, 0x5a, &(0x7f0000000140)=""/90, 0x41000, 0x1, '\x00', 0x0, 0x25, r0, 0x8, &(0x7f0000000200)={0x2, 0x1}, 0x8, 0x10, &(0x7f0000000240)={0x4, 0x7, 0x6, 0x4}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000280)=[0x1]}, 0x80)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40806685, 0x0)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000001c0)=0xffffffffffffffff, 0x4) (async)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000002c0)={0x6, 0x12, &(0x7f0000000340)=@framed={{0x18, 0x0, 0x0, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x5}, [@ldst={0x0, 0x2, 0x2, 0x0, 0x8, 0xffffffffffffffc0, 0x1}, @call={0x85, 0x0, 0x0, 0xc5}, @cb_func={0x18, 0x2, 0x4, 0x0, 0x4}, @jmp={0x5, 0x0, 0x0, 0x6, 0x3, 0x80, 0x4}, @map_idx={0x18, 0x2, 0x5, 0x0, 0x47}, @btf_id={0x18, 0xb, 0x3, 0x0, 0x4}, @initr0={0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0xfffffffb}, @call={0x85, 0x0, 0x0, 0xa2}, @alu={0x4, 0x1, 0x3, 0x1, 0x1, 0x6, 0x8}, @cb_func={0x18, 0xa, 0x4, 0x0, 0x3}]}, &(0x7f0000000100)='GPL\x00', 0x4, 0x5a, &(0x7f0000000140)=""/90, 0x41000, 0x1, '\x00', 0x0, 0x25, r0, 0x8, &(0x7f0000000200)={0x2, 0x1}, 0x8, 0x10, &(0x7f0000000240)={0x4, 0x7, 0x6, 0x4}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000280)=[0x1]}, 0x80) (async)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0) (async)
ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40806685, 0x0) (async)

18:06:39 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x5a84)
close(r2)

18:06:39 executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x4, 0x0, 0x4, 0x0, 0xc04}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000500)={0xffffffffffffffff, 0xe0, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000240)=[0x0, 0x0, 0x0], ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0x1, 0x9, &(0x7f0000000280)=[0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000700)=[{}, {}], 0x10, 0x10, &(0x7f0000000340), &(0x7f0000000380), 0x8, 0x10, 0x8, 0x8, &(0x7f00000003c0)}}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000004000f008000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0x2, 0x101, 0x720be703, 0x1000, 0xf1, r0, 0x80000000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1}, 0x48)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x4030582a, &(0x7f0000000040))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x5, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffff956, 0x0, 0x0, 0x0, 0x9}, [@map_fd={0x18, 0x6, 0x1, 0x0, r0}]}, &(0x7f0000000140)='syzkaller\x00', 0x400, 0xbc, &(0x7f0000000180)=""/188, 0x40f00, 0x2, '\x00', r1, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000540)={0x5, 0x2}, 0x8, 0x10, &(0x7f0000000580)={0x0, 0x0, 0x28, 0x3f}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000640)=[0xffffffffffffffff, r2, r0, r0, r0, r3, r0, r0]}, 0x80)

[  320.478393][T27593] RAX: ffffffffffffffda RBX: 00007f1340998f80 RCX: 00007f13408790c9
[  320.486202][T27593] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  320.494108][T27593] RBP: 00007f133f5ec1d0 R08: 0000000000000000 R09: 0000000000000000
[  320.501945][T27593] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  320.509726][T27593] R13: 00007ffcbc4c66ef R14: 00007f133f5ec300 R15: 0000000000022000
[  320.517637][T27593]  </TASK>
18:06:40 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0)

18:06:40 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x80001, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200, 0x1, @perf_bp={&(0x7f0000000100)}, 0x80000, 0xbcf7, 0x3, 0x2, 0x1b8, 0x5, 0x0, 0x0, 0x8, 0x0, 0x51}, 0xffffffffffffffff, 0xe, r0, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

[  320.547317][T27621] FAULT_INJECTION: forcing a failure.
[  320.547317][T27621] name failslab, interval 1, probability 0, space 0, times 0
[  320.560221][T27621] CPU: 1 PID: 27621 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0
[  320.570287][T27621] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[  320.580174][T27621] Call Trace:
[  320.583299][T27621]  <TASK>
[  320.586078][T27621]  dump_stack_lvl+0x151/0x1b7
[  320.590591][T27621]  ? bfq_pos_tree_add_move+0x43e/0x43e
[  320.595881][T27621]  ? do_syscall_64+0x44/0xd0
[  320.600312][T27621]  dump_stack+0x15/0x17
[  320.604300][T27621]  should_fail+0x3c0/0x510
[  320.608670][T27621]  __should_failslab+0x9f/0xe0
[  320.613269][T27621]  should_failslab+0x9/0x20
[  320.617609][T27621]  kmem_cache_alloc+0x4f/0x2f0
[  320.622209][T27621]  ? anon_vma_clone+0xa1/0x4f0
[  320.626811][T27621]  anon_vma_clone+0xa1/0x4f0
[  320.631234][T27621]  anon_vma_fork+0x91/0x4f0
[  320.635575][T27621]  ? anon_vma_name+0x4c/0x70
[  320.640003][T27621]  dup_mmap+0x750/0xea0
[  320.643993][T27621]  ? __delayed_free_task+0x20/0x20
[  320.648940][T27621]  ? mm_init+0x807/0x960
[  320.653028][T27621]  dup_mm+0x91/0x330
[  320.656753][T27621]  copy_mm+0x108/0x1b0
[  320.660660][T27621]  copy_process+0x1295/0x3250
[  320.665181][T27621]  ? proc_fail_nth_write+0x213/0x290
[  320.670292][T27621]  ? proc_fail_nth_read+0x220/0x220
[  320.675325][T27621]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  320.680276][T27621]  ? vfs_write+0x9af/0x1050
[  320.684636][T27621]  ? vmacache_update+0xb7/0x120
[  320.689300][T27621]  kernel_clone+0x22d/0x990
[  320.693734][T27621]  ? file_end_write+0x1b0/0x1b0
[  320.698410][T27621]  ? __kasan_check_write+0x14/0x20
[  320.703356][T27621]  ? create_io_thread+0x1e0/0x1e0
[  320.708231][T27621]  ? __mutex_lock_slowpath+0x10/0x10
[  320.713340][T27621]  __x64_sys_clone+0x289/0x310
[  320.717945][T27621]  ? __do_sys_vfork+0x130/0x130
[  320.722628][T27621]  ? debug_smp_processor_id+0x17/0x20
[  320.727835][T27621]  do_syscall_64+0x44/0xd0
[  320.732093][T27621]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  320.737815][T27621] RIP: 0033:0x7f13408790c9
[  320.742073][T27621] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  320.761603][T27621] RSP: 002b:00007f133f5ec118 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  320.769858][T27621] RAX: ffffffffffffffda RBX: 00007f1340998f80 RCX: 00007f13408790c9
[  320.777666][T27621] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  320.785463][T27621] RBP: 00007f133f5ec1d0 R08: 0000000000000000 R09: 0000000000000000
18:06:40 executing program 1:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 44)

18:06:40 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0) (async)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0) (async)

[  320.793276][T27621] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  320.801087][T27621] R13: 00007ffcbc4c66ef R14: 00007f133f5ec300 R15: 0000000000022000
[  320.808898][T27621]  </TASK>
18:06:40 executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x4, 0x0, 0x4, 0x0, 0xc04}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000500)={0xffffffffffffffff, 0xe0, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000240)=[0x0, 0x0, 0x0], ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0x1, 0x9, &(0x7f0000000280)=[0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000700)=[{}, {}], 0x10, 0x10, &(0x7f0000000340), &(0x7f0000000380), 0x8, 0x10, 0x8, 0x8, &(0x7f00000003c0)}}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000004000f008000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0x2, 0x101, 0x720be703, 0x1000, 0xf1, r0, 0x80000000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1}, 0x48)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x4030582a, &(0x7f0000000040))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x5, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffff956, 0x0, 0x0, 0x0, 0x9}, [@map_fd={0x18, 0x6, 0x1, 0x0, r0}]}, &(0x7f0000000140)='syzkaller\x00', 0x400, 0xbc, &(0x7f0000000180)=""/188, 0x40f00, 0x2, '\x00', r1, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000540)={0x5, 0x2}, 0x8, 0x10, &(0x7f0000000580)={0x0, 0x0, 0x28, 0x3f}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000640)=[0xffffffffffffffff, r2, r0, r0, r0, r3, r0, r0]}, 0x80)

18:06:40 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x7fb7)
close(r2)

18:06:40 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x80001, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200, 0x1, @perf_bp={&(0x7f0000000100)}, 0x80000, 0xbcf7, 0x3, 0x2, 0x1b8, 0x5, 0x0, 0x0, 0x8, 0x0, 0x51}, 0xffffffffffffffff, 0xe, r0, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

[  320.884227][T27636] FAULT_INJECTION: forcing a failure.
[  320.884227][T27636] name failslab, interval 1, probability 0, space 0, times 0
[  320.902187][T27636] CPU: 1 PID: 27636 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0
[  320.912262][T27636] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[  320.922160][T27636] Call Trace:
[  320.925281][T27636]  <TASK>
[  320.928061][T27636]  dump_stack_lvl+0x151/0x1b7
[  320.932575][T27636]  ? bfq_pos_tree_add_move+0x43e/0x43e
[  320.937878][T27636]  dump_stack+0x15/0x17
[  320.941859][T27636]  should_fail+0x3c0/0x510
[  320.946118][T27636]  __should_failslab+0x9f/0xe0
[  320.950725][T27636]  should_failslab+0x9/0x20
[  320.955052][T27636]  kmem_cache_alloc+0x4f/0x2f0
[  320.959651][T27636]  ? vm_area_dup+0x26/0x1d0
[  320.963991][T27636]  vm_area_dup+0x26/0x1d0
[  320.968160][T27636]  dup_mmap+0x6b8/0xea0
[  320.972153][T27636]  ? __delayed_free_task+0x20/0x20
[  320.977097][T27636]  ? mm_init+0x807/0x960
[  320.981177][T27636]  dup_mm+0x91/0x330
[  320.984915][T27636]  copy_mm+0x108/0x1b0
[  320.988813][T27636]  copy_process+0x1295/0x3250
[  320.993328][T27636]  ? proc_fail_nth_write+0x213/0x290
[  320.998449][T27636]  ? proc_fail_nth_read+0x220/0x220
[  321.003483][T27636]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  321.008436][T27636]  ? vfs_write+0x9af/0x1050
[  321.012762][T27636]  ? vmacache_update+0xb7/0x120
[  321.017448][T27636]  kernel_clone+0x22d/0x990
[  321.021788][T27636]  ? file_end_write+0x1b0/0x1b0
[  321.026478][T27636]  ? __kasan_check_write+0x14/0x20
[  321.031420][T27636]  ? create_io_thread+0x1e0/0x1e0
[  321.036483][T27636]  ? __mutex_lock_slowpath+0x10/0x10
[  321.041575][T27636]  __x64_sys_clone+0x289/0x310
[  321.046175][T27636]  ? __do_sys_vfork+0x130/0x130
[  321.050863][T27636]  ? debug_smp_processor_id+0x17/0x20
[  321.056069][T27636]  do_syscall_64+0x44/0xd0
[  321.060409][T27636]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  321.066225][T27636] RIP: 0033:0x7f13408790c9
[  321.070482][T27636] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  321.089919][T27636] RSP: 002b:00007f133f5ec118 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  321.098166][T27636] RAX: ffffffffffffffda RBX: 00007f1340998f80 RCX: 00007f13408790c9
[  321.105975][T27636] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  321.113785][T27636] RBP: 00007f133f5ec1d0 R08: 0000000000000000 R09: 0000000000000000
[  321.121604][T27636] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  321.129410][T27636] R13: 00007ffcbc4c66ef R14: 00007f133f5ec300 R15: 0000000000022000
[  321.137222][T27636]  </TASK>
[  321.683749][  T474] device bridge_slave_1 left promiscuous mode
[  321.689667][  T474] bridge0: port 2(bridge_slave_1) entered disabled state
[  321.696996][  T474] device bridge_slave_0 left promiscuous mode
[  321.702970][  T474] bridge0: port 1(bridge_slave_0) entered disabled state
[  321.710449][  T474] device veth1_macvtap left promiscuous mode
[  321.716324][  T474] device veth0_vlan left promiscuous mode
[  322.070971][T27650] bridge0: port 1(bridge_slave_0) entered blocking state
[  322.078016][T27650] bridge0: port 1(bridge_slave_0) entered disabled state
[  322.085421][T27650] device bridge_slave_0 entered promiscuous mode
[  322.092126][T27650] bridge0: port 2(bridge_slave_1) entered blocking state
[  322.099167][T27650] bridge0: port 2(bridge_slave_1) entered disabled state
[  322.106460][T27650] device bridge_slave_1 entered promiscuous mode
[  322.141001][T27650] bridge0: port 2(bridge_slave_1) entered blocking state
[  322.147869][T27650] bridge0: port 2(bridge_slave_1) entered forwarding state
[  322.154972][T27650] bridge0: port 1(bridge_slave_0) entered blocking state
[  322.161741][T27650] bridge0: port 1(bridge_slave_0) entered forwarding state
[  322.178684][  T475] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  322.186340][  T475] bridge0: port 1(bridge_slave_0) entered disabled state
[  322.193832][  T475] bridge0: port 2(bridge_slave_1) entered disabled state
[  322.203136][  T475] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  322.211138][  T475] bridge0: port 1(bridge_slave_0) entered blocking state
[  322.217912][  T475] bridge0: port 1(bridge_slave_0) entered forwarding state
[  322.226147][  T454] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  322.234118][  T454] bridge0: port 2(bridge_slave_1) entered blocking state
[  322.240932][  T454] bridge0: port 2(bridge_slave_1) entered forwarding state
[  322.254106][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  322.261773][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  322.273781][  T475] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  322.284765][T27650] device veth0_vlan entered promiscuous mode
[  322.293212][  T475] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  322.300855][  T475] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  322.308202][  T475] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  322.317656][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  322.326601][T27650] device veth1_macvtap entered promiscuous mode
[  322.335517][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
18:06:41 executing program 2:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x1100, 0x0, 0x0, 0x0)

18:06:41 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0)

18:06:41 executing program 1:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 45)

18:06:41 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x8012)
close(r2)

18:06:41 executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x4, 0x0, 0x4, 0x0, 0xc04}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000500)={0xffffffffffffffff, 0xe0, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000240)=[0x0, 0x0, 0x0], ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0x1, 0x9, &(0x7f0000000280)=[0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000700)=[{}, {}], 0x10, 0x10, &(0x7f0000000340), &(0x7f0000000380), 0x8, 0x10, 0x8, 0x8, &(0x7f00000003c0)}}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000004000f008000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0x2, 0x101, 0x720be703, 0x1000, 0xf1, r0, 0x80000000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1}, 0x48)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x4030582a, &(0x7f0000000040))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x5, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffff956, 0x0, 0x0, 0x0, 0x9}, [@map_fd={0x18, 0x6, 0x1, 0x0, r0}]}, &(0x7f0000000140)='syzkaller\x00', 0x400, 0xbc, &(0x7f0000000180)=""/188, 0x40f00, 0x2, '\x00', r1, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000540)={0x5, 0x2}, 0x8, 0x10, &(0x7f0000000580)={0x0, 0x0, 0x28, 0x3f}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000640)=[0xffffffffffffffff, r2, r0, r0, r0, r3, r0, r0]}, 0x80)

18:06:41 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x80001, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200, 0x1, @perf_bp={&(0x7f0000000100)}, 0x80000, 0xbcf7, 0x3, 0x2, 0x1b8, 0x5, 0x0, 0x0, 0x8, 0x0, 0x51}, 0xffffffffffffffff, 0xe, r0, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

[  322.346421][  T475] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  322.392246][T27660] FAULT_INJECTION: forcing a failure.
[  322.392246][T27660] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  322.405699][T27660] CPU: 0 PID: 27660 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0
[  322.415766][T27660] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[  322.425660][T27660] Call Trace:
[  322.428778][T27660]  <TASK>
[  322.431556][T27660]  dump_stack_lvl+0x151/0x1b7
[  322.436164][T27660]  ? bfq_pos_tree_add_move+0x43e/0x43e
[  322.441466][T27660]  ? stack_trace_save+0x1f0/0x1f0
[  322.446317][T27660]  ? __kernel_text_address+0x9a/0x110
[  322.451521][T27660]  dump_stack+0x15/0x17
[  322.455510][T27660]  should_fail+0x3c0/0x510
[  322.459763][T27660]  should_fail_alloc_page+0x58/0x70
[  322.464822][T27660]  __alloc_pages+0x1de/0x7c0
[  322.469235][T27660]  ? stack_trace_save+0x12d/0x1f0
[  322.474092][T27660]  ? stack_trace_snprint+0x100/0x100
[  322.479203][T27660]  ? __count_vm_events+0x30/0x30
[  322.483986][T27660]  ? __kasan_slab_alloc+0xc4/0xe0
[  322.488839][T27660]  ? __kasan_slab_alloc+0xb2/0xe0
[  322.493713][T27660]  ? kmem_cache_alloc+0x189/0x2f0
[  322.498559][T27660]  ? anon_vma_fork+0x1b9/0x4f0
[  322.503245][T27660]  get_zeroed_page+0x19/0x40
[  322.507670][T27660]  __pud_alloc+0x8b/0x260
[  322.511839][T27660]  ? do_handle_mm_fault+0x2370/0x2370
[  322.517044][T27660]  copy_page_range+0xd9e/0x1090
[  322.521733][T27660]  ? pfn_valid+0x1e0/0x1e0
[  322.526075][T27660]  dup_mmap+0x99f/0xea0
[  322.530066][T27660]  ? __delayed_free_task+0x20/0x20
[  322.535009][T27660]  ? mm_init+0x807/0x960
[  322.539089][T27660]  dup_mm+0x91/0x330
[  322.542821][T27660]  copy_mm+0x108/0x1b0
[  322.546729][T27660]  copy_process+0x1295/0x3250
[  322.551251][T27660]  ? proc_fail_nth_write+0x213/0x290
[  322.556359][T27660]  ? proc_fail_nth_read+0x220/0x220
[  322.561396][T27660]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  322.566350][T27660]  ? vfs_write+0x9af/0x1050
[  322.570699][T27660]  ? vmacache_update+0xb7/0x120
[  322.575377][T27660]  kernel_clone+0x22d/0x990
[  322.579720][T27660]  ? file_end_write+0x1b0/0x1b0
[  322.584395][T27660]  ? __kasan_check_write+0x14/0x20
[  322.589352][T27660]  ? create_io_thread+0x1e0/0x1e0
[  322.594202][T27660]  ? __mutex_lock_slowpath+0x10/0x10
[  322.599328][T27660]  __x64_sys_clone+0x289/0x310
[  322.603924][T27660]  ? __do_sys_vfork+0x130/0x130
[  322.608626][T27660]  ? debug_smp_processor_id+0x17/0x20
[  322.613816][T27660]  do_syscall_64+0x44/0xd0
[  322.618069][T27660]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  322.623799][T27660] RIP: 0033:0x7f13408790c9
[  322.628054][T27660] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  322.647499][T27660] RSP: 002b:00007f133f5ec118 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  322.655738][T27660] RAX: ffffffffffffffda RBX: 00007f1340998f80 RCX: 00007f13408790c9
[  322.663635][T27660] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  322.671448][T27660] RBP: 00007f133f5ec1d0 R08: 0000000000000000 R09: 0000000000000000
[  322.679265][T27660] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
18:06:41 executing program 3:
recvmsg$unix(0xffffffffffffffff, &(0x7f0000001340)={&(0x7f0000000000), 0x6e, &(0x7f0000000080)=[{&(0x7f0000000100)=""/155, 0x9b}, {&(0x7f00000001c0)=""/190, 0xbe}, {&(0x7f0000000280)=""/4096, 0x1000}, {&(0x7f0000001280)=""/156, 0x9c}], 0x4}, 0x22)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000001680)={&(0x7f0000001440), 0x6e, &(0x7f0000001640)=[{&(0x7f00000014c0)=""/182, 0xb6}, {&(0x7f0000001580)=""/183, 0xb7}], 0x2}, 0x0)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000001400)={&(0x7f0000001380), 0x6e, &(0x7f00000026c0)=[{&(0x7f0000002880)=""/4099, 0x1003}, {&(0x7f0000002400)=""/176, 0xb0}, {&(0x7f00000024c0)=""/118, 0x76}, {&(0x7f0000002540)=""/94, 0x5e}, {&(0x7f0000002800)=""/86, 0x56}, {&(0x7f0000002640)=""/6, 0x6}, {&(0x7f0000002680)=""/17, 0x11}], 0x7}, 0x42)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0)
bpf$OBJ_GET_MAP(0x7, &(0x7f00000027c0)={&(0x7f0000002780)='./file0\x00', 0x0, 0x18}, 0x10)

18:06:42 executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x4, 0x0, 0x4, 0x0, 0xc04}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000500)={0xffffffffffffffff, 0xe0, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000240)=[0x0, 0x0, 0x0], ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0x1, 0x9, &(0x7f0000000280)=[0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000700)=[{}, {}], 0x10, 0x10, &(0x7f0000000340), &(0x7f0000000380), 0x8, 0x10, 0x8, 0x8, &(0x7f00000003c0)}}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000004000f008000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0x2, 0x101, 0x720be703, 0x1000, 0xf1, r0, 0x80000000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1}, 0x48)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x4030582a, &(0x7f0000000040))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x5, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffff956, 0x0, 0x0, 0x0, 0x9}, [@map_fd={0x18, 0x6, 0x1, 0x0, r0}]}, &(0x7f0000000140)='syzkaller\x00', 0x400, 0xbc, &(0x7f0000000180)=""/188, 0x40f00, 0x2, '\x00', r1, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000540)={0x5, 0x2}, 0x8, 0x10, &(0x7f0000000580)={0x0, 0x0, 0x28, 0x3f}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000640)=[0xffffffffffffffff, r2, r0, r0, 0xffffffffffffffff, r0, r3, r0, r0]}, 0x80)

18:06:42 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x8100)
close(r2)

18:06:42 executing program 3:
recvmsg$unix(0xffffffffffffffff, &(0x7f0000001340)={&(0x7f0000000000), 0x6e, &(0x7f0000000080)=[{&(0x7f0000000100)=""/155, 0x9b}, {&(0x7f00000001c0)=""/190, 0xbe}, {&(0x7f0000000280)=""/4096, 0x1000}, {&(0x7f0000001280)=""/156, 0x9c}], 0x4}, 0x22) (async)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000001680)={&(0x7f0000001440), 0x6e, &(0x7f0000001640)=[{&(0x7f00000014c0)=""/182, 0xb6}, {&(0x7f0000001580)=""/183, 0xb7}], 0x2}, 0x0) (async)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000001400)={&(0x7f0000001380), 0x6e, &(0x7f00000026c0)=[{&(0x7f0000002880)=""/4099, 0x1003}, {&(0x7f0000002400)=""/176, 0xb0}, {&(0x7f00000024c0)=""/118, 0x76}, {&(0x7f0000002540)=""/94, 0x5e}, {&(0x7f0000002800)=""/86, 0x56}, {&(0x7f0000002640)=""/6, 0x6}, {&(0x7f0000002680)=""/17, 0x11}], 0x7}, 0x42) (async)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0) (async)
bpf$OBJ_GET_MAP(0x7, &(0x7f00000027c0)={&(0x7f0000002780)='./file0\x00', 0x0, 0x18}, 0x10)

18:06:42 executing program 1:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 46)

[  322.687070][T27660] R13: 00007ffcbc4c66ef R14: 00007f133f5ec300 R15: 0000000000022000
[  322.694982][T27660]  </TASK>
18:06:42 executing program 3:
recvmsg$unix(0xffffffffffffffff, &(0x7f0000001340)={&(0x7f0000000000), 0x6e, &(0x7f0000000080)=[{&(0x7f0000000100)=""/155, 0x9b}, {&(0x7f00000001c0)=""/190, 0xbe}, {&(0x7f0000000280)=""/4096, 0x1000}, {&(0x7f0000001280)=""/156, 0x9c}], 0x4}, 0x22) (async)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000001680)={&(0x7f0000001440), 0x6e, &(0x7f0000001640)=[{&(0x7f00000014c0)=""/182, 0xb6}, {&(0x7f0000001580)=""/183, 0xb7}], 0x2}, 0x0)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000001400)={&(0x7f0000001380), 0x6e, &(0x7f00000026c0)=[{&(0x7f0000002880)=""/4099, 0x1003}, {&(0x7f0000002400)=""/176, 0xb0}, {&(0x7f00000024c0)=""/118, 0x76}, {&(0x7f0000002540)=""/94, 0x5e}, {&(0x7f0000002800)=""/86, 0x56}, {&(0x7f0000002640)=""/6, 0x6}, {&(0x7f0000002680)=""/17, 0x11}], 0x7}, 0x42) (async)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0) (async)
bpf$OBJ_GET_MAP(0x7, &(0x7f00000027c0)={&(0x7f0000002780)='./file0\x00', 0x0, 0x18}, 0x10)

[  322.745367][T27676] FAULT_INJECTION: forcing a failure.
[  322.745367][T27676] name failslab, interval 1, probability 0, space 0, times 0
[  322.757992][T27676] CPU: 1 PID: 27676 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0
[  322.768062][T27676] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[  322.777923][T27676] Call Trace:
[  322.781057][T27676]  <TASK>
[  322.783830][T27676]  dump_stack_lvl+0x151/0x1b7
[  322.788335][T27676]  ? bfq_pos_tree_add_move+0x43e/0x43e
[  322.793630][T27676]  dump_stack+0x15/0x17
[  322.797623][T27676]  should_fail+0x3c0/0x510
[  322.801882][T27676]  __should_failslab+0x9f/0xe0
[  322.806739][T27676]  should_failslab+0x9/0x20
[  322.811107][T27676]  kmem_cache_alloc+0x4f/0x2f0
[  322.815681][T27676]  ? anon_vma_clone+0xa1/0x4f0
[  322.820276][T27676]  anon_vma_clone+0xa1/0x4f0
[  322.824704][T27676]  anon_vma_fork+0x91/0x4f0
[  322.829181][T27676]  ? anon_vma_name+0x4c/0x70
[  322.833603][T27676]  dup_mmap+0x750/0xea0
[  322.837593][T27676]  ? __delayed_free_task+0x20/0x20
[  322.842541][T27676]  ? mm_init+0x807/0x960
[  322.846619][T27676]  dup_mm+0x91/0x330
[  322.850357][T27676]  copy_mm+0x108/0x1b0
[  322.854256][T27676]  copy_process+0x1295/0x3250
[  322.858770][T27676]  ? proc_fail_nth_write+0x213/0x290
[  322.863892][T27676]  ? proc_fail_nth_read+0x220/0x220
[  322.869358][T27676]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  322.874303][T27676]  ? vfs_write+0x9af/0x1050
[  322.878731][T27676]  ? vmacache_update+0xb7/0x120
[  322.883419][T27676]  kernel_clone+0x22d/0x990
[  322.887757][T27676]  ? file_end_write+0x1b0/0x1b0
[  322.892532][T27676]  ? __kasan_check_write+0x14/0x20
[  322.897478][T27676]  ? create_io_thread+0x1e0/0x1e0
[  322.902337][T27676]  ? __mutex_lock_slowpath+0x10/0x10
[  322.907462][T27676]  __x64_sys_clone+0x289/0x310
[  322.912058][T27676]  ? __do_sys_vfork+0x130/0x130
[  322.916753][T27676]  ? debug_smp_processor_id+0x17/0x20
[  322.921954][T27676]  do_syscall_64+0x44/0xd0
[  322.926207][T27676]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  322.931934][T27676] RIP: 0033:0x7f13408790c9
[  322.936189][T27676] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  322.955627][T27676] RSP: 002b:00007f133f5ec118 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  322.963875][T27676] RAX: ffffffffffffffda RBX: 00007f1340998f80 RCX: 00007f13408790c9
[  322.971684][T27676] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  322.979496][T27676] RBP: 00007f133f5ec1d0 R08: 0000000000000000 R09: 0000000000000000
[  322.987307][T27676] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  322.995117][T27676] R13: 00007ffcbc4c66ef R14: 00007f133f5ec300 R15: 0000000000022000
[  323.002934][T27676]  </TASK>
[  323.725640][   T10] device bridge_slave_1 left promiscuous mode
[  323.731587][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[  323.738948][   T10] device bridge_slave_0 left promiscuous mode
[  323.745011][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[  323.752528][   T10] device veth1_macvtap left promiscuous mode
[  323.758467][   T10] device veth0_vlan left promiscuous mode
[  324.196294][T27690] bridge0: port 1(bridge_slave_0) entered blocking state
[  324.203247][T27690] bridge0: port 1(bridge_slave_0) entered disabled state
[  324.210263][T27690] device bridge_slave_0 entered promiscuous mode
[  324.216988][T27690] bridge0: port 2(bridge_slave_1) entered blocking state
[  324.223833][T27690] bridge0: port 2(bridge_slave_1) entered disabled state
[  324.230933][T27690] device bridge_slave_1 entered promiscuous mode
[  324.266662][T27690] bridge0: port 2(bridge_slave_1) entered blocking state
[  324.273518][T27690] bridge0: port 2(bridge_slave_1) entered forwarding state
[  324.280671][T27690] bridge0: port 1(bridge_slave_0) entered blocking state
[  324.287518][T27690] bridge0: port 1(bridge_slave_0) entered forwarding state
[  324.304863][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  324.312588][   T20] bridge0: port 1(bridge_slave_0) entered disabled state
[  324.319709][   T20] bridge0: port 2(bridge_slave_1) entered disabled state
[  324.334826][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  324.342720][   T20] bridge0: port 1(bridge_slave_0) entered blocking state
[  324.349496][   T20] bridge0: port 1(bridge_slave_0) entered forwarding state
[  324.356671][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  324.364661][   T20] bridge0: port 2(bridge_slave_1) entered blocking state
[  324.371480][   T20] bridge0: port 2(bridge_slave_1) entered forwarding state
[  324.378691][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  324.386415][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  324.398031][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  324.408460][T27690] device veth0_vlan entered promiscuous mode
[  324.414715][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  324.422401][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  324.429739][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  324.440977][T27690] device veth1_macvtap entered promiscuous mode
[  324.447978][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  324.458596][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
18:06:43 executing program 2:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x1f00, 0x0, 0x0, 0x0)

18:06:43 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x80001, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200, 0x1, @perf_bp={&(0x7f0000000100)}, 0x80000, 0xbcf7, 0x3, 0x2, 0x1b8, 0x5, 0x0, 0x0, 0x8, 0x0, 0x51}, 0xffffffffffffffff, 0xe, r0, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

18:06:43 executing program 1:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 47)

18:06:43 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
perf_event_open(&(0x7f0000000100)={0x3, 0x80, 0x0, 0xb6, 0x20, 0xf8, 0x0, 0x5, 0x10, 0x5, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x2, @perf_bp={&(0x7f0000000000), 0x8}, 0x0, 0x400, 0xc9, 0x5, 0x4, 0x0, 0x6, 0x0, 0x3, 0x0, 0x1}, 0x0, 0x0, r0, 0x3)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0)
openat$cgroup_ro(r0, &(0x7f0000000040)='blkio.bfq.group_wait_time\x00', 0x0, 0x0)

18:06:43 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x8102)
close(r2)

18:06:43 executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x4, 0x0, 0x4, 0x0, 0xc04}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000500)={0xffffffffffffffff, 0xe0, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000240)=[0x0, 0x0, 0x0], ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0x1, 0x9, &(0x7f0000000280)=[0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000700)=[{}, {}], 0x10, 0x10, &(0x7f0000000340), &(0x7f0000000380), 0x8, 0x10, 0x8, 0x8, &(0x7f00000003c0)}}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000004000f008000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0x2, 0x101, 0x720be703, 0x1000, 0xf1, r0, 0x80000000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1}, 0x48)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x4030582a, &(0x7f0000000040))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x5, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffff956, 0x0, 0x0, 0x0, 0x9}, [@map_fd={0x18, 0x6, 0x1, 0x0, r0}]}, &(0x7f0000000140)='syzkaller\x00', 0x400, 0xbc, &(0x7f0000000180)=""/188, 0x40f00, 0x2, '\x00', r1, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000540)={0x5, 0x2}, 0x8, 0x10, &(0x7f0000000580)={0x0, 0x0, 0x28, 0x3f}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000640)=[0xffffffffffffffff, r2, r0, r0, 0xffffffffffffffff, r0, r3, r0, r0]}, 0x80)

18:06:43 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
perf_event_open(&(0x7f0000000100)={0x3, 0x80, 0x0, 0xb6, 0x20, 0xf8, 0x0, 0x5, 0x10, 0x5, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x2, @perf_bp={&(0x7f0000000000), 0x8}, 0x0, 0x400, 0xc9, 0x5, 0x4, 0x0, 0x6, 0x0, 0x3, 0x0, 0x1}, 0x0, 0x0, r0, 0x3)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0)
openat$cgroup_ro(r0, &(0x7f0000000040)='blkio.bfq.group_wait_time\x00', 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0) (async)
perf_event_open(&(0x7f0000000100)={0x3, 0x80, 0x0, 0xb6, 0x20, 0xf8, 0x0, 0x5, 0x10, 0x5, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x2, @perf_bp={&(0x7f0000000000), 0x8}, 0x0, 0x400, 0xc9, 0x5, 0x4, 0x0, 0x6, 0x0, 0x3, 0x0, 0x1}, 0x0, 0x0, r0, 0x3) (async)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0) (async)
openat$cgroup_ro(r0, &(0x7f0000000040)='blkio.bfq.group_wait_time\x00', 0x0, 0x0) (async)

[  324.469551][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  324.501867][T27699] FAULT_INJECTION: forcing a failure.
[  324.501867][T27699] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  324.523644][T27699] CPU: 1 PID: 27699 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0
[  324.533716][T27699] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[  324.543726][T27699] Call Trace:
[  324.546845][T27699]  <TASK>
[  324.549620][T27699]  dump_stack_lvl+0x151/0x1b7
[  324.554134][T27699]  ? bfq_pos_tree_add_move+0x43e/0x43e
[  324.559428][T27699]  dump_stack+0x15/0x17
[  324.563510][T27699]  should_fail+0x3c0/0x510
[  324.567762][T27699]  should_fail_alloc_page+0x58/0x70
[  324.572813][T27699]  __alloc_pages+0x1de/0x7c0
[  324.577222][T27699]  ? __count_vm_events+0x30/0x30
[  324.582259][T27699]  ? dup_mm+0x91/0x330
[  324.586160][T27699]  ? copy_mm+0x108/0x1b0
[  324.590239][T27699]  ? copy_process+0x1295/0x3250
[  324.594928][T27699]  ? kernel_clone+0x22d/0x990
[  324.599436][T27699]  ? __x64_sys_clone+0x289/0x310
[  324.604213][T27699]  pte_alloc_one+0x73/0x1b0
[  324.608553][T27699]  ? pfn_modify_allowed+0x2e0/0x2e0
[  324.613588][T27699]  ? __kasan_check_write+0x14/0x20
[  324.618536][T27699]  ? __set_page_owner+0x2ee/0x310
[  324.623404][T27699]  __pte_alloc+0x86/0x350
[  324.627568][T27699]  ? post_alloc_hook+0x1ab/0x1b0
[  324.632334][T27699]  ? free_pgtables+0x210/0x210
[  324.636940][T27699]  ? get_page_from_freelist+0x38b/0x400
[  324.642323][T27699]  copy_pte_range+0x1b1f/0x20b0
[  324.647014][T27699]  ? __kunmap_atomic+0x80/0x80
[  324.651599][T27699]  ? __pud_alloc+0x260/0x260
[  324.656025][T27699]  ? __pud_alloc+0x218/0x260
[  324.660455][T27699]  ? do_handle_mm_fault+0x2370/0x2370
[  324.665661][T27699]  copy_page_range+0xc1e/0x1090
[  324.670350][T27699]  ? pfn_valid+0x1e0/0x1e0
[  324.674603][T27699]  dup_mmap+0x99f/0xea0
[  324.678602][T27699]  ? __delayed_free_task+0x20/0x20
[  324.683540][T27699]  ? mm_init+0x807/0x960
[  324.687619][T27699]  dup_mm+0x91/0x330
[  324.691352][T27699]  copy_mm+0x108/0x1b0
[  324.695262][T27699]  copy_process+0x1295/0x3250
[  324.699771][T27699]  ? proc_fail_nth_write+0x213/0x290
[  324.704900][T27699]  ? proc_fail_nth_read+0x220/0x220
[  324.709925][T27699]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  324.714875][T27699]  ? vfs_write+0x9af/0x1050
[  324.719215][T27699]  ? vmacache_update+0xb7/0x120
[  324.723900][T27699]  kernel_clone+0x22d/0x990
[  324.728242][T27699]  ? file_end_write+0x1b0/0x1b0
[  324.732929][T27699]  ? __kasan_check_write+0x14/0x20
[  324.737872][T27699]  ? create_io_thread+0x1e0/0x1e0
[  324.742731][T27699]  ? __mutex_lock_slowpath+0x10/0x10
[  324.747855][T27699]  __x64_sys_clone+0x289/0x310
[  324.752453][T27699]  ? __do_sys_vfork+0x130/0x130
[  324.757140][T27699]  ? debug_smp_processor_id+0x17/0x20
[  324.762348][T27699]  do_syscall_64+0x44/0xd0
[  324.766607][T27699]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  324.772329][T27699] RIP: 0033:0x7f13408790c9
[  324.776582][T27699] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  324.796117][T27699] RSP: 002b:00007f133f5ec118 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  324.804360][T27699] RAX: ffffffffffffffda RBX: 00007f1340998f80 RCX: 00007f13408790c9
[  324.812166][T27699] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
18:06:44 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x80001, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200, 0x1, @perf_bp={&(0x7f0000000100)}, 0x80000, 0xbcf7, 0x3, 0x2, 0x1b8, 0x5, 0x0, 0x0, 0x8, 0x0, 0x51}, 0xffffffffffffffff, 0xe, r0, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

18:06:44 executing program 1:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 48)

18:06:44 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
perf_event_open(&(0x7f0000000100)={0x3, 0x80, 0x0, 0xb6, 0x20, 0xf8, 0x0, 0x5, 0x10, 0x5, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x2, @perf_bp={&(0x7f0000000000), 0x8}, 0x0, 0x400, 0xc9, 0x5, 0x4, 0x0, 0x6, 0x0, 0x3, 0x0, 0x1}, 0x0, 0x0, r0, 0x3) (async)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0) (async)
openat$cgroup_ro(r0, &(0x7f0000000040)='blkio.bfq.group_wait_time\x00', 0x0, 0x0)

18:06:44 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x8200)
close(r2)

[  324.819980][T27699] RBP: 00007f133f5ec1d0 R08: 0000000000000000 R09: 0000000000000000
[  324.827787][T27699] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  324.835695][T27699] R13: 00007ffcbc4c66ef R14: 00007f133f5ec300 R15: 0000000000022000
[  324.843509][T27699]  </TASK>
18:06:44 executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x4, 0x0, 0x4, 0x0, 0xc04}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000500)={0xffffffffffffffff, 0xe0, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000240)=[0x0, 0x0, 0x0], ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0x1, 0x9, &(0x7f0000000280)=[0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000700)=[{}, {}], 0x10, 0x10, &(0x7f0000000340), &(0x7f0000000380), 0x8, 0x10, 0x8, 0x8, &(0x7f00000003c0)}}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000004000f008000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0x2, 0x101, 0x720be703, 0x1000, 0xf1, r0, 0x80000000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1}, 0x48)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x4030582a, &(0x7f0000000040))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x5, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffff956, 0x0, 0x0, 0x0, 0x9}, [@map_fd={0x18, 0x6, 0x1, 0x0, r0}]}, &(0x7f0000000140)='syzkaller\x00', 0x400, 0xbc, &(0x7f0000000180)=""/188, 0x40f00, 0x2, '\x00', r1, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000540)={0x5, 0x2}, 0x8, 0x10, &(0x7f0000000580)={0x0, 0x0, 0x28, 0x3f}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000640)=[0xffffffffffffffff, r2, r0, r0, 0xffffffffffffffff, r0, r3, r0, r0]}, 0x80)

[  324.899455][T27718] FAULT_INJECTION: forcing a failure.
[  324.899455][T27718] name failslab, interval 1, probability 0, space 0, times 0
[  324.914718][T27718] CPU: 0 PID: 27718 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0
[  324.924785][T27718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[  324.934679][T27718] Call Trace:
[  324.937799][T27718]  <TASK>
[  324.940663][T27718]  dump_stack_lvl+0x151/0x1b7
[  324.945175][T27718]  ? bfq_pos_tree_add_move+0x43e/0x43e
[  324.950470][T27718]  dump_stack+0x15/0x17
[  324.954462][T27718]  should_fail+0x3c0/0x510
[  324.958716][T27718]  __should_failslab+0x9f/0xe0
[  324.963315][T27718]  should_failslab+0x9/0x20
[  324.967655][T27718]  kmem_cache_alloc+0x4f/0x2f0
[  324.972253][T27718]  ? anon_vma_clone+0xa1/0x4f0
[  324.976853][T27718]  anon_vma_clone+0xa1/0x4f0
[  324.981281][T27718]  anon_vma_fork+0x91/0x4f0
[  324.985622][T27718]  ? anon_vma_name+0x4c/0x70
[  324.990046][T27718]  dup_mmap+0x750/0xea0
[  324.994040][T27718]  ? __delayed_free_task+0x20/0x20
[  324.998986][T27718]  ? mm_init+0x807/0x960
[  325.003066][T27718]  dup_mm+0x91/0x330
[  325.006797][T27718]  copy_mm+0x108/0x1b0
[  325.010706][T27718]  copy_process+0x1295/0x3250
[  325.015219][T27718]  ? proc_fail_nth_write+0x213/0x290
[  325.020338][T27718]  ? proc_fail_nth_read+0x220/0x220
[  325.025371][T27718]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  325.030323][T27718]  ? vfs_write+0x9af/0x1050
[  325.034659][T27718]  ? vmacache_update+0xb7/0x120
[  325.039349][T27718]  kernel_clone+0x22d/0x990
[  325.043735][T27718]  ? file_end_write+0x1b0/0x1b0
[  325.048369][T27718]  ? __kasan_check_write+0x14/0x20
[  325.053324][T27718]  ? create_io_thread+0x1e0/0x1e0
[  325.058288][T27718]  ? __mutex_lock_slowpath+0x10/0x10
[  325.063410][T27718]  __x64_sys_clone+0x289/0x310
[  325.068016][T27718]  ? __do_sys_vfork+0x130/0x130
[  325.072700][T27718]  ? fpregs_restore_userregs+0x1f0/0x3a0
[  325.078167][T27718]  ? switch_fpu_return+0xe/0x10
[  325.082852][T27718]  do_syscall_64+0x44/0xd0
[  325.087102][T27718]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  325.093268][T27718] RIP: 0033:0x7f13408790c9
[  325.097524][T27718] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  325.116961][T27718] RSP: 002b:00007f133f5ec118 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  325.125234][T27718] RAX: ffffffffffffffda RBX: 00007f1340998f80 RCX: 00007f13408790c9
[  325.133110][T27718] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  325.140913][T27718] RBP: 00007f133f5ec1d0 R08: 0000000000000000 R09: 0000000000000000
[  325.148730][T27718] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  325.156535][T27718] R13: 00007ffcbc4c66ef R14: 00007f133f5ec300 R15: 0000000000022000
[  325.164352][T27718]  </TASK>
[  325.863466][  T474] device bridge_slave_1 left promiscuous mode
[  325.869393][  T474] bridge0: port 2(bridge_slave_1) entered disabled state
[  325.876853][  T474] device bridge_slave_0 left promiscuous mode
[  325.882764][  T474] bridge0: port 1(bridge_slave_0) entered disabled state
[  325.890597][  T474] device veth1_macvtap left promiscuous mode
[  325.896455][  T474] device veth0_vlan left promiscuous mode
[  326.333736][T27734] bridge0: port 1(bridge_slave_0) entered blocking state
[  326.340578][T27734] bridge0: port 1(bridge_slave_0) entered disabled state
[  326.348036][T27734] device bridge_slave_0 entered promiscuous mode
[  326.354818][T27734] bridge0: port 2(bridge_slave_1) entered blocking state
[  326.361642][T27734] bridge0: port 2(bridge_slave_1) entered disabled state
[  326.369056][T27734] device bridge_slave_1 entered promiscuous mode
[  326.403996][T27734] bridge0: port 2(bridge_slave_1) entered blocking state
[  326.410837][T27734] bridge0: port 2(bridge_slave_1) entered forwarding state
[  326.417941][T27734] bridge0: port 1(bridge_slave_0) entered blocking state
[  326.424747][T27734] bridge0: port 1(bridge_slave_0) entered forwarding state
[  326.441973][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  326.450124][   T20] bridge0: port 1(bridge_slave_0) entered disabled state
[  326.457514][   T20] bridge0: port 2(bridge_slave_1) entered disabled state
[  326.473982][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  326.481886][   T20] bridge0: port 1(bridge_slave_0) entered blocking state
[  326.488664][   T20] bridge0: port 1(bridge_slave_0) entered forwarding state
[  326.504002][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  326.511919][   T20] bridge0: port 2(bridge_slave_1) entered blocking state
[  326.518768][   T20] bridge0: port 2(bridge_slave_1) entered forwarding state
[  326.525937][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  326.534323][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  326.545175][   T88] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  326.555953][T27734] device veth0_vlan entered promiscuous mode
[  326.562960][   T88] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  326.570649][   T88] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  326.577978][   T88] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  326.588520][T27734] device veth1_macvtap entered promiscuous mode
[  326.595674][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
18:06:46 executing program 2:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x2000, 0x0, 0x0, 0x0)

18:06:46 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, &(0x7f0000000000)='cpuacct.usage_sys\x00', 0x0, 0x0)
r2 = perf_event_open$cgroup(&(0x7f0000000040)={0x1, 0x80, 0x1, 0x7, 0x2, 0x1c, 0x0, 0x1f, 0x4851, 0xf, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x9, 0x1, @perf_config_ext={0x0, 0x4}, 0x2, 0x7, 0x7f, 0x9, 0x1f, 0x400, 0x4, 0x0, 0x9, 0x0, 0x7}, r0, 0xf, r1, 0x2)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40806685, 0x0)

18:06:46 executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x4, 0x0, 0x4, 0x0, 0xc04}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000500)={0xffffffffffffffff, 0xe0, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000240)=[0x0, 0x0, 0x0], ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0x1, 0x9, &(0x7f0000000280)=[0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000700)=[{}, {}], 0x10, 0x10, &(0x7f0000000340), &(0x7f0000000380), 0x8, 0x10, 0x8, 0x8, &(0x7f00000003c0)}}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000004000f008000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0x2, 0x101, 0x720be703, 0x1000, 0xf1, r0, 0x80000000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1}, 0x48)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x4030582a, &(0x7f0000000040))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x5, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffff956, 0x0, 0x0, 0x0, 0x9}, [@map_fd={0x18, 0x6, 0x1, 0x0, r0}]}, &(0x7f0000000140)='syzkaller\x00', 0x400, 0xbc, &(0x7f0000000180)=""/188, 0x40f00, 0x2, '\x00', r1, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000540)={0x5, 0x2}, 0x8, 0x10, &(0x7f0000000580)={0x0, 0x0, 0x28, 0x3f}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000640)=[0xffffffffffffffff, r2, r0, r0, r0, r3, r0, r0]}, 0x80)

18:06:46 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x8212)
close(r2)

18:06:46 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x80001, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200, 0x1, @perf_bp={&(0x7f0000000100)}, 0x80000, 0xbcf7, 0x3, 0x2, 0x1b8, 0x5, 0x0, 0x0, 0x8, 0x0, 0x51}, 0xffffffffffffffff, 0xe, r0, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

18:06:46 executing program 1:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 49)

18:06:46 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, &(0x7f0000000000)='cpuacct.usage_sys\x00', 0x0, 0x0)
r2 = perf_event_open$cgroup(&(0x7f0000000040)={0x1, 0x80, 0x1, 0x7, 0x2, 0x1c, 0x0, 0x1f, 0x4851, 0xf, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x9, 0x1, @perf_config_ext={0x0, 0x4}, 0x2, 0x7, 0x7f, 0x9, 0x1f, 0x400, 0x4, 0x0, 0x9, 0x0, 0x7}, r0, 0xf, r1, 0x2)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40806685, 0x0)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0) (async)
openat$cgroup_ro(r0, &(0x7f0000000000)='cpuacct.usage_sys\x00', 0x0, 0x0) (async)
perf_event_open$cgroup(&(0x7f0000000040)={0x1, 0x80, 0x1, 0x7, 0x2, 0x1c, 0x0, 0x1f, 0x4851, 0xf, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x9, 0x1, @perf_config_ext={0x0, 0x4}, 0x2, 0x7, 0x7f, 0x9, 0x1f, 0x400, 0x4, 0x0, 0x9, 0x0, 0x7}, r0, 0xf, r1, 0x2) (async)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40806685, 0x0) (async)

[  326.606321][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  326.616864][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
18:06:46 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x8300)
close(r2)

18:06:46 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x80001, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200, 0x1, @perf_bp={&(0x7f0000000100)}, 0x80000, 0xbcf7, 0x3, 0x2, 0x1b8, 0x5, 0x0, 0x0, 0x8, 0x0, 0x51}, 0xffffffffffffffff, 0xe, r0, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

18:06:46 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, &(0x7f0000000000)='cpuacct.usage_sys\x00', 0x0, 0x0)
r2 = perf_event_open$cgroup(&(0x7f0000000040)={0x1, 0x80, 0x1, 0x7, 0x2, 0x1c, 0x0, 0x1f, 0x4851, 0xf, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x9, 0x1, @perf_config_ext={0x0, 0x4}, 0x2, 0x7, 0x7f, 0x9, 0x1f, 0x400, 0x4, 0x0, 0x9, 0x0, 0x7}, r0, 0xf, r1, 0x2)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40806685, 0x0)

18:06:46 executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x4, 0x0, 0x4, 0x0, 0xc04}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000500)={0xffffffffffffffff, 0xe0, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000240)=[0x0, 0x0, 0x0], ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0x1, 0x9, &(0x7f0000000280)=[0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000700)=[{}, {}], 0x10, 0x10, &(0x7f0000000340), &(0x7f0000000380), 0x8, 0x10, 0x8, 0x8, &(0x7f00000003c0)}}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000004000f008000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0x2, 0x101, 0x720be703, 0x1000, 0xf1, r0, 0x80000000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1}, 0x48)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x4030582a, &(0x7f0000000040))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x5, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffff956, 0x0, 0x0, 0x0, 0x9}, [@map_fd={0x18, 0x6, 0x1, 0x0, r0}]}, &(0x7f0000000140)='syzkaller\x00', 0x400, 0xbc, &(0x7f0000000180)=""/188, 0x40f00, 0x2, '\x00', r1, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000540)={0x5, 0x2}, 0x8, 0x10, &(0x7f0000000580)={0x0, 0x0, 0x28, 0x3f}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000640)=[0xffffffffffffffff, r2, r0, r0, r0, r3, r0, r0]}, 0x80)

18:06:46 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x8457)
close(r2)

18:06:46 executing program 2:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x20010, 0x0, 0x0, 0x0)

18:06:46 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x80001, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200, 0x1, @perf_bp={&(0x7f0000000100)}, 0x80000, 0xbcf7, 0x3, 0x2, 0x1b8, 0x5, 0x0, 0x0, 0x8, 0x0, 0x51}, 0xffffffffffffffff, 0xe, r0, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

18:06:46 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0)

[  326.680081][T27749] FAULT_INJECTION: forcing a failure.
[  326.680081][T27749] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  326.738750][T27749] CPU: 0 PID: 27749 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0
[  326.748828][T27749] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[  326.758724][T27749] Call Trace:
[  326.761845][T27749]  <TASK>
[  326.764622][T27749]  dump_stack_lvl+0x151/0x1b7
[  326.769138][T27749]  ? bfq_pos_tree_add_move+0x43e/0x43e
[  326.774435][T27749]  dump_stack+0x15/0x17
[  326.778425][T27749]  should_fail+0x3c0/0x510
[  326.782678][T27749]  should_fail_alloc_page+0x58/0x70
18:06:46 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x845a)
close(r2)

18:06:46 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0) (async)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0) (async)

[  326.787798][T27749]  __alloc_pages+0x1de/0x7c0
[  326.792230][T27749]  ? __count_vm_events+0x30/0x30
[  326.796999][T27749]  ? __this_cpu_preempt_check+0x13/0x20
[  326.802379][T27749]  ? __mod_node_page_state+0xac/0xf0
[  326.807501][T27749]  pte_alloc_one+0x73/0x1b0
[  326.811838][T27749]  ? pfn_modify_allowed+0x2e0/0x2e0
[  326.816873][T27749]  __pte_alloc+0x86/0x350
[  326.821034][T27749]  ? free_pgtables+0x210/0x210
[  326.825639][T27749]  ? _raw_spin_lock+0xa3/0x1b0
[  326.830764][T27749]  ? _raw_spin_trylock_bh+0x1d0/0x1d0
[  326.835971][T27749]  ? __kernel_text_address+0x9a/0x110
[  326.841348][T27749]  copy_pte_range+0x1b1f/0x20b0
[  326.846049][T27749]  ? __kunmap_atomic+0x80/0x80
[  326.850636][T27749]  ? __kasan_slab_alloc+0xc4/0xe0
[  326.855504][T27749]  ? __kasan_slab_alloc+0xb2/0xe0
[  326.860482][T27749]  ? kmem_cache_alloc+0x189/0x2f0
[  326.865304][T27749]  ? vm_area_dup+0x26/0x1d0
[  326.869640][T27749]  ? dup_mmap+0x6b8/0xea0
[  326.873810][T27749]  ? dup_mm+0x91/0x330
[  326.877709][T27749]  ? copy_mm+0x108/0x1b0
[  326.881788][T27749]  ? copy_process+0x1295/0x3250
[  326.886476][T27749]  ? kernel_clone+0x22d/0x990
[  326.890987][T27749]  ? __x64_sys_clone+0x289/0x310
[  326.895761][T27749]  ? do_syscall_64+0x44/0xd0
[  326.900189][T27749]  ? entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  326.906094][T27749]  copy_page_range+0xc1e/0x1090
[  326.910781][T27749]  ? pfn_valid+0x1e0/0x1e0
[  326.915030][T27749]  dup_mmap+0x99f/0xea0
[  326.919023][T27749]  ? __delayed_free_task+0x20/0x20
[  326.923976][T27749]  ? mm_init+0x807/0x960
[  326.928046][T27749]  dup_mm+0x91/0x330
[  326.931781][T27749]  copy_mm+0x108/0x1b0
[  326.935711][T27749]  copy_process+0x1295/0x3250
[  326.940199][T27749]  ? proc_fail_nth_write+0x213/0x290
[  326.945329][T27749]  ? proc_fail_nth_read+0x220/0x220
[  326.950360][T27749]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  326.955304][T27749]  ? vfs_write+0x9af/0x1050
[  326.959742][T27749]  ? vmacache_update+0xb7/0x120
[  326.964518][T27749]  kernel_clone+0x22d/0x990
[  326.968843][T27749]  ? file_end_write+0x1b0/0x1b0
[  326.973529][T27749]  ? __kasan_check_write+0x14/0x20
[  326.978479][T27749]  ? create_io_thread+0x1e0/0x1e0
[  326.983338][T27749]  ? __mutex_lock_slowpath+0x10/0x10
[  326.988462][T27749]  __x64_sys_clone+0x289/0x310
[  326.993065][T27749]  ? __do_sys_vfork+0x130/0x130
[  326.997925][T27749]  ? debug_smp_processor_id+0x17/0x20
[  327.003132][T27749]  do_syscall_64+0x44/0xd0
[  327.007384][T27749]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  327.013108][T27749] RIP: 0033:0x7f13408790c9
[  327.017364][T27749] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
18:06:46 executing program 1:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 50)

18:06:46 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0) (async)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0) (async)

18:06:46 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x8500)
close(r2)

18:06:46 executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x4, 0x0, 0x4, 0x0, 0xc04}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000500)={0xffffffffffffffff, 0xe0, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000240)=[0x0, 0x0, 0x0], ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0x1, 0x9, &(0x7f0000000280)=[0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000700)=[{}, {}], 0x10, 0x10, &(0x7f0000000340), &(0x7f0000000380), 0x8, 0x10, 0x8, 0x8, &(0x7f00000003c0)}}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000004000f008000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0x2, 0x101, 0x720be703, 0x1000, 0xf1, r0, 0x80000000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1}, 0x48)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x4030582a, &(0x7f0000000040))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x5, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffff956, 0x0, 0x0, 0x0, 0x9}, [@map_fd={0x18, 0x6, 0x1, 0x0, r0}]}, &(0x7f0000000140)='syzkaller\x00', 0x400, 0xbc, &(0x7f0000000180)=""/188, 0x40f00, 0x2, '\x00', r1, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000540)={0x5, 0x2}, 0x8, 0x10, &(0x7f0000000580)={0x0, 0x0, 0x28, 0x3f}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000640)=[0xffffffffffffffff, r2, r0, r0, r0, r3, r0, r0]}, 0x80)

[  327.036889][T27749] RSP: 002b:00007f133f5ec118 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  327.045139][T27749] RAX: ffffffffffffffda RBX: 00007f1340998f80 RCX: 00007f13408790c9
[  327.052944][T27749] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  327.060756][T27749] RBP: 00007f133f5ec1d0 R08: 0000000000000000 R09: 0000000000000000
[  327.068571][T27749] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  327.076388][T27749] R13: 00007ffcbc4c66ef R14: 00007f133f5ec300 R15: 0000000000022000
[  327.084196][T27749]  </TASK>
18:06:46 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x80001, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200, 0x1, @perf_bp={&(0x7f0000000100)}, 0x80000, 0xbcf7, 0x3, 0x2, 0x1b8, 0x5, 0x0, 0x0, 0x8, 0x0, 0x51}, 0xffffffffffffffff, 0xe, r0, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

18:06:46 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
r1 = syz_clone(0x21800000, &(0x7f0000000100)="d2eec28ebff7102b241f8a3cd89251ca5d3501866c57a710e7bfbb27e97d6911385a784c03c33655408e359bd0aef52fa602408bf8890cfc4653619ae65c1837db9e4c1a06925061f751988e01098b635cce1140e06e3aa6ae7f2b90866b35f6482a24f48ed81c3ca7e8566ce65efdb34c23868248436f7d", 0x78, &(0x7f0000000080), &(0x7f0000000180), &(0x7f00000001c0)="67aca1935de0692ad96591b9f6371c22e78aa1a234436573b9a208ec84b99da7380e5df2ca5114fb7837cae3c6f0388888a0494b2401063a58d88cb4fd4adcbc89b9c10ef5ac3e51f2c6d9a6f9a81be0c3d7e6d9078dff0029eae95a64f5f719b87e2e7affaac74bd6f5ed419f48573de77045705802bedb3f990bec3ea65e0e40f7e640b4296851b0fa0b9d264585334a018c54")
perf_event_open(&(0x7f0000000000)={0x3, 0x80, 0x80, 0x0, 0x8c, 0x42, 0x0, 0x43, 0x40050, 0x9, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x7ff, 0x4, @perf_config_ext={0xed72, 0xffffffffffff9525}, 0xcc, 0x6, 0x0, 0x3, 0x401, 0x8001, 0x43fc, 0x0, 0x81, 0x0, 0x7fffffff}, r1, 0x4, 0xffffffffffffffff, 0x1)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0)

18:06:46 executing program 2:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x20200, 0x0, 0x0, 0x0)

18:06:46 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x8600)
close(r2)

18:06:46 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x80001, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200, 0x1, @perf_bp={&(0x7f0000000100)}, 0x80000, 0xbcf7, 0x3, 0x2, 0x1b8, 0x5, 0x0, 0x0, 0x8, 0x0, 0x51}, 0xffffffffffffffff, 0xe, r0, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

18:06:46 executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x4, 0x0, 0x4, 0x0, 0xc04}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000500)={0xffffffffffffffff, 0xe0, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000240)=[0x0, 0x0, 0x0], ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0x1, 0x9, &(0x7f0000000280)=[0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000700)=[{}, {}], 0x10, 0x10, &(0x7f0000000340), &(0x7f0000000380), 0x8, 0x10, 0x8, 0x8, &(0x7f00000003c0)}}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000004000f008000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0x2, 0x101, 0x720be703, 0x1000, 0xf1, r0, 0x80000000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1}, 0x48)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x4030582a, &(0x7f0000000040))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x5, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffff956, 0x0, 0x0, 0x0, 0x9}, [@map_fd={0x18, 0x6, 0x1, 0x0, r0}]}, &(0x7f0000000140)='syzkaller\x00', 0x400, 0xbc, &(0x7f0000000180)=""/188, 0x40f00, 0x2, '\x00', r1, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000540)={0x5, 0x2}, 0x8, 0x10, &(0x7f0000000580)={0x0, 0x0, 0x28, 0x3f}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000640)=[0xffffffffffffffff, r2, r0, 0xffffffffffffffff, r0, r0, r3, r0, r0]}, 0x80)

18:06:46 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0) (async)
r1 = syz_clone(0x21800000, &(0x7f0000000100)="d2eec28ebff7102b241f8a3cd89251ca5d3501866c57a710e7bfbb27e97d6911385a784c03c33655408e359bd0aef52fa602408bf8890cfc4653619ae65c1837db9e4c1a06925061f751988e01098b635cce1140e06e3aa6ae7f2b90866b35f6482a24f48ed81c3ca7e8566ce65efdb34c23868248436f7d", 0x78, &(0x7f0000000080), &(0x7f0000000180), &(0x7f00000001c0)="67aca1935de0692ad96591b9f6371c22e78aa1a234436573b9a208ec84b99da7380e5df2ca5114fb7837cae3c6f0388888a0494b2401063a58d88cb4fd4adcbc89b9c10ef5ac3e51f2c6d9a6f9a81be0c3d7e6d9078dff0029eae95a64f5f719b87e2e7affaac74bd6f5ed419f48573de77045705802bedb3f990bec3ea65e0e40f7e640b4296851b0fa0b9d264585334a018c54")
perf_event_open(&(0x7f0000000000)={0x3, 0x80, 0x80, 0x0, 0x8c, 0x42, 0x0, 0x43, 0x40050, 0x9, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x7ff, 0x4, @perf_config_ext={0xed72, 0xffffffffffff9525}, 0xcc, 0x6, 0x0, 0x3, 0x401, 0x8001, 0x43fc, 0x0, 0x81, 0x0, 0x7fffffff}, r1, 0x4, 0xffffffffffffffff, 0x1)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0)

[  327.187729][T27795] FAULT_INJECTION: forcing a failure.
[  327.187729][T27795] name failslab, interval 1, probability 0, space 0, times 0
[  327.225130][T27795] CPU: 0 PID: 27795 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0
[  327.235208][T27795] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[  327.245101][T27795] Call Trace:
[  327.248223][T27795]  <TASK>
[  327.251030][T27795]  dump_stack_lvl+0x151/0x1b7
[  327.255515][T27795]  ? bfq_pos_tree_add_move+0x43e/0x43e
[  327.260816][T27795]  dump_stack+0x15/0x17
[  327.264801][T27795]  should_fail+0x3c0/0x510
[  327.269058][T27795]  __should_failslab+0x9f/0xe0
[  327.273654][T27795]  should_failslab+0x9/0x20
[  327.277994][T27795]  kmem_cache_alloc+0x4f/0x2f0
[  327.282602][T27795]  ? vm_area_dup+0x26/0x1d0
[  327.287035][T27795]  vm_area_dup+0x26/0x1d0
[  327.291186][T27795]  dup_mmap+0x6b8/0xea0
[  327.295182][T27795]  ? __delayed_free_task+0x20/0x20
[  327.300127][T27795]  ? mm_init+0x807/0x960
[  327.304205][T27795]  dup_mm+0x91/0x330
[  327.307933][T27795]  copy_mm+0x108/0x1b0
[  327.311839][T27795]  copy_process+0x1295/0x3250
[  327.316351][T27795]  ? proc_fail_nth_write+0x213/0x290
[  327.321474][T27795]  ? proc_fail_nth_read+0x220/0x220
[  327.326509][T27795]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  327.331454][T27795]  ? vfs_write+0x9af/0x1050
[  327.335793][T27795]  ? vmacache_update+0xb7/0x120
[  327.340482][T27795]  kernel_clone+0x22d/0x990
[  327.344819][T27795]  ? file_end_write+0x1b0/0x1b0
[  327.349510][T27795]  ? __kasan_check_write+0x14/0x20
[  327.354451][T27795]  ? create_io_thread+0x1e0/0x1e0
[  327.359311][T27795]  ? __mutex_lock_slowpath+0x10/0x10
[  327.364433][T27795]  __x64_sys_clone+0x289/0x310
[  327.369045][T27795]  ? __do_sys_vfork+0x130/0x130
[  327.373720][T27795]  ? debug_smp_processor_id+0x17/0x20
[  327.378927][T27795]  do_syscall_64+0x44/0xd0
[  327.383180][T27795]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  327.388909][T27795] RIP: 0033:0x7f13408790c9
[  327.393162][T27795] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  327.412603][T27795] RSP: 002b:00007f133f5ec118 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  327.420849][T27795] RAX: ffffffffffffffda RBX: 00007f1340998f80 RCX: 00007f13408790c9
[  327.428661][T27795] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
18:06:46 executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x4, 0x0, 0x4, 0x0, 0xc04}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000500)={0xffffffffffffffff, 0xe0, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000240)=[0x0, 0x0, 0x0], ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0x1, 0x9, &(0x7f0000000280)=[0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000700)=[{}, {}], 0x10, 0x10, &(0x7f0000000340), &(0x7f0000000380), 0x8, 0x10, 0x8, 0x8, &(0x7f00000003c0)}}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000004000f008000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0x2, 0x101, 0x720be703, 0x1000, 0xf1, r0, 0x80000000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1}, 0x48)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x4030582a, &(0x7f0000000040))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x5, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffff956, 0x0, 0x0, 0x0, 0x9}, [@map_fd={0x18, 0x6, 0x1, 0x0, r0}]}, &(0x7f0000000140)='syzkaller\x00', 0x400, 0xbc, &(0x7f0000000180)=""/188, 0x40f00, 0x2, '\x00', r1, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000540)={0x5, 0x2}, 0x8, 0x10, &(0x7f0000000580)={0x0, 0x0, 0x28, 0x3f}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000640)=[0xffffffffffffffff, r2, r0, 0xffffffffffffffff, r0, r0, r3, r0, r0]}, 0x80)

18:06:46 executing program 1:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 51)

18:06:46 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x8612)
close(r2)

[  327.436485][T27795] RBP: 00007f133f5ec1d0 R08: 0000000000000000 R09: 0000000000000000
[  327.444284][T27795] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  327.452095][T27795] R13: 00007ffcbc4c66ef R14: 00007f133f5ec300 R15: 0000000000022000
[  327.459910][T27795]  </TASK>
18:06:46 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x80001, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200, 0x1, @perf_bp={&(0x7f0000000100)}, 0x80000, 0xbcf7, 0x3, 0x2, 0x1b8, 0x5, 0x0, 0x0, 0x8, 0x0, 0x51}, 0xffffffffffffffff, 0xe, r0, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

18:06:46 executing program 2:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x80000, 0x0, 0x0, 0x0)

18:06:46 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x80001, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200, 0x1, @perf_bp={&(0x7f0000000100)}, 0x80000, 0xbcf7, 0x3, 0x2, 0x1b8, 0x5, 0x0, 0x0, 0x8, 0x0, 0x51}, 0xffffffffffffffff, 0xe, r0, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

18:06:47 executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x4, 0x0, 0x4, 0x0, 0xc04}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000500)={0xffffffffffffffff, 0xe0, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000240)=[0x0, 0x0, 0x0], ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0x1, 0x9, &(0x7f0000000280)=[0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000700)=[{}, {}], 0x10, 0x10, &(0x7f0000000340), &(0x7f0000000380), 0x8, 0x10, 0x8, 0x8, &(0x7f00000003c0)}}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000004000f008000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0x2, 0x101, 0x720be703, 0x1000, 0xf1, r0, 0x80000000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1}, 0x48)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x4030582a, &(0x7f0000000040))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x5, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffff956, 0x0, 0x0, 0x0, 0x9}, [@map_fd={0x18, 0x6, 0x1, 0x0, r0}]}, &(0x7f0000000140)='syzkaller\x00', 0x400, 0xbc, &(0x7f0000000180)=""/188, 0x40f00, 0x2, '\x00', r1, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000540)={0x5, 0x2}, 0x8, 0x10, &(0x7f0000000580)={0x0, 0x0, 0x28, 0x3f}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000640)=[0xffffffffffffffff, r2, r0, 0xffffffffffffffff, r0, r0, r3, r0, r0]}, 0x80)

[  327.556171][T27814] FAULT_INJECTION: forcing a failure.
[  327.556171][T27814] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  327.596115][T27814] CPU: 1 PID: 27814 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0
[  327.606195][T27814] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[  327.616089][T27814] Call Trace:
[  327.619206][T27814]  <TASK>
[  327.621986][T27814]  dump_stack_lvl+0x151/0x1b7
[  327.626645][T27814]  ? bfq_pos_tree_add_move+0x43e/0x43e
[  327.631936][T27814]  dump_stack+0x15/0x17
[  327.635929][T27814]  should_fail+0x3c0/0x510
[  327.640185][T27814]  should_fail_alloc_page+0x58/0x70
[  327.645217][T27814]  __alloc_pages+0x1de/0x7c0
[  327.649638][T27814]  ? __count_vm_events+0x30/0x30
[  327.654412][T27814]  ? __this_cpu_preempt_check+0x13/0x20
[  327.659799][T27814]  ? __mod_node_page_state+0xac/0xf0
[  327.664917][T27814]  pte_alloc_one+0x73/0x1b0
[  327.669252][T27814]  ? pfn_modify_allowed+0x2e0/0x2e0
[  327.674285][T27814]  __pte_alloc+0x86/0x350
[  327.678501][T27814]  ? free_pgtables+0x210/0x210
[  327.683049][T27814]  ? _raw_spin_lock+0xa3/0x1b0
[  327.688439][T27814]  ? _raw_spin_trylock_bh+0x1d0/0x1d0
[  327.693652][T27814]  ? __kernel_text_address+0x9a/0x110
[  327.698848][T27814]  copy_pte_range+0x1b1f/0x20b0
[  327.703541][T27814]  ? __kunmap_atomic+0x80/0x80
[  327.708133][T27814]  ? __kasan_slab_alloc+0xc4/0xe0
[  327.713000][T27814]  ? __kasan_slab_alloc+0xb2/0xe0
[  327.717854][T27814]  ? kmem_cache_alloc+0x189/0x2f0
[  327.722715][T27814]  ? vm_area_dup+0x26/0x1d0
[  327.727055][T27814]  ? dup_mmap+0x6b8/0xea0
[  327.731220][T27814]  ? dup_mm+0x91/0x330
[  327.735127][T27814]  ? copy_mm+0x108/0x1b0
[  327.739204][T27814]  ? copy_process+0x1295/0x3250
[  327.743892][T27814]  ? kernel_clone+0x22d/0x990
[  327.748411][T27814]  ? __x64_sys_clone+0x289/0x310
[  327.753179][T27814]  ? do_syscall_64+0x44/0xd0
[  327.757603][T27814]  ? entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  327.763510][T27814]  copy_page_range+0xc1e/0x1090
[  327.768198][T27814]  ? pfn_valid+0x1e0/0x1e0
[  327.772447][T27814]  dup_mmap+0x99f/0xea0
[  327.776438][T27814]  ? __delayed_free_task+0x20/0x20
[  327.781386][T27814]  ? mm_init+0x807/0x960
[  327.785476][T27814]  dup_mm+0x91/0x330
[  327.789213][T27814]  copy_mm+0x108/0x1b0
[  327.793104][T27814]  copy_process+0x1295/0x3250
[  327.797620][T27814]  ? proc_fail_nth_write+0x213/0x290
[  327.802753][T27814]  ? proc_fail_nth_read+0x220/0x220
[  327.807770][T27814]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  327.812719][T27814]  ? vfs_write+0x9af/0x1050
[  327.817056][T27814]  ? vmacache_update+0xb7/0x120
[  327.821743][T27814]  kernel_clone+0x22d/0x990
[  327.826084][T27814]  ? file_end_write+0x1b0/0x1b0
[  327.830768][T27814]  ? __kasan_check_write+0x14/0x20
[  327.835722][T27814]  ? create_io_thread+0x1e0/0x1e0
[  327.840582][T27814]  ? __mutex_lock_slowpath+0x10/0x10
[  327.845702][T27814]  __x64_sys_clone+0x289/0x310
[  327.850304][T27814]  ? __do_sys_vfork+0x130/0x130
[  327.854986][T27814]  ? debug_smp_processor_id+0x17/0x20
[  327.860193][T27814]  do_syscall_64+0x44/0xd0
[  327.864444][T27814]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  327.870172][T27814] RIP: 0033:0x7f13408790c9
[  327.874432][T27814] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  327.893953][T27814] RSP: 002b:00007f133f5ec118 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
18:06:47 executing program 2:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x101000, 0x0, 0x0, 0x0)

18:06:47 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x8788)
close(r2)

[  327.902198][T27814] RAX: ffffffffffffffda RBX: 00007f1340998f80 RCX: 00007f13408790c9
[  327.910013][T27814] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  327.917820][T27814] RBP: 00007f133f5ec1d0 R08: 0000000000000000 R09: 0000000000000000
[  327.925633][T27814] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  327.933444][T27814] R13: 00007ffcbc4c66ef R14: 00007f133f5ec300 R15: 0000000000022000
[  327.941257][T27814]  </TASK>
18:06:47 executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x4, 0x0, 0x4, 0x0, 0xc04}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000500)={0xffffffffffffffff, 0xe0, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000240)=[0x0, 0x0, 0x0], ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0x1, 0x9, &(0x7f0000000280)=[0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000700)=[{}, {}], 0x10, 0x10, &(0x7f0000000340), &(0x7f0000000380), 0x8, 0x10, 0x8, 0x8, &(0x7f00000003c0)}}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000004000f008000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0x2, 0x101, 0x720be703, 0x1000, 0xf1, r0, 0x80000000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1}, 0x48)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x4030582a, &(0x7f0000000040))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x5, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffff956, 0x0, 0x0, 0x0, 0x9}, [@map_fd={0x18, 0x6, 0x1, 0x0, r0}]}, &(0x7f0000000140)='syzkaller\x00', 0x400, 0xbc, &(0x7f0000000180)=""/188, 0x40f00, 0x2, '\x00', r1, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000540)={0x5, 0x2}, 0x8, 0x10, &(0x7f0000000580)={0x0, 0x0, 0x28, 0x3f}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000640)=[0xffffffffffffffff, r2, r0, r0, r0, r3, r0, r0]}, 0x80)

18:06:47 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x8800)
close(r2)

[  328.363218][  T474] device bridge_slave_1 left promiscuous mode
[  328.369241][  T474] bridge0: port 2(bridge_slave_1) entered disabled state
[  328.376676][  T474] device bridge_slave_0 left promiscuous mode
[  328.385828][  T474] bridge0: port 1(bridge_slave_0) entered disabled state
[  328.394014][  T474] device veth1_macvtap left promiscuous mode
[  328.400065][  T474] device veth0_vlan left promiscuous mode
[  329.149555][T27841] bridge0: port 1(bridge_slave_0) entered blocking state
[  329.156424][T27841] bridge0: port 1(bridge_slave_0) entered disabled state
[  329.163612][T27841] device bridge_slave_0 entered promiscuous mode
[  329.170261][T27841] bridge0: port 2(bridge_slave_1) entered blocking state
[  329.177114][T27841] bridge0: port 2(bridge_slave_1) entered disabled state
[  329.184480][T27841] device bridge_slave_1 entered promiscuous mode
[  329.218533][T27841] bridge0: port 2(bridge_slave_1) entered blocking state
[  329.225396][T27841] bridge0: port 2(bridge_slave_1) entered forwarding state
[  329.232454][T27841] bridge0: port 1(bridge_slave_0) entered blocking state
[  329.239298][T27841] bridge0: port 1(bridge_slave_0) entered forwarding state
[  329.256274][  T454] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  329.263878][  T454] bridge0: port 1(bridge_slave_0) entered disabled state
[  329.270889][  T454] bridge0: port 2(bridge_slave_1) entered disabled state
[  329.280071][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  329.288049][   T20] bridge0: port 1(bridge_slave_0) entered blocking state
[  329.294891][   T20] bridge0: port 1(bridge_slave_0) entered forwarding state
[  329.312747][T27841] device veth0_vlan entered promiscuous mode
[  329.319592][  T454] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  329.327799][  T454] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  329.335500][  T454] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  329.342602][  T454] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  329.349745][  T454] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  329.357662][  T454] bridge0: port 2(bridge_slave_1) entered blocking state
[  329.364500][  T454] bridge0: port 2(bridge_slave_1) entered forwarding state
[  329.371617][  T454] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  329.379313][  T454] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  329.391020][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  329.399643][T27841] device veth1_macvtap entered promiscuous mode
[  329.408507][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
18:06:48 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0) (async)
r1 = syz_clone(0x21800000, &(0x7f0000000100)="d2eec28ebff7102b241f8a3cd89251ca5d3501866c57a710e7bfbb27e97d6911385a784c03c33655408e359bd0aef52fa602408bf8890cfc4653619ae65c1837db9e4c1a06925061f751988e01098b635cce1140e06e3aa6ae7f2b90866b35f6482a24f48ed81c3ca7e8566ce65efdb34c23868248436f7d", 0x78, &(0x7f0000000080), &(0x7f0000000180), &(0x7f00000001c0)="67aca1935de0692ad96591b9f6371c22e78aa1a234436573b9a208ec84b99da7380e5df2ca5114fb7837cae3c6f0388888a0494b2401063a58d88cb4fd4adcbc89b9c10ef5ac3e51f2c6d9a6f9a81be0c3d7e6d9078dff0029eae95a64f5f719b87e2e7affaac74bd6f5ed419f48573de77045705802bedb3f990bec3ea65e0e40f7e640b4296851b0fa0b9d264585334a018c54")
perf_event_open(&(0x7f0000000000)={0x3, 0x80, 0x80, 0x0, 0x8c, 0x42, 0x0, 0x43, 0x40050, 0x9, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x7ff, 0x4, @perf_config_ext={0xed72, 0xffffffffffff9525}, 0xcc, 0x6, 0x0, 0x3, 0x401, 0x8001, 0x43fc, 0x0, 0x81, 0x0, 0x7fffffff}, r1, 0x4, 0xffffffffffffffff, 0x1)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0)

18:06:48 executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x4, 0x0, 0x4, 0x0, 0xc04}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000500)={0xffffffffffffffff, 0xe0, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000240)=[0x0, 0x0, 0x0], ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0x1, 0x9, &(0x7f0000000280)=[0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000700)=[{}, {}], 0x10, 0x10, &(0x7f0000000340), &(0x7f0000000380), 0x8, 0x10, 0x8, 0x8, &(0x7f00000003c0)}}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000004000f008000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0x2, 0x101, 0x720be703, 0x1000, 0xf1, r0, 0x80000000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1}, 0x48)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x4030582a, &(0x7f0000000040))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x5, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffff956, 0x0, 0x0, 0x0, 0x9}, [@map_fd={0x18, 0x6, 0x1, 0x0, r0}]}, &(0x7f0000000140)='syzkaller\x00', 0x400, 0xbc, &(0x7f0000000180)=""/188, 0x40f00, 0x2, '\x00', r1, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000540)={0x5, 0x2}, 0x8, 0x10, &(0x7f0000000580)={0x0, 0x0, 0x28, 0x3f}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000640)=[0xffffffffffffffff, r2, r0, r0, r0, r3, r0, r0]}, 0x80)

18:06:48 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x8887)
close(r2)

18:06:48 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x80001, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200, 0x1, @perf_bp={&(0x7f0000000100)}, 0x80000, 0xbcf7, 0x3, 0x2, 0x1b8, 0x5, 0x0, 0x0, 0x8, 0x0, 0x51}, 0xffffffffffffffff, 0xe, r0, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

18:06:48 executing program 1:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 52)

18:06:48 executing program 2:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0xf0ff1f, 0x0, 0x0, 0x0)

18:06:48 executing program 2:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x1000000, 0x0, 0x0, 0x0)

[  329.419500][  T454] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
18:06:48 executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x4, 0x0, 0x4, 0x0, 0xc04}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000500)={0xffffffffffffffff, 0xe0, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000240)=[0x0, 0x0, 0x0], ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0x1, 0x9, &(0x7f0000000280)=[0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000700)=[{}, {}], 0x10, 0x10, &(0x7f0000000340), &(0x7f0000000380), 0x8, 0x10, 0x8, 0x8, &(0x7f00000003c0)}}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000004000f008000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0x2, 0x101, 0x720be703, 0x1000, 0xf1, r0, 0x80000000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1}, 0x48)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x4030582a, &(0x7f0000000040))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x5, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffff956, 0x0, 0x0, 0x0, 0x9}, [@map_fd={0x18, 0x6, 0x1, 0x0, r0}]}, &(0x7f0000000140)='syzkaller\x00', 0x400, 0xbc, &(0x7f0000000180)=""/188, 0x40f00, 0x2, '\x00', r1, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000540)={0x5, 0x2}, 0x8, 0x10, &(0x7f0000000580)={0x0, 0x0, 0x28, 0x3f}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000640)=[0xffffffffffffffff, r2, r0, r0, r0, r3, r0, r0]}, 0x80)

18:06:48 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0xa903)
close(r2)

18:06:48 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x80001, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200, 0x1, @perf_bp={&(0x7f0000000100)}, 0x80000, 0xbcf7, 0x3, 0x2, 0x1b8, 0x5, 0x0, 0x0, 0x8, 0x0, 0x51}, 0xffffffffffffffff, 0xe, r0, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

18:06:48 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x26e1, 0x0)
openat$cgroup_ro(r0, &(0x7f0000000000)='cpuacct.usage_percpu_user\x00', 0x0, 0x0)
close(r0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0)

[  329.504099][T27856] FAULT_INJECTION: forcing a failure.
[  329.504099][T27856] name failslab, interval 1, probability 0, space 0, times 0
[  329.540335][T27856] CPU: 1 PID: 27856 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0
[  329.550412][T27856] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[  329.560304][T27856] Call Trace:
[  329.563431][T27856]  <TASK>
[  329.566211][T27856]  dump_stack_lvl+0x151/0x1b7
[  329.570717][T27856]  ? bfq_pos_tree_add_move+0x43e/0x43e
[  329.576023][T27856]  dump_stack+0x15/0x17
[  329.580005][T27856]  should_fail+0x3c0/0x510
[  329.584259][T27856]  __should_failslab+0x9f/0xe0
[  329.588857][T27856]  should_failslab+0x9/0x20
[  329.593205][T27856]  kmem_cache_alloc+0x4f/0x2f0
[  329.597801][T27856]  ? vm_area_dup+0x26/0x1d0
[  329.602137][T27856]  vm_area_dup+0x26/0x1d0
[  329.606303][T27856]  dup_mmap+0x6b8/0xea0
[  329.610301][T27856]  ? __delayed_free_task+0x20/0x20
[  329.615249][T27856]  ? mm_init+0x807/0x960
[  329.619321][T27856]  dup_mm+0x91/0x330
[  329.623056][T27856]  copy_mm+0x108/0x1b0
[  329.626961][T27856]  copy_process+0x1295/0x3250
[  329.631474][T27856]  ? proc_fail_nth_write+0x213/0x290
[  329.636598][T27856]  ? proc_fail_nth_read+0x220/0x220
[  329.641629][T27856]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  329.646576][T27856]  ? vfs_write+0x9af/0x1050
[  329.650914][T27856]  ? vmacache_update+0xb7/0x120
[  329.655606][T27856]  kernel_clone+0x22d/0x990
[  329.659941][T27856]  ? file_end_write+0x1b0/0x1b0
[  329.664628][T27856]  ? __kasan_check_write+0x14/0x20
[  329.669586][T27856]  ? create_io_thread+0x1e0/0x1e0
[  329.674435][T27856]  ? __mutex_lock_slowpath+0x10/0x10
[  329.679558][T27856]  __x64_sys_clone+0x289/0x310
[  329.684158][T27856]  ? __do_sys_vfork+0x130/0x130
[  329.688848][T27856]  ? debug_smp_processor_id+0x17/0x20
[  329.694051][T27856]  do_syscall_64+0x44/0xd0
[  329.698315][T27856]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  329.704032][T27856] RIP: 0033:0x7f13408790c9
[  329.708374][T27856] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  329.727823][T27856] RSP: 002b:00007f133f5ec118 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  329.736058][T27856] RAX: ffffffffffffffda RBX: 00007f1340998f80 RCX: 00007f13408790c9
[  329.743871][T27856] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
18:06:49 executing program 2:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x2000000, 0x0, 0x0, 0x0)

18:06:49 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x80001, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200, 0x1, @perf_bp={&(0x7f0000000100)}, 0x80000, 0xbcf7, 0x3, 0x2, 0x1b8, 0x5, 0x0, 0x0, 0x8, 0x0, 0x51}, 0xffffffffffffffff, 0xe, r0, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

18:06:49 executing program 1:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 53)

18:06:49 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0xb201)
close(r2)

[  329.751677][T27856] RBP: 00007f133f5ec1d0 R08: 0000000000000000 R09: 0000000000000000
[  329.759578][T27856] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  329.767388][T27856] R13: 00007ffcbc4c66ef R14: 00007f133f5ec300 R15: 0000000000022000
[  329.775205][T27856]  </TASK>
18:06:49 executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x4, 0x0, 0x4, 0x0, 0xc04}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000500)={0xffffffffffffffff, 0xe0, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000240)=[0x0, 0x0, 0x0], ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0x1, 0x9, &(0x7f0000000280)=[0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000700)=[{}, {}], 0x10, 0x10, &(0x7f0000000340), &(0x7f0000000380), 0x8, 0x10, 0x8, 0x8, &(0x7f00000003c0)}}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000004000f008000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0x2, 0x101, 0x720be703, 0x1000, 0xf1, r0, 0x80000000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1}, 0x48)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x4030582a, &(0x7f0000000040))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x5, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffff956, 0x0, 0x0, 0x0, 0x9}, [@map_fd={0x18, 0x6, 0x1, 0x0, r0}]}, &(0x7f0000000140)='syzkaller\x00', 0x400, 0xbc, &(0x7f0000000180)=""/188, 0x40f00, 0x2, '\x00', r1, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000540)={0x5, 0x2}, 0x8, 0x10, &(0x7f0000000580)={0x0, 0x0, 0x28, 0x3f}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000640)=[0xffffffffffffffff, r2, 0xffffffffffffffff, r0, r0, r0, r3, r0, r0]}, 0x80)

[  329.801573][T27878] FAULT_INJECTION: forcing a failure.
[  329.801573][T27878] name failslab, interval 1, probability 0, space 0, times 0
[  329.819394][T27878] CPU: 0 PID: 27878 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0
[  329.829473][T27878] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[  329.839364][T27878] Call Trace:
[  329.842504][T27878]  <TASK>
[  329.845272][T27878]  dump_stack_lvl+0x151/0x1b7
[  329.849787][T27878]  ? bfq_pos_tree_add_move+0x43e/0x43e
[  329.855075][T27878]  dump_stack+0x15/0x17
[  329.859067][T27878]  should_fail+0x3c0/0x510
[  329.863324][T27878]  __should_failslab+0x9f/0xe0
[  329.867921][T27878]  should_failslab+0x9/0x20
[  329.872261][T27878]  kmem_cache_alloc+0x4f/0x2f0
[  329.876858][T27878]  ? vm_area_dup+0x26/0x1d0
[  329.881289][T27878]  vm_area_dup+0x26/0x1d0
[  329.885450][T27878]  dup_mmap+0x6b8/0xea0
[  329.889443][T27878]  ? __delayed_free_task+0x20/0x20
[  329.894391][T27878]  ? mm_init+0x807/0x960
[  329.898475][T27878]  dup_mm+0x91/0x330
[  329.902208][T27878]  copy_mm+0x108/0x1b0
[  329.906106][T27878]  copy_process+0x1295/0x3250
[  329.910622][T27878]  ? proc_fail_nth_write+0x213/0x290
[  329.915830][T27878]  ? proc_fail_nth_read+0x220/0x220
[  329.920903][T27878]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  329.925813][T27878]  ? vfs_write+0x9af/0x1050
[  329.930147][T27878]  ? vmacache_update+0xb7/0x120
[  329.934836][T27878]  kernel_clone+0x22d/0x990
[  329.939173][T27878]  ? file_end_write+0x1b0/0x1b0
[  329.943864][T27878]  ? __kasan_check_write+0x14/0x20
[  329.948817][T27878]  ? create_io_thread+0x1e0/0x1e0
[  329.953784][T27878]  ? __mutex_lock_slowpath+0x10/0x10
[  329.959052][T27878]  __x64_sys_clone+0x289/0x310
[  329.963650][T27878]  ? __do_sys_vfork+0x130/0x130
[  329.968342][T27878]  ? debug_smp_processor_id+0x17/0x20
[  329.973548][T27878]  do_syscall_64+0x44/0xd0
[  329.978930][T27878]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  329.984654][T27878] RIP: 0033:0x7f13408790c9
[  329.989003][T27878] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  330.008540][T27878] RSP: 002b:00007f133f5ec118 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  330.016771][T27878] RAX: ffffffffffffffda RBX: 00007f1340998f80 RCX: 00007f13408790c9
[  330.024580][T27878] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  330.032390][T27878] RBP: 00007f133f5ec1d0 R08: 0000000000000000 R09: 0000000000000000
[  330.040203][T27878] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
18:06:49 executing program 1:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 54)

18:06:49 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x80001, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200, 0x1, @perf_bp={&(0x7f0000000100)}, 0x80000, 0xbcf7, 0x3, 0x2, 0x1b8, 0x5, 0x0, 0x0, 0x8, 0x0, 0x51}, 0xffffffffffffffff, 0xe, r0, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

[  330.048010][T27878] R13: 00007ffcbc4c66ef R14: 00007f133f5ec300 R15: 0000000000022000
[  330.055828][T27878]  </TASK>
18:06:49 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0xb77f)
close(r2)

18:06:49 executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x4, 0x0, 0x4, 0x0, 0xc04}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000500)={0xffffffffffffffff, 0xe0, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000240)=[0x0, 0x0, 0x0], ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0x1, 0x9, &(0x7f0000000280)=[0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000700)=[{}, {}], 0x10, 0x10, &(0x7f0000000340), &(0x7f0000000380), 0x8, 0x10, 0x8, 0x8, &(0x7f00000003c0)}}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000004000f008000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0x2, 0x101, 0x720be703, 0x1000, 0xf1, r0, 0x80000000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1}, 0x48)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x4030582a, &(0x7f0000000040))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x5, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffff956, 0x0, 0x0, 0x0, 0x9}, [@map_fd={0x18, 0x6, 0x1, 0x0, r0}]}, &(0x7f0000000140)='syzkaller\x00', 0x400, 0xbc, &(0x7f0000000180)=""/188, 0x40f00, 0x2, '\x00', r1, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000540)={0x5, 0x2}, 0x8, 0x10, &(0x7f0000000580)={0x0, 0x0, 0x28, 0x3f}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000640)=[0xffffffffffffffff, r2, 0xffffffffffffffff, r0, r0, r0, r3, r0, r0]}, 0x80)

[  330.097996][T27887] FAULT_INJECTION: forcing a failure.
[  330.097996][T27887] name failslab, interval 1, probability 0, space 0, times 0
[  330.111130][T27887] CPU: 1 PID: 27887 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0
[  330.121213][T27887] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[  330.131097][T27887] Call Trace:
[  330.134223][T27887]  <TASK>
[  330.137000][T27887]  dump_stack_lvl+0x151/0x1b7
[  330.141513][T27887]  ? bfq_pos_tree_add_move+0x43e/0x43e
[  330.146805][T27887]  dump_stack+0x15/0x17
[  330.150796][T27887]  should_fail+0x3c0/0x510
[  330.155134][T27887]  __should_failslab+0x9f/0xe0
[  330.159734][T27887]  should_failslab+0x9/0x20
[  330.164076][T27887]  kmem_cache_alloc+0x4f/0x2f0
[  330.168673][T27887]  ? vm_area_dup+0x26/0x1d0
[  330.173011][T27887]  vm_area_dup+0x26/0x1d0
[  330.177179][T27887]  dup_mmap+0x6b8/0xea0
[  330.181171][T27887]  ? __delayed_free_task+0x20/0x20
[  330.186121][T27887]  ? mm_init+0x807/0x960
[  330.190200][T27887]  dup_mm+0x91/0x330
[  330.193927][T27887]  copy_mm+0x108/0x1b0
[  330.197835][T27887]  copy_process+0x1295/0x3250
[  330.202350][T27887]  ? proc_fail_nth_write+0x213/0x290
[  330.207469][T27887]  ? proc_fail_nth_read+0x220/0x220
[  330.212503][T27887]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  330.217449][T27887]  ? vfs_write+0x9af/0x1050
[  330.221788][T27887]  ? vmacache_update+0xb7/0x120
[  330.226479][T27887]  kernel_clone+0x22d/0x990
[  330.230816][T27887]  ? file_end_write+0x1b0/0x1b0
[  330.235501][T27887]  ? __kasan_check_write+0x14/0x20
[  330.240451][T27887]  ? create_io_thread+0x1e0/0x1e0
[  330.245309][T27887]  ? __mutex_lock_slowpath+0x10/0x10
[  330.250430][T27887]  __x64_sys_clone+0x289/0x310
[  330.255034][T27887]  ? __do_sys_vfork+0x130/0x130
[  330.259719][T27887]  ? debug_smp_processor_id+0x17/0x20
[  330.264924][T27887]  do_syscall_64+0x44/0xd0
[  330.269177][T27887]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  330.274906][T27887] RIP: 0033:0x7f13408790c9
[  330.279159][T27887] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  330.298603][T27887] RSP: 002b:00007f133f5ec118 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  330.306844][T27887] RAX: ffffffffffffffda RBX: 00007f1340998f80 RCX: 00007f13408790c9
[  330.314658][T27887] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  330.322467][T27887] RBP: 00007f133f5ec1d0 R08: 0000000000000000 R09: 0000000000000000
[  330.330278][T27887] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  330.338088][T27887] R13: 00007ffcbc4c66ef R14: 00007f133f5ec300 R15: 0000000000022000
[  330.345903][T27887]  </TASK>
18:06:49 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x26e1, 0x0)
openat$cgroup_ro(r0, &(0x7f0000000000)='cpuacct.usage_percpu_user\x00', 0x0, 0x0)
close(r0) (async)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0)

18:06:49 executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x4, 0x0, 0x4, 0x0, 0xc04}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000500)={0xffffffffffffffff, 0xe0, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000240)=[0x0, 0x0, 0x0], ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0x1, 0x9, &(0x7f0000000280)=[0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000700)=[{}, {}], 0x10, 0x10, &(0x7f0000000340), &(0x7f0000000380), 0x8, 0x10, 0x8, 0x8, &(0x7f00000003c0)}}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000004000f008000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0x2, 0x101, 0x720be703, 0x1000, 0xf1, r0, 0x80000000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1}, 0x48)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x4030582a, &(0x7f0000000040))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x5, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffff956, 0x0, 0x0, 0x0, 0x9}, [@map_fd={0x18, 0x6, 0x1, 0x0, r0}]}, &(0x7f0000000140)='syzkaller\x00', 0x400, 0xbc, &(0x7f0000000180)=""/188, 0x40f00, 0x2, '\x00', r1, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000540)={0x5, 0x2}, 0x8, 0x10, &(0x7f0000000580)={0x0, 0x0, 0x28, 0x3f}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000640)=[0xffffffffffffffff, r2, 0xffffffffffffffff, r0, r0, r0, r3, r0, r0]}, 0x80)

18:06:49 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x26e1, 0x0)
openat$cgroup_ro(r0, &(0x7f0000000000)='cpuacct.usage_percpu_user\x00', 0x0, 0x0) (async)
close(r0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0)

[  330.913761][   T10] device bridge_slave_1 left promiscuous mode
[  330.919696][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[  330.927140][   T10] device bridge_slave_0 left promiscuous mode
[  330.933202][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[  330.940562][   T10] device veth1_macvtap left promiscuous mode
[  330.946584][   T10] device veth0_vlan left promiscuous mode
[  331.620622][T27909] bridge0: port 1(bridge_slave_0) entered blocking state
[  331.627638][T27909] bridge0: port 1(bridge_slave_0) entered disabled state
[  331.635074][T27909] device bridge_slave_0 entered promiscuous mode
[  331.641683][T27909] bridge0: port 2(bridge_slave_1) entered blocking state
[  331.648632][T27909] bridge0: port 2(bridge_slave_1) entered disabled state
[  331.655753][T27909] device bridge_slave_1 entered promiscuous mode
[  331.692277][T27909] bridge0: port 2(bridge_slave_1) entered blocking state
[  331.699139][T27909] bridge0: port 2(bridge_slave_1) entered forwarding state
[  331.706236][T27909] bridge0: port 1(bridge_slave_0) entered blocking state
[  331.713028][T27909] bridge0: port 1(bridge_slave_0) entered forwarding state
[  331.730837][  T463] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  331.738130][  T463] bridge0: port 1(bridge_slave_0) entered disabled state
[  331.745309][  T463] bridge0: port 2(bridge_slave_1) entered disabled state
[  331.754166][  T454] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  331.762047][  T454] bridge0: port 1(bridge_slave_0) entered blocking state
[  331.768831][  T454] bridge0: port 1(bridge_slave_0) entered forwarding state
[  331.783580][  T463] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  331.791477][  T463] bridge0: port 2(bridge_slave_1) entered blocking state
[  331.798254][  T463] bridge0: port 2(bridge_slave_1) entered forwarding state
[  331.805404][  T463] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  331.813160][  T463] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  331.823547][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  331.834254][  T454] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  331.841902][  T454] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  331.849257][  T454] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  331.857550][T27909] device veth0_vlan entered promiscuous mode
[  331.866660][  T463] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  331.875462][T27909] device veth1_macvtap entered promiscuous mode
18:06:51 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0xc811)
close(r2)

18:06:51 executing program 2:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x7000000, 0x0, 0x0, 0x0)

18:06:51 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x80001, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200, 0x1, @perf_bp={&(0x7f0000000100)}, 0x80000, 0xbcf7, 0x3, 0x2, 0x1b8, 0x5, 0x0, 0x0, 0x8, 0x0, 0x51}, 0xffffffffffffffff, 0xe, r0, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

18:06:51 executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x4, 0x0, 0x4, 0x0, 0xc04}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000500)={0xffffffffffffffff, 0xe0, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000240)=[0x0, 0x0, 0x0], ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0x1, 0x9, &(0x7f0000000280)=[0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000700)=[{}, {}], 0x10, 0x10, &(0x7f0000000340), &(0x7f0000000380), 0x8, 0x10, 0x8, 0x8, &(0x7f00000003c0)}}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000004000f008000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0x2, 0x101, 0x720be703, 0x1000, 0xf1, r0, 0x80000000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1}, 0x48)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x5, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffff956, 0x0, 0x0, 0x0, 0x9}, [@map_fd={0x18, 0x6, 0x1, 0x0, r0}]}, &(0x7f0000000140)='syzkaller\x00', 0x400, 0xbc, &(0x7f0000000180)=""/188, 0x40f00, 0x2, '\x00', r1, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000540)={0x5, 0x2}, 0x8, 0x10, &(0x7f0000000580)={0x0, 0x0, 0x28, 0x3f}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000640)=[0xffffffffffffffff, r0, r0, r0, r0, r2, r0, r0]}, 0x80)

18:06:51 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='blkio.bfq.io_wait_time\x00', 0x26e1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x8, 0x6, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x75}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x70)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0)

18:06:51 executing program 1:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 55)

[  331.886360][  T454] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  331.894501][  T454] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  331.928467][T27922] FAULT_INJECTION: forcing a failure.
[  331.928467][T27922] name failslab, interval 1, probability 0, space 0, times 0
[  331.946380][T27922] CPU: 1 PID: 27922 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0
[  331.956448][T27922] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[  331.966345][T27922] Call Trace:
[  331.969467][T27922]  <TASK>
[  331.972285][T27922]  dump_stack_lvl+0x151/0x1b7
[  331.976758][T27922]  ? bfq_pos_tree_add_move+0x43e/0x43e
[  331.982493][T27922]  dump_stack+0x15/0x17
[  331.986482][T27922]  should_fail+0x3c0/0x510
[  331.990731][T27922]  __should_failslab+0x9f/0xe0
[  331.995332][T27922]  should_failslab+0x9/0x20
[  331.999675][T27922]  kmem_cache_alloc+0x4f/0x2f0
[  332.004271][T27922]  ? vm_area_dup+0x26/0x1d0
[  332.008609][T27922]  ? __kasan_check_read+0x11/0x20
[  332.013472][T27922]  vm_area_dup+0x26/0x1d0
[  332.017639][T27922]  dup_mmap+0x6b8/0xea0
[  332.021633][T27922]  ? __delayed_free_task+0x20/0x20
[  332.026577][T27922]  ? mm_init+0x807/0x960
[  332.030655][T27922]  dup_mm+0x91/0x330
[  332.034386][T27922]  copy_mm+0x108/0x1b0
[  332.038382][T27922]  copy_process+0x1295/0x3250
[  332.042896][T27922]  ? proc_fail_nth_write+0x213/0x290
[  332.048015][T27922]  ? proc_fail_nth_read+0x220/0x220
[  332.053052][T27922]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  332.058004][T27922]  ? vfs_write+0x9af/0x1050
[  332.062336][T27922]  ? vmacache_update+0xb7/0x120
[  332.067023][T27922]  kernel_clone+0x22d/0x990
[  332.071398][T27922]  ? file_end_write+0x1b0/0x1b0
[  332.076051][T27922]  ? __kasan_check_write+0x14/0x20
[  332.081006][T27922]  ? create_io_thread+0x1e0/0x1e0
[  332.085864][T27922]  ? __mutex_lock_slowpath+0x10/0x10
[  332.090978][T27922]  __x64_sys_clone+0x289/0x310
[  332.095583][T27922]  ? __do_sys_vfork+0x130/0x130
[  332.100265][T27922]  ? debug_smp_processor_id+0x17/0x20
[  332.105473][T27922]  do_syscall_64+0x44/0xd0
[  332.109725][T27922]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  332.115465][T27922] RIP: 0033:0x7f13408790c9
[  332.119708][T27922] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  332.139148][T27922] RSP: 002b:00007f133f5ec118 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
18:06:51 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='blkio.bfq.io_wait_time\x00', 0x26e1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x8, 0x6, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x75}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x70)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='blkio.bfq.io_wait_time\x00', 0x26e1, 0x0) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x8, 0x6, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x75}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x70) (async)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0) (async)

18:06:51 executing program 2:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x9000000, 0x0, 0x0, 0x0)

18:06:51 executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x4, 0x0, 0x4, 0x0, 0xc04}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000500)={0xffffffffffffffff, 0xe0, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000240)=[0x0, 0x0, 0x0], ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0x1, 0x9, &(0x7f0000000280)=[0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000700)=[{}, {}], 0x10, 0x10, &(0x7f0000000340), &(0x7f0000000380), 0x8, 0x10, 0x8, 0x8, &(0x7f00000003c0)}}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000004000f008000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0x2, 0x101, 0x720be703, 0x1000, 0xf1, r0, 0x80000000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1}, 0x48)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x5, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffff956, 0x0, 0x0, 0x0, 0x9}, [@map_fd={0x18, 0x6, 0x1, 0x0, r0}]}, &(0x7f0000000140)='syzkaller\x00', 0x400, 0xbc, &(0x7f0000000180)=""/188, 0x40f00, 0x2, '\x00', r1, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000540)={0x5, 0x2}, 0x8, 0x10, &(0x7f0000000580)={0x0, 0x0, 0x28, 0x3f}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000640)=[0xffffffffffffffff, r0, r0, r0, r0, r2, r0, r0]}, 0x80)

[  332.147389][T27922] RAX: ffffffffffffffda RBX: 00007f1340998f80 RCX: 00007f13408790c9
[  332.155201][T27922] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  332.163016][T27922] RBP: 00007f133f5ec1d0 R08: 0000000000000000 R09: 0000000000000000
[  332.170837][T27922] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  332.178635][T27922] R13: 00007ffcbc4c66ef R14: 00007f133f5ec300 R15: 0000000000022000
[  332.186449][T27922]  </TASK>
18:06:51 executing program 1:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 56)

18:06:51 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0xd402)
close(r2)

18:06:51 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x80001, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200, 0x1, @perf_bp={&(0x7f0000000100)}, 0x80000, 0xbcf7, 0x3, 0x2, 0x1b8, 0x5, 0x0, 0x0, 0x8, 0x0, 0x51}, 0xffffffffffffffff, 0xe, r0, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

18:06:51 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='blkio.bfq.io_wait_time\x00', 0x26e1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x8, 0x6, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x75}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0}, 0x70) (async)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0)

18:06:51 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
openat$cgroup_ro(r0, &(0x7f0000000000)='blkio.bfq.io_service_bytes\x00', 0x0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x4030582a, &(0x7f0000000040))
openat$cgroup_int(r1, &(0x7f0000000040)='hugetlb.1GB.limit_in_bytes\x00', 0x2, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0)

18:06:51 executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x4, 0x0, 0x4, 0x0, 0xc04}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000500)={0xffffffffffffffff, 0xe0, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000240)=[0x0, 0x0, 0x0], ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0x1, 0x9, &(0x7f0000000280)=[0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000700)=[{}, {}], 0x10, 0x10, &(0x7f0000000340), &(0x7f0000000380), 0x8, 0x10, 0x8, 0x8, &(0x7f00000003c0)}}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000004000f008000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0x2, 0x101, 0x720be703, 0x1000, 0xf1, r0, 0x80000000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1}, 0x48)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x5, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffff956, 0x0, 0x0, 0x0, 0x9}, [@map_fd={0x18, 0x6, 0x1, 0x0, r0}]}, &(0x7f0000000140)='syzkaller\x00', 0x400, 0xbc, &(0x7f0000000180)=""/188, 0x40f00, 0x2, '\x00', r1, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000540)={0x5, 0x2}, 0x8, 0x10, &(0x7f0000000580)={0x0, 0x0, 0x28, 0x3f}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000640)=[0xffffffffffffffff, r0, r0, r0, r0, r2, r0, r0]}, 0x80)

[  332.269509][T27940] FAULT_INJECTION: forcing a failure.
[  332.269509][T27940] name failslab, interval 1, probability 0, space 0, times 0
[  332.285627][T27940] CPU: 0 PID: 27940 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0
[  332.295699][T27940] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[  332.305604][T27940] Call Trace:
[  332.308723][T27940]  <TASK>
[  332.311494][T27940]  dump_stack_lvl+0x151/0x1b7
18:06:51 executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x4, 0x0, 0x4, 0x0, 0xc04}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000500)={0xffffffffffffffff, 0xe0, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000240)=[0x0, 0x0, 0x0], ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0x1, 0x9, &(0x7f0000000280)=[0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000700)=[{}, {}], 0x10, 0x10, &(0x7f0000000340), &(0x7f0000000380), 0x8, 0x10, 0x8, 0x8, &(0x7f00000003c0)}}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000004000f008000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0x2, 0x101, 0x720be703, 0x1000, 0xf1, r0, 0x80000000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1}, 0x48)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x5, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffff956, 0x0, 0x0, 0x0, 0x9}, [@map_fd={0x18, 0x6, 0x1, 0x0, r0}]}, &(0x7f0000000140)='syzkaller\x00', 0x400, 0xbc, &(0x7f0000000180)=""/188, 0x40f00, 0x2, '\x00', r1, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000540)={0x5, 0x2}, 0x8, 0x10, &(0x7f0000000580)={0x0, 0x0, 0x28, 0x3f}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000640)=[0xffffffffffffffff, 0xffffffffffffffff, r0, r0, r0, r0, r2, r0, r0]}, 0x80)

[  332.316010][T27940]  ? bfq_pos_tree_add_move+0x43e/0x43e
[  332.321313][T27940]  dump_stack+0x15/0x17
[  332.325293][T27940]  should_fail+0x3c0/0x510
[  332.329544][T27940]  __should_failslab+0x9f/0xe0
[  332.334148][T27940]  should_failslab+0x9/0x20
[  332.338486][T27940]  kmem_cache_alloc+0x4f/0x2f0
[  332.343081][T27940]  ? vm_area_dup+0x26/0x1d0
[  332.347425][T27940]  ? __kasan_check_read+0x11/0x20
[  332.352288][T27940]  vm_area_dup+0x26/0x1d0
[  332.356453][T27940]  dup_mmap+0x6b8/0xea0
[  332.360448][T27940]  ? __delayed_free_task+0x20/0x20
[  332.365396][T27940]  ? mm_init+0x807/0x960
18:06:51 executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x4, 0x0, 0x4, 0x0, 0xc04}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000500)={0xffffffffffffffff, 0xe0, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000240)=[0x0, 0x0, 0x0], ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0x1, 0x9, &(0x7f0000000280)=[0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000700)=[{}, {}], 0x10, 0x10, &(0x7f0000000340), &(0x7f0000000380), 0x8, 0x10, 0x8, 0x8, &(0x7f00000003c0)}}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000004000f008000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0x2, 0x101, 0x720be703, 0x1000, 0xf1, r0, 0x80000000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1}, 0x48)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x5, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffff956, 0x0, 0x0, 0x0, 0x9}, [@map_fd={0x18, 0x6, 0x1, 0x0, r0}]}, &(0x7f0000000140)='syzkaller\x00', 0x400, 0xbc, &(0x7f0000000180)=""/188, 0x40f00, 0x2, '\x00', r1, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000540)={0x5, 0x2}, 0x8, 0x10, &(0x7f0000000580)={0x0, 0x0, 0x28, 0x3f}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000640)=[0xffffffffffffffff, 0xffffffffffffffff, r0, r0, r0, r0, r2, r0, r0]}, 0x80)

[  332.369470][T27940]  dup_mm+0x91/0x330
[  332.373200][T27940]  copy_mm+0x108/0x1b0
[  332.377111][T27940]  copy_process+0x1295/0x3250
[  332.381667][T27940]  ? proc_fail_nth_write+0x213/0x290
[  332.386743][T27940]  ? proc_fail_nth_read+0x220/0x220
[  332.391775][T27940]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  332.397513][T27940]  ? vfs_write+0x9af/0x1050
[  332.401846][T27940]  ? vmacache_update+0xb7/0x120
[  332.406530][T27940]  kernel_clone+0x22d/0x990
[  332.410869][T27940]  ? file_end_write+0x1b0/0x1b0
18:06:51 executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x4, 0x0, 0x4, 0x0, 0xc04}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000500)={0xffffffffffffffff, 0xe0, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000240)=[0x0, 0x0, 0x0], ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0x1, 0x9, &(0x7f0000000280)=[0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000700)=[{}, {}], 0x10, 0x10, &(0x7f0000000340), &(0x7f0000000380), 0x8, 0x10, 0x8, 0x8, &(0x7f00000003c0)}}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000004000f008000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0x2, 0x101, 0x720be703, 0x1000, 0xf1, r0, 0x80000000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1}, 0x48)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x5, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffff956, 0x0, 0x0, 0x0, 0x9}, [@map_fd={0x18, 0x6, 0x1, 0x0, r0}]}, &(0x7f0000000140)='syzkaller\x00', 0x400, 0xbc, &(0x7f0000000180)=""/188, 0x40f00, 0x2, '\x00', r1, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000540)={0x5, 0x2}, 0x8, 0x10, &(0x7f0000000580)={0x0, 0x0, 0x28, 0x3f}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000640)=[0xffffffffffffffff, 0xffffffffffffffff, r0, r0, r0, r0, r2, r0, r0]}, 0x80)

[  332.415558][T27940]  ? __kasan_check_write+0x14/0x20
[  332.420505][T27940]  ? create_io_thread+0x1e0/0x1e0
[  332.425372][T27940]  ? __mutex_lock_slowpath+0x10/0x10
[  332.430491][T27940]  __x64_sys_clone+0x289/0x310
[  332.435087][T27940]  ? __do_sys_vfork+0x130/0x130
[  332.439777][T27940]  ? debug_smp_processor_id+0x17/0x20
[  332.444998][T27940]  do_syscall_64+0x44/0xd0
[  332.449234][T27940]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  332.455483][T27940] RIP: 0033:0x7f13408790c9
[  332.459734][T27940] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  332.479262][T27940] RSP: 002b:00007f133f5ec118 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  332.487509][T27940] RAX: ffffffffffffffda RBX: 00007f1340998f80 RCX: 00007f13408790c9
[  332.495406][T27940] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  332.503315][T27940] RBP: 00007f133f5ec1d0 R08: 0000000000000000 R09: 0000000000000000
[  332.511125][T27940] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
18:06:51 executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x4, 0x0, 0x4, 0x0, 0xc04}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000500)={0xffffffffffffffff, 0xe0, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000240)=[0x0, 0x0, 0x0], ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0x1, 0x9, &(0x7f0000000280)=[0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000700)=[{}, {}], 0x10, 0x10, &(0x7f0000000340), &(0x7f0000000380), 0x8, 0x10, 0x8, 0x8, &(0x7f00000003c0)}}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000004000f008000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0x2, 0x101, 0x720be703, 0x1000, 0xf1, r0, 0x80000000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1}, 0x48)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x4030582a, &(0x7f0000000040))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x5, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffff956, 0x0, 0x0, 0x0, 0x9}, [@map_fd={0x18, 0x6, 0x1, 0x0, r0}]}, &(0x7f0000000140)='syzkaller\x00', 0x400, 0xbc, &(0x7f0000000180)=""/188, 0x40f00, 0x2, '\x00', r1, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000540)={0x5, 0x2}, 0x8, 0x10, &(0x7f0000000580)={0x0, 0x0, 0x28, 0x3f}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000640)=[r2, r0, r0, r0, r0, r3, r0, r0]}, 0x80)

18:06:52 executing program 2:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x10000200, 0x0, 0x0, 0x0)

18:06:52 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0xe800)
close(r2)

18:06:52 executing program 1:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 57)

18:06:52 executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x4, 0x0, 0x4, 0x0, 0xc04}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000500)={0xffffffffffffffff, 0xe0, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000240)=[0x0, 0x0, 0x0], ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0x1, 0x9, &(0x7f0000000280)=[0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000700)=[{}, {}], 0x10, 0x10, &(0x7f0000000340), &(0x7f0000000380), 0x8, 0x10, 0x8, 0x8, &(0x7f00000003c0)}}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000004000f008000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0x2, 0x101, 0x720be703, 0x1000, 0xf1, r0, 0x80000000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1}, 0x48)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x4030582a, &(0x7f0000000040))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x5, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffff956, 0x0, 0x0, 0x0, 0x9}, [@map_fd={0x18, 0x6, 0x1, 0x0, r0}]}, &(0x7f0000000140)='syzkaller\x00', 0x400, 0xbc, &(0x7f0000000180)=""/188, 0x40f00, 0x2, '\x00', r1, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000540)={0x5, 0x2}, 0x8, 0x10, &(0x7f0000000580)={0x0, 0x0, 0x28, 0x3f}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000640)=[r2, r0, r0, r0, r0, r3, r0, r0]}, 0x80)

18:06:52 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
openat$cgroup_ro(r0, &(0x7f0000000000)='blkio.bfq.io_service_bytes\x00', 0x0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x4030582a, &(0x7f0000000040)) (async)
openat$cgroup_int(r1, &(0x7f0000000040)='hugetlb.1GB.limit_in_bytes\x00', 0x2, 0x0) (async, rerun: 64)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0) (rerun: 64)

18:06:52 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x80001, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200, 0x1, @perf_bp={&(0x7f0000000100)}, 0x80000, 0xbcf7, 0x3, 0x2, 0x1b8, 0x5, 0x0, 0x0, 0x8, 0x0, 0x51}, 0xffffffffffffffff, 0xe, r0, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

[  332.518946][T27940] R13: 00007ffcbc4c66ef R14: 00007f133f5ec300 R15: 0000000000022000
[  332.526754][T27940]  </TASK>
18:06:52 executing program 2:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x11000000, 0x0, 0x0, 0x0)

18:06:52 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0xeb28)
close(r2)

18:06:52 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
openat$cgroup_ro(r0, &(0x7f0000000000)='blkio.bfq.io_service_bytes\x00', 0x0, 0x0) (async)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x4030582a, &(0x7f0000000040))
openat$cgroup_int(r1, &(0x7f0000000040)='hugetlb.1GB.limit_in_bytes\x00', 0x2, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0)

18:06:52 executing program 2:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x1f000000, 0x0, 0x0, 0x0)

18:06:52 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x80001, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200, 0x1, @perf_bp={&(0x7f0000000100)}, 0x80000, 0xbcf7, 0x3, 0x2, 0x1b8, 0x5, 0x0, 0x0, 0x8, 0x0, 0x51}, 0xffffffffffffffff, 0xe, r0, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

[  332.606557][T27982] FAULT_INJECTION: forcing a failure.
[  332.606557][T27982] name failslab, interval 1, probability 0, space 0, times 0
[  332.619184][T27982] CPU: 1 PID: 27982 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0
[  332.629357][T27982] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[  332.639250][T27982] Call Trace:
[  332.642386][T27982]  <TASK>
[  332.645149][T27982]  dump_stack_lvl+0x151/0x1b7
[  332.649662][T27982]  ? bfq_pos_tree_add_move+0x43e/0x43e
[  332.654962][T27982]  dump_stack+0x15/0x17
[  332.658952][T27982]  should_fail+0x3c0/0x510
[  332.663204][T27982]  __should_failslab+0x9f/0xe0
[  332.667805][T27982]  should_failslab+0x9/0x20
[  332.672153][T27982]  kmem_cache_alloc+0x4f/0x2f0
[  332.676743][T27982]  ? vm_area_dup+0x26/0x1d0
[  332.681086][T27982]  vm_area_dup+0x26/0x1d0
[  332.685256][T27982]  dup_mmap+0x6b8/0xea0
[  332.689239][T27982]  ? __delayed_free_task+0x20/0x20
[  332.694188][T27982]  ? mm_init+0x807/0x960
[  332.698268][T27982]  dup_mm+0x91/0x330
[  332.702001][T27982]  copy_mm+0x108/0x1b0
[  332.705903][T27982]  copy_process+0x1295/0x3250
[  332.710418][T27982]  ? proc_fail_nth_write+0x213/0x290
[  332.715540][T27982]  ? proc_fail_nth_read+0x220/0x220
[  332.720573][T27982]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  332.725518][T27982]  ? vfs_write+0x9af/0x1050
[  332.729858][T27982]  ? vmacache_update+0xb7/0x120
[  332.734549][T27982]  kernel_clone+0x22d/0x990
[  332.738895][T27982]  ? file_end_write+0x1b0/0x1b0
[  332.743594][T27982]  ? __kasan_check_write+0x14/0x20
[  332.748519][T27982]  ? create_io_thread+0x1e0/0x1e0
[  332.753381][T27982]  ? __mutex_lock_slowpath+0x10/0x10
[  332.758499][T27982]  __x64_sys_clone+0x289/0x310
[  332.763104][T27982]  ? __do_sys_vfork+0x130/0x130
[  332.767793][T27982]  ? debug_smp_processor_id+0x17/0x20
[  332.772998][T27982]  do_syscall_64+0x44/0xd0
[  332.777249][T27982]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  332.782973][T27982] RIP: 0033:0x7f13408790c9
[  332.787227][T27982] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  332.806676][T27982] RSP: 002b:00007f133f5ec118 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  332.814923][T27982] RAX: ffffffffffffffda RBX: 00007f1340998f80 RCX: 00007f13408790c9
[  332.822743][T27982] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  332.830539][T27982] RBP: 00007f133f5ec1d0 R08: 0000000000000000 R09: 0000000000000000
[  332.838438][T27982] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  332.846280][T27982] R13: 00007ffcbc4c66ef R14: 00007f133f5ec300 R15: 0000000000022000
[  332.854058][T27982]  </TASK>
18:06:52 executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x4, 0x0, 0x4, 0x0, 0xc04}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000500)={0xffffffffffffffff, 0xe0, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000240)=[0x0, 0x0, 0x0], ""/16, <r1=>0x0, 0x0, 0x0, 0x0, 0x1, 0x9, &(0x7f0000000280)=[0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x8, &(0x7f0000000700)=[{}, {}], 0x10, 0x10, &(0x7f0000000340), &(0x7f0000000380), 0x8, 0x10, 0x8, 0x8, &(0x7f00000003c0)}}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000004000f008000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0x2, 0x101, 0x720be703, 0x1000, 0xf1, r0, 0x80000000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1}, 0x48)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x4030582a, &(0x7f0000000040))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x5, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffff956, 0x0, 0x0, 0x0, 0x9}, [@map_fd={0x18, 0x6, 0x1, 0x0, r0}]}, &(0x7f0000000140)='syzkaller\x00', 0x400, 0xbc, &(0x7f0000000180)=""/188, 0x40f00, 0x2, '\x00', r1, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000540)={0x5, 0x2}, 0x8, 0x10, &(0x7f0000000580)={0x0, 0x0, 0x28, 0x3f}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000640)=[r2, r0, r0, r0, r0, r3, r0, r0]}, 0x80)

18:06:52 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='fsi_master_gpio_crc_cmd_error\x00', r0}, 0x10)
bpf$ITER_CREATE(0x21, &(0x7f0000000080)={r0}, 0x8)

18:06:52 executing program 2:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x1ffff000, 0x0, 0x0, 0x0)

18:06:52 executing program 1:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 58)

18:06:52 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x80001, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200, 0x1, @perf_bp={&(0x7f0000000100)}, 0x80000, 0xbcf7, 0x3, 0x2, 0x1b8, 0x5, 0x0, 0x0, 0x8, 0x0, 0x51}, 0xffffffffffffffff, 0xe, r0, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

18:06:52 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0xfc28)
close(r2)

18:06:52 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='fsi_master_gpio_crc_cmd_error\x00', r0}, 0x10)
bpf$ITER_CREATE(0x21, &(0x7f0000000080)={r0}, 0x8)

18:06:52 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x80001, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200, 0x1, @perf_bp={&(0x7f0000000100)}, 0x80000, 0xbcf7, 0x3, 0x2, 0x1b8, 0x5, 0x0, 0x0, 0x8, 0x0, 0x51}, 0xffffffffffffffff, 0xe, r0, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

[  332.960515][T28004] FAULT_INJECTION: forcing a failure.
[  332.960515][T28004] name failslab, interval 1, probability 0, space 0, times 0
[  332.982958][T28004] CPU: 1 PID: 28004 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0
[  332.993041][T28004] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[  333.002932][T28004] Call Trace:
[  333.006050][T28004]  <TASK>
[  333.008833][T28004]  dump_stack_lvl+0x151/0x1b7
[  333.013351][T28004]  ? bfq_pos_tree_add_move+0x43e/0x43e
[  333.018637][T28004]  dump_stack+0x15/0x17
[  333.022631][T28004]  should_fail+0x3c0/0x510
[  333.026880][T28004]  __should_failslab+0x9f/0xe0
[  333.031480][T28004]  should_failslab+0x9/0x20
[  333.036022][T28004]  kmem_cache_alloc+0x4f/0x2f0
[  333.040596][T28004]  ? vm_area_dup+0x26/0x1d0
[  333.044937][T28004]  vm_area_dup+0x26/0x1d0
[  333.049100][T28004]  dup_mmap+0x6b8/0xea0
[  333.053092][T28004]  ? __delayed_free_task+0x20/0x20
[  333.058133][T28004]  ? mm_init+0x807/0x960
[  333.062206][T28004]  dup_mm+0x91/0x330
[  333.065935][T28004]  copy_mm+0x108/0x1b0
[  333.070193][T28004]  copy_process+0x1295/0x3250
[  333.074708][T28004]  ? proc_fail_nth_write+0x213/0x290
[  333.079831][T28004]  ? proc_fail_nth_read+0x220/0x220
[  333.084858][T28004]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  333.089806][T28004]  ? vfs_write+0x9af/0x1050
[  333.094230][T28004]  ? vmacache_update+0xb7/0x120
[  333.098917][T28004]  kernel_clone+0x22d/0x990
[  333.103344][T28004]  ? file_end_write+0x1b0/0x1b0
[  333.108031][T28004]  ? __kasan_check_write+0x14/0x20
[  333.112978][T28004]  ? create_io_thread+0x1e0/0x1e0
[  333.117836][T28004]  ? __mutex_lock_slowpath+0x10/0x10
[  333.122959][T28004]  __x64_sys_clone+0x289/0x310
[  333.127568][T28004]  ? __do_sys_vfork+0x130/0x130
[  333.132246][T28004]  ? debug_smp_processor_id+0x17/0x20
[  333.137455][T28004]  do_syscall_64+0x44/0xd0
[  333.141707][T28004]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  333.147435][T28004] RIP: 0033:0x7f13408790c9
[  333.151689][T28004] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  333.171129][T28004] RSP: 002b:00007f133f5ec118 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  333.179371][T28004] RAX: ffffffffffffffda RBX: 00007f1340998f80 RCX: 00007f13408790c9
[  333.187185][T28004] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  333.194995][T28004] RBP: 00007f133f5ec1d0 R08: 0000000000000000 R09: 0000000000000000
[  333.202810][T28004] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
18:06:52 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='fsi_master_gpio_crc_cmd_error\x00', r0}, 0x10)
bpf$ITER_CREATE(0x21, &(0x7f0000000080)={r0}, 0x8)

18:06:52 executing program 0:
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x0, 0x0, 0x0, 0x0, 0x565, 0xffffffffffffffff, 0x5}, 0x48)

18:06:52 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x40082406, &(0x7f0000000000)='blkio.bfq.io_merged\x00')

18:06:52 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x80001, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200, 0x1, @perf_bp={&(0x7f0000000100)}, 0x80000, 0xbcf7, 0x3, 0x2, 0x1b8, 0x5, 0x0, 0x0, 0x8, 0x0, 0x51}, 0xffffffffffffffff, 0xe, r0, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

18:06:52 executing program 2:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x20000000, 0x0, 0x0, 0x0)

[  333.210618][T28004] R13: 00007ffcbc4c66ef R14: 00007f133f5ec300 R15: 0000000000022000
[  333.218520][T28004]  </TASK>
18:06:52 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x3, 0x4, &(0x7f0000002340)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x23}]}, &(0x7f0000002240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)

18:06:52 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0xff01)
close(r2)

18:06:52 executing program 1:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 59)

18:06:52 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0) (async)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0) (async)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00') (async)
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2) (async)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x40082406, &(0x7f0000000000)='blkio.bfq.io_merged\x00')

18:06:52 executing program 0:
r0 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.controllers\x00', 0x26e1, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000003580)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64ffc6925621b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea244929260583eecdbf5bcd3de3a83209da17a0faf60fd6ad9a5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe90223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863142811a89d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428c4770275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa39822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad185782c4216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778c9e5122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b60000000000000000d6d5210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6fd9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea599b079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b70ebc660309e1e245b0fdf9743af932cd6db49a47613808bad959719c0000000000378a921c7f7f6933c2e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fc8a488ac9b2645ec879f09ee9c2cac01b8babb757b5c59217b80d0dbb14a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302b8e8715405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d30488ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174cd31f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd998c055c701ee7324d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426a088a0208040982a0000000000000000000000000051ceaaf0159fe6422eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6d7ec2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad49d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04abb9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae280d14f578bfec4a2d7a7edbc8ef9527ce75d63345e31994480095a29afb52dbbd5ba013c091e3a499df474dc32f96e64494bf061aac06b5897b4a03442e9c1ea127d4969d09d93ba75483d1419dfdae525044d36993798a49afc0ab7273b8497b36091853fbb172a50de8eafd1fc94306a86d386ed4eee8a89c0841e3ed6a949eddc0d11adb9c17e3e9cdd64c8e73daf10b5f964a37743487faa0518e18595b51c5374f133155b11b858e244a927e759701d4f7fc00"/3343], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r2}, 0x10)
r3 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x8)
r4 = bpf$OBJ_GET_MAP(0x7, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x5, &(0x7f00000002c0)=@framed={{}, [@generic, @alu={0x0, 0x0, 0x0, 0x8}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000340)={0x5}, 0x8, 0x10, &(0x7f0000000380)={0x0, 0x0, 0x3ff, 0x400}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000440)=[r3, 0xffffffffffffffff, r4, 0xffffffffffffffff]}, 0x80)
r5 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x26e1, 0x0)
openat$cgroup_procs(r5, &(0x7f0000000840)='cgroup.procs\x00', 0x2, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
write$cgroup_type(r1, &(0x7f0000000080), 0x11ffffce1)

18:06:52 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x80001, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200, 0x1, @perf_bp={&(0x7f0000000100)}, 0x80000, 0xbcf7, 0x3, 0x2, 0x1b8, 0x5, 0x0, 0x0, 0x8, 0x0, 0x51}, 0xffffffffffffffff, 0xe, r0, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

18:06:52 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x80001, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200, 0x1, @perf_bp={&(0x7f0000000100)}, 0x80000, 0xbcf7, 0x3, 0x2, 0x1b8, 0x5, 0x0, 0x0, 0x8, 0x0, 0x51}, 0xffffffffffffffff, 0xe, r0, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

[  333.343063][T28037] FAULT_INJECTION: forcing a failure.
[  333.343063][T28037] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  333.370900][T28037] CPU: 0 PID: 28037 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0
[  333.380990][T28037] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[  333.390874][T28037] Call Trace:
[  333.393996][T28037]  <TASK>
[  333.396771][T28037]  dump_stack_lvl+0x151/0x1b7
[  333.401284][T28037]  ? bfq_pos_tree_add_move+0x43e/0x43e
[  333.406674][T28037]  ? stack_trace_save+0x1f0/0x1f0
[  333.411528][T28037]  ? __kernel_text_address+0x9a/0x110
[  333.416737][T28037]  dump_stack+0x15/0x17
[  333.420724][T28037]  should_fail+0x3c0/0x510
[  333.424980][T28037]  should_fail_alloc_page+0x58/0x70
[  333.430012][T28037]  __alloc_pages+0x1de/0x7c0
[  333.434439][T28037]  ? stack_trace_save+0x12d/0x1f0
[  333.439303][T28037]  ? stack_trace_snprint+0x100/0x100
[  333.444421][T28037]  ? __count_vm_events+0x30/0x30
[  333.449198][T28037]  ? __kasan_slab_alloc+0xc4/0xe0
[  333.454057][T28037]  ? __kasan_slab_alloc+0xb2/0xe0
[  333.458922][T28037]  ? kmem_cache_alloc+0x189/0x2f0
[  333.464124][T28037]  ? anon_vma_fork+0x1b9/0x4f0
[  333.468723][T28037]  get_zeroed_page+0x19/0x40
[  333.473148][T28037]  __pud_alloc+0x8b/0x260
[  333.477319][T28037]  ? do_handle_mm_fault+0x2370/0x2370
[  333.482527][T28037]  copy_page_range+0xd9e/0x1090
[  333.487214][T28037]  ? pfn_valid+0x1e0/0x1e0
[  333.491468][T28037]  dup_mmap+0x99f/0xea0
[  333.495458][T28037]  ? __delayed_free_task+0x20/0x20
[  333.500403][T28037]  ? mm_init+0x807/0x960
[  333.504480][T28037]  dup_mm+0x91/0x330
[  333.508210][T28037]  copy_mm+0x108/0x1b0
[  333.512121][T28037]  copy_process+0x1295/0x3250
[  333.516630][T28037]  ? proc_fail_nth_write+0x213/0x290
[  333.521752][T28037]  ? proc_fail_nth_read+0x220/0x220
[  333.526789][T28037]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  333.531732][T28037]  ? vfs_write+0x9af/0x1050
[  333.536081][T28037]  ? vmacache_update+0xb7/0x120
[  333.540761][T28037]  kernel_clone+0x22d/0x990
[  333.545098][T28037]  ? file_end_write+0x1b0/0x1b0
[  333.549785][T28037]  ? __kasan_check_write+0x14/0x20
[  333.554736][T28037]  ? create_io_thread+0x1e0/0x1e0
[  333.559594][T28037]  ? __mutex_lock_slowpath+0x10/0x10
[  333.564804][T28037]  __x64_sys_clone+0x289/0x310
[  333.569404][T28037]  ? __do_sys_vfork+0x130/0x130
[  333.574093][T28037]  ? debug_smp_processor_id+0x17/0x20
[  333.579298][T28037]  do_syscall_64+0x44/0xd0
[  333.583550][T28037]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  333.589276][T28037] RIP: 0033:0x7f13408790c9
[  333.593531][T28037] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  333.612981][T28037] RSP: 002b:00007f133f5ec118 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  333.621220][T28037] RAX: ffffffffffffffda RBX: 00007f1340998f80 RCX: 00007f13408790c9
[  333.629027][T28037] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
18:06:53 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0xff7f)
close(r2)

18:06:53 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x40082406, &(0x7f0000000000)='blkio.bfq.io_merged\x00')
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0) (async)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0) (async)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0) (async)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0) (async)
perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (async)
close(r2) (async)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00') (async)
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2) (async)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x40082406, &(0x7f0000000000)='blkio.bfq.io_merged\x00') (async)

18:06:53 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x80001, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x1, @perf_bp={&(0x7f0000000100)}, 0x80000, 0xbcf7, 0x3, 0x2, 0x1b8, 0x5, 0x0, 0x0, 0x8, 0x0, 0x51}, 0xffffffffffffffff, 0xe, r0, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

[  333.636837][T28037] RBP: 00007f133f5ec1d0 R08: 0000000000000000 R09: 0000000000000000
[  333.644751][T28037] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  333.652580][T28037] R13: 00007ffcbc4c66ef R14: 00007f133f5ec300 R15: 0000000000022000
[  333.660384][T28037]  </TASK>
18:06:53 executing program 2:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0xf5ffffff, 0x0, 0x0, 0x0)

18:06:53 executing program 1:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 60)

18:06:53 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x80001, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x1, @perf_bp={&(0x7f0000000100)}, 0x80000, 0xbcf7, 0x3, 0x2, 0x1b8, 0x5, 0x0, 0x0, 0x8, 0x0, 0x51}, 0xffffffffffffffff, 0xe, r0, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

18:06:53 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x10200)
close(r2)

[  333.770092][T28055] FAULT_INJECTION: forcing a failure.
[  333.770092][T28055] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  333.787774][T28055] CPU: 1 PID: 28055 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0
[  333.797848][T28055] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[  333.807738][T28055] Call Trace:
[  333.810860][T28055]  <TASK>
[  333.813638][T28055]  dump_stack_lvl+0x151/0x1b7
[  333.818152][T28055]  ? bfq_pos_tree_add_move+0x43e/0x43e
[  333.823446][T28055]  ? __kasan_check_write+0x14/0x20
[  333.828480][T28055]  ? __set_page_owner+0x2ee/0x310
[  333.833340][T28055]  dump_stack+0x15/0x17
[  333.837333][T28055]  should_fail+0x3c0/0x510
[  333.841686][T28055]  should_fail_alloc_page+0x58/0x70
[  333.846709][T28055]  __alloc_pages+0x1de/0x7c0
[  333.851139][T28055]  ? __count_vm_events+0x30/0x30
[  333.855909][T28055]  ? __count_vm_events+0x30/0x30
[  333.860681][T28055]  ? __kasan_check_write+0x14/0x20
[  333.865629][T28055]  ? _raw_spin_lock+0xa3/0x1b0
[  333.870226][T28055]  __pmd_alloc+0xb1/0x550
[  333.874400][T28055]  ? kmem_cache_alloc+0x189/0x2f0
[  333.879252][T28055]  ? anon_vma_fork+0x1b9/0x4f0
[  333.883940][T28055]  ? __pud_alloc+0x260/0x260
[  333.888366][T28055]  ? __pud_alloc+0x218/0x260
[  333.892795][T28055]  ? do_handle_mm_fault+0x2370/0x2370
[  333.898002][T28055]  copy_page_range+0xd04/0x1090
[  333.902688][T28055]  ? pfn_valid+0x1e0/0x1e0
[  333.906942][T28055]  dup_mmap+0x99f/0xea0
[  333.910936][T28055]  ? __delayed_free_task+0x20/0x20
[  333.915883][T28055]  ? mm_init+0x807/0x960
[  333.919959][T28055]  dup_mm+0x91/0x330
[  333.923690][T28055]  copy_mm+0x108/0x1b0
[  333.927596][T28055]  copy_process+0x1295/0x3250
[  333.932109][T28055]  ? proc_fail_nth_write+0x213/0x290
[  333.937234][T28055]  ? proc_fail_nth_read+0x220/0x220
[  333.942264][T28055]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  333.947213][T28055]  ? vfs_write+0x9af/0x1050
[  333.951550][T28055]  ? vmacache_update+0xb7/0x120
[  333.956248][T28055]  kernel_clone+0x22d/0x990
[  333.960576][T28055]  ? file_end_write+0x1b0/0x1b0
[  333.965263][T28055]  ? __kasan_check_write+0x14/0x20
[  333.970209][T28055]  ? create_io_thread+0x1e0/0x1e0
[  333.975070][T28055]  ? __mutex_lock_slowpath+0x10/0x10
[  333.980200][T28055]  __x64_sys_clone+0x289/0x310
[  333.984792][T28055]  ? __do_sys_vfork+0x130/0x130
[  333.989501][T28055]  ? debug_smp_processor_id+0x17/0x20
[  333.994686][T28055]  do_syscall_64+0x44/0xd0
[  333.998942][T28055]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  334.004668][T28055] RIP: 0033:0x7f13408790c9
[  334.008921][T28055] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  334.028361][T28055] RSP: 002b:00007f133f5ec118 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  334.036693][T28055] RAX: ffffffffffffffda RBX: 00007f1340998f80 RCX: 00007f13408790c9
[  334.044509][T28055] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  334.052315][T28055] RBP: 00007f133f5ec1d0 R08: 0000000000000000 R09: 0000000000000000
[  334.060125][T28055] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
18:06:53 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x80001, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x1, @perf_bp={&(0x7f0000000100)}, 0x80000, 0xbcf7, 0x3, 0x2, 0x1b8, 0x5, 0x0, 0x0, 0x8, 0x0, 0x51}, 0xffffffffffffffff, 0xe, r0, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

18:06:53 executing program 3:
ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x40806685, 0x0)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000b00)={0x3, 0x80, 0x0, 0x0, 0x8, 0x0, 0x0, 0x401, 0x40, 0xa, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000a00), 0xd}, 0x100800, 0x0, 0x6, 0x9}, r0, 0x100000000000000a, 0xffffffffffffffff, 0x0)
r1 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
ioctl$TUNSETSTEERINGEBPF(r1, 0x800454e0, &(0x7f0000000080))
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000001500)=@bpf_lsm={0x1d, 0x6, &(0x7f00000003c0)=@raw=[@initr0={0x18, 0x0, 0x0, 0x0, 0x838, 0x0, 0x0, 0x0, 0x5}, @ldst={0x0, 0x1, 0x2, 0x2, 0xa, 0x30, 0xffffffffffffffff}, @exit, @map_idx={0x18, 0x4, 0x5, 0x0, 0x4}], &(0x7f0000000400)='GPL\x00', 0x7, 0x8a, &(0x7f0000000440)=""/138, 0x40f00, 0x0, '\x00', 0x0, 0x1b, r1, 0x8, &(0x7f0000000500)={0x7, 0x5}, 0x8, 0x10, 0x0}, 0x80)
perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x5f, 0xeb, 0x0, 0x20, 0x20005, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x2, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x4a4, 0x2, @perf_config_ext={0x9}, 0x400, 0x1, 0x9, 0x4, 0x0, 0x0, 0x1e, 0x0, 0xfffffffd, 0x0, 0x100}, r0, 0x6, r1, 0x9)
close(0xffffffffffffffff)

[  334.067936][T28055] R13: 00007ffcbc4c66ef R14: 00007f133f5ec300 R15: 0000000000022000
[  334.075755][T28055]  </TASK>
18:06:53 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x80001, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000100)}, 0x80000, 0xbcf7, 0x3, 0x2, 0x1b8, 0x5, 0x0, 0x0, 0x8, 0x0, 0x51}, 0xffffffffffffffff, 0xe, r0, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

18:06:53 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000940)={0x11, 0x1, &(0x7f00000006c0)=@raw=[@func], &(0x7f0000000740)='GPL\x00', 0x5, 0xf4, &(0x7f0000000780)=""/244, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)

18:06:53 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x10202)
close(r2)

18:06:53 executing program 3:
ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x40806685, 0x0)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000b00)={0x3, 0x80, 0x0, 0x0, 0x8, 0x0, 0x0, 0x401, 0x40, 0xa, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000a00), 0xd}, 0x100800, 0x0, 0x6, 0x9}, r0, 0x100000000000000a, 0xffffffffffffffff, 0x0)
r1 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
ioctl$TUNSETSTEERINGEBPF(r1, 0x800454e0, &(0x7f0000000080))
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000001500)=@bpf_lsm={0x1d, 0x6, &(0x7f00000003c0)=@raw=[@initr0={0x18, 0x0, 0x0, 0x0, 0x838, 0x0, 0x0, 0x0, 0x5}, @ldst={0x0, 0x1, 0x2, 0x2, 0xa, 0x30, 0xffffffffffffffff}, @exit, @map_idx={0x18, 0x4, 0x5, 0x0, 0x4}], &(0x7f0000000400)='GPL\x00', 0x7, 0x8a, &(0x7f0000000440)=""/138, 0x40f00, 0x0, '\x00', 0x0, 0x1b, r1, 0x8, &(0x7f0000000500)={0x7, 0x5}, 0x8, 0x10, 0x0}, 0x80)
perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x5f, 0xeb, 0x0, 0x20, 0x20005, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x2, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x4a4, 0x2, @perf_config_ext={0x9}, 0x400, 0x1, 0x9, 0x4, 0x0, 0x0, 0x1e, 0x0, 0xfffffffd, 0x0, 0x100}, r0, 0x6, r1, 0x9)
close(0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x40806685, 0x0) (async)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
perf_event_open(&(0x7f0000000b00)={0x3, 0x80, 0x0, 0x0, 0x8, 0x0, 0x0, 0x401, 0x40, 0xa, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000a00), 0xd}, 0x100800, 0x0, 0x6, 0x9}, r0, 0x100000000000000a, 0xffffffffffffffff, 0x0) (async)
bpf$ITER_CREATE(0x21, 0x0, 0x0) (async)
ioctl$TUNSETSTEERINGEBPF(r1, 0x800454e0, &(0x7f0000000080)) (async)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000001500)=@bpf_lsm={0x1d, 0x6, &(0x7f00000003c0)=@raw=[@initr0={0x18, 0x0, 0x0, 0x0, 0x838, 0x0, 0x0, 0x0, 0x5}, @ldst={0x0, 0x1, 0x2, 0x2, 0xa, 0x30, 0xffffffffffffffff}, @exit, @map_idx={0x18, 0x4, 0x5, 0x0, 0x4}], &(0x7f0000000400)='GPL\x00', 0x7, 0x8a, &(0x7f0000000440)=""/138, 0x40f00, 0x0, '\x00', 0x0, 0x1b, r1, 0x8, &(0x7f0000000500)={0x7, 0x5}, 0x8, 0x10, 0x0}, 0x80) (async)
perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x5f, 0xeb, 0x0, 0x20, 0x20005, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x2, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x4a4, 0x2, @perf_config_ext={0x9}, 0x400, 0x1, 0x9, 0x4, 0x0, 0x0, 0x1e, 0x0, 0xfffffffd, 0x0, 0x100}, r0, 0x6, r1, 0x9) (async)
close(0xffffffffffffffff) (async)

18:06:53 executing program 2:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0xfbffffff, 0x0, 0x0, 0x0)

18:06:53 executing program 1:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 61)

[  334.210686][T28081] FAULT_INJECTION: forcing a failure.
[  334.210686][T28081] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  334.225399][T28081] CPU: 0 PID: 28081 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0
[  334.235468][T28081] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[  334.245364][T28081] Call Trace:
[  334.248486][T28081]  <TASK>
[  334.251261][T28081]  dump_stack_lvl+0x151/0x1b7
[  334.255775][T28081]  ? bfq_pos_tree_add_move+0x43e/0x43e
[  334.261072][T28081]  dump_stack+0x15/0x17
[  334.265061][T28081]  should_fail+0x3c0/0x510
[  334.269317][T28081]  should_fail_alloc_page+0x58/0x70
[  334.274348][T28081]  __alloc_pages+0x1de/0x7c0
[  334.278776][T28081]  ? __count_vm_events+0x30/0x30
[  334.283548][T28081]  ? dup_mm+0x91/0x330
[  334.287452][T28081]  ? copy_mm+0x108/0x1b0
[  334.291546][T28081]  ? copy_process+0x1295/0x3250
[  334.296221][T28081]  ? kernel_clone+0x22d/0x990
[  334.300731][T28081]  ? __x64_sys_clone+0x289/0x310
[  334.305516][T28081]  pte_alloc_one+0x73/0x1b0
[  334.309846][T28081]  ? pfn_modify_allowed+0x2e0/0x2e0
[  334.314882][T28081]  ? __kasan_check_write+0x14/0x20
[  334.319827][T28081]  ? __set_page_owner+0x2ee/0x310
[  334.324692][T28081]  __pte_alloc+0x86/0x350
[  334.328854][T28081]  ? post_alloc_hook+0x1ab/0x1b0
[  334.333630][T28081]  ? free_pgtables+0x210/0x210
[  334.338231][T28081]  ? get_page_from_freelist+0x38b/0x400
[  334.343614][T28081]  copy_pte_range+0x1b1f/0x20b0
[  334.348300][T28081]  ? __kunmap_atomic+0x80/0x80
[  334.352898][T28081]  ? __pud_alloc+0x260/0x260
[  334.357320][T28081]  ? __pud_alloc+0x218/0x260
[  334.361834][T28081]  ? do_handle_mm_fault+0x2370/0x2370
[  334.367045][T28081]  copy_page_range+0xc1e/0x1090
[  334.371735][T28081]  ? pfn_valid+0x1e0/0x1e0
[  334.375983][T28081]  dup_mmap+0x99f/0xea0
[  334.379987][T28081]  ? __delayed_free_task+0x20/0x20
[  334.384920][T28081]  ? mm_init+0x807/0x960
[  334.389003][T28081]  dup_mm+0x91/0x330
[  334.392731][T28081]  copy_mm+0x108/0x1b0
[  334.396640][T28081]  copy_process+0x1295/0x3250
[  334.401155][T28081]  ? proc_fail_nth_write+0x213/0x290
[  334.406273][T28081]  ? proc_fail_nth_read+0x220/0x220
[  334.411311][T28081]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  334.416253][T28081]  ? vfs_write+0x9af/0x1050
[  334.420662][T28081]  ? vmacache_update+0xb7/0x120
[  334.425280][T28081]  kernel_clone+0x22d/0x990
[  334.429621][T28081]  ? file_end_write+0x1b0/0x1b0
[  334.434305][T28081]  ? __kasan_check_write+0x14/0x20
[  334.439347][T28081]  ? create_io_thread+0x1e0/0x1e0
[  334.444199][T28081]  ? __mutex_lock_slowpath+0x10/0x10
[  334.449332][T28081]  __x64_sys_clone+0x289/0x310
[  334.453922][T28081]  ? __do_sys_vfork+0x130/0x130
[  334.458611][T28081]  ? debug_smp_processor_id+0x17/0x20
[  334.463818][T28081]  do_syscall_64+0x44/0xd0
[  334.468069][T28081]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  334.473814][T28081] RIP: 0033:0x7f13408790c9
[  334.478056][T28081] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  334.497490][T28081] RSP: 002b:00007f133f5ec118 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
18:06:54 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x7, 0x4, &(0x7f0000002340)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x16}]}, &(0x7f0000002240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)

18:06:54 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x10400)
close(r2)

18:06:54 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x7, 0x4, &(0x7f0000002340)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x16}]}, &(0x7f0000002240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)

18:06:54 executing program 2:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0xfcffffff, 0x0, 0x0, 0x0)

18:06:54 executing program 3:
ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x40806685, 0x0)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000b00)={0x3, 0x80, 0x0, 0x0, 0x8, 0x0, 0x0, 0x401, 0x40, 0xa, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000a00), 0xd}, 0x100800, 0x0, 0x6, 0x9}, r0, 0x100000000000000a, 0xffffffffffffffff, 0x0) (async, rerun: 64)
r1 = bpf$ITER_CREATE(0x21, 0x0, 0x0) (rerun: 64)
ioctl$TUNSETSTEERINGEBPF(r1, 0x800454e0, &(0x7f0000000080))
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000001500)=@bpf_lsm={0x1d, 0x6, &(0x7f00000003c0)=@raw=[@initr0={0x18, 0x0, 0x0, 0x0, 0x838, 0x0, 0x0, 0x0, 0x5}, @ldst={0x0, 0x1, 0x2, 0x2, 0xa, 0x30, 0xffffffffffffffff}, @exit, @map_idx={0x18, 0x4, 0x5, 0x0, 0x4}], &(0x7f0000000400)='GPL\x00', 0x7, 0x8a, &(0x7f0000000440)=""/138, 0x40f00, 0x0, '\x00', 0x0, 0x1b, r1, 0x8, &(0x7f0000000500)={0x7, 0x5}, 0x8, 0x10, 0x0}, 0x80) (async)
perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x5f, 0xeb, 0x0, 0x20, 0x20005, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x2, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x4a4, 0x2, @perf_config_ext={0x9}, 0x400, 0x1, 0x9, 0x4, 0x0, 0x0, 0x1e, 0x0, 0xfffffffd, 0x0, 0x100}, r0, 0x6, r1, 0x9) (async)
close(0xffffffffffffffff)

18:06:54 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x80001, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000100)}, 0x80000, 0xbcf7, 0x3, 0x2, 0x1b8, 0x5, 0x0, 0x0, 0x8, 0x0, 0x51}, 0xffffffffffffffff, 0xe, r0, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

18:06:54 executing program 1:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 62)

[  334.505735][T28081] RAX: ffffffffffffffda RBX: 00007f1340998f80 RCX: 00007f13408790c9
[  334.513547][T28081] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  334.521356][T28081] RBP: 00007f133f5ec1d0 R08: 0000000000000000 R09: 0000000000000000
[  334.529169][T28081] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  334.537002][T28081] R13: 00007ffcbc4c66ef R14: 00007f133f5ec300 R15: 0000000000022000
[  334.544798][T28081]  </TASK>
18:06:54 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x10747)
close(r2)

18:06:54 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
r1 = openat$cgroup(r0, &(0x7f0000000080)='syz1\x00', 0x200002, 0x0)
r2 = perf_event_open$cgroup(&(0x7f0000000100)={0x1, 0x80, 0x3f, 0x9, 0x3f, 0xff, 0x0, 0xfff, 0x2, 0x6, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000000), 0x2}, 0x4, 0x8000, 0x81, 0x6, 0x5, 0x9, 0x5, 0x0, 0xcf, 0x0, 0x8}, r1, 0xf, 0xffffffffffffffff, 0x8)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, &(0x7f0000000180)=0x4)
openat$cgroup_ro(r1, &(0x7f0000000040)='pids.events\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0)

18:06:54 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x7, 0x4, &(0x7f0000002340)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x16}]}, &(0x7f0000002240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)

18:06:54 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
r1 = openat$cgroup(r0, &(0x7f0000000080)='syz1\x00', 0x200002, 0x0)
r2 = perf_event_open$cgroup(&(0x7f0000000100)={0x1, 0x80, 0x3f, 0x9, 0x3f, 0xff, 0x0, 0xfff, 0x2, 0x6, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000000), 0x2}, 0x4, 0x8000, 0x81, 0x6, 0x5, 0x9, 0x5, 0x0, 0xcf, 0x0, 0x8}, r1, 0xf, 0xffffffffffffffff, 0x8)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, &(0x7f0000000180)=0x4)
openat$cgroup_ro(r1, &(0x7f0000000040)='pids.events\x00', 0x0, 0x0) (async, rerun: 32)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0) (rerun: 32)

18:06:54 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x7, 0x4, &(0x7f0000002340)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x16}]}, &(0x7f0000002240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)

18:06:54 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)

[  334.644342][T28121] FAULT_INJECTION: forcing a failure.
[  334.644342][T28121] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  334.678101][T28121] CPU: 0 PID: 28121 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0
[  334.688177][T28121] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[  334.698074][T28121] Call Trace:
[  334.701196][T28121]  <TASK>
[  334.703974][T28121]  dump_stack_lvl+0x151/0x1b7
[  334.708496][T28121]  ? bfq_pos_tree_add_move+0x43e/0x43e
[  334.713783][T28121]  dump_stack+0x15/0x17
[  334.717772][T28121]  should_fail+0x3c0/0x510
[  334.722028][T28121]  should_fail_alloc_page+0x58/0x70
[  334.727060][T28121]  __alloc_pages+0x1de/0x7c0
[  334.731484][T28121]  ? __count_vm_events+0x30/0x30
[  334.736257][T28121]  ? dup_mm+0x91/0x330
[  334.740161][T28121]  ? copy_mm+0x108/0x1b0
[  334.744413][T28121]  ? copy_process+0x1295/0x3250
[  334.749099][T28121]  ? kernel_clone+0x22d/0x990
[  334.753614][T28121]  ? __x64_sys_clone+0x289/0x310
[  334.758390][T28121]  pte_alloc_one+0x73/0x1b0
[  334.762726][T28121]  ? pfn_modify_allowed+0x2e0/0x2e0
[  334.767759][T28121]  ? __kasan_check_write+0x14/0x20
[  334.772706][T28121]  ? __set_page_owner+0x2ee/0x310
[  334.777567][T28121]  __pte_alloc+0x86/0x350
[  334.781734][T28121]  ? post_alloc_hook+0x1ab/0x1b0
[  334.786507][T28121]  ? free_pgtables+0x210/0x210
[  334.791107][T28121]  ? get_page_from_freelist+0x38b/0x400
[  334.796491][T28121]  copy_pte_range+0x1b1f/0x20b0
[  334.801179][T28121]  ? __kunmap_atomic+0x80/0x80
[  334.805774][T28121]  ? __pud_alloc+0x260/0x260
[  334.810199][T28121]  ? __pud_alloc+0x218/0x260
[  334.814627][T28121]  ? do_handle_mm_fault+0x2370/0x2370
[  334.819839][T28121]  copy_page_range+0xc1e/0x1090
[  334.824538][T28121]  ? pfn_valid+0x1e0/0x1e0
[  334.828776][T28121]  dup_mmap+0x99f/0xea0
[  334.832771][T28121]  ? __delayed_free_task+0x20/0x20
[  334.837713][T28121]  ? mm_init+0x807/0x960
[  334.841794][T28121]  dup_mm+0x91/0x330
[  334.845527][T28121]  copy_mm+0x108/0x1b0
[  334.849431][T28121]  copy_process+0x1295/0x3250
[  334.853945][T28121]  ? proc_fail_nth_write+0x213/0x290
[  334.859065][T28121]  ? proc_fail_nth_read+0x220/0x220
[  334.864102][T28121]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  334.869044][T28121]  ? vfs_write+0x9af/0x1050
[  334.873413][T28121]  ? vmacache_update+0xb7/0x120
[  334.878074][T28121]  kernel_clone+0x22d/0x990
[  334.882410][T28121]  ? file_end_write+0x1b0/0x1b0
[  334.887099][T28121]  ? __kasan_check_write+0x14/0x20
[  334.892045][T28121]  ? create_io_thread+0x1e0/0x1e0
[  334.896911][T28121]  ? __mutex_lock_slowpath+0x10/0x10
[  334.902028][T28121]  __x64_sys_clone+0x289/0x310
[  334.906628][T28121]  ? __do_sys_vfork+0x130/0x130
[  334.911315][T28121]  ? debug_smp_processor_id+0x17/0x20
[  334.916609][T28121]  do_syscall_64+0x44/0xd0
[  334.920861][T28121]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  334.926675][T28121] RIP: 0033:0x7f13408790c9
[  334.930932][T28121] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  334.950475][T28121] RSP: 002b:00007f133f5ec118 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  334.958703][T28121] RAX: ffffffffffffffda RBX: 00007f1340998f80 RCX: 00007f13408790c9
[  334.966511][T28121] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  334.974326][T28121] RBP: 00007f133f5ec1d0 R08: 0000000000000000 R09: 0000000000000000
[  334.982141][T28121] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
18:06:54 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)

18:06:54 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x107c8)
close(r2)

[  334.989945][T28121] R13: 00007ffcbc4c66ef R14: 00007f133f5ec300 R15: 0000000000022000
[  334.997759][T28121]  </TASK>
18:06:54 executing program 2:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0xfffffff5, 0x0, 0x0, 0x0)

18:06:54 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)

18:06:54 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x80001, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000100)}, 0x80000, 0xbcf7, 0x3, 0x2, 0x1b8, 0x5, 0x0, 0x0, 0x8, 0x0, 0x51}, 0xffffffffffffffff, 0xe, r0, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

18:06:54 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
r1 = openat$cgroup(r0, &(0x7f0000000080)='syz1\x00', 0x200002, 0x0)
r2 = perf_event_open$cgroup(&(0x7f0000000100)={0x1, 0x80, 0x3f, 0x9, 0x3f, 0xff, 0x0, 0xfff, 0x2, 0x6, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000000), 0x2}, 0x4, 0x8000, 0x81, 0x6, 0x5, 0x9, 0x5, 0x0, 0xcf, 0x0, 0x8}, r1, 0xf, 0xffffffffffffffff, 0x8)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, &(0x7f0000000180)=0x4)
openat$cgroup_ro(r1, &(0x7f0000000040)='pids.events\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0)

18:06:54 executing program 1:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 63)

18:06:54 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x0, 0x4, &(0x7f0000002340)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x16}]}, &(0x7f0000002240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)

18:06:54 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x10800)
close(r2)

18:06:54 executing program 2:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0xfffffffb, 0x0, 0x0, 0x0)

18:06:54 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
openat$cgroup_ro(r1, 0x0, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000880)={r1, 0xe0, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000580)=[0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, &(0x7f00000005c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000640)=[0x0], 0x0, 0x8, &(0x7f0000000680)=[{}, {}, {}, {}, {}, {}, {}], 0x38, 0x10, &(0x7f00000006c0), &(0x7f0000000700), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000740)}}, 0x10)
openat$cgroup_ro(r1, &(0x7f0000000000)='blkio.throttle.io_serviced\x00', 0x0, 0x0)
openat$cgroup_ro(r0, &(0x7f0000000140)='devices.list\x00', 0x0, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/syz0\x00', 0x200002, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000100)={r2, 0x3, 0x1, 0x8, &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x20)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0)

18:06:54 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x0, 0x4, &(0x7f0000002340)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x16}]}, &(0x7f0000002240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)

18:06:54 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0) (async)
r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
openat$cgroup_ro(r1, 0x0, 0x0, 0x0) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000880)={r1, 0xe0, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000580)=[0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, &(0x7f00000005c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000640)=[0x0], 0x0, 0x8, &(0x7f0000000680)=[{}, {}, {}, {}, {}, {}, {}], 0x38, 0x10, &(0x7f00000006c0), &(0x7f0000000700), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000740)}}, 0x10)
openat$cgroup_ro(r1, &(0x7f0000000000)='blkio.throttle.io_serviced\x00', 0x0, 0x0)
openat$cgroup_ro(r0, &(0x7f0000000140)='devices.list\x00', 0x0, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/syz0\x00', 0x200002, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000100)={r2, 0x3, 0x1, 0x8, &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x20) (async)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0)

18:06:54 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x0, 0x4, &(0x7f0000002340)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x16}]}, &(0x7f0000002240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)

[  335.300932][T28150] FAULT_INJECTION: forcing a failure.
[  335.300932][T28150] name fail_page_alloc, interval 1, probability 0, space 0, times 0
18:06:54 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x20000)
close(r2)

18:06:54 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x80001, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200, 0x0, @perf_bp={&(0x7f0000000100)}, 0x80000, 0xbcf7, 0x3, 0x2, 0x1b8, 0x5, 0x0, 0x0, 0x8, 0x0, 0x51}, 0xffffffffffffffff, 0xe, r0, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

[  335.354345][T28150] CPU: 1 PID: 28150 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0
[  335.364426][T28150] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[  335.374320][T28150] Call Trace:
[  335.377440][T28150]  <TASK>
[  335.380226][T28150]  dump_stack_lvl+0x151/0x1b7
[  335.384825][T28150]  ? bfq_pos_tree_add_move+0x43e/0x43e
[  335.390113][T28150]  dump_stack+0x15/0x17
[  335.394101][T28150]  should_fail+0x3c0/0x510
[  335.398356][T28150]  should_fail_alloc_page+0x58/0x70
[  335.403410][T28150]  __alloc_pages+0x1de/0x7c0
[  335.407827][T28150]  ? stack_trace_save+0x1f0/0x1f0
[  335.412689][T28150]  ? __count_vm_events+0x30/0x30
[  335.417458][T28150]  ? stack_trace_save+0x12d/0x1f0
[  335.422315][T28150]  pte_alloc_one+0x73/0x1b0
[  335.426651][T28150]  ? pfn_modify_allowed+0x2e0/0x2e0
[  335.431688][T28150]  __pte_alloc+0x86/0x350
[  335.435854][T28150]  ? free_pgtables+0x210/0x210
[  335.440451][T28150]  ? _raw_spin_lock+0xa3/0x1b0
[  335.445052][T28150]  ? _raw_spin_trylock_bh+0x1d0/0x1d0
[  335.450257][T28150]  ? __kernel_text_address+0x9a/0x110
[  335.455475][T28150]  copy_pte_range+0x1b1f/0x20b0
[  335.460152][T28150]  ? __kunmap_atomic+0x80/0x80
[  335.464749][T28150]  ? __kasan_slab_alloc+0xc4/0xe0
[  335.469609][T28150]  ? __kasan_slab_alloc+0xb2/0xe0
[  335.474469][T28150]  ? kmem_cache_alloc+0x189/0x2f0
[  335.479337][T28150]  ? vm_area_dup+0x26/0x1d0
[  335.483667][T28150]  ? dup_mmap+0x6b8/0xea0
[  335.487835][T28150]  ? dup_mm+0x91/0x330
[  335.491741][T28150]  ? copy_mm+0x108/0x1b0
[  335.495818][T28150]  ? copy_process+0x1295/0x3250
[  335.500528][T28150]  ? kernel_clone+0x22d/0x990
[  335.505020][T28150]  ? __x64_sys_clone+0x289/0x310
[  335.509794][T28150]  ? do_syscall_64+0x44/0xd0
[  335.514227][T28150]  ? entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  335.520122][T28150]  copy_page_range+0xc1e/0x1090
[  335.524810][T28150]  ? pfn_valid+0x1e0/0x1e0
[  335.529061][T28150]  dup_mmap+0x99f/0xea0
[  335.533054][T28150]  ? __delayed_free_task+0x20/0x20
[  335.538000][T28150]  ? mm_init+0x807/0x960
[  335.542078][T28150]  dup_mm+0x91/0x330
[  335.545809][T28150]  copy_mm+0x108/0x1b0
[  335.549716][T28150]  copy_process+0x1295/0x3250
[  335.554232][T28150]  ? proc_fail_nth_write+0x213/0x290
[  335.559352][T28150]  ? proc_fail_nth_read+0x220/0x220
[  335.564389][T28150]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  335.569333][T28150]  ? vfs_write+0x9af/0x1050
[  335.573670][T28150]  ? vmacache_update+0xb7/0x120
[  335.578360][T28150]  kernel_clone+0x22d/0x990
[  335.582702][T28150]  ? file_end_write+0x1b0/0x1b0
[  335.587388][T28150]  ? __kasan_check_write+0x14/0x20
[  335.592332][T28150]  ? create_io_thread+0x1e0/0x1e0
[  335.597203][T28150]  ? __mutex_lock_slowpath+0x10/0x10
[  335.602330][T28150]  __x64_sys_clone+0x289/0x310
[  335.606912][T28150]  ? __do_sys_vfork+0x130/0x130
[  335.611598][T28150]  ? debug_smp_processor_id+0x17/0x20
[  335.616809][T28150]  do_syscall_64+0x44/0xd0
[  335.621075][T28150]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  335.626898][T28150] RIP: 0033:0x7f13408790c9
[  335.631160][T28150] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
18:06:55 executing program 1:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 64)

18:06:55 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
openat$cgroup_ro(r1, 0x0, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000880)={r1, 0xe0, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000580)=[0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, &(0x7f00000005c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000640)=[0x0], 0x0, 0x8, &(0x7f0000000680)=[{}, {}, {}, {}, {}, {}, {}], 0x38, 0x10, &(0x7f00000006c0), &(0x7f0000000700), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000740)}}, 0x10)
openat$cgroup_ro(r1, &(0x7f0000000000)='blkio.throttle.io_serviced\x00', 0x0, 0x0)
openat$cgroup_ro(r0, &(0x7f0000000140)='devices.list\x00', 0x0, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/syz0\x00', 0x200002, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000100)={r2, 0x3, 0x1, 0x8, &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x20)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0) (async)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) (async)
openat$cgroup_ro(r1, 0x0, 0x0, 0x0) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000880)={r1, 0xe0, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000580)=[0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, &(0x7f00000005c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000640)=[0x0], 0x0, 0x8, &(0x7f0000000680)=[{}, {}, {}, {}, {}, {}, {}], 0x38, 0x10, &(0x7f00000006c0), &(0x7f0000000700), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000740)}}, 0x10) (async)
openat$cgroup_ro(r1, &(0x7f0000000000)='blkio.throttle.io_serviced\x00', 0x0, 0x0) (async)
openat$cgroup_ro(r0, &(0x7f0000000140)='devices.list\x00', 0x0, 0x0) (async)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/syz0\x00', 0x200002, 0x0) (async)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000100)={r2, 0x3, 0x1, 0x8, &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x20) (async)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0) (async)

[  335.650597][T28150] RSP: 002b:00007f133f5ec118 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  335.658837][T28150] RAX: ffffffffffffffda RBX: 00007f1340998f80 RCX: 00007f13408790c9
[  335.666654][T28150] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  335.674457][T28150] RBP: 00007f133f5ec1d0 R08: 0000000000000000 R09: 0000000000000000
[  335.682274][T28150] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  335.690090][T28150] R13: 00007ffcbc4c66ef R14: 00007f133f5ec300 R15: 0000000000022000
[  335.697897][T28150]  </TASK>
18:06:55 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x80001, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200, 0x0, @perf_bp={&(0x7f0000000100)}, 0x80000, 0xbcf7, 0x3, 0x2, 0x1b8, 0x5, 0x0, 0x0, 0x8, 0x0, 0x51}, 0xffffffffffffffff, 0xe, r0, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

18:06:55 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x7, 0x0, 0x0, &(0x7f0000002240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)

18:06:55 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x20100)
close(r2)

[  335.767254][T28185] FAULT_INJECTION: forcing a failure.
[  335.767254][T28185] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  335.807596][T28185] CPU: 0 PID: 28185 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0
[  335.817686][T28185] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[  335.827575][T28185] Call Trace:
[  335.830697][T28185]  <TASK>
[  335.833480][T28185]  dump_stack_lvl+0x151/0x1b7
[  335.837985][T28185]  ? bfq_pos_tree_add_move+0x43e/0x43e
[  335.843285][T28185]  dump_stack+0x15/0x17
[  335.847274][T28185]  should_fail+0x3c0/0x510
[  335.851527][T28185]  should_fail_alloc_page+0x58/0x70
[  335.856563][T28185]  __alloc_pages+0x1de/0x7c0
[  335.860986][T28185]  ? __pud_alloc+0x218/0x260
[  335.865419][T28185]  ? do_handle_mm_fault+0x2370/0x2370
[  335.870618][T28185]  ? __count_vm_events+0x30/0x30
[  335.875393][T28185]  ? copy_page_range+0xecc/0x1090
[  335.880253][T28185]  allocate_slab+0x62/0x580
[  335.884591][T28185]  ___slab_alloc+0x2e2/0x6f0
[  335.889019][T28185]  ? vm_area_dup+0x26/0x1d0
[  335.893358][T28185]  ? vm_area_dup+0x26/0x1d0
[  335.897696][T28185]  __slab_alloc+0x4a/0x90
[  335.901865][T28185]  kmem_cache_alloc+0x205/0x2f0
[  335.906635][T28185]  ? vm_area_dup+0x26/0x1d0
[  335.910978][T28185]  vm_area_dup+0x26/0x1d0
[  335.915144][T28185]  dup_mmap+0x6b8/0xea0
[  335.919143][T28185]  ? __delayed_free_task+0x20/0x20
[  335.924085][T28185]  ? mm_init+0x807/0x960
[  335.928170][T28185]  dup_mm+0x91/0x330
[  335.931894][T28185]  copy_mm+0x108/0x1b0
[  335.935800][T28185]  copy_process+0x1295/0x3250
[  335.940320][T28185]  ? proc_fail_nth_write+0x213/0x290
[  335.945439][T28185]  ? proc_fail_nth_read+0x220/0x220
[  335.950474][T28185]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  335.955412][T28185]  ? vfs_write+0x9af/0x1050
[  335.959754][T28185]  ? vmacache_update+0xb7/0x120
[  335.964440][T28185]  kernel_clone+0x22d/0x990
[  335.968782][T28185]  ? file_end_write+0x1b0/0x1b0
[  335.973467][T28185]  ? __kasan_check_write+0x14/0x20
[  335.978415][T28185]  ? create_io_thread+0x1e0/0x1e0
[  335.983361][T28185]  ? __mutex_lock_slowpath+0x10/0x10
[  335.988497][T28185]  __x64_sys_clone+0x289/0x310
[  335.993081][T28185]  ? __do_sys_vfork+0x130/0x130
[  335.997775][T28185]  ? debug_smp_processor_id+0x17/0x20
[  336.002984][T28185]  do_syscall_64+0x44/0xd0
[  336.007231][T28185]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  336.012955][T28185] RIP: 0033:0x7f13408790c9
[  336.017210][T28185] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  336.036655][T28185] RSP: 002b:00007f133f5ec118 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  336.044898][T28185] RAX: ffffffffffffffda RBX: 00007f1340998f80 RCX: 00007f13408790c9
18:06:55 executing program 2:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0)

18:06:55 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x7, 0x0, 0x0, &(0x7f0000002240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)

18:06:55 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
openat$cgroup_ro(r0, &(0x7f0000000000)='cpuset.memory_pressure\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0)

18:06:55 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x80001, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200, 0x0, @perf_bp={&(0x7f0000000100)}, 0x80000, 0xbcf7, 0x3, 0x2, 0x1b8, 0x5, 0x0, 0x0, 0x8, 0x0, 0x51}, 0xffffffffffffffff, 0xe, r0, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

18:06:55 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x20456)
close(r2)

18:06:55 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
openat$cgroup_ro(r0, &(0x7f0000000000)='cpuset.memory_pressure\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0) (async)
openat$cgroup_ro(r0, &(0x7f0000000000)='cpuset.memory_pressure\x00', 0x0, 0x0) (async)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0) (async)

18:06:55 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x7, 0x0, 0x0, &(0x7f0000002240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)

18:06:55 executing program 1:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 65)

18:06:55 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x80001, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200, 0x1, @perf_bp={0x0}, 0x80000, 0xbcf7, 0x3, 0x2, 0x1b8, 0x5, 0x0, 0x0, 0x8, 0x0, 0x51}, 0xffffffffffffffff, 0xe, r0, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

[  336.052712][T28185] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  336.060530][T28185] RBP: 00007f133f5ec1d0 R08: 0000000000000000 R09: 0000000000000000
[  336.068332][T28185] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  336.076142][T28185] R13: 00007ffcbc4c66ef R14: 00007f133f5ec300 R15: 0000000000022000
[  336.083955][T28185]  </TASK>
18:06:55 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
openat$cgroup_ro(r0, &(0x7f0000000000)='cpuset.memory_pressure\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0)

18:06:55 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x7, 0x3, &(0x7f0000002340)=@framed, &(0x7f0000002240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)

18:06:55 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x20457)
close(r2)

[  336.184154][T28213] FAULT_INJECTION: forcing a failure.
[  336.184154][T28213] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  336.218356][T28213] CPU: 1 PID: 28213 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0
[  336.228444][T28213] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[  336.238330][T28213] Call Trace:
[  336.241452][T28213]  <TASK>
[  336.244230][T28213]  dump_stack_lvl+0x151/0x1b7
[  336.248746][T28213]  ? bfq_pos_tree_add_move+0x43e/0x43e
[  336.254037][T28213]  dump_stack+0x15/0x17
[  336.258031][T28213]  should_fail+0x3c0/0x510
[  336.262284][T28213]  should_fail_alloc_page+0x58/0x70
[  336.267319][T28213]  __alloc_pages+0x1de/0x7c0
[  336.271744][T28213]  ? __count_vm_events+0x30/0x30
[  336.276515][T28213]  ? __this_cpu_preempt_check+0x13/0x20
18:06:55 executing program 2:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x1b0fa1f000, 0x0, 0x0, 0x0)

18:06:55 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x80001, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200, 0x1, @perf_bp={0x0}, 0x80000, 0xbcf7, 0x3, 0x2, 0x1b8, 0x5, 0x0, 0x0, 0x8, 0x0, 0x51}, 0xffffffffffffffff, 0xe, r0, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

18:06:55 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.dequeue\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0)
perf_event_open(&(0x7f0000000040)={0x3, 0x80, 0x22, 0x80, 0x0, 0x5, 0x0, 0x0, 0xc, 0x7, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1, @perf_bp={&(0x7f0000000000), 0x3}, 0x802, 0xc9e, 0x400, 0x3, 0x1, 0xb6b, 0x7fff, 0x0, 0x5, 0x0, 0x101}, 0xffffffffffffffff, 0x4, r0, 0x1)

18:06:55 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x7, 0x3, &(0x7f0000002340)=@framed, &(0x7f0000002240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)

[  336.281897][T28213]  ? __mod_node_page_state+0xac/0xf0
[  336.287021][T28213]  pte_alloc_one+0x73/0x1b0
[  336.291359][T28213]  ? pfn_modify_allowed+0x2e0/0x2e0
[  336.296391][T28213]  __pte_alloc+0x86/0x350
[  336.300557][T28213]  ? free_pgtables+0x210/0x210
[  336.305158][T28213]  ? _raw_spin_lock+0xa3/0x1b0
[  336.309759][T28213]  ? _raw_spin_trylock_bh+0x1d0/0x1d0
[  336.314964][T28213]  ? __kernel_text_address+0x9a/0x110
[  336.320182][T28213]  copy_pte_range+0x1b1f/0x20b0
[  336.324868][T28213]  ? __kunmap_atomic+0x80/0x80
[  336.329465][T28213]  ? __kasan_slab_alloc+0xc4/0xe0
[  336.334324][T28213]  ? __kasan_slab_alloc+0xb2/0xe0
[  336.339349][T28213]  ? kmem_cache_alloc+0x189/0x2f0
[  336.344219][T28213]  ? vm_area_dup+0x26/0x1d0
[  336.348548][T28213]  ? dup_mmap+0x6b8/0xea0
[  336.352716][T28213]  ? dup_mm+0x91/0x330
[  336.356619][T28213]  ? copy_mm+0x108/0x1b0
[  336.360697][T28213]  ? copy_process+0x1295/0x3250
[  336.365385][T28213]  ? kernel_clone+0x22d/0x990
[  336.369902][T28213]  ? __x64_sys_clone+0x289/0x310
[  336.374671][T28213]  ? do_syscall_64+0x44/0xd0
[  336.379103][T28213]  ? entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  336.385003][T28213]  copy_page_range+0xc1e/0x1090
[  336.389690][T28213]  ? pfn_valid+0x1e0/0x1e0
[  336.393947][T28213]  dup_mmap+0x99f/0xea0
[  336.397938][T28213]  ? __delayed_free_task+0x20/0x20
[  336.402969][T28213]  ? mm_init+0x807/0x960
[  336.407059][T28213]  dup_mm+0x91/0x330
[  336.410778][T28213]  copy_mm+0x108/0x1b0
[  336.414687][T28213]  copy_process+0x1295/0x3250
[  336.419219][T28213]  ? proc_fail_nth_write+0x213/0x290
[  336.424319][T28213]  ? proc_fail_nth_read+0x220/0x220
[  336.429350][T28213]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  336.434296][T28213]  ? vfs_write+0x9af/0x1050
[  336.439070][T28213]  ? vmacache_update+0xb7/0x120
[  336.443765][T28213]  kernel_clone+0x22d/0x990
[  336.448098][T28213]  ? file_end_write+0x1b0/0x1b0
[  336.452874][T28213]  ? __kasan_check_write+0x14/0x20
[  336.457945][T28213]  ? create_io_thread+0x1e0/0x1e0
[  336.462807][T28213]  ? __mutex_lock_slowpath+0x10/0x10
[  336.467924][T28213]  __x64_sys_clone+0x289/0x310
[  336.472525][T28213]  ? __do_sys_vfork+0x130/0x130
[  336.477213][T28213]  ? debug_smp_processor_id+0x17/0x20
[  336.482419][T28213]  do_syscall_64+0x44/0xd0
[  336.486670][T28213]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  336.492398][T28213] RIP: 0033:0x7f13408790c9
[  336.496652][T28213] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  336.516097][T28213] RSP: 002b:00007f133f5ec118 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  336.524341][T28213] RAX: ffffffffffffffda RBX: 00007f1340998f80 RCX: 00007f13408790c9
18:06:56 executing program 1:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 66)

18:06:56 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.dequeue\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0)
perf_event_open(&(0x7f0000000040)={0x3, 0x80, 0x22, 0x80, 0x0, 0x5, 0x0, 0x0, 0xc, 0x7, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1, @perf_bp={&(0x7f0000000000), 0x3}, 0x802, 0xc9e, 0x400, 0x3, 0x1, 0xb6b, 0x7fff, 0x0, 0x5, 0x0, 0x101}, 0xffffffffffffffff, 0x4, r0, 0x1)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.dequeue\x00', 0x26e1, 0x0) (async)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0) (async)
perf_event_open(&(0x7f0000000040)={0x3, 0x80, 0x22, 0x80, 0x0, 0x5, 0x0, 0x0, 0xc, 0x7, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1, @perf_bp={&(0x7f0000000000), 0x3}, 0x802, 0xc9e, 0x400, 0x3, 0x1, 0xb6b, 0x7fff, 0x0, 0x5, 0x0, 0x101}, 0xffffffffffffffff, 0x4, r0, 0x1) (async)

[  336.532149][T28213] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  336.539961][T28213] RBP: 00007f133f5ec1d0 R08: 0000000000000000 R09: 0000000000000000
[  336.547772][T28213] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  336.555595][T28213] R13: 00007ffcbc4c66ef R14: 00007f133f5ec300 R15: 0000000000022000
[  336.563514][T28213]  </TASK>
18:06:56 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x80001, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200, 0x1, @perf_bp={0x0}, 0x80000, 0xbcf7, 0x3, 0x2, 0x1b8, 0x5, 0x0, 0x0, 0x8, 0x0, 0x51}, 0xffffffffffffffff, 0xe, r0, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

18:06:56 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x7, 0x3, &(0x7f0000002340)=@framed, &(0x7f0000002240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)

18:06:56 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x26df5)
close(r2)

18:06:56 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x7, 0x4, &(0x7f0000002340)=@framed={{}, [@call]}, &(0x7f0000002240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)

18:06:56 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.dequeue\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0)
perf_event_open(&(0x7f0000000040)={0x3, 0x80, 0x22, 0x80, 0x0, 0x5, 0x0, 0x0, 0xc, 0x7, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1, @perf_bp={&(0x7f0000000000), 0x3}, 0x802, 0xc9e, 0x400, 0x3, 0x1, 0xb6b, 0x7fff, 0x0, 0x5, 0x0, 0x101}, 0xffffffffffffffff, 0x4, r0, 0x1)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.dequeue\x00', 0x26e1, 0x0) (async)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0) (async)
perf_event_open(&(0x7f0000000040)={0x3, 0x80, 0x22, 0x80, 0x0, 0x5, 0x0, 0x0, 0xc, 0x7, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1, @perf_bp={&(0x7f0000000000), 0x3}, 0x802, 0xc9e, 0x400, 0x3, 0x1, 0xb6b, 0x7fff, 0x0, 0x5, 0x0, 0x101}, 0xffffffffffffffff, 0x4, r0, 0x1) (async)

[  336.629622][T28232] FAULT_INJECTION: forcing a failure.
[  336.629622][T28232] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  336.668663][T28232] CPU: 1 PID: 28232 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0
[  336.678772][T28232] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[  336.688644][T28232] Call Trace:
[  336.691770][T28232]  <TASK>
[  336.694540][T28232]  dump_stack_lvl+0x151/0x1b7
[  336.699054][T28232]  ? bfq_pos_tree_add_move+0x43e/0x43e
[  336.704349][T28232]  dump_stack+0x15/0x17
[  336.708341][T28232]  should_fail+0x3c0/0x510
[  336.712594][T28232]  should_fail_alloc_page+0x58/0x70
[  336.717631][T28232]  __alloc_pages+0x1de/0x7c0
[  336.722055][T28232]  ? __count_vm_events+0x30/0x30
[  336.726829][T28232]  ? __this_cpu_preempt_check+0x13/0x20
[  336.732211][T28232]  ? __mod_node_page_state+0xac/0xf0
[  336.737335][T28232]  pte_alloc_one+0x73/0x1b0
[  336.741712][T28232]  ? pfn_modify_allowed+0x2e0/0x2e0
[  336.746706][T28232]  __pte_alloc+0x86/0x350
[  336.750873][T28232]  ? free_pgtables+0x210/0x210
[  336.755470][T28232]  ? _raw_spin_lock+0xa3/0x1b0
[  336.760076][T28232]  ? _raw_spin_trylock_bh+0x1d0/0x1d0
[  336.765279][T28232]  ? __kernel_text_address+0x9a/0x110
[  336.770486][T28232]  copy_pte_range+0x1b1f/0x20b0
[  336.775263][T28232]  ? __kunmap_atomic+0x80/0x80
[  336.779858][T28232]  ? __kasan_slab_alloc+0xc4/0xe0
[  336.784717][T28232]  ? __kasan_slab_alloc+0xb2/0xe0
[  336.789577][T28232]  ? kmem_cache_alloc+0x189/0x2f0
[  336.794436][T28232]  ? vm_area_dup+0x26/0x1d0
[  336.798778][T28232]  ? dup_mmap+0x6b8/0xea0
[  336.802945][T28232]  ? dup_mm+0x91/0x330
[  336.806849][T28232]  ? copy_mm+0x108/0x1b0
[  336.810929][T28232]  ? copy_process+0x1295/0x3250
[  336.815620][T28232]  ? kernel_clone+0x22d/0x990
[  336.820130][T28232]  ? __x64_sys_clone+0x289/0x310
[  336.824913][T28232]  ? do_syscall_64+0x44/0xd0
[  336.829328][T28232]  ? entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  336.835233][T28232]  copy_page_range+0xc1e/0x1090
[  336.839921][T28232]  ? pfn_valid+0x1e0/0x1e0
[  336.844171][T28232]  dup_mmap+0x99f/0xea0
[  336.848186][T28232]  ? __delayed_free_task+0x20/0x20
[  336.853109][T28232]  ? mm_init+0x807/0x960
[  336.857188][T28232]  dup_mm+0x91/0x330
[  336.860921][T28232]  copy_mm+0x108/0x1b0
[  336.864826][T28232]  copy_process+0x1295/0x3250
[  336.869339][T28232]  ? proc_fail_nth_write+0x213/0x290
[  336.874460][T28232]  ? proc_fail_nth_read+0x220/0x220
[  336.879504][T28232]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  336.884439][T28232]  ? vfs_write+0x9af/0x1050
[  336.888787][T28232]  ? vmacache_update+0xb7/0x120
[  336.893467][T28232]  kernel_clone+0x22d/0x990
[  336.897809][T28232]  ? file_end_write+0x1b0/0x1b0
[  336.902498][T28232]  ? __kasan_check_write+0x14/0x20
[  336.907478][T28232]  ? create_io_thread+0x1e0/0x1e0
[  336.912311][T28232]  ? __mutex_lock_slowpath+0x10/0x10
[  336.917425][T28232]  __x64_sys_clone+0x289/0x310
[  336.922022][T28232]  ? __do_sys_vfork+0x130/0x130
[  336.926739][T28232]  ? debug_smp_processor_id+0x17/0x20
[  336.931917][T28232]  do_syscall_64+0x44/0xd0
[  336.936169][T28232]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  336.941897][T28232] RIP: 0033:0x7f13408790c9
[  336.946154][T28232] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  336.965591][T28232] RSP: 002b:00007f133f5ec118 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
18:06:56 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x7, 0x4, &(0x7f0000002340)=@framed={{}, [@call]}, &(0x7f0000002240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)

[  336.973835][T28232] RAX: ffffffffffffffda RBX: 00007f1340998f80 RCX: 00007f13408790c9
[  336.981649][T28232] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  336.989459][T28232] RBP: 00007f133f5ec1d0 R08: 0000000000000000 R09: 0000000000000000
[  336.997270][T28232] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  337.005082][T28232] R13: 00007ffcbc4c66ef R14: 00007f133f5ec300 R15: 0000000000022000
[  337.012899][T28232]  </TASK>
18:06:56 executing program 2:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x29c1b4828000, 0x0, 0x0, 0x0)

18:06:56 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x26f24)
close(r2)

18:06:56 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='io_uring_fail_link\x00', r0}, 0x10)
perf_event_open$cgroup(&(0x7f0000000000)={0x4, 0x80, 0x8, 0x0, 0x80, 0x7, 0x0, 0x101, 0x40080, 0x3, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x8, 0x4, @perf_config_ext={0x4, 0x7444dcf6}, 0x100, 0xfff, 0xc2ee, 0x9, 0x0, 0x4e58, 0x5b9e, 0x0, 0x200, 0x0, 0xc8}, r0, 0xb, r1, 0x4)
perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0xf1, 0x7, 0x7f, 0x5, 0x0, 0x5, 0x14000, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x2, 0x4, @perf_config_ext={0x4, 0x10001}, 0xa0, 0x20, 0x4, 0x1, 0x6, 0x401, 0x8, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0xd, 0xffffffffffffffff, 0xa)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0)

18:06:56 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x80001, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200, 0x1, @perf_bp={&(0x7f0000000100)}, 0x0, 0xbcf7, 0x3, 0x2, 0x1b8, 0x5, 0x0, 0x0, 0x8, 0x0, 0x51}, 0xffffffffffffffff, 0xe, r0, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

18:06:56 executing program 1:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 67)

18:06:56 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x7, 0x4, &(0x7f0000002340)=@framed={{}, [@call]}, &(0x7f0000002240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)

18:06:56 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x273a9)
close(r2)

18:06:56 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x7, 0x4, &(0x7f0000002340)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x16}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)

18:06:56 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='io_uring_fail_link\x00', r0}, 0x10)
perf_event_open$cgroup(&(0x7f0000000000)={0x4, 0x80, 0x8, 0x0, 0x80, 0x7, 0x0, 0x101, 0x40080, 0x3, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x8, 0x4, @perf_config_ext={0x4, 0x7444dcf6}, 0x100, 0xfff, 0xc2ee, 0x9, 0x0, 0x4e58, 0x5b9e, 0x0, 0x200, 0x0, 0xc8}, r0, 0xb, r1, 0x4)
perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0xf1, 0x7, 0x7f, 0x5, 0x0, 0x5, 0x14000, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x2, 0x4, @perf_config_ext={0x4, 0x10001}, 0xa0, 0x20, 0x4, 0x1, 0x6, 0x401, 0x8, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0xd, 0xffffffffffffffff, 0xa)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='io_uring_fail_link\x00', r0}, 0x10) (async)
perf_event_open$cgroup(&(0x7f0000000000)={0x4, 0x80, 0x8, 0x0, 0x80, 0x7, 0x0, 0x101, 0x40080, 0x3, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x8, 0x4, @perf_config_ext={0x4, 0x7444dcf6}, 0x100, 0xfff, 0xc2ee, 0x9, 0x0, 0x4e58, 0x5b9e, 0x0, 0x200, 0x0, 0xc8}, r0, 0xb, r1, 0x4) (async)
perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0xf1, 0x7, 0x7f, 0x5, 0x0, 0x5, 0x14000, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x2, 0x4, @perf_config_ext={0x4, 0x10001}, 0xa0, 0x20, 0x4, 0x1, 0x6, 0x401, 0x8, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0xd, 0xffffffffffffffff, 0xa) (async)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0) (async)

18:06:56 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x7, 0x4, &(0x7f0000002340)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x16}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)

18:06:56 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x80001, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200, 0x1, @perf_bp={&(0x7f0000000100)}, 0x0, 0xbcf7, 0x3, 0x2, 0x1b8, 0x5, 0x0, 0x0, 0x8, 0x0, 0x51}, 0xffffffffffffffff, 0xe, r0, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

[  337.234821][T28262] FAULT_INJECTION: forcing a failure.
[  337.234821][T28262] name failslab, interval 1, probability 0, space 0, times 0
[  337.294894][T28262] CPU: 0 PID: 28262 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0
[  337.304974][T28262] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[  337.314877][T28262] Call Trace:
[  337.317996][T28262]  <TASK>
[  337.320767][T28262]  dump_stack_lvl+0x151/0x1b7
[  337.325282][T28262]  ? bfq_pos_tree_add_move+0x43e/0x43e
[  337.330587][T28262]  dump_stack+0x15/0x17
[  337.334569][T28262]  should_fail+0x3c0/0x510
[  337.338821][T28262]  __should_failslab+0x9f/0xe0
[  337.343448][T28262]  should_failslab+0x9/0x20
[  337.347765][T28262]  kmem_cache_alloc+0x4f/0x2f0
[  337.352360][T28262]  ? vm_area_dup+0x26/0x1d0
[  337.356699][T28262]  vm_area_dup+0x26/0x1d0
[  337.360865][T28262]  dup_mmap+0x6b8/0xea0
[  337.364860][T28262]  ? __delayed_free_task+0x20/0x20
[  337.369809][T28262]  ? mm_init+0x807/0x960
[  337.373885][T28262]  dup_mm+0x91/0x330
[  337.377618][T28262]  copy_mm+0x108/0x1b0
[  337.381532][T28262]  copy_process+0x1295/0x3250
[  337.386040][T28262]  ? proc_fail_nth_write+0x213/0x290
[  337.391242][T28262]  ? proc_fail_nth_read+0x220/0x220
[  337.396286][T28262]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  337.401225][T28262]  ? vfs_write+0x9af/0x1050
[  337.405602][T28262]  ? vmacache_update+0xb7/0x120
[  337.410250][T28262]  kernel_clone+0x22d/0x990
[  337.414593][T28262]  ? file_end_write+0x1b0/0x1b0
[  337.419366][T28262]  ? __kasan_check_write+0x14/0x20
[  337.424311][T28262]  ? create_io_thread+0x1e0/0x1e0
[  337.429170][T28262]  ? __mutex_lock_slowpath+0x10/0x10
[  337.434294][T28262]  __x64_sys_clone+0x289/0x310
[  337.438890][T28262]  ? __do_sys_vfork+0x130/0x130
[  337.443579][T28262]  ? debug_smp_processor_id+0x17/0x20
[  337.448786][T28262]  do_syscall_64+0x44/0xd0
[  337.453043][T28262]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  337.458766][T28262] RIP: 0033:0x7f13408790c9
[  337.463021][T28262] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  337.483242][T28262] RSP: 002b:00007f133f5ec118 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
18:06:56 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x7, 0x4, &(0x7f0000002340)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x16}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)

[  337.491492][T28262] RAX: ffffffffffffffda RBX: 00007f1340998f80 RCX: 00007f13408790c9
[  337.499531][T28262] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  337.507353][T28262] RBP: 00007f133f5ec1d0 R08: 0000000000000000 R09: 0000000000000000
[  337.515162][T28262] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  337.522962][T28262] R13: 00007ffcbc4c66ef R14: 00007f133f5ec300 R15: 0000000000022000
[  337.530776][T28262]  </TASK>
18:06:57 executing program 2:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x553a250e6000, 0x0, 0x0, 0x0)

18:06:57 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='io_uring_fail_link\x00', r0}, 0x10)
perf_event_open$cgroup(&(0x7f0000000000)={0x4, 0x80, 0x8, 0x0, 0x80, 0x7, 0x0, 0x101, 0x40080, 0x3, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x8, 0x4, @perf_config_ext={0x4, 0x7444dcf6}, 0x100, 0xfff, 0xc2ee, 0x9, 0x0, 0x4e58, 0x5b9e, 0x0, 0x200, 0x0, 0xc8}, r0, 0xb, r1, 0x4) (async)
perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0xf1, 0x7, 0x7f, 0x5, 0x0, 0x5, 0x14000, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x2, 0x4, @perf_config_ext={0x4, 0x10001}, 0xa0, 0x20, 0x4, 0x1, 0x6, 0x401, 0x8, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0xd, 0xffffffffffffffff, 0xa) (async)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0)

18:06:57 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x14, 0x4, &(0x7f0000002340)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x3}]}, &(0x7f0000002240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)

18:06:57 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x27800)
close(r2)

18:06:57 executing program 1:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 68)

18:06:57 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x80001, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200, 0x1, @perf_bp={&(0x7f0000000100)}, 0x0, 0xbcf7, 0x3, 0x2, 0x1b8, 0x5, 0x0, 0x0, 0x8, 0x0, 0x51}, 0xffffffffffffffff, 0xe, r0, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

18:06:57 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x14, 0x4, &(0x7f0000002340)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x5}]}, &(0x7f0000002240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0xe04)

18:06:57 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='memory.events.local\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0)

[  337.694138][T28291] FAULT_INJECTION: forcing a failure.
[  337.694138][T28291] name fail_page_alloc, interval 1, probability 0, space 0, times 0
18:06:57 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='memory.events.local\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0)

18:06:57 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x27f84)
close(r2)

[  337.735048][T28291] CPU: 1 PID: 28291 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0
[  337.745129][T28291] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[  337.755133][T28291] Call Trace:
[  337.758233][T28291]  <TASK>
[  337.761007][T28291]  dump_stack_lvl+0x151/0x1b7
[  337.765522][T28291]  ? bfq_pos_tree_add_move+0x43e/0x43e
[  337.770820][T28291]  dump_stack+0x15/0x17
[  337.774806][T28291]  should_fail+0x3c0/0x510
[  337.779063][T28291]  should_fail_alloc_page+0x58/0x70
18:06:57 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='memory.events.local\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0)

[  337.784097][T28291]  __alloc_pages+0x1de/0x7c0
[  337.788523][T28291]  ? __count_vm_events+0x30/0x30
[  337.793299][T28291]  ? __this_cpu_preempt_check+0x13/0x20
[  337.798675][T28291]  ? __mod_node_page_state+0xac/0xf0
[  337.803798][T28291]  pte_alloc_one+0x73/0x1b0
[  337.808138][T28291]  ? pfn_modify_allowed+0x2e0/0x2e0
[  337.813170][T28291]  __pte_alloc+0x86/0x350
[  337.817336][T28291]  ? free_pgtables+0x210/0x210
[  337.821934][T28291]  ? _raw_spin_lock+0xa3/0x1b0
[  337.826534][T28291]  ? _raw_spin_trylock_bh+0x1d0/0x1d0
[  337.831739][T28291]  ? __kernel_text_address+0x9a/0x110
[  337.836948][T28291]  copy_pte_range+0x1b1f/0x20b0
[  337.841637][T28291]  ? __kunmap_atomic+0x80/0x80
[  337.846232][T28291]  ? __kasan_slab_alloc+0xc4/0xe0
[  337.851094][T28291]  ? __kasan_slab_alloc+0xb2/0xe0
[  337.856130][T28291]  ? kmem_cache_alloc+0x189/0x2f0
[  337.860987][T28291]  ? vm_area_dup+0x26/0x1d0
[  337.865326][T28291]  ? dup_mmap+0x6b8/0xea0
[  337.869493][T28291]  ? dup_mm+0x91/0x330
[  337.873399][T28291]  ? copy_mm+0x108/0x1b0
[  337.877477][T28291]  ? copy_process+0x1295/0x3250
[  337.882250][T28291]  ? kernel_clone+0x22d/0x990
[  337.886764][T28291]  ? __x64_sys_clone+0x289/0x310
[  337.891538][T28291]  ? do_syscall_64+0x44/0xd0
[  337.895969][T28291]  ? entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  337.901867][T28291]  copy_page_range+0xc1e/0x1090
[  337.906555][T28291]  ? pfn_valid+0x1e0/0x1e0
[  337.910810][T28291]  dup_mmap+0x99f/0xea0
[  337.914799][T28291]  ? __delayed_free_task+0x20/0x20
[  337.919746][T28291]  ? mm_init+0x807/0x960
[  337.923825][T28291]  dup_mm+0x91/0x330
[  337.927556][T28291]  copy_mm+0x108/0x1b0
[  337.931467][T28291]  copy_process+0x1295/0x3250
[  337.935978][T28291]  ? proc_fail_nth_write+0x213/0x290
[  337.941100][T28291]  ? proc_fail_nth_read+0x220/0x220
[  337.946130][T28291]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  337.951081][T28291]  ? vfs_write+0x9af/0x1050
[  337.955416][T28291]  ? vmacache_update+0xb7/0x120
[  337.960106][T28291]  kernel_clone+0x22d/0x990
[  337.964443][T28291]  ? file_end_write+0x1b0/0x1b0
[  337.969129][T28291]  ? __kasan_check_write+0x14/0x20
[  337.974076][T28291]  ? create_io_thread+0x1e0/0x1e0
[  337.978936][T28291]  ? __mutex_lock_slowpath+0x10/0x10
[  337.984062][T28291]  __x64_sys_clone+0x289/0x310
[  337.988662][T28291]  ? __do_sys_vfork+0x130/0x130
[  337.993350][T28291]  ? debug_smp_processor_id+0x17/0x20
[  337.998561][T28291]  do_syscall_64+0x44/0xd0
[  338.002808][T28291]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  338.008534][T28291] RIP: 0033:0x7f13408790c9
[  338.012875][T28291] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
18:06:57 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x14, 0x4, &(0x7f0000002340)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x5}]}, &(0x7f0000002240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0xe04)

[  338.032936][T28291] RSP: 002b:00007f133f5ec118 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  338.041168][T28291] RAX: ffffffffffffffda RBX: 00007f1340998f80 RCX: 00007f13408790c9
[  338.048977][T28291] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  338.056792][T28291] RBP: 00007f133f5ec1d0 R08: 0000000000000000 R09: 0000000000000000
[  338.064602][T28291] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  338.072413][T28291] R13: 00007ffcbc4c66ef R14: 00007f133f5ec300 R15: 0000000000022000
[  338.080226][T28291]  </TASK>
18:06:57 executing program 2:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x2001000000000, 0x0, 0x0, 0x0)

18:06:57 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0)
openat$cgroup_freezer_state(r0, &(0x7f0000000000), 0x2, 0x0)

18:06:57 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x14, 0x4, &(0x7f0000002340)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x5}]}, &(0x7f0000002240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0xe04)

18:06:57 executing program 1:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 69)

18:06:57 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x27fff)
close(r2)

18:06:57 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x80001, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200, 0x1, @perf_bp={&(0x7f0000000100)}, 0x80000, 0x0, 0x3, 0x2, 0x1b8, 0x5, 0x0, 0x0, 0x8, 0x0, 0x51}, 0xffffffffffffffff, 0xe, r0, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

18:06:57 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0)
openat$cgroup_freezer_state(r0, &(0x7f0000000000), 0x2, 0x0)

18:06:57 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x14, 0x4, &(0x7f0000002340)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x5}]}, &(0x7f0000002240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0xe04)

18:06:57 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x80001, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200, 0x1, @perf_bp={&(0x7f0000000100)}, 0x80000, 0x0, 0x3, 0x2, 0x1b8, 0x5, 0x0, 0x0, 0x8, 0x0, 0x51}, 0xffffffffffffffff, 0xe, r0, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

[  338.384982][T28325] FAULT_INJECTION: forcing a failure.
[  338.384982][T28325] name failslab, interval 1, probability 0, space 0, times 0
[  338.409080][T28325] CPU: 0 PID: 28325 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0
[  338.419166][T28325] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[  338.429064][T28325] Call Trace:
[  338.432181][T28325]  <TASK>
[  338.434963][T28325]  dump_stack_lvl+0x151/0x1b7
[  338.439489][T28325]  ? bfq_pos_tree_add_move+0x43e/0x43e
[  338.444773][T28325]  dump_stack+0x15/0x17
[  338.448758][T28325]  should_fail+0x3c0/0x510
[  338.453016][T28325]  __should_failslab+0x9f/0xe0
[  338.457617][T28325]  should_failslab+0x9/0x20
[  338.461956][T28325]  kmem_cache_alloc+0x4f/0x2f0
[  338.466554][T28325]  ? anon_vma_clone+0xa1/0x4f0
[  338.471154][T28325]  anon_vma_clone+0xa1/0x4f0
[  338.475582][T28325]  anon_vma_fork+0x91/0x4f0
[  338.479925][T28325]  ? anon_vma_name+0x43/0x70
[  338.484346][T28325]  dup_mmap+0x750/0xea0
[  338.488341][T28325]  ? __delayed_free_task+0x20/0x20
[  338.493282][T28325]  ? mm_init+0x807/0x960
[  338.497359][T28325]  dup_mm+0x91/0x330
[  338.501093][T28325]  copy_mm+0x108/0x1b0
[  338.504999][T28325]  copy_process+0x1295/0x3250
[  338.509514][T28325]  ? proc_fail_nth_write+0x213/0x290
[  338.514632][T28325]  ? proc_fail_nth_read+0x220/0x220
[  338.519669][T28325]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  338.524614][T28325]  ? vfs_write+0x9af/0x1050
[  338.528955][T28325]  ? vmacache_update+0xb7/0x120
[  338.533639][T28325]  kernel_clone+0x22d/0x990
[  338.537988][T28325]  ? file_end_write+0x1b0/0x1b0
[  338.542667][T28325]  ? __kasan_check_write+0x14/0x20
[  338.547612][T28325]  ? create_io_thread+0x1e0/0x1e0
[  338.552473][T28325]  ? __mutex_lock_slowpath+0x10/0x10
[  338.557600][T28325]  __x64_sys_clone+0x289/0x310
[  338.562197][T28325]  ? __do_sys_vfork+0x130/0x130
[  338.566881][T28325]  ? debug_smp_processor_id+0x17/0x20
[  338.572191][T28325]  do_syscall_64+0x44/0xd0
[  338.576442][T28325]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  338.582189][T28325] RIP: 0033:0x7f13408790c9
[  338.586420][T28325] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  338.605950][T28325] RSP: 002b:00007f133f5ec118 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  338.614202][T28325] RAX: ffffffffffffffda RBX: 00007f1340998f80 RCX: 00007f13408790c9
[  338.622007][T28325] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
18:06:58 executing program 2:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x2020000000000, 0x0, 0x0, 0x0)

18:06:58 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0) (async)
openat$cgroup_freezer_state(r0, &(0x7f0000000000), 0x2, 0x0)

18:06:58 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x28000)
close(r2)

18:06:58 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)

18:06:58 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)

[  338.629815][T28325] RBP: 00007f133f5ec1d0 R08: 0000000000000000 R09: 0000000000000000
[  338.637734][T28325] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  338.645545][T28325] R13: 00007ffcbc4c66ef R14: 00007f133f5ec300 R15: 0000000000022000
[  338.653360][T28325]  </TASK>
18:06:58 executing program 1:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 70)

18:06:58 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)
openat$cgroup_ro(r1, &(0x7f0000000000)='cpuacct.usage_percpu_user\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0)

18:06:58 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)

18:06:58 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x0, 0x4, &(0x7f0000002340)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x5}]}, &(0x7f0000002240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0xe04)

18:06:58 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x28456)
close(r2)

18:06:58 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)
openat$cgroup_ro(r1, &(0x7f0000000000)='cpuacct.usage_percpu_user\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0) (async)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0) (async)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0) (async)
perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (async)
close(r2) (async)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00') (async)
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2) (async)
openat$cgroup_ro(r1, &(0x7f0000000000)='cpuacct.usage_percpu_user\x00', 0x0, 0x0) (async)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0) (async)

[  338.827819][T28355] FAULT_INJECTION: forcing a failure.
[  338.827819][T28355] name failslab, interval 1, probability 0, space 0, times 0
[  338.867311][T28355] CPU: 0 PID: 28355 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0
[  338.877404][T28355] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[  338.887296][T28355] Call Trace:
[  338.890417][T28355]  <TASK>
[  338.893193][T28355]  dump_stack_lvl+0x151/0x1b7
[  338.897709][T28355]  ? bfq_pos_tree_add_move+0x43e/0x43e
[  338.903007][T28355]  dump_stack+0x15/0x17
[  338.906996][T28355]  should_fail+0x3c0/0x510
[  338.911249][T28355]  __should_failslab+0x9f/0xe0
[  338.915850][T28355]  should_failslab+0x9/0x20
[  338.920190][T28355]  kmem_cache_alloc+0x4f/0x2f0
[  338.924788][T28355]  ? anon_vma_clone+0xa1/0x4f0
[  338.929391][T28355]  anon_vma_clone+0xa1/0x4f0
[  338.933817][T28355]  anon_vma_fork+0x91/0x4f0
[  338.938152][T28355]  ? anon_vma_name+0x43/0x70
[  338.942582][T28355]  dup_mmap+0x750/0xea0
[  338.946574][T28355]  ? __delayed_free_task+0x20/0x20
[  338.951516][T28355]  ? mm_init+0x807/0x960
[  338.955598][T28355]  dup_mm+0x91/0x330
[  338.959330][T28355]  copy_mm+0x108/0x1b0
[  338.963236][T28355]  copy_process+0x1295/0x3250
[  338.967753][T28355]  ? proc_fail_nth_write+0x213/0x290
[  338.972871][T28355]  ? proc_fail_nth_read+0x220/0x220
[  338.977911][T28355]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  338.982849][T28355]  ? vfs_write+0x9af/0x1050
[  338.987191][T28355]  ? vmacache_update+0xb7/0x120
[  338.991882][T28355]  kernel_clone+0x22d/0x990
[  338.996219][T28355]  ? file_end_write+0x1b0/0x1b0
[  339.000903][T28355]  ? __kasan_check_write+0x14/0x20
[  339.005856][T28355]  ? create_io_thread+0x1e0/0x1e0
[  339.010724][T28355]  ? __mutex_lock_slowpath+0x10/0x10
[  339.015834][T28355]  __x64_sys_clone+0x289/0x310
[  339.020433][T28355]  ? __do_sys_vfork+0x130/0x130
[  339.025121][T28355]  ? debug_smp_processor_id+0x17/0x20
[  339.030325][T28355]  do_syscall_64+0x44/0xd0
[  339.034578][T28355]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  339.040310][T28355] RIP: 0033:0x7f13408790c9
[  339.044564][T28355] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  339.064004][T28355] RSP: 002b:00007f133f5ec118 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
18:06:58 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x80001, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200, 0x1, @perf_bp={&(0x7f0000000100)}, 0x80000, 0x0, 0x3, 0x2, 0x1b8, 0x5, 0x0, 0x0, 0x8, 0x0, 0x51}, 0xffffffffffffffff, 0xe, r0, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

18:06:58 executing program 2:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x8000000000000, 0x0, 0x0, 0x0)

18:06:58 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x0, 0x4, &(0x7f0000002340)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x5}]}, &(0x7f0000002240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0xe04)

18:06:58 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x2877e)
close(r2)

18:06:58 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)
openat$cgroup_ro(r1, &(0x7f0000000000)='cpuacct.usage_percpu_user\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0) (async)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0) (async)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0) (async)
perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (async)
close(r2) (async)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00') (async)
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2) (async)
openat$cgroup_ro(r1, &(0x7f0000000000)='cpuacct.usage_percpu_user\x00', 0x0, 0x0) (async)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0) (async)

18:06:58 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x0, 0x4, &(0x7f0000002340)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x5}]}, &(0x7f0000002240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0xe04)

[  339.072245][T28355] RAX: ffffffffffffffda RBX: 00007f1340998f80 RCX: 00007f13408790c9
[  339.080145][T28355] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  339.087972][T28355] RBP: 00007f133f5ec1d0 R08: 0000000000000000 R09: 0000000000000000
[  339.095768][T28355] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  339.103588][T28355] R13: 00007ffcbc4c66ef R14: 00007f133f5ec300 R15: 0000000000022000
[  339.111396][T28355]  </TASK>
18:06:58 executing program 1:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 71)

18:06:58 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x287ff)
close(r2)

18:06:58 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x80001, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200, 0x1, @perf_bp={&(0x7f0000000100)}, 0x80000, 0xbcf7, 0x0, 0x2, 0x1b8, 0x5, 0x0, 0x0, 0x8, 0x0, 0x51}, 0xffffffffffffffff, 0xe, r0, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

18:06:58 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x14, 0x0, 0x0, &(0x7f0000002240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)

18:06:58 executing program 2:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x10100000000000, 0x0, 0x0, 0x0)

18:06:58 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)
r3 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
ioctl$TUNSETSTEERINGEBPF(r3, 0x800454e0, &(0x7f0000000080))
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000001500)=@bpf_lsm={0x1d, 0x6, &(0x7f00000003c0)=@raw=[@initr0={0x18, 0x0, 0x0, 0x0, 0x838, 0x0, 0x0, 0x0, 0x5}, @ldst={0x0, 0x1, 0x2, 0x2, 0xa, 0x30, 0xffffffffffffffff}, @exit, @map_idx={0x18, 0x4, 0x5, 0x0, 0x4}], &(0x7f0000000400)='GPL\x00', 0x7, 0x8a, &(0x7f0000000440)=""/138, 0x40f00, 0x0, '\x00', 0x0, 0x1b, r3, 0x8, &(0x7f0000000500)={0x7, 0x5}, 0x8, 0x10, 0x0}, 0x80)
r4 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
ioctl$TUNSETSTEERINGEBPF(r4, 0x800454e0, &(0x7f0000000080))
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000001500)=@bpf_lsm={0x1d, 0x6, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000038080000000021bf8c8c000048a23000ffffffff9500000000000000963b00000000000000000000d65f2754"], &(0x7f0000000400)='GPL\x00', 0x7, 0x8a, &(0x7f0000000440)=""/138, 0x40f00, 0x0, '\x00', 0x0, 0x1b, r4, 0x8, &(0x7f0000000500)={0x7, 0x5}, 0x8, 0x10, 0x0}, 0x80)
r5 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r6 = openat$cgroup_ro(r5, 0x0, 0x26e1, 0x0)
r7 = openat$cgroup_ro(r6, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000004000000000000000000850000000f000000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, r7, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
socketpair(0xb, 0x800, 0x20, &(0x7f0000001380)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
sendmsg$tipc(r8, &(0x7f00000015c0)={&(0x7f00000013c0)=@nameseq={0x1e, 0x1, 0x3, {0x41, 0x1}}, 0x10, &(0x7f0000001480)=[{&(0x7f0000001400)="cd72e13cc8393655fff9a7f5e80c4f6462b493ffc5700892058b08b2c35381539be5243b444bc636b01a6c7145dedec0c0a02a4ea1c60663caafaa2eafd6ed33d7bd54a64ecb9a13be50552e34e077827bda183a6c88e957751c9aa82c9a7867d8151da739b0e6fffd", 0x69}], 0x1, &(0x7f00000014c0)="60cce02aa51f37781d92584b3229b1a9ae4b702f1459c712a540d16818fed633d8908153a9aa2ca5041e64b5b5c01475b82fc194e0d26170f4d53ca42951ed64346a65b62a3f37d1fa237ae9bf6f8efb93df76c0c9b76f13abaa0998dd7052db9fde52b47a00c77c2242f003b14db9789f05fb538cefdaec0690375ff26d40e0f787d2814b0c01b4658f8a0b47510097c564250a3cc5f50e23ec4de98cd4c16b69896495e3a5e816fd78e838e2217f8cbcf1c9a99fcbaeffa4504673b9b31f3387b78e7bf20eaee7ba187c8f231920c9a320285e6e233fc00937fb84c9d8ab81ad20511146691025", 0xe8, 0x4001}, 0x8044)
ioctl$TUNSETIFINDEX(r7, 0x400454da, &(0x7f0000000280))
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
r10 = bpf$ITER_CREATE(0x21, &(0x7f0000000240)={r7}, 0x8)
ioctl$TUNGETFILTER(r10, 0x801054db, &(0x7f0000000300)=""/4096)
ioctl$PERF_EVENT_IOC_PERIOD(r9, 0x4030582a, &(0x7f0000000040))
r11 = bpf$ITER_CREATE(0x21, &(0x7f0000001300)={r0}, 0x8)
openat$cgroup_ro(r11, &(0x7f0000001340)='cpuacct.usage_sys\x00', 0x0, 0x0)
r12 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r12, 0x4030582a, &(0x7f0000000040))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x11, 0xb, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x4}, [@kfunc={0x85, 0x0, 0x2, 0x0, 0x5}, @generic={0x3f, 0x7, 0x4, 0x3, 0x401}, @map_val={0x18, 0x3, 0x2, 0x0, r7, 0x0, 0x0, 0x0, 0x3f}, @initr0={0x18, 0x0, 0x0, 0x0, 0xc1, 0x0, 0x0, 0x0, 0x5}, @jmp={0x5, 0x0, 0xa, 0x4, 0x3, 0x100}, @func={0x85, 0x0, 0x1, 0x0, 0x8}]}, &(0x7f0000000080)='GPL\x00', 0x8, 0x0, 0x0, 0x40f00, 0x10, '\x00', 0x0, 0x0, r0, 0x8, &(0x7f0000000100)={0x2, 0x1}, 0x8, 0x10, &(0x7f0000000140)={0x2, 0x2, 0x5, 0x5d}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000180)=[r9, r12]}, 0x80)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0)

18:06:58 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x14, 0x0, 0x0, &(0x7f0000002240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)

18:06:58 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x80001, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200, 0x1, @perf_bp={&(0x7f0000000100)}, 0x80000, 0xbcf7, 0x0, 0x2, 0x1b8, 0x5, 0x0, 0x0, 0x8, 0x0, 0x51}, 0xffffffffffffffff, 0xe, r0, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

18:06:58 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x14, 0x0, 0x0, &(0x7f0000002240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)

18:06:58 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x14, 0x3, &(0x7f0000002340)=@framed, &(0x7f0000002240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)

[  339.393672][   T30] audit: type=1400 audit(1673633218.830:127): avc:  denied  { create } for  pid=28396 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
18:06:58 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x289fe)
close(r2)

18:06:58 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x14, 0x3, &(0x7f0000002340)=@framed, &(0x7f0000002240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)

[  339.436693][T28402] FAULT_INJECTION: forcing a failure.
[  339.436693][T28402] name failslab, interval 1, probability 0, space 0, times 0
[  339.512943][T28402] CPU: 1 PID: 28402 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0
[  339.523023][T28402] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[  339.532917][T28402] Call Trace:
[  339.536037][T28402]  <TASK>
[  339.538829][T28402]  dump_stack_lvl+0x151/0x1b7
[  339.543329][T28402]  ? bfq_pos_tree_add_move+0x43e/0x43e
[  339.548622][T28402]  dump_stack+0x15/0x17
[  339.552619][T28402]  should_fail+0x3c0/0x510
[  339.556883][T28402]  __should_failslab+0x9f/0xe0
[  339.561467][T28402]  should_failslab+0x9/0x20
[  339.565807][T28402]  kmem_cache_alloc+0x4f/0x2f0
[  339.570406][T28402]  ? vm_area_dup+0x26/0x1d0
[  339.574747][T28402]  vm_area_dup+0x26/0x1d0
[  339.578912][T28402]  dup_mmap+0x6b8/0xea0
[  339.582907][T28402]  ? __delayed_free_task+0x20/0x20
[  339.587862][T28402]  ? mm_init+0x807/0x960
[  339.591944][T28402]  dup_mm+0x91/0x330
[  339.595673][T28402]  copy_mm+0x108/0x1b0
[  339.599567][T28402]  copy_process+0x1295/0x3250
[  339.604126][T28402]  ? proc_fail_nth_write+0x213/0x290
[  339.609203][T28402]  ? proc_fail_nth_read+0x220/0x220
[  339.614275][T28402]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  339.619184][T28402]  ? vfs_write+0x9af/0x1050
[  339.623523][T28402]  ? vmacache_update+0xb7/0x120
[  339.628208][T28402]  kernel_clone+0x22d/0x990
[  339.632555][T28402]  ? file_end_write+0x1b0/0x1b0
[  339.637407][T28402]  ? __kasan_check_write+0x14/0x20
[  339.642357][T28402]  ? create_io_thread+0x1e0/0x1e0
[  339.647217][T28402]  ? __mutex_lock_slowpath+0x10/0x10
[  339.652341][T28402]  __x64_sys_clone+0x289/0x310
[  339.656942][T28402]  ? __do_sys_vfork+0x130/0x130
[  339.661625][T28402]  ? debug_smp_processor_id+0x17/0x20
[  339.666919][T28402]  do_syscall_64+0x44/0xd0
[  339.671172][T28402]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  339.676901][T28402] RIP: 0033:0x7f13408790c9
[  339.681157][T28402] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  339.700593][T28402] RSP: 002b:00007f133f5ec118 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  339.708840][T28402] RAX: ffffffffffffffda RBX: 00007f1340998f80 RCX: 00007f13408790c9
[  339.716648][T28402] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  339.724459][T28402] RBP: 00007f133f5ec1d0 R08: 0000000000000000 R09: 0000000000000000
[  339.732358][T28402] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  339.740171][T28402] R13: 00007ffcbc4c66ef R14: 00007f133f5ec300 R15: 0000000000022000
[  339.748072][T28402]  </TASK>
18:06:59 executing program 1:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 72)

18:06:59 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x80001, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200, 0x1, @perf_bp={&(0x7f0000000100)}, 0x80000, 0xbcf7, 0x0, 0x2, 0x1b8, 0x5, 0x0, 0x0, 0x8, 0x0, 0x51}, 0xffffffffffffffff, 0xe, r0, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

18:06:59 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0) (async)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)
r3 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
ioctl$TUNSETSTEERINGEBPF(r3, 0x800454e0, &(0x7f0000000080))
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000001500)=@bpf_lsm={0x1d, 0x6, &(0x7f00000003c0)=@raw=[@initr0={0x18, 0x0, 0x0, 0x0, 0x838, 0x0, 0x0, 0x0, 0x5}, @ldst={0x0, 0x1, 0x2, 0x2, 0xa, 0x30, 0xffffffffffffffff}, @exit, @map_idx={0x18, 0x4, 0x5, 0x0, 0x4}], &(0x7f0000000400)='GPL\x00', 0x7, 0x8a, &(0x7f0000000440)=""/138, 0x40f00, 0x0, '\x00', 0x0, 0x1b, r3, 0x8, &(0x7f0000000500)={0x7, 0x5}, 0x8, 0x10, 0x0}, 0x80) (async)
r4 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
ioctl$TUNSETSTEERINGEBPF(r4, 0x800454e0, &(0x7f0000000080))
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000001500)=@bpf_lsm={0x1d, 0x6, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000038080000000021bf8c8c000048a23000ffffffff9500000000000000963b00000000000000000000d65f2754"], &(0x7f0000000400)='GPL\x00', 0x7, 0x8a, &(0x7f0000000440)=""/138, 0x40f00, 0x0, '\x00', 0x0, 0x1b, r4, 0x8, &(0x7f0000000500)={0x7, 0x5}, 0x8, 0x10, 0x0}, 0x80) (async)
r5 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r6 = openat$cgroup_ro(r5, 0x0, 0x26e1, 0x0)
r7 = openat$cgroup_ro(r6, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000004000000000000000000850000000f000000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, r7, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
socketpair(0xb, 0x800, 0x20, &(0x7f0000001380)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
sendmsg$tipc(r8, &(0x7f00000015c0)={&(0x7f00000013c0)=@nameseq={0x1e, 0x1, 0x3, {0x41, 0x1}}, 0x10, &(0x7f0000001480)=[{&(0x7f0000001400)="cd72e13cc8393655fff9a7f5e80c4f6462b493ffc5700892058b08b2c35381539be5243b444bc636b01a6c7145dedec0c0a02a4ea1c60663caafaa2eafd6ed33d7bd54a64ecb9a13be50552e34e077827bda183a6c88e957751c9aa82c9a7867d8151da739b0e6fffd", 0x69}], 0x1, &(0x7f00000014c0)="60cce02aa51f37781d92584b3229b1a9ae4b702f1459c712a540d16818fed633d8908153a9aa2ca5041e64b5b5c01475b82fc194e0d26170f4d53ca42951ed64346a65b62a3f37d1fa237ae9bf6f8efb93df76c0c9b76f13abaa0998dd7052db9fde52b47a00c77c2242f003b14db9789f05fb538cefdaec0690375ff26d40e0f787d2814b0c01b4658f8a0b47510097c564250a3cc5f50e23ec4de98cd4c16b69896495e3a5e816fd78e838e2217f8cbcf1c9a99fcbaeffa4504673b9b31f3387b78e7bf20eaee7ba187c8f231920c9a320285e6e233fc00937fb84c9d8ab81ad20511146691025", 0xe8, 0x4001}, 0x8044)
ioctl$TUNSETIFINDEX(r7, 0x400454da, &(0x7f0000000280))
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) (async)
r10 = bpf$ITER_CREATE(0x21, &(0x7f0000000240)={r7}, 0x8)
ioctl$TUNGETFILTER(r10, 0x801054db, &(0x7f0000000300)=""/4096) (async, rerun: 32)
ioctl$PERF_EVENT_IOC_PERIOD(r9, 0x4030582a, &(0x7f0000000040)) (rerun: 32)
r11 = bpf$ITER_CREATE(0x21, &(0x7f0000001300)={r0}, 0x8)
openat$cgroup_ro(r11, &(0x7f0000001340)='cpuacct.usage_sys\x00', 0x0, 0x0) (async, rerun: 64)
r12 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) (rerun: 64)
ioctl$PERF_EVENT_IOC_PERIOD(r12, 0x4030582a, &(0x7f0000000040)) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x11, 0xb, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x4}, [@kfunc={0x85, 0x0, 0x2, 0x0, 0x5}, @generic={0x3f, 0x7, 0x4, 0x3, 0x401}, @map_val={0x18, 0x3, 0x2, 0x0, r7, 0x0, 0x0, 0x0, 0x3f}, @initr0={0x18, 0x0, 0x0, 0x0, 0xc1, 0x0, 0x0, 0x0, 0x5}, @jmp={0x5, 0x0, 0xa, 0x4, 0x3, 0x100}, @func={0x85, 0x0, 0x1, 0x0, 0x8}]}, &(0x7f0000000080)='GPL\x00', 0x8, 0x0, 0x0, 0x40f00, 0x10, '\x00', 0x0, 0x0, r0, 0x8, &(0x7f0000000100)={0x2, 0x1}, 0x8, 0x10, &(0x7f0000000140)={0x2, 0x2, 0x5, 0x5d}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000180)=[r9, r12]}, 0x80) (async)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0)

18:06:59 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x28bfc)
close(r2)

18:06:59 executing program 2:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x600e253a550000, 0x0, 0x0, 0x0)

18:06:59 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x14, 0x3, &(0x7f0000002340)=@framed, &(0x7f0000002240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)

18:06:59 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x80001, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200, 0x1, @perf_bp={&(0x7f0000000100)}, 0x80000, 0xbcf7, 0x3, 0x0, 0x1b8, 0x5, 0x0, 0x0, 0x8, 0x0, 0x51}, 0xffffffffffffffff, 0xe, r0, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

18:06:59 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x14, 0x4, &(0x7f0000002340)=@framed={{}, [@call]}, &(0x7f0000002240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0xe04)

18:06:59 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0) (async, rerun: 64)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0) (rerun: 64)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0) (async)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2) (async, rerun: 32)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00') (async, rerun: 32)
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2) (async)
r3 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
ioctl$TUNSETSTEERINGEBPF(r3, 0x800454e0, &(0x7f0000000080))
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000001500)=@bpf_lsm={0x1d, 0x6, &(0x7f00000003c0)=@raw=[@initr0={0x18, 0x0, 0x0, 0x0, 0x838, 0x0, 0x0, 0x0, 0x5}, @ldst={0x0, 0x1, 0x2, 0x2, 0xa, 0x30, 0xffffffffffffffff}, @exit, @map_idx={0x18, 0x4, 0x5, 0x0, 0x4}], &(0x7f0000000400)='GPL\x00', 0x7, 0x8a, &(0x7f0000000440)=""/138, 0x40f00, 0x0, '\x00', 0x0, 0x1b, r3, 0x8, &(0x7f0000000500)={0x7, 0x5}, 0x8, 0x10, 0x0}, 0x80)
r4 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
ioctl$TUNSETSTEERINGEBPF(r4, 0x800454e0, &(0x7f0000000080))
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000001500)=@bpf_lsm={0x1d, 0x6, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000038080000000021bf8c8c000048a23000ffffffff9500000000000000963b00000000000000000000d65f2754"], &(0x7f0000000400)='GPL\x00', 0x7, 0x8a, &(0x7f0000000440)=""/138, 0x40f00, 0x0, '\x00', 0x0, 0x1b, r4, 0x8, &(0x7f0000000500)={0x7, 0x5}, 0x8, 0x10, 0x0}, 0x80)
r5 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r6 = openat$cgroup_ro(r5, 0x0, 0x26e1, 0x0)
r7 = openat$cgroup_ro(r6, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000004000000000000000000850000000f000000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, r7, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) (async)
socketpair(0xb, 0x800, 0x20, &(0x7f0000001380)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
sendmsg$tipc(r8, &(0x7f00000015c0)={&(0x7f00000013c0)=@nameseq={0x1e, 0x1, 0x3, {0x41, 0x1}}, 0x10, &(0x7f0000001480)=[{&(0x7f0000001400)="cd72e13cc8393655fff9a7f5e80c4f6462b493ffc5700892058b08b2c35381539be5243b444bc636b01a6c7145dedec0c0a02a4ea1c60663caafaa2eafd6ed33d7bd54a64ecb9a13be50552e34e077827bda183a6c88e957751c9aa82c9a7867d8151da739b0e6fffd", 0x69}], 0x1, &(0x7f00000014c0)="60cce02aa51f37781d92584b3229b1a9ae4b702f1459c712a540d16818fed633d8908153a9aa2ca5041e64b5b5c01475b82fc194e0d26170f4d53ca42951ed64346a65b62a3f37d1fa237ae9bf6f8efb93df76c0c9b76f13abaa0998dd7052db9fde52b47a00c77c2242f003b14db9789f05fb538cefdaec0690375ff26d40e0f787d2814b0c01b4658f8a0b47510097c564250a3cc5f50e23ec4de98cd4c16b69896495e3a5e816fd78e838e2217f8cbcf1c9a99fcbaeffa4504673b9b31f3387b78e7bf20eaee7ba187c8f231920c9a320285e6e233fc00937fb84c9d8ab81ad20511146691025", 0xe8, 0x4001}, 0x8044)
ioctl$TUNSETIFINDEX(r7, 0x400454da, &(0x7f0000000280)) (async)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) (async)
r10 = bpf$ITER_CREATE(0x21, &(0x7f0000000240)={r7}, 0x8)
ioctl$TUNGETFILTER(r10, 0x801054db, &(0x7f0000000300)=""/4096)
ioctl$PERF_EVENT_IOC_PERIOD(r9, 0x4030582a, &(0x7f0000000040)) (async, rerun: 32)
r11 = bpf$ITER_CREATE(0x21, &(0x7f0000001300)={r0}, 0x8) (rerun: 32)
openat$cgroup_ro(r11, &(0x7f0000001340)='cpuacct.usage_sys\x00', 0x0, 0x0) (async, rerun: 64)
r12 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) (rerun: 64)
ioctl$PERF_EVENT_IOC_PERIOD(r12, 0x4030582a, &(0x7f0000000040)) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x11, 0xb, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x4}, [@kfunc={0x85, 0x0, 0x2, 0x0, 0x5}, @generic={0x3f, 0x7, 0x4, 0x3, 0x401}, @map_val={0x18, 0x3, 0x2, 0x0, r7, 0x0, 0x0, 0x0, 0x3f}, @initr0={0x18, 0x0, 0x0, 0x0, 0xc1, 0x0, 0x0, 0x0, 0x5}, @jmp={0x5, 0x0, 0xa, 0x4, 0x3, 0x100}, @func={0x85, 0x0, 0x1, 0x0, 0x8}]}, &(0x7f0000000080)='GPL\x00', 0x8, 0x0, 0x0, 0x40f00, 0x10, '\x00', 0x0, 0x0, r0, 0x8, &(0x7f0000000100)={0x2, 0x1}, 0x8, 0x10, &(0x7f0000000140)={0x2, 0x2, 0x5, 0x5d}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000180)=[r9, r12]}, 0x80)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0)

18:06:59 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x80001, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200, 0x1, @perf_bp={&(0x7f0000000100)}, 0x80000, 0xbcf7, 0x3, 0x0, 0x1b8, 0x5, 0x0, 0x0, 0x8, 0x0, 0x51}, 0xffffffffffffffff, 0xe, r0, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

[  339.926794][T28436] FAULT_INJECTION: forcing a failure.
[  339.926794][T28436] name failslab, interval 1, probability 0, space 0, times 0
[  339.942494][T28436] CPU: 0 PID: 28436 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0
[  339.952565][T28436] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[  339.962460][T28436] Call Trace:
[  339.965583][T28436]  <TASK>
[  339.968361][T28436]  dump_stack_lvl+0x151/0x1b7
[  339.972876][T28436]  ? bfq_pos_tree_add_move+0x43e/0x43e
[  339.978172][T28436]  dump_stack+0x15/0x17
[  339.982158][T28436]  should_fail+0x3c0/0x510
[  339.986414][T28436]  __should_failslab+0x9f/0xe0
[  339.991013][T28436]  should_failslab+0x9/0x20
[  339.995351][T28436]  kmem_cache_alloc+0x4f/0x2f0
[  339.999974][T28436]  ? anon_vma_clone+0xa1/0x4f0
[  340.004554][T28436]  anon_vma_clone+0xa1/0x4f0
[  340.008979][T28436]  anon_vma_fork+0x91/0x4f0
[  340.013319][T28436]  ? anon_vma_name+0x43/0x70
[  340.017745][T28436]  dup_mmap+0x750/0xea0
[  340.021741][T28436]  ? __delayed_free_task+0x20/0x20
[  340.026683][T28436]  ? mm_init+0x807/0x960
[  340.030763][T28436]  dup_mm+0x91/0x330
[  340.034496][T28436]  copy_mm+0x108/0x1b0
[  340.038399][T28436]  copy_process+0x1295/0x3250
[  340.042913][T28436]  ? proc_fail_nth_write+0x213/0x290
[  340.048035][T28436]  ? proc_fail_nth_read+0x220/0x220
[  340.053069][T28436]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  340.058015][T28436]  ? vfs_write+0x9af/0x1050
[  340.062355][T28436]  ? vmacache_update+0xb7/0x120
[  340.067041][T28436]  kernel_clone+0x22d/0x990
[  340.071381][T28436]  ? file_end_write+0x1b0/0x1b0
[  340.076068][T28436]  ? __kasan_check_write+0x14/0x20
[  340.081015][T28436]  ? create_io_thread+0x1e0/0x1e0
[  340.085874][T28436]  ? __mutex_lock_slowpath+0x10/0x10
[  340.090998][T28436]  __x64_sys_clone+0x289/0x310
[  340.095596][T28436]  ? __do_sys_vfork+0x130/0x130
[  340.100284][T28436]  ? debug_smp_processor_id+0x17/0x20
[  340.105491][T28436]  do_syscall_64+0x44/0xd0
[  340.109745][T28436]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  340.115480][T28436] RIP: 0033:0x7f13408790c9
[  340.119726][T28436] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  340.139164][T28436] RSP: 002b:00007f133f5cb118 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  340.147411][T28436] RAX: ffffffffffffffda RBX: 00007f1340999050 RCX: 00007f13408790c9
[  340.155220][T28436] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  340.163031][T28436] RBP: 00007f133f5cb1d0 R08: 0000000000000000 R09: 0000000000000000
18:06:59 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x14, 0x4, &(0x7f0000002340)=@framed={{}, [@call]}, &(0x7f0000002240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0xe04)

18:06:59 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x28d2b)
close(r2)

[  340.170845][T28436] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  340.178657][T28436] R13: 00007ffcbc4c66ef R14: 00007f133f5cb300 R15: 0000000000022000
[  340.186469][T28436]  </TASK>
18:06:59 executing program 1:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 73)

18:06:59 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x14, 0x4, &(0x7f0000002340)=@framed={{}, [@call]}, &(0x7f0000002240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0xe04)

18:06:59 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x28dd1)
close(r2)

18:06:59 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x80001, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200, 0x1, @perf_bp={&(0x7f0000000100)}, 0x80000, 0xbcf7, 0x3, 0x0, 0x1b8, 0x5, 0x0, 0x0, 0x8, 0x0, 0x51}, 0xffffffffffffffff, 0xe, r0, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

[  340.398694][T28462] FAULT_INJECTION: forcing a failure.
[  340.398694][T28462] name fail_page_alloc, interval 1, probability 0, space 0, times 0
18:06:59 executing program 2:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x8082b4c1290000, 0x0, 0x0, 0x0)

18:06:59 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x14, 0x4, &(0x7f0000002340)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x5}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)

18:06:59 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x80001, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200, 0x1, @perf_bp={&(0x7f0000000100)}, 0x80000, 0xbcf7, 0x3, 0x2, 0x0, 0x5, 0x0, 0x0, 0x8, 0x0, 0x51}, 0xffffffffffffffff, 0xe, r0, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

18:06:59 executing program 3:
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000b00)={0x0, 0x80, 0x0, 0xfe, 0x8, 0x0, 0x0, 0x7, 0x40, 0xa, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000a00), 0xd}, 0x100800, 0x0, 0x6, 0x9, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0xffff}, r0, 0x100000000000000a, 0xffffffffffffffff, 0x0)
r1 = syz_open_procfs$namespace(r0, &(0x7f0000000000)='ns/pid_for_children\x00')
r2 = openat$cgroup_ro(r1, &(0x7f0000000040)='cpuacct.usage_percpu\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40806685, 0x0)
r3 = openat$cgroup_ro(r2, &(0x7f0000000140)='memory.swap.events\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000000c0)={0x4, 0x80, 0x9, 0x5, 0x5f, 0x2, 0x0, 0x9, 0x2c00, 0xc, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x6, 0x2, @perf_bp={&(0x7f0000000080), 0xe}, 0x40, 0x1000000000000006, 0x7, 0x8, 0xfffffffffffff800, 0xac4b, 0x646, 0x0, 0x2, 0x0, 0xe3}, 0xffffffffffffffff, 0xa, r3, 0x0)

18:06:59 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x28e4d)
close(r2)

[  340.483083][T28462] CPU: 0 PID: 28462 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0
[  340.493164][T28462] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[  340.503059][T28462] Call Trace:
[  340.506181][T28462]  <TASK>
[  340.508961][T28462]  dump_stack_lvl+0x151/0x1b7
[  340.513471][T28462]  ? bfq_pos_tree_add_move+0x43e/0x43e
[  340.518767][T28462]  dump_stack+0x15/0x17
[  340.522760][T28462]  should_fail+0x3c0/0x510
[  340.527013][T28462]  should_fail_alloc_page+0x58/0x70
18:07:00 executing program 2:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0xf0a10f1b000000, 0x0, 0x0, 0x0)

[  340.532044][T28462]  __alloc_pages+0x1de/0x7c0
[  340.536480][T28462]  ? __count_vm_events+0x30/0x30
[  340.541251][T28462]  pte_alloc_one+0x73/0x1b0
[  340.545585][T28462]  ? pfn_modify_allowed+0x2e0/0x2e0
[  340.550623][T28462]  __pte_alloc+0x86/0x350
[  340.554789][T28462]  ? is_module_text_address+0xe1/0x140
[  340.560079][T28462]  ? free_pgtables+0x210/0x210
[  340.564771][T28462]  ? __kernel_text_address+0x9a/0x110
[  340.569977][T28462]  ? unwind_get_return_address+0x4c/0x90
[  340.575453][T28462]  copy_pte_range+0x1b1f/0x20b0
[  340.580131][T28462]  ? stack_trace_save+0x12d/0x1f0
[  340.584992][T28462]  ? anon_vma_clone+0xa1/0x4f0
[  340.589598][T28462]  ? __kunmap_atomic+0x80/0x80
[  340.594284][T28462]  ? dup_mmap+0x750/0xea0
[  340.598447][T28462]  ? dup_mm+0x91/0x330
[  340.602345][T28462]  ? copy_mm+0x108/0x1b0
[  340.606420][T28462]  ? copy_process+0x1295/0x3250
[  340.611194][T28462]  ? kernel_clone+0x22d/0x990
[  340.615716][T28462]  ? __x64_sys_clone+0x289/0x310
[  340.620490][T28462]  ? do_syscall_64+0x44/0xd0
[  340.624912][T28462]  ? entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  340.630818][T28462]  copy_page_range+0xc1e/0x1090
[  340.635502][T28462]  ? pfn_valid+0x1e0/0x1e0
[  340.639753][T28462]  dup_mmap+0x99f/0xea0
[  340.643744][T28462]  ? __delayed_free_task+0x20/0x20
[  340.648690][T28462]  ? mm_init+0x807/0x960
[  340.652770][T28462]  dup_mm+0x91/0x330
[  340.656516][T28462]  copy_mm+0x108/0x1b0
[  340.660408][T28462]  copy_process+0x1295/0x3250
[  340.664921][T28462]  ? proc_fail_nth_write+0x213/0x290
[  340.670039][T28462]  ? proc_fail_nth_read+0x220/0x220
[  340.675084][T28462]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  340.680024][T28462]  ? vfs_write+0x9af/0x1050
[  340.684360][T28462]  ? vmacache_update+0xb7/0x120
[  340.689062][T28462]  kernel_clone+0x22d/0x990
[  340.693390][T28462]  ? file_end_write+0x1b0/0x1b0
[  340.698078][T28462]  ? __kasan_check_write+0x14/0x20
[  340.703019][T28462]  ? create_io_thread+0x1e0/0x1e0
[  340.707883][T28462]  ? __mutex_lock_slowpath+0x10/0x10
[  340.713005][T28462]  __x64_sys_clone+0x289/0x310
[  340.717607][T28462]  ? __do_sys_vfork+0x130/0x130
[  340.722292][T28462]  ? debug_smp_processor_id+0x17/0x20
[  340.727496][T28462]  do_syscall_64+0x44/0xd0
[  340.731750][T28462]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  340.737485][T28462] RIP: 0033:0x7f13408790c9
[  340.741730][T28462] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  340.761170][T28462] RSP: 002b:00007f133f5ec118 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  340.769418][T28462] RAX: ffffffffffffffda RBX: 00007f1340998f80 RCX: 00007f13408790c9
18:07:00 executing program 3:
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000b00)={0x0, 0x80, 0x0, 0xfe, 0x8, 0x0, 0x0, 0x7, 0x40, 0xa, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000a00), 0xd}, 0x100800, 0x0, 0x6, 0x9, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0xffff}, r0, 0x100000000000000a, 0xffffffffffffffff, 0x0)
r1 = syz_open_procfs$namespace(r0, &(0x7f0000000000)='ns/pid_for_children\x00')
r2 = openat$cgroup_ro(r1, &(0x7f0000000040)='cpuacct.usage_percpu\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40806685, 0x0)
r3 = openat$cgroup_ro(r2, &(0x7f0000000140)='memory.swap.events\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000000c0)={0x4, 0x80, 0x9, 0x5, 0x5f, 0x2, 0x0, 0x9, 0x2c00, 0xc, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x6, 0x2, @perf_bp={&(0x7f0000000080), 0xe}, 0x40, 0x1000000000000006, 0x7, 0x8, 0xfffffffffffff800, 0xac4b, 0x646, 0x0, 0x2, 0x0, 0xe3}, 0xffffffffffffffff, 0xa, r3, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
perf_event_open(&(0x7f0000000b00)={0x0, 0x80, 0x0, 0xfe, 0x8, 0x0, 0x0, 0x7, 0x40, 0xa, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000a00), 0xd}, 0x100800, 0x0, 0x6, 0x9, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0xffff}, r0, 0x100000000000000a, 0xffffffffffffffff, 0x0) (async)
syz_open_procfs$namespace(r0, &(0x7f0000000000)='ns/pid_for_children\x00') (async)
openat$cgroup_ro(r1, &(0x7f0000000040)='cpuacct.usage_percpu\x00', 0x26e1, 0x0) (async)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40806685, 0x0) (async)
openat$cgroup_ro(r2, &(0x7f0000000140)='memory.swap.events\x00', 0x0, 0x0) (async)
perf_event_open(&(0x7f00000000c0)={0x4, 0x80, 0x9, 0x5, 0x5f, 0x2, 0x0, 0x9, 0x2c00, 0xc, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x6, 0x2, @perf_bp={&(0x7f0000000080), 0xe}, 0x40, 0x1000000000000006, 0x7, 0x8, 0xfffffffffffff800, 0xac4b, 0x646, 0x0, 0x2, 0x0, 0xe3}, 0xffffffffffffffff, 0xa, r3, 0x0) (async)

18:07:00 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x14, 0x4, &(0x7f0000002340)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x5}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)

[  340.777228][T28462] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  340.785039][T28462] RBP: 00007f133f5ec1d0 R08: 0000000000000000 R09: 0000000000000000
[  340.792852][T28462] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  340.800659][T28462] R13: 00007ffcbc4c66ef R14: 00007f133f5ec300 R15: 0000000000022000
[  340.808476][T28462]  </TASK>
18:07:00 executing program 1:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 74)

18:07:00 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x14, 0x4, &(0x7f0000002340)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x5}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)

18:07:00 executing program 3:
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000b00)={0x0, 0x80, 0x0, 0xfe, 0x8, 0x0, 0x0, 0x7, 0x40, 0xa, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000a00), 0xd}, 0x100800, 0x0, 0x6, 0x9, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0xffff}, r0, 0x100000000000000a, 0xffffffffffffffff, 0x0) (async)
r1 = syz_open_procfs$namespace(r0, &(0x7f0000000000)='ns/pid_for_children\x00')
r2 = openat$cgroup_ro(r1, &(0x7f0000000040)='cpuacct.usage_percpu\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40806685, 0x0)
r3 = openat$cgroup_ro(r2, &(0x7f0000000140)='memory.swap.events\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000000c0)={0x4, 0x80, 0x9, 0x5, 0x5f, 0x2, 0x0, 0x9, 0x2c00, 0xc, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x6, 0x2, @perf_bp={&(0x7f0000000080), 0xe}, 0x40, 0x1000000000000006, 0x7, 0x8, 0xfffffffffffff800, 0xac4b, 0x646, 0x0, 0x2, 0x0, 0xe3}, 0xffffffffffffffff, 0xa, r3, 0x0)

18:07:00 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x80001, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200, 0x1, @perf_bp={&(0x7f0000000100)}, 0x80000, 0xbcf7, 0x3, 0x2, 0x0, 0x5, 0x0, 0x0, 0x8, 0x0, 0x51}, 0xffffffffffffffff, 0xe, r0, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

18:07:00 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x28ec5)
close(r2)

18:07:00 executing program 2:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0xf0ff1f00000000, 0x0, 0x0, 0x0)

18:07:00 executing program 0:
socketpair(0x11, 0x2, 0x300, &(0x7f00000002c0))

18:07:00 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
r1 = perf_event_open(&(0x7f0000000000)={0x4, 0x80, 0x8, 0x2, 0x7f, 0x5, 0x0, 0xffff, 0x40081, 0x1e, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, @perf_config_ext={0x3, 0x1}, 0x8000, 0x8000000000000001, 0x8, 0x6, 0x126, 0xb8ce, 0x8001, 0x0, 0xfffffffb, 0x0, 0x3f800}, 0xffffffffffffffff, 0x8, r0, 0x9)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040))
r3 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
ioctl$TUNSETSTEERINGEBPF(r3, 0x800454e0, &(0x7f0000000080))
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000001500)=@bpf_lsm={0x1d, 0x6, &(0x7f00000003c0)=@raw=[@initr0={0x18, 0x0, 0x0, 0x0, 0x838, 0x0, 0x0, 0x0, 0x5}, @ldst={0x0, 0x1, 0x2, 0x2, 0xa, 0x30, 0xffffffffffffffff}, @exit, @map_idx={0x18, 0x4, 0x5, 0x0, 0x4}], &(0x7f0000000400)='GPL\x00', 0x7, 0x8a, &(0x7f0000000440)=""/138, 0x40f00, 0x0, '\x00', 0x0, 0x1b, r3, 0x8, &(0x7f0000000500)={0x7, 0x5}, 0x8, 0x10, 0x0}, 0x80)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x6, &(0x7f0000000040)=@framed={{}, [@alu={0x7, 0x0, 0xb, 0x0, 0xb}, @cb_func={0x18, 0x0, 0x4, 0x0, 0xfffffffffffffffc}]}, &(0x7f0000000080)='syzkaller\x00', 0x3, 0xbd, &(0x7f00000000c0)=""/189, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x1f, 0x9, 0x1f, 0x6, 0x0, 0x5, 0x100, 0xc, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x7fff, 0xb508db1d9bce3063, @perf_bp={&(0x7f00000004c0), 0x6}, 0x8048, 0xef, 0x3, 0x6, 0x9, 0xffff, 0x0, 0x0, 0xc48, 0x0, 0x3f}, 0x0, 0xa, r3, 0x8)
perf_event_open(&(0x7f0000000100)={0x5, 0x80, 0x4, 0x3, 0x3f, 0x7, 0x0, 0x5, 0x9680, 0x2, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x1, 0xffffffff}, 0x16872, 0x7, 0x7ff, 0x9, 0x4, 0x0, 0x1, 0x0, 0x4, 0x0, 0x6ee00000000000}, 0x0, 0xf, r2, 0x8)
openat$cgroup_type(r0, &(0x7f0000000080), 0x2, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0)
r4 = syz_clone(0xb0240e00, &(0x7f0000000240)="d2bad71fd7f3ae12c7ad509eb928ca795ea185815f53f80c8d587d6d1f347a38da2f757ec0307fc23e360f415dd1b95902ffc5f170adb9b7a01c308368a59cdf081f49afdae90918a1e8fe860bff4c4bb4935e40785c5576a52cd0fc85640353530b71062ef6ead68d3e6a1d10996b5ed0742520cc99bb891b55442164e1f69c770811e9c181caa2428ca2a1dfe0e807b7784a2a64636456538b6a1b01950ff5311ffbb811f7ca2bcb15359dc8cea39bfb9774bd5a75ebf2cd2d3ad601738e05f49bf46125df71009d9d281ce83bc488fc89ecce045756192e7876fff799619eb620f35b6a9e0ec5e1028356a86009e555bbe02941", 0xf5, &(0x7f0000000340), &(0x7f0000000380), &(0x7f00000003c0)="6e4baabe5cbf272291de066c06c1fa79221e21c49879370278e20210b80fbd8be264c2f369c241b3a6eeb7d554e76a2f27c13a2662dfc0d0ba1d8a4292c8833e77765cbb17cb65e62cc4f3aee5f800c841549ad3fe293f979f36a9405f83e1ef5e861f4070e66cdbcde87e4c9f74f395c251447e68327703269a2aac4c5f77fbb9fa40d258762598edbfd147c6b37ed18f834507888b14e8e2ee04f38562fecdfc422174d02da7bb20f98a3b6fd0a2525d69f49827d860df913f22555fc0175dc2061510e19335f594947932ea4f8593f17d842642fe870001290cbe10dfb70aeba1ede7b86ed692d758c190cbeea37e63")
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x2400, 0x0)
perf_event_open(&(0x7f00000001c0)={0x1, 0x80, 0x8, 0x8f, 0x5, 0x4, 0x0, 0x4, 0xac00, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0xf9ee, 0x2, @perf_config_ext={0xfffffffffffffff8, 0x81}, 0x650, 0x4, 0x9e45, 0x5, 0x8, 0x6c2, 0x3, 0x0, 0x7, 0x0, 0x6}, r4, 0x7, 0xffffffffffffffff, 0x8)

18:07:00 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x80001, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200, 0x1, @perf_bp={&(0x7f0000000100)}, 0x80000, 0xbcf7, 0x3, 0x2, 0x0, 0x5, 0x0, 0x0, 0x8, 0x0, 0x51}, 0xffffffffffffffff, 0xe, r0, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

18:07:00 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x28f3d)
close(r2)

18:07:00 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
r1 = perf_event_open(&(0x7f0000000000)={0x4, 0x80, 0x8, 0x2, 0x7f, 0x5, 0x0, 0xffff, 0x40081, 0x1e, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, @perf_config_ext={0x3, 0x1}, 0x8000, 0x8000000000000001, 0x8, 0x6, 0x126, 0xb8ce, 0x8001, 0x0, 0xfffffffb, 0x0, 0x3f800}, 0xffffffffffffffff, 0x8, r0, 0x9) (async)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)) (async)
r3 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
ioctl$TUNSETSTEERINGEBPF(r3, 0x800454e0, &(0x7f0000000080)) (async)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000001500)=@bpf_lsm={0x1d, 0x6, &(0x7f00000003c0)=@raw=[@initr0={0x18, 0x0, 0x0, 0x0, 0x838, 0x0, 0x0, 0x0, 0x5}, @ldst={0x0, 0x1, 0x2, 0x2, 0xa, 0x30, 0xffffffffffffffff}, @exit, @map_idx={0x18, 0x4, 0x5, 0x0, 0x4}], &(0x7f0000000400)='GPL\x00', 0x7, 0x8a, &(0x7f0000000440)=""/138, 0x40f00, 0x0, '\x00', 0x0, 0x1b, r3, 0x8, &(0x7f0000000500)={0x7, 0x5}, 0x8, 0x10, 0x0}, 0x80) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x6, &(0x7f0000000040)=@framed={{}, [@alu={0x7, 0x0, 0xb, 0x0, 0xb}, @cb_func={0x18, 0x0, 0x4, 0x0, 0xfffffffffffffffc}]}, &(0x7f0000000080)='syzkaller\x00', 0x3, 0xbd, &(0x7f00000000c0)=""/189, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) (async)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x1f, 0x9, 0x1f, 0x6, 0x0, 0x5, 0x100, 0xc, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x7fff, 0xb508db1d9bce3063, @perf_bp={&(0x7f00000004c0), 0x6}, 0x8048, 0xef, 0x3, 0x6, 0x9, 0xffff, 0x0, 0x0, 0xc48, 0x0, 0x3f}, 0x0, 0xa, r3, 0x8) (async)
perf_event_open(&(0x7f0000000100)={0x5, 0x80, 0x4, 0x3, 0x3f, 0x7, 0x0, 0x5, 0x9680, 0x2, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x1, 0xffffffff}, 0x16872, 0x7, 0x7ff, 0x9, 0x4, 0x0, 0x1, 0x0, 0x4, 0x0, 0x6ee00000000000}, 0x0, 0xf, r2, 0x8)
openat$cgroup_type(r0, &(0x7f0000000080), 0x2, 0x0) (async)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0) (async)
r4 = syz_clone(0xb0240e00, &(0x7f0000000240)="d2bad71fd7f3ae12c7ad509eb928ca795ea185815f53f80c8d587d6d1f347a38da2f757ec0307fc23e360f415dd1b95902ffc5f170adb9b7a01c308368a59cdf081f49afdae90918a1e8fe860bff4c4bb4935e40785c5576a52cd0fc85640353530b71062ef6ead68d3e6a1d10996b5ed0742520cc99bb891b55442164e1f69c770811e9c181caa2428ca2a1dfe0e807b7784a2a64636456538b6a1b01950ff5311ffbb811f7ca2bcb15359dc8cea39bfb9774bd5a75ebf2cd2d3ad601738e05f49bf46125df71009d9d281ce83bc488fc89ecce045756192e7876fff799619eb620f35b6a9e0ec5e1028356a86009e555bbe02941", 0xf5, &(0x7f0000000340), &(0x7f0000000380), &(0x7f00000003c0)="6e4baabe5cbf272291de066c06c1fa79221e21c49879370278e20210b80fbd8be264c2f369c241b3a6eeb7d554e76a2f27c13a2662dfc0d0ba1d8a4292c8833e77765cbb17cb65e62cc4f3aee5f800c841549ad3fe293f979f36a9405f83e1ef5e861f4070e66cdbcde87e4c9f74f395c251447e68327703269a2aac4c5f77fbb9fa40d258762598edbfd147c6b37ed18f834507888b14e8e2ee04f38562fecdfc422174d02da7bb20f98a3b6fd0a2525d69f49827d860df913f22555fc0175dc2061510e19335f594947932ea4f8593f17d842642fe870001290cbe10dfb70aeba1ede7b86ed692d758c190cbeea37e63")
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x2400, 0x0) (async, rerun: 64)
perf_event_open(&(0x7f00000001c0)={0x1, 0x80, 0x8, 0x8f, 0x5, 0x4, 0x0, 0x4, 0xac00, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0xf9ee, 0x2, @perf_config_ext={0xfffffffffffffff8, 0x81}, 0x650, 0x4, 0x9e45, 0x5, 0x8, 0x6c2, 0x3, 0x0, 0x7, 0x0, 0x6}, r4, 0x7, 0xffffffffffffffff, 0x8) (rerun: 64)

[  341.016475][T28513] FAULT_INJECTION: forcing a failure.
[  341.016475][T28513] name failslab, interval 1, probability 0, space 0, times 0
[  341.047539][T28513] CPU: 1 PID: 28513 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0
18:07:00 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x28f86)
close(r2)

[  341.057616][T28513] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[  341.067510][T28513] Call Trace:
[  341.070633][T28513]  <TASK>
[  341.073413][T28513]  dump_stack_lvl+0x151/0x1b7
[  341.077926][T28513]  ? bfq_pos_tree_add_move+0x43e/0x43e
[  341.083222][T28513]  dump_stack+0x15/0x17
[  341.087386][T28513]  should_fail+0x3c0/0x510
[  341.091640][T28513]  __should_failslab+0x9f/0xe0
[  341.096238][T28513]  should_failslab+0x9/0x20
[  341.100573][T28513]  kmem_cache_alloc+0x4f/0x2f0
[  341.105176][T28513]  ? anon_vma_fork+0x1b9/0x4f0
[  341.109772][T28513]  anon_vma_fork+0x1b9/0x4f0
[  341.114199][T28513]  dup_mmap+0x750/0xea0
[  341.118194][T28513]  ? __delayed_free_task+0x20/0x20
[  341.123138][T28513]  ? mm_init+0x807/0x960
[  341.127217][T28513]  dup_mm+0x91/0x330
[  341.130949][T28513]  copy_mm+0x108/0x1b0
[  341.134855][T28513]  copy_process+0x1295/0x3250
[  341.139367][T28513]  ? proc_fail_nth_write+0x213/0x290
[  341.144486][T28513]  ? proc_fail_nth_read+0x220/0x220
[  341.149525][T28513]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  341.154467][T28513]  ? vfs_write+0x9af/0x1050
[  341.158806][T28513]  ? vmacache_update+0xb7/0x120
[  341.163495][T28513]  kernel_clone+0x22d/0x990
[  341.167833][T28513]  ? file_end_write+0x1b0/0x1b0
[  341.172524][T28513]  ? __kasan_check_write+0x14/0x20
[  341.177477][T28513]  ? create_io_thread+0x1e0/0x1e0
[  341.182331][T28513]  ? __mutex_lock_slowpath+0x10/0x10
[  341.187456][T28513]  __x64_sys_clone+0x289/0x310
[  341.192053][T28513]  ? __do_sys_vfork+0x130/0x130
[  341.196744][T28513]  ? debug_smp_processor_id+0x17/0x20
[  341.201947][T28513]  do_syscall_64+0x44/0xd0
[  341.206197][T28513]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  341.211926][T28513] RIP: 0033:0x7f13408790c9
[  341.216182][T28513] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  341.235621][T28513] RSP: 002b:00007f133f5ec118 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  341.243863][T28513] RAX: ffffffffffffffda RBX: 00007f1340998f80 RCX: 00007f13408790c9
[  341.251680][T28513] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  341.259488][T28513] RBP: 00007f133f5ec1d0 R08: 0000000000000000 R09: 0000000000000000
[  341.267299][T28513] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  341.275108][T28513] R13: 00007ffcbc4c66ef R14: 00007f133f5ec300 R15: 0000000000022000
[  341.282924][T28513]  </TASK>
18:07:00 executing program 1:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 75)

18:07:00 executing program 0:
syz_clone(0xa080480, 0x0, 0x0, 0x0, 0x0, 0x0)

18:07:00 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
r1 = perf_event_open(&(0x7f0000000000)={0x4, 0x80, 0x8, 0x2, 0x7f, 0x5, 0x0, 0xffff, 0x40081, 0x1e, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, @perf_config_ext={0x3, 0x1}, 0x8000, 0x8000000000000001, 0x8, 0x6, 0x126, 0xb8ce, 0x8001, 0x0, 0xfffffffb, 0x0, 0x3f800}, 0xffffffffffffffff, 0x8, r0, 0x9)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040))
r3 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
ioctl$TUNSETSTEERINGEBPF(r3, 0x800454e0, &(0x7f0000000080)) (async)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000001500)=@bpf_lsm={0x1d, 0x6, &(0x7f00000003c0)=@raw=[@initr0={0x18, 0x0, 0x0, 0x0, 0x838, 0x0, 0x0, 0x0, 0x5}, @ldst={0x0, 0x1, 0x2, 0x2, 0xa, 0x30, 0xffffffffffffffff}, @exit, @map_idx={0x18, 0x4, 0x5, 0x0, 0x4}], &(0x7f0000000400)='GPL\x00', 0x7, 0x8a, &(0x7f0000000440)=""/138, 0x40f00, 0x0, '\x00', 0x0, 0x1b, r3, 0x8, &(0x7f0000000500)={0x7, 0x5}, 0x8, 0x10, 0x0}, 0x80) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x6, &(0x7f0000000040)=@framed={{}, [@alu={0x7, 0x0, 0xb, 0x0, 0xb}, @cb_func={0x18, 0x0, 0x4, 0x0, 0xfffffffffffffffc}]}, &(0x7f0000000080)='syzkaller\x00', 0x3, 0xbd, &(0x7f00000000c0)=""/189, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) (async, rerun: 32)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x1f, 0x9, 0x1f, 0x6, 0x0, 0x5, 0x100, 0xc, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x7fff, 0xb508db1d9bce3063, @perf_bp={&(0x7f00000004c0), 0x6}, 0x8048, 0xef, 0x3, 0x6, 0x9, 0xffff, 0x0, 0x0, 0xc48, 0x0, 0x3f}, 0x0, 0xa, r3, 0x8) (rerun: 32)
perf_event_open(&(0x7f0000000100)={0x5, 0x80, 0x4, 0x3, 0x3f, 0x7, 0x0, 0x5, 0x9680, 0x2, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x1, 0xffffffff}, 0x16872, 0x7, 0x7ff, 0x9, 0x4, 0x0, 0x1, 0x0, 0x4, 0x0, 0x6ee00000000000}, 0x0, 0xf, r2, 0x8) (async)
openat$cgroup_type(r0, &(0x7f0000000080), 0x2, 0x0) (async, rerun: 64)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0) (rerun: 64)
r4 = syz_clone(0xb0240e00, &(0x7f0000000240)="d2bad71fd7f3ae12c7ad509eb928ca795ea185815f53f80c8d587d6d1f347a38da2f757ec0307fc23e360f415dd1b95902ffc5f170adb9b7a01c308368a59cdf081f49afdae90918a1e8fe860bff4c4bb4935e40785c5576a52cd0fc85640353530b71062ef6ead68d3e6a1d10996b5ed0742520cc99bb891b55442164e1f69c770811e9c181caa2428ca2a1dfe0e807b7784a2a64636456538b6a1b01950ff5311ffbb811f7ca2bcb15359dc8cea39bfb9774bd5a75ebf2cd2d3ad601738e05f49bf46125df71009d9d281ce83bc488fc89ecce045756192e7876fff799619eb620f35b6a9e0ec5e1028356a86009e555bbe02941", 0xf5, &(0x7f0000000340), &(0x7f0000000380), &(0x7f00000003c0)="6e4baabe5cbf272291de066c06c1fa79221e21c49879370278e20210b80fbd8be264c2f369c241b3a6eeb7d554e76a2f27c13a2662dfc0d0ba1d8a4292c8833e77765cbb17cb65e62cc4f3aee5f800c841549ad3fe293f979f36a9405f83e1ef5e861f4070e66cdbcde87e4c9f74f395c251447e68327703269a2aac4c5f77fbb9fa40d258762598edbfd147c6b37ed18f834507888b14e8e2ee04f38562fecdfc422174d02da7bb20f98a3b6fd0a2525d69f49827d860df913f22555fc0175dc2061510e19335f594947932ea4f8593f17d842642fe870001290cbe10dfb70aeba1ede7b86ed692d758c190cbeea37e63") (async)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x2400, 0x0)
perf_event_open(&(0x7f00000001c0)={0x1, 0x80, 0x8, 0x8f, 0x5, 0x4, 0x0, 0x4, 0xac00, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0xf9ee, 0x2, @perf_config_ext={0xfffffffffffffff8, 0x81}, 0x650, 0x4, 0x9e45, 0x5, 0x8, 0x6c2, 0x3, 0x0, 0x7, 0x0, 0x6}, r4, 0x7, 0xffffffffffffffff, 0x8)

18:07:00 executing program 2:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x100000000000000, 0x0, 0x0, 0x0)

18:07:00 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000540)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
recvmsg(r0, &(0x7f0000000b00)={&(0x7f0000000640)=@rc={0x1f, @fixed}, 0x80, &(0x7f0000000a00)=[{0x0}, {0x0}, {0x0}], 0x3}, 0x0)

18:07:00 executing program 3:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r0, &(0x7f0000000080), 0x2, 0x0)
r1 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r1)
ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r0, 0x3, r1, 0x2)
r2 = openat$cgroup_ro(r0, &(0x7f0000000180)='hugetlb.2MB.usage_in_bytes\x00', 0x26e1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x15, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="4cb80100100000001847000001000000f76f4cb608000000000000000085200000050000000810ff"], &(0x7f0000000300)='syzkaller\x00', 0x4, 0x0, 0x0, 0x41100, 0x1, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, &(0x7f0000000340)={0x89a4, 0x4}, 0x8, 0x10, &(0x7f0000000380)={0x3, 0x4, 0x7ff, 0x4}, 0x10, 0xffffffffffffffff, r2}, 0x80)
bpf$ITER_CREATE(0x21, &(0x7f0000000440)={r2}, 0x8)
r3 = openat$cgroup_type(r0, &(0x7f0000000480), 0x2, 0x0)
r4 = openat$cgroup_ro(r2, &(0x7f0000000080)='cgroup.controllers\x00', 0x0, 0x0)
r5 = openat$cgroup_ro(r4, &(0x7f0000000100)='cgroup.events\x00', 0x0, 0x0)
write$cgroup_type(r3, &(0x7f0000000040), 0x9)
perf_event_open$cgroup(&(0x7f00000004c0)={0x2, 0x80, 0x7f, 0x1f, 0x8, 0xff, 0x0, 0xc67c, 0x80140, 0xc, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1ff, 0x2, @perf_bp={&(0x7f0000000000), 0x3}, 0x1, 0x8, 0x8, 0x1, 0x9, 0x8, 0x7, 0x0, 0x3, 0x0, 0x1}, r4, 0xf, r5, 0x4)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40806685, 0x0)
r6 = perf_event_open$cgroup(&(0x7f0000000240)={0x1, 0x80, 0x4, 0x9, 0x1, 0x0, 0x0, 0x2, 0x8101, 0x2, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x3, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1, @perf_config_ext={0x2, 0x81}, 0x80, 0x81, 0x6, 0x2, 0x7, 0x20, 0xfff, 0x0, 0x108, 0x0, 0x2e}, r2, 0xa, 0xffffffffffffffff, 0x2)
perf_event_open(&(0x7f00000001c0)={0x0, 0x80, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0x4000, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x10000, 0x4, @perf_bp={&(0x7f00000000c0), 0x6}, 0x4000, 0x3, 0x5, 0x6, 0x8000000000000000, 0x2, 0x80, 0x0, 0x1}, 0x0, 0xf, r6, 0x3)

18:07:00 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x28fc0)
close(r2)

[  341.389223][T28547] FAULT_INJECTION: forcing a failure.
[  341.389223][T28547] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  341.402464][T28547] CPU: 0 PID: 28547 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0
[  341.412521][T28547] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[  341.422598][T28547] Call Trace:
[  341.425711][T28547]  <TASK>
[  341.428488][T28547]  dump_stack_lvl+0x151/0x1b7
[  341.433001][T28547]  ? bfq_pos_tree_add_move+0x43e/0x43e
[  341.438293][T28547]  dump_stack+0x15/0x17
[  341.442305][T28547]  should_fail+0x3c0/0x510
[  341.446540][T28547]  should_fail_alloc_page+0x58/0x70
[  341.451685][T28547]  __alloc_pages+0x1de/0x7c0
[  341.456193][T28547]  ? __count_vm_events+0x30/0x30
[  341.460968][T28547]  ? __this_cpu_preempt_check+0x13/0x20
[  341.466354][T28547]  pte_alloc_one+0x73/0x1b0
[  341.470685][T28547]  ? pfn_modify_allowed+0x2e0/0x2e0
[  341.475720][T28547]  __pte_alloc+0x86/0x350
[  341.479881][T28547]  ? free_pgtables+0x210/0x210
[  341.484480][T28547]  ? _raw_spin_lock+0xa3/0x1b0
[  341.489080][T28547]  ? _raw_spin_trylock_bh+0x1d0/0x1d0
[  341.494297][T28547]  ? __kernel_text_address+0x9a/0x110
[  341.499503][T28547]  copy_pte_range+0x1b1f/0x20b0
[  341.504188][T28547]  ? __kunmap_atomic+0x80/0x80
[  341.508791][T28547]  ? __kasan_slab_alloc+0xc4/0xe0
[  341.513642][T28547]  ? __kasan_slab_alloc+0xb2/0xe0
[  341.518504][T28547]  ? kmem_cache_alloc+0x189/0x2f0
[  341.523372][T28547]  ? vm_area_dup+0x26/0x1d0
[  341.528485][T28547]  ? dup_mmap+0x6b8/0xea0
[  341.532659][T28547]  ? dup_mm+0x91/0x330
[  341.536567][T28547]  ? copy_mm+0x108/0x1b0
[  341.540660][T28547]  ? copy_process+0x1295/0x3250
[  341.545322][T28547]  ? kernel_clone+0x22d/0x990
[  341.549835][T28547]  ? __x64_sys_clone+0x289/0x310
[  341.554610][T28547]  ? do_syscall_64+0x44/0xd0
[  341.559034][T28547]  ? entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  341.564938][T28547]  copy_page_range+0xc1e/0x1090
[  341.569626][T28547]  ? pfn_valid+0x1e0/0x1e0
[  341.573887][T28547]  dup_mmap+0x99f/0xea0
[  341.577879][T28547]  ? __delayed_free_task+0x20/0x20
[  341.582820][T28547]  ? mm_init+0x807/0x960
[  341.586897][T28547]  dup_mm+0x91/0x330
[  341.590628][T28547]  copy_mm+0x108/0x1b0
[  341.594532][T28547]  copy_process+0x1295/0x3250
[  341.599050][T28547]  ? proc_fail_nth_write+0x213/0x290
[  341.604166][T28547]  ? proc_fail_nth_read+0x220/0x220
[  341.609201][T28547]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  341.614152][T28547]  ? vfs_write+0x9af/0x1050
[  341.618490][T28547]  ? vmacache_update+0xb7/0x120
[  341.623177][T28547]  kernel_clone+0x22d/0x990
[  341.627512][T28547]  ? file_end_write+0x1b0/0x1b0
[  341.632202][T28547]  ? __kasan_check_write+0x14/0x20
[  341.637152][T28547]  ? create_io_thread+0x1e0/0x1e0
[  341.642034][T28547]  ? __mutex_lock_slowpath+0x10/0x10
[  341.647146][T28547]  __x64_sys_clone+0x289/0x310
[  341.651735][T28547]  ? __do_sys_vfork+0x130/0x130
[  341.656424][T28547]  ? debug_smp_processor_id+0x17/0x20
[  341.661633][T28547]  do_syscall_64+0x44/0xd0
[  341.665880][T28547]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  341.671609][T28547] RIP: 0033:0x7f13408790c9
[  341.675858][T28547] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  341.695474][T28547] RSP: 002b:00007f133f5ec118 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  341.703720][T28547] RAX: ffffffffffffffda RBX: 00007f1340998f80 RCX: 00007f13408790c9
[  341.711526][T28547] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  341.719349][T28547] RBP: 00007f133f5ec1d0 R08: 0000000000000000 R09: 0000000000000000
[  341.727242][T28547] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
18:07:01 executing program 3:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r0, &(0x7f0000000080), 0x2, 0x0) (async)
r1 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r1) (async)
ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0xc004743e, &(0x7f0000000680)='&@[\x00') (async)
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r0, 0x3, r1, 0x2)
r2 = openat$cgroup_ro(r0, &(0x7f0000000180)='hugetlb.2MB.usage_in_bytes\x00', 0x26e1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x15, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="4cb80100100000001847000001000000f76f4cb608000000000000000085200000050000000810ff"], &(0x7f0000000300)='syzkaller\x00', 0x4, 0x0, 0x0, 0x41100, 0x1, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, &(0x7f0000000340)={0x89a4, 0x4}, 0x8, 0x10, &(0x7f0000000380)={0x3, 0x4, 0x7ff, 0x4}, 0x10, 0xffffffffffffffff, r2}, 0x80) (async)
bpf$ITER_CREATE(0x21, &(0x7f0000000440)={r2}, 0x8) (async)
r3 = openat$cgroup_type(r0, &(0x7f0000000480), 0x2, 0x0) (async)
r4 = openat$cgroup_ro(r2, &(0x7f0000000080)='cgroup.controllers\x00', 0x0, 0x0)
r5 = openat$cgroup_ro(r4, &(0x7f0000000100)='cgroup.events\x00', 0x0, 0x0)
write$cgroup_type(r3, &(0x7f0000000040), 0x9) (async)
perf_event_open$cgroup(&(0x7f00000004c0)={0x2, 0x80, 0x7f, 0x1f, 0x8, 0xff, 0x0, 0xc67c, 0x80140, 0xc, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1ff, 0x2, @perf_bp={&(0x7f0000000000), 0x3}, 0x1, 0x8, 0x8, 0x1, 0x9, 0x8, 0x7, 0x0, 0x3, 0x0, 0x1}, r4, 0xf, r5, 0x4) (async)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40806685, 0x0) (async)
r6 = perf_event_open$cgroup(&(0x7f0000000240)={0x1, 0x80, 0x4, 0x9, 0x1, 0x0, 0x0, 0x2, 0x8101, 0x2, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x3, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1, @perf_config_ext={0x2, 0x81}, 0x80, 0x81, 0x6, 0x2, 0x7, 0x20, 0xfff, 0x0, 0x108, 0x0, 0x2e}, r2, 0xa, 0xffffffffffffffff, 0x2)
perf_event_open(&(0x7f00000001c0)={0x0, 0x80, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0x4000, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x10000, 0x4, @perf_bp={&(0x7f00000000c0), 0x6}, 0x4000, 0x3, 0x5, 0x6, 0x8000000000000000, 0x2, 0x80, 0x0, 0x1}, 0x0, 0xf, r6, 0x3)

[  341.735047][T28547] R13: 00007ffcbc4c66ef R14: 00007f133f5ec300 R15: 0000000000022000
[  341.743382][T28547]  </TASK>
18:07:01 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x80001, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200, 0x1, @perf_bp={&(0x7f0000000100)}, 0x80000, 0xbcf7, 0x3, 0x2, 0x1b8, 0x0, 0x0, 0x0, 0x8, 0x0, 0x51}, 0xffffffffffffffff, 0xe, r0, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

18:07:01 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x28ff8)
close(r2)

18:07:01 executing program 2:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x200000000000000, 0x0, 0x0, 0x0)

18:07:01 executing program 3:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r0, &(0x7f0000000080), 0x2, 0x0)
r1 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r1) (async)
ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r0, 0x3, r1, 0x2) (async)
r2 = openat$cgroup_ro(r0, &(0x7f0000000180)='hugetlb.2MB.usage_in_bytes\x00', 0x26e1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x15, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="4cb80100100000001847000001000000f76f4cb608000000000000000085200000050000000810ff"], &(0x7f0000000300)='syzkaller\x00', 0x4, 0x0, 0x0, 0x41100, 0x1, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, &(0x7f0000000340)={0x89a4, 0x4}, 0x8, 0x10, &(0x7f0000000380)={0x3, 0x4, 0x7ff, 0x4}, 0x10, 0xffffffffffffffff, r2}, 0x80)
bpf$ITER_CREATE(0x21, &(0x7f0000000440)={r2}, 0x8) (async)
r3 = openat$cgroup_type(r0, &(0x7f0000000480), 0x2, 0x0) (async)
r4 = openat$cgroup_ro(r2, &(0x7f0000000080)='cgroup.controllers\x00', 0x0, 0x0)
r5 = openat$cgroup_ro(r4, &(0x7f0000000100)='cgroup.events\x00', 0x0, 0x0)
write$cgroup_type(r3, &(0x7f0000000040), 0x9) (async)
perf_event_open$cgroup(&(0x7f00000004c0)={0x2, 0x80, 0x7f, 0x1f, 0x8, 0xff, 0x0, 0xc67c, 0x80140, 0xc, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1ff, 0x2, @perf_bp={&(0x7f0000000000), 0x3}, 0x1, 0x8, 0x8, 0x1, 0x9, 0x8, 0x7, 0x0, 0x3, 0x0, 0x1}, r4, 0xf, r5, 0x4)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40806685, 0x0) (async)
r6 = perf_event_open$cgroup(&(0x7f0000000240)={0x1, 0x80, 0x4, 0x9, 0x1, 0x0, 0x0, 0x2, 0x8101, 0x2, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x3, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1, @perf_config_ext={0x2, 0x81}, 0x80, 0x81, 0x6, 0x2, 0x7, 0x20, 0xfff, 0x0, 0x108, 0x0, 0x2e}, r2, 0xa, 0xffffffffffffffff, 0x2)
perf_event_open(&(0x7f00000001c0)={0x0, 0x80, 0x2, 0x0, 0x6, 0x0, 0x0, 0x0, 0x4000, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x10000, 0x4, @perf_bp={&(0x7f00000000c0), 0x6}, 0x4000, 0x3, 0x5, 0x6, 0x8000000000000000, 0x2, 0x80, 0x0, 0x1}, 0x0, 0xf, r6, 0x3)

18:07:01 executing program 1:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 76)

18:07:01 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x80001, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200, 0x1, @perf_bp={&(0x7f0000000100)}, 0x80000, 0xbcf7, 0x3, 0x2, 0x1b8, 0x0, 0x0, 0x0, 0x8, 0x0, 0x51}, 0xffffffffffffffff, 0xe, r0, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

18:07:01 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x4030582a, &(0x7f0000000040))
openat$cgroup_ro(r0, &(0x7f0000000000)='blkio.bfq.io_service_time_recursive\x00', 0x0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40806685, 0x0)

18:07:01 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x28ffc)
close(r2)

[  342.070525][T28577] FAULT_INJECTION: forcing a failure.
[  342.070525][T28577] name failslab, interval 1, probability 0, space 0, times 0
[  342.108190][T28577] CPU: 0 PID: 28577 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0
[  342.118270][T28577] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[  342.128165][T28577] Call Trace:
[  342.131289][T28577]  <TASK>
[  342.134065][T28577]  dump_stack_lvl+0x151/0x1b7
[  342.138581][T28577]  ? bfq_pos_tree_add_move+0x43e/0x43e
[  342.143872][T28577]  dump_stack+0x15/0x17
[  342.147877][T28577]  should_fail+0x3c0/0x510
[  342.152205][T28577]  __should_failslab+0x9f/0xe0
[  342.156806][T28577]  should_failslab+0x9/0x20
[  342.161144][T28577]  kmem_cache_alloc+0x4f/0x2f0
[  342.165853][T28577]  ? anon_vma_clone+0xa1/0x4f0
[  342.170449][T28577]  anon_vma_clone+0xa1/0x4f0
[  342.174881][T28577]  anon_vma_fork+0x91/0x4f0
[  342.179220][T28577]  ? anon_vma_name+0x43/0x70
[  342.183645][T28577]  dup_mmap+0x750/0xea0
[  342.187662][T28577]  ? __delayed_free_task+0x20/0x20
[  342.192598][T28577]  ? mm_init+0x807/0x960
[  342.196663][T28577]  dup_mm+0x91/0x330
[  342.200395][T28577]  copy_mm+0x108/0x1b0
[  342.204299][T28577]  copy_process+0x1295/0x3250
[  342.208814][T28577]  ? proc_fail_nth_write+0x213/0x290
[  342.213946][T28577]  ? proc_fail_nth_read+0x220/0x220
[  342.218970][T28577]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  342.223916][T28577]  ? vfs_write+0x9af/0x1050
[  342.228252][T28577]  ? vmacache_update+0xb7/0x120
[  342.232945][T28577]  kernel_clone+0x22d/0x990
[  342.237285][T28577]  ? file_end_write+0x1b0/0x1b0
[  342.242054][T28577]  ? __kasan_check_write+0x14/0x20
[  342.247001][T28577]  ? create_io_thread+0x1e0/0x1e0
[  342.251866][T28577]  ? __mutex_lock_slowpath+0x10/0x10
[  342.256984][T28577]  __x64_sys_clone+0x289/0x310
[  342.261672][T28577]  ? __do_sys_vfork+0x130/0x130
[  342.266355][T28577]  ? debug_smp_processor_id+0x17/0x20
[  342.271562][T28577]  do_syscall_64+0x44/0xd0
[  342.275817][T28577]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  342.281578][T28577] RIP: 0033:0x7f13408790c9
[  342.285797][T28577] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  342.305237][T28577] RSP: 002b:00007f133f5ec118 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  342.313656][T28577] RAX: ffffffffffffffda RBX: 00007f1340998f80 RCX: 00007f13408790c9
18:07:01 executing program 0:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000001180)={&(0x7f0000001140)='./file0/file0\x00'}, 0x10)

18:07:01 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x4030582a, &(0x7f0000000040))
openat$cgroup_ro(r0, &(0x7f0000000000)='blkio.bfq.io_service_time_recursive\x00', 0x0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40806685, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) (async)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x4030582a, &(0x7f0000000040)) (async)
openat$cgroup_ro(r0, &(0x7f0000000000)='blkio.bfq.io_service_time_recursive\x00', 0x0, 0x0) (async)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_merged\x00', 0x26e1, 0x0) (async)
ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40806685, 0x0) (async)

18:07:01 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x80001, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200, 0x1, @perf_bp={&(0x7f0000000100)}, 0x80000, 0xbcf7, 0x3, 0x2, 0x1b8, 0x0, 0x0, 0x0, 0x8, 0x0, 0x51}, 0xffffffffffffffff, 0xe, r0, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

18:07:01 executing program 2:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x700000000000000, 0x0, 0x0, 0x0)

18:07:01 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x28ffd)
close(r2)

18:07:01 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x4030582a, &(0x7f0000000040))
openat$cgroup_ro(r0, &(0x7f0000000000)='blkio.bfq.io_service_time_recursive\x00', 0x0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40806685, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) (async)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x4030582a, &(0x7f0000000040)) (async)
openat$cgroup_ro(r0, &(0x7f0000000000)='blkio.bfq.io_service_time_recursive\x00', 0x0, 0x0) (async)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_merged\x00', 0x26e1, 0x0) (async)
ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40806685, 0x0) (async)

18:07:01 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x80001, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200, 0x1, @perf_bp={&(0x7f0000000100)}, 0x80000, 0xbcf7, 0x3, 0x2, 0x1b8, 0x5, 0x0, 0x0, 0x0, 0x0, 0x51}, 0xffffffffffffffff, 0xe, r0, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

18:07:01 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x7, 0x4, &(0x7f0000002340)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x7}]}, &(0x7f0000002240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)

[  342.321467][T28577] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  342.329277][T28577] RBP: 00007f133f5ec1d0 R08: 0000000000000000 R09: 0000000000000000
[  342.337088][T28577] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  342.344901][T28577] R13: 00007ffcbc4c66ef R14: 00007f133f5ec300 R15: 0000000000022000
[  342.352805][T28577]  </TASK>
18:07:01 executing program 1:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 77)

18:07:01 executing program 3:
socketpair(0x23, 0x2, 0x1, &(0x7f0000000100))
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r2 = openat$cgroup_ro(r1, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="08b1ce4f5fb5bc0d13010000000004000000000000000000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, r2, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
ioctl$TUNSETIFINDEX(r2, 0x400454da, &(0x7f0000000280))
openat$cgroup_ro(r2, &(0x7f0000000140)='freezer.parent_freezing\x00', 0x0, 0x0)
r3 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000004000000000000000000850000000f000000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, r3, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
ioctl$TUNSETIFINDEX(r3, 0x400454da, &(0x7f0000000280))
openat$cgroup_ro(r3, &(0x7f00000000c0)='blkio.bfq.io_queued\x00', 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000000)={'wg2\x00', 0x1})
ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x40806685, 0x0)

18:07:01 executing program 0:
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000540))

18:07:01 executing program 2:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x900000000000000, 0x0, 0x0, 0x0)

18:07:01 executing program 3:
socketpair(0x23, 0x2, 0x1, &(0x7f0000000100))
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r2 = openat$cgroup_ro(r1, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="08b1ce4f5fb5bc0d13010000000004000000000000000000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, r2, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) (async)
ioctl$TUNSETIFINDEX(r2, 0x400454da, &(0x7f0000000280))
openat$cgroup_ro(r2, &(0x7f0000000140)='freezer.parent_freezing\x00', 0x0, 0x0) (async)
r3 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000004000000000000000000850000000f000000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, r3, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
ioctl$TUNSETIFINDEX(r3, 0x400454da, &(0x7f0000000280)) (async)
openat$cgroup_ro(r3, &(0x7f00000000c0)='blkio.bfq.io_queued\x00', 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000000)={'wg2\x00', 0x1}) (async)
ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x40806685, 0x0)

18:07:01 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x3, 0x4, &(0x7f0000002340)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x13}]}, &(0x7f0000002240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)

18:07:01 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x2e800)
close(r2)

18:07:01 executing program 3:
socketpair(0x23, 0x2, 0x1, &(0x7f0000000100)) (async)
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) (async)
r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r2 = openat$cgroup_ro(r1, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="08b1ce4f5fb5bc0d13010000000004000000000000000000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, r2, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
ioctl$TUNSETIFINDEX(r2, 0x400454da, &(0x7f0000000280)) (async)
openat$cgroup_ro(r2, &(0x7f0000000140)='freezer.parent_freezing\x00', 0x0, 0x0) (async)
r3 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000004000000000000000000850000000f000000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, r3, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) (async, rerun: 64)
ioctl$TUNSETIFINDEX(r3, 0x400454da, &(0x7f0000000280)) (rerun: 64)
openat$cgroup_ro(r3, &(0x7f00000000c0)='blkio.bfq.io_queued\x00', 0x0, 0x0) (async)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000000)={'wg2\x00', 0x1})
ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x40806685, 0x0)

18:07:01 executing program 0:
mkdir(&(0x7f0000000000)='./file0\x00', 0x22)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)

[  342.466287][T28611] FAULT_INJECTION: forcing a failure.
[  342.466287][T28611] name failslab, interval 1, probability 0, space 0, times 0
18:07:01 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000880)={r0, 0xe0, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000580)=[0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, &(0x7f00000005c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000640)=[0x0], 0x0, 0x8, &(0x7f0000000680)=[{}, {}, {}, {}, {}, {}, {}], 0x38, 0x10, &(0x7f00000006c0), &(0x7f0000000700), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000740)}}, 0x10)
r1 = openat$cgroup_ro(r0, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40806685, 0x0)

[  342.521058][T28611] CPU: 1 PID: 28611 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0
[  342.531153][T28611] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[  342.541044][T28611] Call Trace:
[  342.544178][T28611]  <TASK>
[  342.546946][T28611]  dump_stack_lvl+0x151/0x1b7
[  342.551464][T28611]  ? bfq_pos_tree_add_move+0x43e/0x43e
[  342.556756][T28611]  dump_stack+0x15/0x17
[  342.560742][T28611]  should_fail+0x3c0/0x510
[  342.564997][T28611]  __should_failslab+0x9f/0xe0
[  342.569597][T28611]  should_failslab+0x9/0x20
[  342.573935][T28611]  kmem_cache_alloc+0x4f/0x2f0
[  342.578533][T28611]  ? anon_vma_clone+0xa1/0x4f0
[  342.583135][T28611]  anon_vma_clone+0xa1/0x4f0
[  342.587557][T28611]  anon_vma_fork+0x91/0x4f0
[  342.591898][T28611]  ? anon_vma_name+0x43/0x70
[  342.596324][T28611]  dup_mmap+0x750/0xea0
[  342.600499][T28611]  ? __delayed_free_task+0x20/0x20
[  342.605438][T28611]  ? mm_init+0x807/0x960
[  342.609519][T28611]  dup_mm+0x91/0x330
[  342.613251][T28611]  copy_mm+0x108/0x1b0
[  342.617152][T28611]  copy_process+0x1295/0x3250
[  342.621670][T28611]  ? proc_fail_nth_write+0x213/0x290
[  342.626793][T28611]  ? proc_fail_nth_read+0x220/0x220
[  342.631831][T28611]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  342.636770][T28611]  ? vfs_write+0x9af/0x1050
[  342.641108][T28611]  ? vmacache_update+0xb7/0x120
[  342.645794][T28611]  kernel_clone+0x22d/0x990
[  342.650136][T28611]  ? file_end_write+0x1b0/0x1b0
[  342.654822][T28611]  ? __kasan_check_write+0x14/0x20
[  342.659776][T28611]  ? create_io_thread+0x1e0/0x1e0
[  342.664631][T28611]  ? __mutex_lock_slowpath+0x10/0x10
[  342.669763][T28611]  __x64_sys_clone+0x289/0x310
[  342.674350][T28611]  ? __do_sys_vfork+0x130/0x130
[  342.679038][T28611]  ? debug_smp_processor_id+0x17/0x20
[  342.684246][T28611]  do_syscall_64+0x44/0xd0
[  342.688495][T28611]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  342.694224][T28611] RIP: 0033:0x7f13408790c9
[  342.698480][T28611] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  342.717920][T28611] RSP: 002b:00007f133f5ec118 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  342.726166][T28611] RAX: ffffffffffffffda RBX: 00007f1340998f80 RCX: 00007f13408790c9
[  342.733982][T28611] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  342.741786][T28611] RBP: 00007f133f5ec1d0 R08: 0000000000000000 R09: 0000000000000000
[  342.749598][T28611] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  342.757407][T28611] R13: 00007ffcbc4c66ef R14: 00007f133f5ec300 R15: 0000000000022000
[  342.765223][T28611]  </TASK>
18:07:02 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x80001, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200, 0x1, @perf_bp={&(0x7f0000000100)}, 0x80000, 0xbcf7, 0x3, 0x2, 0x1b8, 0x5, 0x0, 0x0, 0x0, 0x0, 0x51}, 0xffffffffffffffff, 0xe, r0, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

18:07:02 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
openat$cgroup_ro(r0, 0x0, 0x0, 0x0) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000880)={r0, 0xe0, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000580)=[0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, &(0x7f00000005c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000640)=[0x0], 0x0, 0x8, &(0x7f0000000680)=[{}, {}, {}, {}, {}, {}, {}], 0x38, 0x10, &(0x7f00000006c0), &(0x7f0000000700), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000740)}}, 0x10) (async)
r1 = openat$cgroup_ro(r0, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40806685, 0x0)

18:07:02 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x3, 0x4, &(0x7f0000002340)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x82}]}, &(0x7f0000002240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)

18:07:02 executing program 1:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 78)

18:07:02 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x2e801)
close(r2)

18:07:02 executing program 2:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x1100000000000000, 0x0, 0x0, 0x0)

18:07:02 executing program 0:
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000002000)={&(0x7f0000001e80)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0x4, [@func_proto={0x0, 0x3, 0x0, 0xd, 0x0, [{}, {0x3}, {}]}]}, {0x0, [0x0, 0x0]}}, &(0x7f0000001f40)=""/177, 0x40, 0xb1, 0x1}, 0x20)

18:07:02 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
openat$cgroup_ro(r0, 0x0, 0x0, 0x0) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000880)={r0, 0xe0, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000580)=[0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, &(0x7f00000005c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000640)=[0x0], 0x0, 0x8, &(0x7f0000000680)=[{}, {}, {}, {}, {}, {}, {}], 0x38, 0x10, &(0x7f00000006c0), &(0x7f0000000700), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000740)}}, 0x10) (async, rerun: 32)
r1 = openat$cgroup_ro(r0, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0) (rerun: 32)
ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40806685, 0x0)

[  342.963786][T28648] FAULT_INJECTION: forcing a failure.
[  342.963786][T28648] name failslab, interval 1, probability 0, space 0, times 0
[  342.996887][T28648] CPU: 0 PID: 28648 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0
[  343.006967][T28648] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[  343.016880][T28648] Call Trace:
[  343.019991][T28648]  <TASK>
[  343.022763][T28648]  dump_stack_lvl+0x151/0x1b7
[  343.027279][T28648]  ? bfq_pos_tree_add_move+0x43e/0x43e
[  343.032574][T28648]  dump_stack+0x15/0x17
[  343.036562][T28648]  should_fail+0x3c0/0x510
[  343.040821][T28648]  __should_failslab+0x9f/0xe0
[  343.045418][T28648]  should_failslab+0x9/0x20
[  343.049758][T28648]  kmem_cache_alloc+0x4f/0x2f0
[  343.054538][T28648]  ? vm_area_dup+0x26/0x1d0
[  343.058870][T28648]  vm_area_dup+0x26/0x1d0
[  343.063040][T28648]  dup_mmap+0x6b8/0xea0
[  343.067031][T28648]  ? __delayed_free_task+0x20/0x20
[  343.071972][T28648]  ? mm_init+0x807/0x960
[  343.076573][T28648]  dup_mm+0x91/0x330
[  343.080309][T28648]  copy_mm+0x108/0x1b0
[  343.084212][T28648]  copy_process+0x1295/0x3250
[  343.088728][T28648]  ? proc_fail_nth_write+0x213/0x290
[  343.093844][T28648]  ? proc_fail_nth_read+0x220/0x220
[  343.098881][T28648]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  343.103913][T28648]  ? vfs_write+0x9af/0x1050
[  343.108255][T28648]  ? vmacache_update+0xb7/0x120
[  343.112941][T28648]  kernel_clone+0x22d/0x990
[  343.117281][T28648]  ? file_end_write+0x1b0/0x1b0
[  343.121963][T28648]  ? __kasan_check_write+0x14/0x20
[  343.126911][T28648]  ? create_io_thread+0x1e0/0x1e0
[  343.131770][T28648]  ? __mutex_lock_slowpath+0x10/0x10
[  343.136895][T28648]  __x64_sys_clone+0x289/0x310
[  343.141496][T28648]  ? __do_sys_vfork+0x130/0x130
[  343.146181][T28648]  ? debug_smp_processor_id+0x17/0x20
[  343.151393][T28648]  do_syscall_64+0x44/0xd0
[  343.155726][T28648]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  343.161456][T28648] RIP: 0033:0x7f13408790c9
[  343.165710][T28648] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  343.185149][T28648] RSP: 002b:00007f133f5ec118 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  343.193402][T28648] RAX: ffffffffffffffda RBX: 00007f1340998f80 RCX: 00007f13408790c9
[  343.201211][T28648] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
18:07:02 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='blkio.bfq.sectors_recursive\x00', 0x0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000880)={r2, 0xe0, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000580)=[0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, &(0x7f00000005c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000640)=[0x0], 0x0, 0x8, &(0x7f0000000680)=[{}, {}, {}, {}, {}, {}, {}], 0x38, 0x10, &(0x7f00000006c0), &(0x7f0000000700), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000740)}}, 0x10)
r3 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r4 = openat$cgroup_ro(r3, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000004000000000000000000850000000f000000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, r4, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
ioctl$TUNSETIFINDEX(r4, 0x400454da, &(0x7f0000000280))
r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x6, &(0x7f0000000040)=@raw=[@exit, @map_idx={0x18, 0x7, 0x5, 0x0, 0x7}, @map_fd={0x18, 0x2, 0x1, 0x0, r0}, @alu={0x7, 0x0, 0x2, 0xb, 0x2, 0x50, 0x10}], &(0x7f0000000080)='GPL\x00', 0x7f, 0x14, &(0x7f0000000100)=""/20, 0x41000, 0x18, '\x00', 0x0, 0x25, r1, 0x8, &(0x7f0000000140)={0xa, 0x3}, 0x8, 0x10, &(0x7f0000000180)={0x3, 0x4, 0x3f, 0xd8}, 0x10, 0x0, 0x0, 0x0, &(0x7f00000001c0)=[r1, r1, r0, r1]}, 0x80)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000280)={@map=r2, r4, 0xd, 0x4, r5}, 0x14)
ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40806685, 0x0)

18:07:02 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='blkio.bfq.sectors_recursive\x00', 0x0, 0x0) (async, rerun: 64)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0) (async, rerun: 64)
r2 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000880)={r2, 0xe0, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000580)=[0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, &(0x7f00000005c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000640)=[0x0], 0x0, 0x8, &(0x7f0000000680)=[{}, {}, {}, {}, {}, {}, {}], 0x38, 0x10, &(0x7f00000006c0), &(0x7f0000000700), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000740)}}, 0x10)
r3 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r4 = openat$cgroup_ro(r3, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000004000000000000000000850000000f000000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, r4, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) (async)
ioctl$TUNSETIFINDEX(r4, 0x400454da, &(0x7f0000000280))
r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x6, &(0x7f0000000040)=@raw=[@exit, @map_idx={0x18, 0x7, 0x5, 0x0, 0x7}, @map_fd={0x18, 0x2, 0x1, 0x0, r0}, @alu={0x7, 0x0, 0x2, 0xb, 0x2, 0x50, 0x10}], &(0x7f0000000080)='GPL\x00', 0x7f, 0x14, &(0x7f0000000100)=""/20, 0x41000, 0x18, '\x00', 0x0, 0x25, r1, 0x8, &(0x7f0000000140)={0xa, 0x3}, 0x8, 0x10, &(0x7f0000000180)={0x3, 0x4, 0x3f, 0xd8}, 0x10, 0x0, 0x0, 0x0, &(0x7f00000001c0)=[r1, r1, r0, r1]}, 0x80)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000280)={@map=r2, r4, 0xd, 0x4, r5}, 0x14) (async)
ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40806685, 0x0)

18:07:02 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='blkio.bfq.sectors_recursive\x00', 0x0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000880)={r2, 0xe0, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000580)=[0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, &(0x7f00000005c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000640)=[0x0], 0x0, 0x8, &(0x7f0000000680)=[{}, {}, {}, {}, {}, {}, {}], 0x38, 0x10, &(0x7f00000006c0), &(0x7f0000000700), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000740)}}, 0x10)
r3 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r4 = openat$cgroup_ro(r3, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000004000000000000000000850000000f000000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, r4, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
ioctl$TUNSETIFINDEX(r4, 0x400454da, &(0x7f0000000280))
r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x6, &(0x7f0000000040)=@raw=[@exit, @map_idx={0x18, 0x7, 0x5, 0x0, 0x7}, @map_fd={0x18, 0x2, 0x1, 0x0, r0}, @alu={0x7, 0x0, 0x2, 0xb, 0x2, 0x50, 0x10}], &(0x7f0000000080)='GPL\x00', 0x7f, 0x14, &(0x7f0000000100)=""/20, 0x41000, 0x18, '\x00', 0x0, 0x25, r1, 0x8, &(0x7f0000000140)={0xa, 0x3}, 0x8, 0x10, &(0x7f0000000180)={0x3, 0x4, 0x3f, 0xd8}, 0x10, 0x0, 0x0, 0x0, &(0x7f00000001c0)=[r1, r1, r0, r1]}, 0x80)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000280)={@map=r2, r4, 0xd, 0x4, r5}, 0x14)
ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40806685, 0x0)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='blkio.bfq.sectors_recursive\x00', 0x0, 0x0) (async)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0) (async)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000880)={r2, 0xe0, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000580)=[0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, &(0x7f00000005c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000640)=[0x0], 0x0, 0x8, &(0x7f0000000680)=[{}, {}, {}, {}, {}, {}, {}], 0x38, 0x10, &(0x7f00000006c0), &(0x7f0000000700), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000740)}}, 0x10) (async)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) (async)
openat$cgroup_ro(r3, 0x0, 0x0, 0x0) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000004000000000000000000850000000f000000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, r4, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) (async)
ioctl$TUNSETIFINDEX(r4, 0x400454da, &(0x7f0000000280)) (async)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x6, &(0x7f0000000040)=@raw=[@exit, @map_idx={0x18, 0x7, 0x5, 0x0, 0x7}, @map_fd={0x18, 0x2, 0x1, 0x0, r0}, @alu={0x7, 0x0, 0x2, 0xb, 0x2, 0x50, 0x10}], &(0x7f0000000080)='GPL\x00', 0x7f, 0x14, &(0x7f0000000100)=""/20, 0x41000, 0x18, '\x00', 0x0, 0x25, r1, 0x8, &(0x7f0000000140)={0xa, 0x3}, 0x8, 0x10, &(0x7f0000000180)={0x3, 0x4, 0x3f, 0xd8}, 0x10, 0x0, 0x0, 0x0, &(0x7f00000001c0)=[r1, r1, r0, r1]}, 0x80) (async)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000280)={@map=r2, r4, 0xd, 0x4, r5}, 0x14) (async)
ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40806685, 0x0) (async)

18:07:02 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0)
perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x8, 0x53, 0x80, 0x4, 0x0, 0x4, 0x804, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, @perf_bp={&(0x7f0000000000), 0x8}, 0x8002, 0x2, 0xb6f, 0x5, 0x3ff, 0x8, 0x4, 0x0, 0x8, 0x0, 0x1}, 0xffffffffffffffff, 0x5, 0xffffffffffffffff, 0x2)

18:07:02 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x80001, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200, 0x1, @perf_bp={&(0x7f0000000100)}, 0x80000, 0xbcf7, 0x3, 0x2, 0x1b8, 0x5, 0x0, 0x0, 0x0, 0x0, 0x51}, 0xffffffffffffffff, 0xe, r0, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

18:07:02 executing program 0:
r0 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000000c0), 0x4)
r1 = bpf$MAP_CREATE(0xc00000000000000, &(0x7f0000000000)=@base={0xe, 0x4, 0x4, 0x10001, 0x0, 0x1, 0x0, '\x00', 0x0, r0}, 0x48)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000180)={r1, &(0x7f0000000080)="ef98ea"}, 0x20)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0)
write$cgroup_subtree(r2, &(0x7f0000001640)=ANY=[], 0x32600)
write$cgroup_subtree(r2, &(0x7f0000000040)=ANY=[], 0x7)
ioctl$PERF_EVENT_IOC_RESET(0xffffffffffffffff, 0x2403, 0x0)
r3 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x1)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000e00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.controllers\x00', 0x26e1, 0x0)
write$cgroup_type(r5, &(0x7f0000000080), 0x11ffffce1)
ioctl$PERF_EVENT_IOC_PERIOD(r5, 0x40082404, &(0x7f0000000400)=0x8)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, &(0x7f0000000a40)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xca0d4, 0x9, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x4, 0x0, @perf_config_ext={0xe5, 0xfffffffffffffffb}, 0x82840, 0xc3, 0x0, 0x6})
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup/syz1\x00', 0x200002, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r6 = openat$cgroup_int(0xffffffffffffffff, &(0x7f0000000040)='memory.high\x00', 0x2, 0x0)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='net_prio.prioidx\x00', 0x26e1, 0x0)
write$cgroup_type(r7, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x40082404, &(0x7f0000000140))
bpf$ITER_CREATE(0x21, &(0x7f0000000440), 0x8)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x40082406, &(0x7f0000000200)='cgroup\x00')
write$cgroup_int(r6, &(0x7f0000000300), 0x12)

18:07:02 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0)
perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x8, 0x53, 0x80, 0x4, 0x0, 0x4, 0x804, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, @perf_bp={&(0x7f0000000000), 0x8}, 0x8002, 0x2, 0xb6f, 0x5, 0x3ff, 0x8, 0x4, 0x0, 0x8, 0x0, 0x1}, 0xffffffffffffffff, 0x5, 0xffffffffffffffff, 0x2)

18:07:02 executing program 1:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 79)

18:07:02 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x40000)
close(r2)

[  343.209019][T28648] RBP: 00007f133f5ec1d0 R08: 0000000000000000 R09: 0000000000000000
[  343.216840][T28648] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  343.224725][T28648] R13: 00007ffcbc4c66ef R14: 00007f133f5ec300 R15: 0000000000022000
[  343.232543][T28648]  </TASK>
18:07:02 executing program 2:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x1f00000000000000, 0x0, 0x0, 0x0)

18:07:02 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0) (async)
perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x8, 0x53, 0x80, 0x4, 0x0, 0x4, 0x804, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, @perf_bp={&(0x7f0000000000), 0x8}, 0x8002, 0x2, 0xb6f, 0x5, 0x3ff, 0x8, 0x4, 0x0, 0x8, 0x0, 0x1}, 0xffffffffffffffff, 0x5, 0xffffffffffffffff, 0x2)

18:07:02 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x40100)
close(r2)

18:07:02 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x80001, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200, 0x1, @perf_bp={&(0x7f0000000100)}, 0x80000, 0xbcf7, 0x3, 0x2, 0x1b8, 0x5, 0x0, 0x0, 0x8}, 0xffffffffffffffff, 0xe, r0, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

18:07:02 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x80100)
close(r2)

18:07:02 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0)
r1 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
ioctl$TUNSETSTEERINGEBPF(r1, 0x800454e0, &(0x7f0000000080))
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000001500)=@bpf_lsm={0x1d, 0x6, &(0x7f0000000100)=ANY=[@ANYBLOB="18240000380800000000000005dfd74a0f6d00000000003000fffffdff9500000000b70100a7c0caff390618540000040000000000"], &(0x7f0000000400)='GPL\x00', 0x7, 0x8a, &(0x7f0000000440)=""/138, 0x40f00, 0x0, '\x00', 0x0, 0x1b, r1, 0x8, &(0x7f0000000500)={0x7, 0x5}, 0x8, 0x10, 0x0}, 0x80)
perf_event_open(&(0x7f0000000040)={0x3, 0x80, 0xda, 0xc7, 0x15, 0xe, 0x0, 0x9, 0x80050, 0xc, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x8, 0x4, @perf_bp={&(0x7f0000000000), 0x8}, 0x840, 0x1, 0x3f, 0x6, 0x4, 0xfffffffe, 0x9, 0x0, 0xc87, 0x0, 0x977c}, 0x0, 0x2, r1, 0xa)

[  343.379229][T28691] FAULT_INJECTION: forcing a failure.
[  343.379229][T28691] name failslab, interval 1, probability 0, space 0, times 0
[  343.451032][T28691] CPU: 1 PID: 28691 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0
[  343.461115][T28691] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[  343.471010][T28691] Call Trace:
[  343.474128][T28691]  <TASK>
[  343.476901][T28691]  dump_stack_lvl+0x151/0x1b7
[  343.481425][T28691]  ? bfq_pos_tree_add_move+0x43e/0x43e
[  343.486711][T28691]  dump_stack+0x15/0x17
[  343.490701][T28691]  should_fail+0x3c0/0x510
[  343.494969][T28691]  __should_failslab+0x9f/0xe0
[  343.499556][T28691]  should_failslab+0x9/0x20
[  343.503899][T28691]  kmem_cache_alloc+0x4f/0x2f0
[  343.508581][T28691]  ? anon_vma_fork+0x1b9/0x4f0
[  343.513183][T28691]  anon_vma_fork+0x1b9/0x4f0
[  343.517619][T28691]  dup_mmap+0x750/0xea0
[  343.521621][T28691]  ? __delayed_free_task+0x20/0x20
[  343.526549][T28691]  ? mm_init+0x807/0x960
[  343.530628][T28691]  dup_mm+0x91/0x330
[  343.534358][T28691]  copy_mm+0x108/0x1b0
[  343.538353][T28691]  copy_process+0x1295/0x3250
[  343.542865][T28691]  ? proc_fail_nth_write+0x213/0x290
[  343.547986][T28691]  ? proc_fail_nth_read+0x220/0x220
[  343.553019][T28691]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  343.557963][T28691]  ? vfs_write+0x9af/0x1050
[  343.562304][T28691]  ? vmacache_update+0xb7/0x120
[  343.566993][T28691]  kernel_clone+0x22d/0x990
[  343.571332][T28691]  ? file_end_write+0x1b0/0x1b0
[  343.576022][T28691]  ? __kasan_check_write+0x14/0x20
[  343.580966][T28691]  ? create_io_thread+0x1e0/0x1e0
[  343.585835][T28691]  ? __mutex_lock_slowpath+0x10/0x10
[  343.590946][T28691]  __x64_sys_clone+0x289/0x310
[  343.595548][T28691]  ? __do_sys_vfork+0x130/0x130
[  343.600235][T28691]  ? debug_smp_processor_id+0x17/0x20
[  343.605458][T28691]  do_syscall_64+0x44/0xd0
[  343.610046][T28691]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  343.616030][T28691] RIP: 0033:0x7f13408790c9
[  343.620287][T28691] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  343.639732][T28691] RSP: 002b:00007f133f5ec118 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
18:07:03 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x10dd28)
close(r2)

18:07:03 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0)
r1 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
ioctl$TUNSETSTEERINGEBPF(r1, 0x800454e0, &(0x7f0000000080))
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000001500)=@bpf_lsm={0x1d, 0x6, &(0x7f0000000100)=ANY=[@ANYBLOB="18240000380800000000000005dfd74a0f6d00000000003000fffffdff9500000000b70100a7c0caff390618540000040000000000"], &(0x7f0000000400)='GPL\x00', 0x7, 0x8a, &(0x7f0000000440)=""/138, 0x40f00, 0x0, '\x00', 0x0, 0x1b, r1, 0x8, &(0x7f0000000500)={0x7, 0x5}, 0x8, 0x10, 0x0}, 0x80)
perf_event_open(&(0x7f0000000040)={0x3, 0x80, 0xda, 0xc7, 0x15, 0xe, 0x0, 0x9, 0x80050, 0xc, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x8, 0x4, @perf_bp={&(0x7f0000000000), 0x8}, 0x840, 0x1, 0x3f, 0x6, 0x4, 0xfffffffe, 0x9, 0x0, 0xc87, 0x0, 0x977c}, 0x0, 0x2, r1, 0xa)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0) (async)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0) (async)
bpf$ITER_CREATE(0x21, 0x0, 0x0) (async)
ioctl$TUNSETSTEERINGEBPF(r1, 0x800454e0, &(0x7f0000000080)) (async)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000001500)=@bpf_lsm={0x1d, 0x6, &(0x7f0000000100)=ANY=[@ANYBLOB="18240000380800000000000005dfd74a0f6d00000000003000fffffdff9500000000b70100a7c0caff390618540000040000000000"], &(0x7f0000000400)='GPL\x00', 0x7, 0x8a, &(0x7f0000000440)=""/138, 0x40f00, 0x0, '\x00', 0x0, 0x1b, r1, 0x8, &(0x7f0000000500)={0x7, 0x5}, 0x8, 0x10, 0x0}, 0x80) (async)
perf_event_open(&(0x7f0000000040)={0x3, 0x80, 0xda, 0xc7, 0x15, 0xe, 0x0, 0x9, 0x80050, 0xc, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x8, 0x4, @perf_bp={&(0x7f0000000000), 0x8}, 0x840, 0x1, 0x3f, 0x6, 0x4, 0xfffffffe, 0x9, 0x0, 0xc87, 0x0, 0x977c}, 0x0, 0x2, r1, 0xa) (async)

18:07:03 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x50ec28)
close(r2)

[  343.647973][T28691] RAX: ffffffffffffffda RBX: 00007f1340998f80 RCX: 00007f13408790c9
[  343.655782][T28691] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  343.663596][T28691] RBP: 00007f133f5ec1d0 R08: 0000000000000000 R09: 0000000000000000
[  343.671401][T28691] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  343.679213][T28691] R13: 00007ffcbc4c66ef R14: 00007f133f5ec300 R15: 0000000000022000
[  343.687031][T28691]  </TASK>
18:07:03 executing program 0:
r0 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000000c0), 0x4)
r1 = bpf$MAP_CREATE(0xc00000000000000, &(0x7f0000000000)=@base={0xe, 0x4, 0x4, 0x10001, 0x0, 0x1, 0x0, '\x00', 0x0, r0}, 0x48)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000180)={r1, &(0x7f0000000080)="ef98ea"}, 0x20)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0)
write$cgroup_subtree(r2, &(0x7f0000001640)=ANY=[], 0x32600)
write$cgroup_subtree(r2, &(0x7f0000000040)=ANY=[], 0x7)
ioctl$PERF_EVENT_IOC_RESET(0xffffffffffffffff, 0x2403, 0x0)
r3 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x1)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000e00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.controllers\x00', 0x26e1, 0x0)
write$cgroup_type(r5, &(0x7f0000000080), 0x11ffffce1)
ioctl$PERF_EVENT_IOC_PERIOD(r5, 0x40082404, &(0x7f0000000400)=0x8)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, &(0x7f0000000a40)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xca0d4, 0x9, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x4, 0x0, @perf_config_ext={0xe5, 0xfffffffffffffffb}, 0x82840, 0xc3, 0x0, 0x6})
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup/syz1\x00', 0x200002, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r6 = openat$cgroup_int(0xffffffffffffffff, &(0x7f0000000040)='memory.high\x00', 0x2, 0x0)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='net_prio.prioidx\x00', 0x26e1, 0x0)
write$cgroup_type(r7, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x40082404, &(0x7f0000000140))
bpf$ITER_CREATE(0x21, &(0x7f0000000440), 0x8)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x40082406, &(0x7f0000000200)='cgroup\x00')
write$cgroup_int(r6, &(0x7f0000000300), 0x12)

18:07:03 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x604528)
close(r2)

18:07:03 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0)
r1 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
ioctl$TUNSETSTEERINGEBPF(r1, 0x800454e0, &(0x7f0000000080))
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000001500)=@bpf_lsm={0x1d, 0x6, &(0x7f0000000100)=ANY=[@ANYBLOB="18240000380800000000000005dfd74a0f6d00000000003000fffffdff9500000000b70100a7c0caff390618540000040000000000"], &(0x7f0000000400)='GPL\x00', 0x7, 0x8a, &(0x7f0000000440)=""/138, 0x40f00, 0x0, '\x00', 0x0, 0x1b, r1, 0x8, &(0x7f0000000500)={0x7, 0x5}, 0x8, 0x10, 0x0}, 0x80)
perf_event_open(&(0x7f0000000040)={0x3, 0x80, 0xda, 0xc7, 0x15, 0xe, 0x0, 0x9, 0x80050, 0xc, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x8, 0x4, @perf_bp={&(0x7f0000000000), 0x8}, 0x840, 0x1, 0x3f, 0x6, 0x4, 0xfffffffe, 0x9, 0x0, 0xc87, 0x0, 0x977c}, 0x0, 0x2, r1, 0xa)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0) (async)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0) (async)
bpf$ITER_CREATE(0x21, 0x0, 0x0) (async)
ioctl$TUNSETSTEERINGEBPF(r1, 0x800454e0, &(0x7f0000000080)) (async)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000001500)=@bpf_lsm={0x1d, 0x6, &(0x7f0000000100)=ANY=[@ANYBLOB="18240000380800000000000005dfd74a0f6d00000000003000fffffdff9500000000b70100a7c0caff390618540000040000000000"], &(0x7f0000000400)='GPL\x00', 0x7, 0x8a, &(0x7f0000000440)=""/138, 0x40f00, 0x0, '\x00', 0x0, 0x1b, r1, 0x8, &(0x7f0000000500)={0x7, 0x5}, 0x8, 0x10, 0x0}, 0x80) (async)
perf_event_open(&(0x7f0000000040)={0x3, 0x80, 0xda, 0xc7, 0x15, 0xe, 0x0, 0x9, 0x80050, 0xc, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x8, 0x4, @perf_bp={&(0x7f0000000000), 0x8}, 0x840, 0x1, 0x3f, 0x6, 0x4, 0xfffffffe, 0x9, 0x0, 0xc87, 0x0, 0x977c}, 0x0, 0x2, r1, 0xa) (async)

18:07:03 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x80001, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200, 0x1, @perf_bp={&(0x7f0000000100)}, 0x80000, 0xbcf7, 0x3, 0x2, 0x1b8, 0x5, 0x0, 0x0, 0x8}, 0xffffffffffffffff, 0xe, r0, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

18:07:03 executing program 2:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x2000000000000000, 0x0, 0x0, 0x0)

18:07:03 executing program 1:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 80)

18:07:03 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x60f828)
close(r2)

18:07:03 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x200002, 0x0)
openat$cgroup_ro(r1, &(0x7f0000000040)='cpuacct.usage_percpu_user\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0)

18:07:03 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x780200)
close(r2)

18:07:03 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x200002, 0x0)
openat$cgroup_ro(r1, &(0x7f0000000040)='cpuacct.usage_percpu_user\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0)

[  344.117132][T28735] FAULT_INJECTION: forcing a failure.
[  344.117132][T28735] name failslab, interval 1, probability 0, space 0, times 0
[  344.153400][T28735] CPU: 1 PID: 28735 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0
18:07:03 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0) (async)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x200002, 0x0)
openat$cgroup_ro(r1, &(0x7f0000000040)='cpuacct.usage_percpu_user\x00', 0x0, 0x0) (async)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0)

18:07:03 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x4030582a, &(0x7f0000000040))
r1 = openat$cgroup(r0, &(0x7f0000000100)='syz1\x00', 0x200002, 0x0)
r2 = openat$cgroup_ro(r1, &(0x7f00000000c0)='cgroup.stat\x00', 0x26e1, 0x0)
openat$cgroup_type(r2, &(0x7f0000000080), 0x2, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40806685, 0x0)
bpf$ITER_CREATE(0x21, &(0x7f0000000000)={r2}, 0x8)

[  344.163475][T28735] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[  344.173378][T28735] Call Trace:
[  344.176490][T28735]  <TASK>
[  344.179270][T28735]  dump_stack_lvl+0x151/0x1b7
[  344.183793][T28735]  ? bfq_pos_tree_add_move+0x43e/0x43e
[  344.189080][T28735]  dump_stack+0x15/0x17
[  344.193069][T28735]  should_fail+0x3c0/0x510
[  344.197324][T28735]  __should_failslab+0x9f/0xe0
[  344.201921][T28735]  should_failslab+0x9/0x20
[  344.206261][T28735]  kmem_cache_alloc+0x4f/0x2f0
[  344.210864][T28735]  ? vm_area_dup+0x26/0x1d0
[  344.215289][T28735]  ? __kasan_check_read+0x11/0x20
[  344.220149][T28735]  vm_area_dup+0x26/0x1d0
[  344.224314][T28735]  dup_mmap+0x6b8/0xea0
[  344.228304][T28735]  ? __delayed_free_task+0x20/0x20
[  344.233249][T28735]  ? mm_init+0x807/0x960
[  344.237328][T28735]  dup_mm+0x91/0x330
[  344.241066][T28735]  copy_mm+0x108/0x1b0
[  344.244968][T28735]  copy_process+0x1295/0x3250
[  344.249481][T28735]  ? proc_fail_nth_write+0x213/0x290
[  344.254602][T28735]  ? proc_fail_nth_read+0x220/0x220
[  344.259633][T28735]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  344.264580][T28735]  ? vfs_write+0x9af/0x1050
[  344.268924][T28735]  ? vmacache_update+0xb7/0x120
[  344.274392][T28735]  kernel_clone+0x22d/0x990
[  344.278727][T28735]  ? file_end_write+0x1b0/0x1b0
[  344.283416][T28735]  ? __kasan_check_write+0x14/0x20
[  344.288362][T28735]  ? create_io_thread+0x1e0/0x1e0
[  344.293222][T28735]  ? __mutex_lock_slowpath+0x10/0x10
[  344.298343][T28735]  __x64_sys_clone+0x289/0x310
[  344.302944][T28735]  ? __do_sys_vfork+0x130/0x130
[  344.307632][T28735]  ? debug_smp_processor_id+0x17/0x20
[  344.312853][T28735]  do_syscall_64+0x44/0xd0
[  344.317091][T28735]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  344.322818][T28735] RIP: 0033:0x7f13408790c9
[  344.327074][T28735] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  344.346512][T28735] RSP: 002b:00007f133f5ec118 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  344.354766][T28735] RAX: ffffffffffffffda RBX: 00007f1340998f80 RCX: 00007f13408790c9
[  344.362590][T28735] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  344.370379][T28735] RBP: 00007f133f5ec1d0 R08: 0000000000000000 R09: 0000000000000000
[  344.378190][T28735] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  344.386005][T28735] R13: 00007ffcbc4c66ef R14: 00007f133f5ec300 R15: 0000000000022000
[  344.393815][T28735]  </TASK>
18:07:04 executing program 0:
r0 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000000c0), 0x4)
r1 = bpf$MAP_CREATE(0xc00000000000000, &(0x7f0000000000)=@base={0xe, 0x4, 0x4, 0x10001, 0x0, 0x1, 0x0, '\x00', 0x0, r0}, 0x48)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000180)={r1, &(0x7f0000000080)="ef98ea"}, 0x20)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0)
write$cgroup_subtree(r2, &(0x7f0000001640)=ANY=[], 0x32600)
write$cgroup_subtree(r2, &(0x7f0000000040)=ANY=[], 0x7)
ioctl$PERF_EVENT_IOC_RESET(0xffffffffffffffff, 0x2403, 0x0)
r3 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x1)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000e00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.controllers\x00', 0x26e1, 0x0)
write$cgroup_type(r5, &(0x7f0000000080), 0x11ffffce1)
ioctl$PERF_EVENT_IOC_PERIOD(r5, 0x40082404, &(0x7f0000000400)=0x8)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, &(0x7f0000000a40)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xca0d4, 0x9, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x4, 0x0, @perf_config_ext={0xe5, 0xfffffffffffffffb}, 0x82840, 0xc3, 0x0, 0x6})
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup/syz1\x00', 0x200002, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r6 = openat$cgroup_int(0xffffffffffffffff, &(0x7f0000000040)='memory.high\x00', 0x2, 0x0)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='net_prio.prioidx\x00', 0x26e1, 0x0)
write$cgroup_type(r7, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x40082404, &(0x7f0000000140))
bpf$ITER_CREATE(0x21, &(0x7f0000000440), 0x8)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x40082406, &(0x7f0000000200)='cgroup\x00')
write$cgroup_int(r6, &(0x7f0000000300), 0x12)

18:07:04 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x4030582a, &(0x7f0000000040)) (async)
r1 = openat$cgroup(r0, &(0x7f0000000100)='syz1\x00', 0x200002, 0x0)
r2 = openat$cgroup_ro(r1, &(0x7f00000000c0)='cgroup.stat\x00', 0x26e1, 0x0)
openat$cgroup_type(r2, &(0x7f0000000080), 0x2, 0x0) (async)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40806685, 0x0)
bpf$ITER_CREATE(0x21, &(0x7f0000000000)={r2}, 0x8)

18:07:04 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x800000)
close(r2)

18:07:04 executing program 2:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0xf5ffffff00000000, 0x0, 0x0, 0x0)

18:07:04 executing program 1:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 81)

18:07:04 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x80001, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200, 0x1, @perf_bp={&(0x7f0000000100)}, 0x80000, 0xbcf7, 0x3, 0x2, 0x1b8, 0x5, 0x0, 0x0, 0x8}, 0xffffffffffffffff, 0xe, r0, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

18:07:04 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x800200)
close(r2)

18:07:04 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x4030582a, &(0x7f0000000040)) (async, rerun: 64)
r1 = openat$cgroup(r0, &(0x7f0000000100)='syz1\x00', 0x200002, 0x0) (rerun: 64)
r2 = openat$cgroup_ro(r1, &(0x7f00000000c0)='cgroup.stat\x00', 0x26e1, 0x0)
openat$cgroup_type(r2, &(0x7f0000000080), 0x2, 0x0) (async, rerun: 64)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40806685, 0x0) (async, rerun: 64)
bpf$ITER_CREATE(0x21, &(0x7f0000000000)={r2}, 0x8)

18:07:04 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x80001, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200, 0x1, @perf_bp={&(0x7f0000000100)}, 0x80000, 0xbcf7, 0x3, 0x2, 0x1b8, 0x5, 0x0, 0x0, 0x8, 0x0, 0x51}, 0xffffffffffffffff, 0x0, r0, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

18:07:04 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x80ff28)
close(r2)

[  345.347672][T28764] FAULT_INJECTION: forcing a failure.
[  345.347672][T28764] name failslab, interval 1, probability 0, space 0, times 0
[  345.424527][T28764] CPU: 0 PID: 28764 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0
[  345.435047][T28764] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[  345.444948][T28764] Call Trace:
[  345.448065][T28764]  <TASK>
[  345.450940][T28764]  dump_stack_lvl+0x151/0x1b7
[  345.455445][T28764]  ? bfq_pos_tree_add_move+0x43e/0x43e
[  345.460740][T28764]  dump_stack+0x15/0x17
[  345.464734][T28764]  should_fail+0x3c0/0x510
[  345.468984][T28764]  __should_failslab+0x9f/0xe0
[  345.473674][T28764]  should_failslab+0x9/0x20
[  345.478094][T28764]  kmem_cache_alloc+0x4f/0x2f0
[  345.482697][T28764]  ? vm_area_dup+0x26/0x1d0
[  345.487033][T28764]  ? __kasan_check_read+0x11/0x20
[  345.491895][T28764]  vm_area_dup+0x26/0x1d0
[  345.496060][T28764]  dup_mmap+0x6b8/0xea0
[  345.500055][T28764]  ? __delayed_free_task+0x20/0x20
[  345.505001][T28764]  ? mm_init+0x807/0x960
[  345.509079][T28764]  dup_mm+0x91/0x330
[  345.512813][T28764]  copy_mm+0x108/0x1b0
[  345.516718][T28764]  copy_process+0x1295/0x3250
[  345.521231][T28764]  ? proc_fail_nth_write+0x213/0x290
[  345.526354][T28764]  ? proc_fail_nth_read+0x220/0x220
[  345.531389][T28764]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  345.536423][T28764]  ? vfs_write+0x9af/0x1050
[  345.540768][T28764]  ? vmacache_update+0xb7/0x120
[  345.545451][T28764]  kernel_clone+0x22d/0x990
[  345.549788][T28764]  ? file_end_write+0x1b0/0x1b0
[  345.554471][T28764]  ? __kasan_check_write+0x14/0x20
[  345.559419][T28764]  ? create_io_thread+0x1e0/0x1e0
[  345.564295][T28764]  ? __mutex_lock_slowpath+0x10/0x10
[  345.569402][T28764]  __x64_sys_clone+0x289/0x310
[  345.574004][T28764]  ? __do_sys_vfork+0x130/0x130
[  345.578690][T28764]  ? debug_smp_processor_id+0x17/0x20
[  345.583897][T28764]  do_syscall_64+0x44/0xd0
[  345.588148][T28764]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  345.593878][T28764] RIP: 0033:0x7f13408790c9
[  345.598131][T28764] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
18:07:05 executing program 2:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0xfbffffff00000000, 0x0, 0x0, 0x0)

18:07:05 executing program 3:
openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x90100, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x4030582a, &(0x7f0000000040))
ioctl$TUNSETVNETLE(r0, 0x400454dc, &(0x7f00000000c0)=0x1)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='blkio.throttle.io_serviced\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40806685, 0x0)

[  345.617684][T28764] RSP: 002b:00007f133f5ec118 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  345.625931][T28764] RAX: ffffffffffffffda RBX: 00007f1340998f80 RCX: 00007f13408790c9
[  345.633735][T28764] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  345.641650][T28764] RBP: 00007f133f5ec1d0 R08: 0000000000000000 R09: 0000000000000000
[  345.649461][T28764] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  345.657273][T28764] R13: 00007ffcbc4c66ef R14: 00007f133f5ec300 R15: 0000000000022000
[  345.665176][T28764]  </TASK>
18:07:05 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001440)={0x11, 0x5, &(0x7f0000000100)=@framed={{}, [@map_val={0x18, 0x0, 0x2, 0x0, 0x1}]}, &(0x7f00000001c0)='GPL\x00', 0x5, 0x1000, &(0x7f0000000300)=""/4096, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)

18:07:05 executing program 3:
openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x90100, 0x0) (async)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x4030582a, &(0x7f0000000040))
ioctl$TUNSETVNETLE(r0, 0x400454dc, &(0x7f00000000c0)=0x1) (async, rerun: 32)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='blkio.throttle.io_serviced\x00', 0x26e1, 0x0) (rerun: 32)
ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40806685, 0x0)

18:07:05 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x850000)
close(r2)

18:07:05 executing program 1:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 82)

18:07:05 executing program 2:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0xfcffffff00000000, 0x0, 0x0, 0x0)

18:07:05 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x80001, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200, 0x1, @perf_bp={&(0x7f0000000100)}, 0x80000, 0xbcf7, 0x3, 0x2, 0x1b8, 0x5, 0x0, 0x0, 0x8, 0x0, 0x51}, 0xffffffffffffffff, 0x0, r0, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

18:07:05 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x880000)
close(r2)

18:07:05 executing program 3:
openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x90100, 0x0) (async)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x4030582a, &(0x7f0000000040))
ioctl$TUNSETVNETLE(r0, 0x400454dc, &(0x7f00000000c0)=0x1)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='blkio.throttle.io_serviced\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40806685, 0x0)

18:07:05 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0xb0d228)
close(r2)

18:07:05 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='f2fs_write_checkpoint\x00', r0}, 0x10)
r1 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
ioctl$TUNSETSTEERINGEBPF(r1, 0x800454e0, &(0x7f0000000080))
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000001500)=@bpf_lsm={0x1d, 0x6, &(0x7f00000003c0)=@raw=[@initr0={0x18, 0x0, 0x0, 0x0, 0x838, 0x0, 0x0, 0x0, 0x5}, @ldst={0x0, 0x1, 0x2, 0x2, 0xa, 0x30, 0xffffffffffffffff}, @exit, @map_idx={0x18, 0x4, 0x5, 0x0, 0x4}], &(0x7f0000000400)='GPL\x00', 0x7, 0x8a, &(0x7f0000000440)=""/138, 0x40f00, 0x0, '\x00', 0x0, 0x1b, r1, 0x8, &(0x7f0000000500)={0x7, 0x5}, 0x8, 0x10, 0x0}, 0x80)
perf_event_open(&(0x7f0000000100)={0x0, 0x80, 0x8, 0x4, 0x81, 0xfb, 0x0, 0xff, 0x2080, 0x8, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x5, 0x0, @perf_config_ext={0x6}, 0x80, 0xff, 0xff, 0x0, 0x1, 0x4, 0x2, 0x0, 0xffff, 0x0, 0x5882}, 0xffffffffffffffff, 0xa, r1, 0xe)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000540)={r1, 0x0, 0xb4, 0xc, &(0x7f0000000180)="b151fe67d681e74495acd8e915515f659a932bca4c9f817cd74c47bbd085b16f1483daee80874f039c661177fc11793e4933ff4b6a1f52e430a053e587187d0e63a3d1e9c7ff65ad210e4e0db56c6a16ee566bc48ca737907e3432df8c2a2ca6a207daa69bc421bef5b539cdbf3cffa76af9fb90c767d3534b04bc343501973394905ae2344ab7414379ebe2d869abd8122e56bc8fb01987b2b96478288e24bfe094d875a938c4fdaa8a126f23d4955a0273ea81", &(0x7f0000000240)=""/12, 0x4753, 0x0, 0x68, 0xb7, &(0x7f0000000280)="cbb0d3c9cc498e8e55efa536ddd7ddc35eb932c75a41bd5523fe023bace9a7216e1c69ccd24715053bea831619270ca7af62099be4d0949714801fa1be92c404b30c243a2650b8779e610fdd9d41c267308edbe6868d09d5ad06fa7ba0607b2368aacb447dbdcce4", &(0x7f0000000300)="292f061ee9135527fb5071ffafd655d63e767dc184cb34ad8ef2eb086584a06fa4def44b2bf3f93ec7c0742585a3b96046fdc1d3c790b3cc42d3f7f7cf1d97978cb14080933f965224492cc856f4bc21f1625b927a68867f44c2d33403bad7e6955ea3b67c6939009ce503643c25d3bdda65bdfd121ac56e8792f57bc840beca29363d42bfc5693f5d3c434763edabcf856c4f9b2530ee4bc7147057de3148e0490cb9460609eac87e9a8115a0b38f1773b68049f38198", 0x1, 0xe3}, 0x48)

18:07:05 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x80001, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200, 0x1, @perf_bp={&(0x7f0000000100)}, 0x80000, 0xbcf7, 0x3, 0x2, 0x1b8, 0x5, 0x0, 0x0, 0x8, 0x0, 0x51}, 0xffffffffffffffff, 0x0, r0, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

[  346.298148][T28798] FAULT_INJECTION: forcing a failure.
[  346.298148][T28798] name failslab, interval 1, probability 0, space 0, times 0
18:07:05 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0xc0bf28)
close(r2)

[  346.374638][T28798] CPU: 1 PID: 28798 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0
[  346.384819][T28798] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[  346.394704][T28798] Call Trace:
[  346.397824][T28798]  <TASK>
[  346.400604][T28798]  dump_stack_lvl+0x151/0x1b7
[  346.405119][T28798]  ? bfq_pos_tree_add_move+0x43e/0x43e
[  346.410414][T28798]  dump_stack+0x15/0x17
[  346.414402][T28798]  should_fail+0x3c0/0x510
[  346.418658][T28798]  __should_failslab+0x9f/0xe0
[  346.423256][T28798]  should_failslab+0x9/0x20
[  346.427596][T28798]  kmem_cache_alloc+0x4f/0x2f0
[  346.432194][T28798]  ? anon_vma_clone+0xa1/0x4f0
[  346.436795][T28798]  anon_vma_clone+0xa1/0x4f0
[  346.441224][T28798]  anon_vma_fork+0x91/0x4f0
[  346.445648][T28798]  ? anon_vma_name+0x4c/0x70
[  346.450076][T28798]  dup_mmap+0x750/0xea0
[  346.454067][T28798]  ? __delayed_free_task+0x20/0x20
[  346.459014][T28798]  ? mm_init+0x807/0x960
[  346.463093][T28798]  dup_mm+0x91/0x330
[  346.466827][T28798]  copy_mm+0x108/0x1b0
[  346.470729][T28798]  copy_process+0x1295/0x3250
[  346.475243][T28798]  ? proc_fail_nth_write+0x213/0x290
[  346.481146][T28798]  ? proc_fail_nth_read+0x220/0x220
[  346.486355][T28798]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  346.491301][T28798]  ? vfs_write+0x9af/0x1050
[  346.495650][T28798]  ? vmacache_update+0xb7/0x120
[  346.500331][T28798]  kernel_clone+0x22d/0x990
[  346.504666][T28798]  ? file_end_write+0x1b0/0x1b0
[  346.509353][T28798]  ? __kasan_check_write+0x14/0x20
[  346.514301][T28798]  ? create_io_thread+0x1e0/0x1e0
[  346.519173][T28798]  ? __mutex_lock_slowpath+0x10/0x10
[  346.524284][T28798]  __x64_sys_clone+0x289/0x310
[  346.528883][T28798]  ? __do_sys_vfork+0x130/0x130
[  346.533571][T28798]  ? debug_smp_processor_id+0x17/0x20
[  346.538778][T28798]  do_syscall_64+0x44/0xd0
[  346.543029][T28798]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  346.548758][T28798] RIP: 0033:0x7f13408790c9
[  346.553009][T28798] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  346.572451][T28798] RSP: 002b:00007f133f5ec118 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  346.580698][T28798] RAX: ffffffffffffffda RBX: 00007f1340998f80 RCX: 00007f13408790c9
[  346.588507][T28798] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  346.596319][T28798] RBP: 00007f133f5ec1d0 R08: 0000000000000000 R09: 0000000000000000
[  346.604130][T28798] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  346.611938][T28798] R13: 00007ffcbc4c66ef R14: 00007f133f5ec300 R15: 0000000000022000
[  346.619755][T28798]  </TASK>
18:07:06 executing program 0:
openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN_UNNAMED(0x11, 0x0, 0x0)

18:07:06 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='f2fs_write_checkpoint\x00', r0}, 0x10) (async, rerun: 64)
r1 = bpf$ITER_CREATE(0x21, 0x0, 0x0) (rerun: 64)
ioctl$TUNSETSTEERINGEBPF(r1, 0x800454e0, &(0x7f0000000080)) (async)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000001500)=@bpf_lsm={0x1d, 0x6, &(0x7f00000003c0)=@raw=[@initr0={0x18, 0x0, 0x0, 0x0, 0x838, 0x0, 0x0, 0x0, 0x5}, @ldst={0x0, 0x1, 0x2, 0x2, 0xa, 0x30, 0xffffffffffffffff}, @exit, @map_idx={0x18, 0x4, 0x5, 0x0, 0x4}], &(0x7f0000000400)='GPL\x00', 0x7, 0x8a, &(0x7f0000000440)=""/138, 0x40f00, 0x0, '\x00', 0x0, 0x1b, r1, 0x8, &(0x7f0000000500)={0x7, 0x5}, 0x8, 0x10, 0x0}, 0x80) (async)
perf_event_open(&(0x7f0000000100)={0x0, 0x80, 0x8, 0x4, 0x81, 0xfb, 0x0, 0xff, 0x2080, 0x8, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x5, 0x0, @perf_config_ext={0x6}, 0x80, 0xff, 0xff, 0x0, 0x1, 0x4, 0x2, 0x0, 0xffff, 0x0, 0x5882}, 0xffffffffffffffff, 0xa, r1, 0xe) (async)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000540)={r1, 0x0, 0xb4, 0xc, &(0x7f0000000180)="b151fe67d681e74495acd8e915515f659a932bca4c9f817cd74c47bbd085b16f1483daee80874f039c661177fc11793e4933ff4b6a1f52e430a053e587187d0e63a3d1e9c7ff65ad210e4e0db56c6a16ee566bc48ca737907e3432df8c2a2ca6a207daa69bc421bef5b539cdbf3cffa76af9fb90c767d3534b04bc343501973394905ae2344ab7414379ebe2d869abd8122e56bc8fb01987b2b96478288e24bfe094d875a938c4fdaa8a126f23d4955a0273ea81", &(0x7f0000000240)=""/12, 0x4753, 0x0, 0x68, 0xb7, &(0x7f0000000280)="cbb0d3c9cc498e8e55efa536ddd7ddc35eb932c75a41bd5523fe023bace9a7216e1c69ccd24715053bea831619270ca7af62099be4d0949714801fa1be92c404b30c243a2650b8779e610fdd9d41c267308edbe6868d09d5ad06fa7ba0607b2368aacb447dbdcce4", &(0x7f0000000300)="292f061ee9135527fb5071ffafd655d63e767dc184cb34ad8ef2eb086584a06fa4def44b2bf3f93ec7c0742585a3b96046fdc1d3c790b3cc42d3f7f7cf1d97978cb14080933f965224492cc856f4bc21f1625b927a68867f44c2d33403bad7e6955ea3b67c6939009ce503643c25d3bdda65bdfd121ac56e8792f57bc840beca29363d42bfc5693f5d3c434763edabcf856c4f9b2530ee4bc7147057de3148e0490cb9460609eac87e9a8115a0b38f1773b68049f38198", 0x1, 0xe3}, 0x48)

18:07:06 executing program 2:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0)

18:07:06 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0xc0ff28)
close(r2)

18:07:06 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x80001, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200, 0x1, @perf_bp={&(0x7f0000000100)}, 0x80000, 0xbcf7, 0x3, 0x2, 0x1b8, 0x5, 0x0, 0x0, 0x8, 0x0, 0x51}, 0xffffffffffffffff, 0xe, 0xffffffffffffffff, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

18:07:06 executing program 1:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 83)

18:07:06 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='f2fs_write_checkpoint\x00', r0}, 0x10)
r1 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
ioctl$TUNSETSTEERINGEBPF(r1, 0x800454e0, &(0x7f0000000080)) (async)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000001500)=@bpf_lsm={0x1d, 0x6, &(0x7f00000003c0)=@raw=[@initr0={0x18, 0x0, 0x0, 0x0, 0x838, 0x0, 0x0, 0x0, 0x5}, @ldst={0x0, 0x1, 0x2, 0x2, 0xa, 0x30, 0xffffffffffffffff}, @exit, @map_idx={0x18, 0x4, 0x5, 0x0, 0x4}], &(0x7f0000000400)='GPL\x00', 0x7, 0x8a, &(0x7f0000000440)=""/138, 0x40f00, 0x0, '\x00', 0x0, 0x1b, r1, 0x8, &(0x7f0000000500)={0x7, 0x5}, 0x8, 0x10, 0x0}, 0x80) (async)
perf_event_open(&(0x7f0000000100)={0x0, 0x80, 0x8, 0x4, 0x81, 0xfb, 0x0, 0xff, 0x2080, 0x8, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x5, 0x0, @perf_config_ext={0x6}, 0x80, 0xff, 0xff, 0x0, 0x1, 0x4, 0x2, 0x0, 0xffff, 0x0, 0x5882}, 0xffffffffffffffff, 0xa, r1, 0xe) (async)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000540)={r1, 0x0, 0xb4, 0xc, &(0x7f0000000180)="b151fe67d681e74495acd8e915515f659a932bca4c9f817cd74c47bbd085b16f1483daee80874f039c661177fc11793e4933ff4b6a1f52e430a053e587187d0e63a3d1e9c7ff65ad210e4e0db56c6a16ee566bc48ca737907e3432df8c2a2ca6a207daa69bc421bef5b539cdbf3cffa76af9fb90c767d3534b04bc343501973394905ae2344ab7414379ebe2d869abd8122e56bc8fb01987b2b96478288e24bfe094d875a938c4fdaa8a126f23d4955a0273ea81", &(0x7f0000000240)=""/12, 0x4753, 0x0, 0x68, 0xb7, &(0x7f0000000280)="cbb0d3c9cc498e8e55efa536ddd7ddc35eb932c75a41bd5523fe023bace9a7216e1c69ccd24715053bea831619270ca7af62099be4d0949714801fa1be92c404b30c243a2650b8779e610fdd9d41c267308edbe6868d09d5ad06fa7ba0607b2368aacb447dbdcce4", &(0x7f0000000300)="292f061ee9135527fb5071ffafd655d63e767dc184cb34ad8ef2eb086584a06fa4def44b2bf3f93ec7c0742585a3b96046fdc1d3c790b3cc42d3f7f7cf1d97978cb14080933f965224492cc856f4bc21f1625b927a68867f44c2d33403bad7e6955ea3b67c6939009ce503643c25d3bdda65bdfd121ac56e8792f57bc840beca29363d42bfc5693f5d3c434763edabcf856c4f9b2530ee4bc7147057de3148e0490cb9460609eac87e9a8115a0b38f1773b68049f38198", 0x1, 0xe3}, 0x48)

18:07:06 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0xd0e428)
close(r2)

[  346.705082][T28834] FAULT_INJECTION: forcing a failure.
[  346.705082][T28834] name failslab, interval 1, probability 0, space 0, times 0
[  346.732874][T28834] CPU: 0 PID: 28834 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0
[  346.742950][T28834] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[  346.752848][T28834] Call Trace:
[  346.755966][T28834]  <TASK>
[  346.758743][T28834]  dump_stack_lvl+0x151/0x1b7
[  346.763261][T28834]  ? bfq_pos_tree_add_move+0x43e/0x43e
[  346.768556][T28834]  dump_stack+0x15/0x17
[  346.772562][T28834]  should_fail+0x3c0/0x510
[  346.776801][T28834]  __should_failslab+0x9f/0xe0
[  346.781403][T28834]  should_failslab+0x9/0x20
[  346.785740][T28834]  kmem_cache_alloc+0x4f/0x2f0
[  346.790341][T28834]  ? anon_vma_clone+0xa1/0x4f0
[  346.794940][T28834]  anon_vma_clone+0xa1/0x4f0
[  346.799374][T28834]  anon_vma_fork+0x91/0x4f0
[  346.803710][T28834]  ? anon_vma_name+0x4c/0x70
[  346.808136][T28834]  dup_mmap+0x750/0xea0
[  346.812129][T28834]  ? __delayed_free_task+0x20/0x20
[  346.817073][T28834]  ? mm_init+0x807/0x960
[  346.821155][T28834]  dup_mm+0x91/0x330
[  346.824885][T28834]  copy_mm+0x108/0x1b0
[  346.828792][T28834]  copy_process+0x1295/0x3250
[  346.833309][T28834]  ? proc_fail_nth_write+0x213/0x290
[  346.838529][T28834]  ? proc_fail_nth_read+0x220/0x220
[  346.843648][T28834]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  346.848592][T28834]  ? vfs_write+0x9af/0x1050
[  346.852927][T28834]  ? vmacache_update+0xb7/0x120
[  346.857630][T28834]  kernel_clone+0x22d/0x990
[  346.861962][T28834]  ? file_end_write+0x1b0/0x1b0
[  346.866729][T28834]  ? __kasan_check_write+0x14/0x20
[  346.871680][T28834]  ? create_io_thread+0x1e0/0x1e0
[  346.876539][T28834]  ? __mutex_lock_slowpath+0x10/0x10
[  346.881661][T28834]  __x64_sys_clone+0x289/0x310
[  346.886261][T28834]  ? __do_sys_vfork+0x130/0x130
[  346.890964][T28834]  ? debug_smp_processor_id+0x17/0x20
[  346.896154][T28834]  do_syscall_64+0x44/0xd0
[  346.900425][T28834]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  346.906132][T28834] RIP: 0033:0x7f13408790c9
[  346.910390][T28834] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  346.929829][T28834] RSP: 002b:00007f133f5ec118 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  346.938071][T28834] RAX: ffffffffffffffda RBX: 00007f1340998f80 RCX: 00007f13408790c9
[  346.945881][T28834] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
18:07:06 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x3, 0x4, &(0x7f0000002340)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x99}]}, &(0x7f0000002240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)

18:07:06 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0xd0f328)
close(r2)

18:07:06 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x3, 0x4, &(0x7f0000002340)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x21}]}, &(0x7f0000002240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)

18:07:06 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0xd0ff28)
close(r2)

18:07:06 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001440)={0x11, 0x6, &(0x7f0000000100)=@framed={{}, [@map_val={0x18, 0x0, 0x2, 0x0, 0x1}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffb}]}, &(0x7f00000001c0)='GPL\x00', 0x5, 0x1000, &(0x7f0000000300)=""/4096, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)

18:07:06 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0xe07728)
close(r2)

[  346.953692][T28834] RBP: 00007f133f5ec1d0 R08: 0000000000000000 R09: 0000000000000000
[  346.961507][T28834] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  346.969324][T28834] R13: 00007ffcbc4c66ef R14: 00007f133f5ec300 R15: 0000000000022000
[  346.977134][T28834]  </TASK>
18:07:06 executing program 2:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x2, 0x2f3, 0x0, 0x1000000000}, 0x0, 0x0, 0xffffffffffffffff, 0x5)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
r1 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x40082406, &(0x7f0000000000)='@:[%\x00')

18:07:06 executing program 0:
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f00000003c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x14, 0x14, 0x2, [@enum={0x0, 0x1, 0x0, 0x6, 0x4, [{0x8}]}]}}, &(0x7f0000000080)=""/130, 0x2e, 0x82, 0x1}, 0x20)

18:07:06 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x80001, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200, 0x1, @perf_bp={&(0x7f0000000100)}, 0x80000, 0xbcf7, 0x3, 0x2, 0x1b8, 0x5, 0x0, 0x0, 0x8, 0x0, 0x51}, 0xffffffffffffffff, 0xe, 0xffffffffffffffff, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

18:07:06 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0xe09f28)
close(r2)

18:07:06 executing program 1:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 84)

18:07:06 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x3, 0x4, &(0x7f0000002340)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x1e}]}, &(0x7f0000002240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)

18:07:06 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
bpf$BPF_MAP_GET_NEXT_ID(0xc, &(0x7f0000000000)={0x7fffffff, <r1=>0x0}, 0x8)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000180)={0x1, 0x58, &(0x7f0000000600)={0x0, <r2=>0x0}}, 0x10)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000d40)={r2, 0x5ca, 0x18}, 0xc)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000580)={r2, 0xba, 0x10}, 0xc)
r3 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000080)={r2, 0x1ff, 0x10}, 0xc)
r4 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000040)={r1, 0xffffff84, 0x18}, 0xc)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000540)={0xffffffffffffffff, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000280)=[0x0, 0x0], ""/16, <r5=>0x0, 0x0, 0x0, 0x0, 0x1, 0x2, &(0x7f00000002c0)=[0x0], &(0x7f0000000300)=[0x0, 0x0], 0x0, 0x8, &(0x7f0000000340)=[{}], 0x8, 0x10, &(0x7f0000000380), &(0x7f00000003c0), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000400)}}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000700)={0x11, 0xb, &(0x7f0000000780)=ANY=[@ANYBLOB="180000003000000000000000b2000000852000000500000018280000", @ANYRES32=r0, @ANYBLOB="000000000008000057b630000400000018290000", @ANYRES32=r4, @ANYBLOB="0000000001000000010903000200000085200000020000009500000000000000c8504dcfc65a7ce2047b85bf7d16bd18bb7e3fb3c538b8250906988c9a38c7085d4e9f8d9444d74b592e75f2ef5a71fc1e29df2d3e3e73c94f0845"], &(0x7f00000001c0)='syzkaller\x00', 0xfffffffc, 0x4b, &(0x7f0000000200)=""/75, 0x40f00, 0x4, '\x00', r5, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000005c0)={0x5, 0x3}, 0x8, 0x10, &(0x7f0000000680)={0x4, 0x6, 0x0, 0x2}, 0x10, 0x0, 0x0, 0x0, &(0x7f00000006c0)=[r3]}, 0x80)

18:07:06 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x3, 0x4, &(0x7f0000002340)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x1e}]}, &(0x7f0000002240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)

18:07:06 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0) (async)
bpf$BPF_MAP_GET_NEXT_ID(0xc, &(0x7f0000000000)={0x7fffffff, <r1=>0x0}, 0x8) (async)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000180)={0x1, 0x58, &(0x7f0000000600)={0x0, <r2=>0x0}}, 0x10)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000d40)={r2, 0x5ca, 0x18}, 0xc)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000580)={r2, 0xba, 0x10}, 0xc) (async)
r3 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000080)={r2, 0x1ff, 0x10}, 0xc)
r4 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000040)={r1, 0xffffff84, 0x18}, 0xc)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000540)={0xffffffffffffffff, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000280)=[0x0, 0x0], ""/16, <r5=>0x0, 0x0, 0x0, 0x0, 0x1, 0x2, &(0x7f00000002c0)=[0x0], &(0x7f0000000300)=[0x0, 0x0], 0x0, 0x8, &(0x7f0000000340)=[{}], 0x8, 0x10, &(0x7f0000000380), &(0x7f00000003c0), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000400)}}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000700)={0x11, 0xb, &(0x7f0000000780)=ANY=[@ANYBLOB="180000003000000000000000b2000000852000000500000018280000", @ANYRES32=r0, @ANYBLOB="000000000008000057b630000400000018290000", @ANYRES32=r4, @ANYBLOB="0000000001000000010903000200000085200000020000009500000000000000c8504dcfc65a7ce2047b85bf7d16bd18bb7e3fb3c538b8250906988c9a38c7085d4e9f8d9444d74b592e75f2ef5a71fc1e29df2d3e3e73c94f0845"], &(0x7f00000001c0)='syzkaller\x00', 0xfffffffc, 0x4b, &(0x7f0000000200)=""/75, 0x40f00, 0x4, '\x00', r5, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000005c0)={0x5, 0x3}, 0x8, 0x10, &(0x7f0000000680)={0x4, 0x6, 0x0, 0x2}, 0x10, 0x0, 0x0, 0x0, &(0x7f00000006c0)=[r3]}, 0x80)

18:07:06 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x3, 0x4, &(0x7f0000002340)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x1e}]}, &(0x7f0000002240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)

18:07:06 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0xe80000)
close(r2)

18:07:06 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0xe80200)
close(r2)

[  347.125561][T28873] FAULT_INJECTION: forcing a failure.
[  347.125561][T28873] name failslab, interval 1, probability 0, space 0, times 0
[  347.206604][T28873] CPU: 1 PID: 28873 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0
[  347.216686][T28873] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[  347.226581][T28873] Call Trace:
[  347.229704][T28873]  <TASK>
[  347.232482][T28873]  dump_stack_lvl+0x151/0x1b7
[  347.236996][T28873]  ? bfq_pos_tree_add_move+0x43e/0x43e
[  347.242291][T28873]  ? vma_interval_tree_augment_rotate+0x210/0x210
[  347.248541][T28873]  dump_stack+0x15/0x17
[  347.252528][T28873]  should_fail+0x3c0/0x510
18:07:06 executing program 2:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x2, 0x2f3, 0x0, 0x1000000000}, 0x0, 0x0, 0xffffffffffffffff, 0x5)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0) (async)
r1 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x40082406, &(0x7f0000000000)='@:[%\x00')

18:07:06 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x3, 0x4, &(0x7f0000002340)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x1e}]}, &(0x7f0000002240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)

[  347.256787][T28873]  __should_failslab+0x9f/0xe0
[  347.261381][T28873]  should_failslab+0x9/0x20
[  347.265719][T28873]  kmem_cache_alloc+0x4f/0x2f0
[  347.270382][T28873]  ? anon_vma_fork+0xf7/0x4f0
[  347.274860][T28873]  anon_vma_fork+0xf7/0x4f0
[  347.279173][T28873]  ? anon_vma_name+0x4c/0x70
[  347.283601][T28873]  dup_mmap+0x750/0xea0
[  347.287595][T28873]  ? __delayed_free_task+0x20/0x20
[  347.292554][T28873]  ? mm_init+0x807/0x960
[  347.296617][T28873]  dup_mm+0x91/0x330
[  347.300351][T28873]  copy_mm+0x108/0x1b0
[  347.304260][T28873]  copy_process+0x1295/0x3250
[  347.308771][T28873]  ? proc_fail_nth_write+0x213/0x290
[  347.313893][T28873]  ? proc_fail_nth_read+0x220/0x220
[  347.318926][T28873]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  347.323872][T28873]  ? vfs_write+0x9af/0x1050
[  347.328210][T28873]  ? vmacache_update+0xb7/0x120
[  347.332899][T28873]  kernel_clone+0x22d/0x990
[  347.337237][T28873]  ? file_end_write+0x1b0/0x1b0
[  347.341927][T28873]  ? __kasan_check_write+0x14/0x20
[  347.346880][T28873]  ? create_io_thread+0x1e0/0x1e0
[  347.351732][T28873]  ? __mutex_lock_slowpath+0x10/0x10
[  347.356852][T28873]  __x64_sys_clone+0x289/0x310
[  347.361454][T28873]  ? __do_sys_vfork+0x130/0x130
[  347.366146][T28873]  ? debug_smp_processor_id+0x17/0x20
[  347.371438][T28873]  do_syscall_64+0x44/0xd0
[  347.375686][T28873]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  347.381423][T28873] RIP: 0033:0x7f13408790c9
[  347.385668][T28873] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  347.405111][T28873] RSP: 002b:00007f133f5ec118 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  347.413358][T28873] RAX: ffffffffffffffda RBX: 00007f1340998f80 RCX: 00007f13408790c9
[  347.421165][T28873] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  347.428973][T28873] RBP: 00007f133f5ec1d0 R08: 0000000000000000 R09: 0000000000000000
[  347.436782][T28873] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  347.444596][T28873] R13: 00007ffcbc4c66ef R14: 00007f133f5ec300 R15: 0000000000022000
[  347.452406][T28873]  </TASK>
18:07:07 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x80001, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200, 0x1, @perf_bp={&(0x7f0000000100)}, 0x80000, 0xbcf7, 0x3, 0x2, 0x1b8, 0x5, 0x0, 0x0, 0x8, 0x0, 0x51}, 0xffffffffffffffff, 0xe, 0xffffffffffffffff, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

18:07:07 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
bpf$BPF_MAP_GET_NEXT_ID(0xc, &(0x7f0000000000)={0x7fffffff, <r1=>0x0}, 0x8)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000180)={0x1, 0x58, &(0x7f0000000600)={0x0, <r2=>0x0}}, 0x10)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000d40)={r2, 0x5ca, 0x18}, 0xc)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000580)={r2, 0xba, 0x10}, 0xc)
r3 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000080)={r2, 0x1ff, 0x10}, 0xc)
r4 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000040)={r1, 0xffffff84, 0x18}, 0xc)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000540)={0xffffffffffffffff, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000280)=[0x0, 0x0], ""/16, <r5=>0x0, 0x0, 0x0, 0x0, 0x1, 0x2, &(0x7f00000002c0)=[0x0], &(0x7f0000000300)=[0x0, 0x0], 0x0, 0x8, &(0x7f0000000340)=[{}], 0x8, 0x10, &(0x7f0000000380), &(0x7f00000003c0), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000400)}}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000700)={0x11, 0xb, &(0x7f0000000780)=ANY=[@ANYBLOB="180000003000000000000000b2000000852000000500000018280000", @ANYRES32=r0, @ANYBLOB="000000000008000057b630000400000018290000", @ANYRES32=r4, @ANYBLOB="0000000001000000010903000200000085200000020000009500000000000000c8504dcfc65a7ce2047b85bf7d16bd18bb7e3fb3c538b8250906988c9a38c7085d4e9f8d9444d74b592e75f2ef5a71fc1e29df2d3e3e73c94f0845"], &(0x7f00000001c0)='syzkaller\x00', 0xfffffffc, 0x4b, &(0x7f0000000200)=""/75, 0x40f00, 0x4, '\x00', r5, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000005c0)={0x5, 0x3}, 0x8, 0x10, &(0x7f0000000680)={0x4, 0x6, 0x0, 0x2}, 0x10, 0x0, 0x0, 0x0, &(0x7f00000006c0)=[r3]}, 0x80)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0) (async)
bpf$BPF_MAP_GET_NEXT_ID(0xc, &(0x7f0000000000)={0x7fffffff}, 0x8) (async)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000180)={0x1, 0x58, &(0x7f0000000600)}, 0x10) (async)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000d40)={r2, 0x5ca, 0x18}, 0xc) (async)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000580)={r2, 0xba, 0x10}, 0xc) (async)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000080)={r2, 0x1ff, 0x10}, 0xc) (async)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000040)={r1, 0xffffff84, 0x18}, 0xc) (async)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000540)={0xffffffffffffffff, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000280)=[0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x1, 0x2, &(0x7f00000002c0)=[0x0], &(0x7f0000000300)=[0x0, 0x0], 0x0, 0x8, &(0x7f0000000340)=[{}], 0x8, 0x10, &(0x7f0000000380), &(0x7f00000003c0), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000400)}}, 0x10) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000700)={0x11, 0xb, &(0x7f0000000780)=ANY=[@ANYBLOB="180000003000000000000000b2000000852000000500000018280000", @ANYRES32=r0, @ANYBLOB="000000000008000057b630000400000018290000", @ANYRES32=r4, @ANYBLOB="0000000001000000010903000200000085200000020000009500000000000000c8504dcfc65a7ce2047b85bf7d16bd18bb7e3fb3c538b8250906988c9a38c7085d4e9f8d9444d74b592e75f2ef5a71fc1e29df2d3e3e73c94f0845"], &(0x7f00000001c0)='syzkaller\x00', 0xfffffffc, 0x4b, &(0x7f0000000200)=""/75, 0x40f00, 0x4, '\x00', r5, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000005c0)={0x5, 0x3}, 0x8, 0x10, &(0x7f0000000680)={0x4, 0x6, 0x0, 0x2}, 0x10, 0x0, 0x0, 0x0, &(0x7f00000006c0)=[r3]}, 0x80) (async)

18:07:07 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0xf07f28)
close(r2)

18:07:07 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)

18:07:07 executing program 1:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 85)

18:07:07 executing program 2:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x2, 0x2f3, 0x0, 0x1000000000}, 0x0, 0x0, 0xffffffffffffffff, 0x5)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
r1 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x40082406, &(0x7f0000000000)='@:[%\x00')
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x2, 0x2f3, 0x0, 0x1000000000}, 0x0, 0x0, 0xffffffffffffffff, 0x5) (async)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0) (async)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0) (async)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x40082406, &(0x7f0000000000)='@:[%\x00') (async)

18:07:07 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0xf0ff27)
close(r2)

18:07:07 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000000)={r0}, 0x8)
r2 = perf_event_open$cgroup(&(0x7f0000000040)={0x3, 0x80, 0x7, 0x12, 0x3, 0x1, 0x0, 0x400, 0x16188, 0xc, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4, 0x4, @perf_config_ext={0x7ec9, 0x3}, 0x100, 0xe62, 0x9, 0x1, 0x401, 0x3f, 0x1ff, 0x0, 0x3, 0x0, 0x4}, r0, 0x0, r1, 0x2)
r3 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r4 = openat$cgroup_ro(r3, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000004000000000000000000850000000f000000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, r4, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
ioctl$TUNSETIFINDEX(r4, 0x400454da, &(0x7f0000000280))
ioctl$PERF_EVENT_IOC_PERIOD(r4, 0x40082404, &(0x7f0000000100)=0x9)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40806685, 0x0)
r5 = openat$cgroup_ro(r4, &(0x7f0000000140)='blkio.bfq.group_wait_time\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r6=>0xffffffffffffffff})
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000001f00)={0x1, 0x58, &(0x7f0000002380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r8=>0x0}}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001900)={r7, 0xfffffffffffffd18, &(0x7f0000001800)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, &(0x7f00000016c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x9, 0x5, &(0x7f0000001a00)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000017c0)=[0x0, 0x0, 0x0, 0x0, 0x0], <r9=>0x0, 0x8, &(0x7f00000003c0)=[{}, {}, {}, {}, {}, {}], 0x30, 0x10, &(0x7f0000001740), &(0x7f0000001680), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000440)}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000001980)={0xd, 0xa, &(0x7f0000002400)=ANY=[@ANYBLOB="57a00e34a9180000718300005659ad03e287d85855a012000000000007000000ff320600050000000000001810000000001869000002000095d01e39b54b17dcc388275d044bb253b5e1ab171cb71c012b5efadffb92f669d0560e61589606c5e28b7a5fb2df6525691a9054e594f1faeb87b973dc0d2f29df0e245bf2a005c0ba784255f3860d608500c245907a280260b9e159f7ab9ff89aa9dd86adc7000000000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x50000, 0x1000, &(0x7f0000000580)=""/4096, 0x41000, 0xc, '\x00', r8, 0xb, 0xffffffffffffffff, 0x8, &(0x7f00000015c0)={0x7}, 0x8, 0x10, &(0x7f0000001600)={0x5, 0x0, 0xf28f, 0x4}, 0x10, r9, r7, 0x0, &(0x7f0000001940)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}, 0x80)
sendmsg$inet(r6, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000080)="4e6b8309a21bb19a8ab9363f4085031987e3742247366038c587169d25e574978d66e58578748cb93dbdd1421ef9fe2a913b654e8c61331d043e328315bb689fe2dd985daaea2829d356", 0x4a}, {&(0x7f0000000200)="12ff2d175392bec4111edde153590d411f8895a48f9f944f1e31e7acdc2a1a88b0a6aba3cd4709d9de8c6bb11d3355cb5dc6d850b386319cc5af19c69c2486be7a032267758c1fe91ac45d86bf530290620b19975947947765180809cf", 0x5d}, {&(0x7f0000000280)="9ff182f1ef13386338deb9bd1126f03bb818d25a5fb9bdc9cb8c0a446ea7abfe580960eda670bfe64d1151ae173d5d43f848854140168eac97abce15b7dc1de159633ad4085757df6df0f663858b4df19cccb108427a4c64ac30ab6a061380798847b3ce0b5e9df69d2592ef437a7a4b484c16de3b3ded038e57b39ef3733f0a9deb270716296511401b5dc77cfed97f7d3c6421042b5b3d6970e6c2b1965fa41f210be95fa650cbc0135d3ac43b538b5d87410425c2dc74b92e98b4f7841da48b36ae7cf268ddc530612049b37c77e9bfd1e35e534586eb74acf08be33a7220e9ada78cf69a236e00c6621131193cd009a80a8386313ca3281614d92ec31b", 0xff}], 0x3, &(0x7f0000000380)=[@ip_tos_u8={{0x11, 0x0, 0x1, 0xe1}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r8, @broadcast, @broadcast}}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x1}}, @ip_retopts={{0x10}}], 0x60}, 0x10)
r10 = openat$cgroup(r5, &(0x7f0000000480)='syz0\x00', 0x200002, 0x0)
openat$cgroup_freezer_state(r10, &(0x7f00000004c0), 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0x16, 0x0, 0xc8, 0x3, 0x10, r5, 0x9, '\x00', r8, r3, 0x1, 0x2, 0x2}, 0x48)

[  347.578658][T28907] FAULT_INJECTION: forcing a failure.
[  347.578658][T28907] name failslab, interval 1, probability 0, space 0, times 0
[  347.614814][T28907] CPU: 0 PID: 28907 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0
[  347.625018][T28907] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[  347.634912][T28907] Call Trace:
[  347.638048][T28907]  <TASK>
[  347.640816][T28907]  dump_stack_lvl+0x151/0x1b7
[  347.645417][T28907]  ? bfq_pos_tree_add_move+0x43e/0x43e
[  347.650711][T28907]  dump_stack+0x15/0x17
[  347.654697][T28907]  should_fail+0x3c0/0x510
[  347.658954][T28907]  __should_failslab+0x9f/0xe0
[  347.663551][T28907]  should_failslab+0x9/0x20
[  347.667983][T28907]  kmem_cache_alloc+0x4f/0x2f0
[  347.672579][T28907]  ? anon_vma_clone+0xa1/0x4f0
[  347.677182][T28907]  anon_vma_clone+0xa1/0x4f0
[  347.681608][T28907]  anon_vma_fork+0x91/0x4f0
[  347.685943][T28907]  ? anon_vma_name+0x43/0x70
[  347.690461][T28907]  dup_mmap+0x750/0xea0
[  347.694456][T28907]  ? __delayed_free_task+0x20/0x20
[  347.699400][T28907]  ? mm_init+0x807/0x960
[  347.703489][T28907]  dup_mm+0x91/0x330
[  347.707220][T28907]  copy_mm+0x108/0x1b0
[  347.711118][T28907]  copy_process+0x1295/0x3250
[  347.715629][T28907]  ? proc_fail_nth_write+0x213/0x290
[  347.720753][T28907]  ? proc_fail_nth_read+0x220/0x220
[  347.725785][T28907]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  347.730731][T28907]  ? vfs_write+0x9af/0x1050
[  347.735070][T28907]  ? vmacache_update+0xb7/0x120
[  347.739759][T28907]  kernel_clone+0x22d/0x990
[  347.744098][T28907]  ? file_end_write+0x1b0/0x1b0
[  347.748784][T28907]  ? __kasan_check_write+0x14/0x20
[  347.753731][T28907]  ? create_io_thread+0x1e0/0x1e0
[  347.758616][T28907]  ? __mutex_lock_slowpath+0x10/0x10
[  347.763716][T28907]  __x64_sys_clone+0x289/0x310
[  347.768320][T28907]  ? __do_sys_vfork+0x130/0x130
[  347.773009][T28907]  ? debug_smp_processor_id+0x17/0x20
[  347.778219][T28907]  do_syscall_64+0x44/0xd0
[  347.782460][T28907]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  347.788187][T28907] RIP: 0033:0x7f13408790c9
[  347.792440][T28907] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  347.812057][T28907] RSP: 002b:00007f133f5ec118 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  347.820301][T28907] RAX: ffffffffffffffda RBX: 00007f1340998f80 RCX: 00007f13408790c9
18:07:07 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x1000000)
close(r2)

18:07:07 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)

18:07:07 executing program 2:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
r1 = syz_clone(0x90014280, &(0x7f0000000080)="a4e0f68ee77829259f39861189e509b6b13935759580da6cfd12a6b65102050cd02aa998fdea6156f295d84d562e17d43619e66f2194133ce1d414521dad6fd4a8557f79c9a01a662ffcd41b884982c4d47f686bd0cf69e8dc260328b0467727ecabe2f16c6287ef7ddbf0b3fd95d2ce171102c699811636da8bf969126ab8", 0x7f, &(0x7f0000000100), &(0x7f0000000140), &(0x7f0000000180)="8a8d221b5f9fac6898e5df20e36a620df468748092fc487a5676792a20eebe74c217bc3ddfdd55e747150d48d31c6e53d2e48e274996a2db3f377d72993f2ee2446e6c677e6588e4f2f6275ea9d22d26ade0069e73ccf0ab18d3f5443d304e61eb9f98a6e7c0d44b24d56000e0e06c32bbba743351cab44380cc3c149764024255a70b5b2316209f1a940cc9d7d78fc0c5fbb6901c2d6f5c6d2c0a94cf367b8e28711ba6feeb82f9600afc5a2c2ba3fe10a34bb3548c4677d8069bea911299e7d769d42c2d9b28497a1728b5cbdc4ae2df2b4ded3d3e2bb257e5c1d95261b348952e1283cd35d33d04389efb949c28773e0f261ea783a04a36bb2b302a5a33c9f1d7c827973d1c849578cfd2cff04cd0ecb2f4c16e0a1fe48898c1ac939004508e39e4751c5ac622e8d4883ea0f8a288923bb9990178744597154fb9481a06e7d18c8c20e41de8f76435d58ef91609ef58ca3a32470ccaaef11426c8585fe460693ddc72eeb9d441af19b6ff0af88a0eb22aa0d997b59568312e52e6eb7db3ac9bcbbc15a2c82c119152f32043e8aa613b34211e36d7d58b1171851a1704fb3d62149ae6f15d3d42b831b36c9c5c8feeb973e9c2eaa515f24c5a1a1474771c22c79050515224cb9e46816a342f22c0a9b0a160af6cfb33fca84a5c1d174b812bd86d12c61662de6438696fa7e30813ed7e0ac3925e3a33e5e3bb8aa001a16c5220d60c1180fe75352384125a47ff914caf61f85c3bd31ef199e7967c41a398a150667c94dcd43a1bb9a4200a2f576584b8f90ab3df0436ed261084cfb5c8e54e6b84a71c21f0f550364b12e48c173217ea97250e361af873f0ce473f46f02a937d7be69ad2f4756393d1350a32bb6dd9c8ddbe6f6e37332bb82944d6eec86c4d266e687fb7ec9ddc7e3e7626035ad1869129f206ac45a36b480ec58d5f72caefd0a79ba083bfbbc88139cf2eed452ba81d69b20eb3e1085615ae75f09cebbd7a8e511ad182bff03ac7ad5bfbf5e1a9d8dd3cc3a21b06674c6b8296029931641650bbfd84c68d9a4d91b41433f5a60b47268ffd2ef386bf4b9143fd3fdd5e973b5f99b1c27de03393efdf15b6cca4a07cf56c89619dc7764e3bbe6ea46ce0e668b6848e25f8631c9909c19d62598b8577cc9e53bad2078792017a7d736ce3a0fab2ca7cd8e9b3423b25c40c196cdd40245d91a34f9fc13a2c0c617b3d3ebfe024efb2bfbc4b539f8decbfa0162f92c01746713c55a4f1d9fefb557dc89a360bfb12ad53daca355a1cff4167e5cf9151ff88df076af82b3135f2cdf8bf410a42a2121e49d623943c08a01e9cbfa3686223ba0adae3ad4e6dacdca801288ed1a594e5fadba1c78823b870cbae80e927fa6fa52e2ab186182721691a944779a88d45a39a52666a4718f89f5fa2daea4392a04a72d9345b9b18acbe16cf2b38f0e36d5bc075ee8b30c8777c44af9a9b6c4d50af495b9c6893d380ee0af48a2ee9c7680d46bddc856966bccfa5f39dc62d8a960a1733fb212b60c5e365dfb4addab75ee4de646a1cb06cc0fb7022607b7fd01e05765dda121c9826f6b0650dbbd82f61fa6aa3244d15f65eb01ebbc33dcf0c8f86e80ffb906a453875823ce1bac734117dc205182adf0d92a21c5fad20ffbbc4f41d6033df0022802d84101caeb5dfbd8330fb285aee7c678005b284d673212c3a382c80f11c072cd6e75de3afcefcdf9ea1a4add722b1017d12b233e3fcaa6e72a36a4ad8fbb3dbe1b4a29d49557420de0eade29d23f4a660df4098a14a2f1f6e96a0feab0eb2610764ec024cb5326248e5125cf316639ae58e45bc70639901d70dce29d09486dd26f2354c8559e7dba2c91ade5b59ce9a2d4a06ea6bd8c1a5a5d0e9d8e2edb5d13e66a78cce2b43db52079bfa89bc78f17af799d55bb921ddede10d57f0dcfbfd03f8afffbf13bb2fb7b738dbbb45b088060b6731b15b5525cd84cc40ebc463321c1ec228a42338c213150e075ead034ffa13e5966d403f01afd17cd820b2710f0d1f8fcb90c0fa6d8f71f549e6213c4845399d7cf9eed93d4f267f9aea951a88c8fc42f044b69811dffaf478d491aaf3ec77fe8d7670e54251daf6499eb120ac56fbdb4d6aeff7bd1bc57e347f3217b31c499a712e9a55fd00e578a60ece58e673589f81a2e4ed423eb86cc492e716537fa323906aaed8ec6d22c9bfaa60c24043e7b7d38d16f87efbb2af95b1f34df6a9d4731e747fc88c09cd7ba0f6837b37b5c1917f93f91d643ff7365320fbe65430e04092d061cc8d4d2b3cf695a16937084923d1c53e267d9e63d09987b8537842b3934b6b0c636a781353a16f8fc59f92fa96951b78c4626c8a6052a9518033d710bc89552fba43d947112f32bf72e7b5d9c79270249e23e0133b99888c726c7f2f800b4b61deffe3ec4c07657f4732f8ab465855294fd4a8f24acdb0e1f3caa784c07fc050461ef9eef584e219c920762959b955aa81620556f32128ac44c3c8b5a8fc4d25b3ecda7bf85d35a2b345372d6548260e57d82dfb0ed2948a36d8eb25dc75f5c410287a6a385ee19a14ed3bdc86d35e678d778d12d0a1e25b624053f51a9bcf37846a2266fd879165cf2fab4b71bc74e9a0a69ab7af18c4eb29db17f55933cac2188bfbe0f6e262d35cedb91de28c4802c4147360882f0cf93c4fc64d0594355e3ffe8b6c8ca02e0e967a6b770018a453e7053492f1aefa3d29f3e999e4016ddc1d69335563433f5f22be9a7f9d8ab5980a0c4b74419aebabb1eddf4eae224b92028c05ed6a2c75848a76642f2f3f1e079096b61cc8084d16074d3e5fddf8b4ab4f1c5874333691131310e96aac64a3f912593407f65431e668c4335bbfc6f994ac3034822f13d399bb51e3578139bc4792435dcfc5de7f71eaf87ed5aa5f36004ba6ffad96f868ae13ffd52e16202c8dd5f0236ee30cef8b8e0064396afd4343a9df52845c6f520208b83b2f43848ac7f5a02fa09a7dbaa818eb7845bda057c9e6a08c125dbde71cd19c33b677fc17b804564467a589c97826db91ddad4d3a21ef31373d203390cf3a7f367d2193aa2edd3bb13a023e947b05404ede9575986ddff1d3af33e8317575dfb57a1877fa8a415d616aa9833e26b4539fda126dec81265838876ad73c55e2b936032074617210a0efd686f2e4c9fccc2af87a9b4b827109a90abd379713b59a48d4f4f870780ebba7b9c6dd871147ea21a6f302945e3deba045372814a4ce1d9efbee30eb97b78c446f1cb7a046063b816362cd9a9b47762fa9d72b5dc7a3e3a3c52dff8986d4f3994a7a46d95c79ba8395aed77072accfdf19f3c626b9ab0429bdf2bfa8c5a6ae3645a6851b96c5d06ee42b91aa3eb3cf1c28fdd01f6dee4f19de8ee4aeafa1149c9be5f2481df5bdc2102c6dc028e17ec17cc68623dd6561b818b10bb4c8987d4407de028ff30f8d755018f1cb2f98ffa1aec193a363abb08bc09a095e39147aa882c8f7d35b508cd50fade33a12153c3e584c0b569b136d7082675a6fb0969ab9c0b777d078a4a8073c9756d3a0709b0c7c76b4017b4368432a111fee3388a69c9bb8b875c1069f332dd562d48ee241110bfc053caad0e16abe30a99a9f6a8860e2e023d4c591ae6c4d1d39c3ed24bd7aae9b913b2bbc6a6ab0a380d42b32fe93f8b224416515e24381bde2abd9a32d67cc800c5aed6d632430fa52d183cce0d7d56e25ad8f7ddf5fe984ec5354f6da316559791ed7e8a928f01de8d93d81119fe1077c410a666d24c33ec5e4f956a1c132934ea15b1dcaecd83159fa951804eda589b512b1deca9b2215f44e5ea7ea01a076310597ac4bbcb9d5a3b8c0cfc89f3c2c7c3cbb4f23f64861f2d245d9a08c0640af13a5f784434d0bc59b3e6959a4e3e116837d76a44b1dd0a17b5fe2cdd7d9f448460bf8da2628d04284b1dc21d50fba0b3006bb9247d9a0a98ccd255b56cf84ea2deaa0bc1a4ca5cfec15ec44acba8f3b2bf0fe70bc7c2b1d2bc1f7a310cbb91c78b67fc8b18cc17facd38d139301a1805b38f8e662e54bee034635dc08512f4938f7ff5db637792e5bb9944ae72da9081ea2d78e0918328eb00e6f6d260efe82c97bac1bda4e196f840be03a4a4d1cfabf24126a0c8abeb88320b3b1bb760c6543e5ed0a3252c3c84bb9ecefec3c786dab1a16a15f9aafa2cca764f71de16bb06fbeb608878ee1bdbaf50dde30a72592c7cb681a2fe84a7fe26c90ecf09d0c4be92a0a6802852c0fa1745a753b72f988cd0962b99570bacbed7cbd2bd66a6a05f4e9de2fbcfc29846a14dc26d5b5db833b56996d2a3f199b711cb17ed097a35d6edbb74753e2e2fee3a048cddd1ec657457e7775cbc82fdfe202522a9cf9c5e6d63f5e6ff223d79bcdc15bb163c7428a951c5f860549e295201d6e9a900ab5a2fc9fa13c1173043a228becd177c109a50a3f96338b8b9a4dbd3dfba656e433e6b3ef84424d3ac2cd2d1b96cf4f0632d2485b2a1868f887dc5da8c85ae9e6df58267c8f7d1baf0b92e3b51f46a96d9b4eca58c7308bf0346ea1eee754bb6d48d35a197e3bd15aec802598873ccc8b06183fec9d16f10b7a3511b0d03e438a21446ab074900b4cd023bc637d2fcdf71a4e564f972f2c414a1109f7161ba8cfc19ae4ebd44f92c6c9b4610580abd060207db7d2b37952d1f178e312fedec74ce6e11be7a1562600e2d25c41e450bafc13df19beffae90b4d4b544bd40d5d41dcedafc3d03bbc2d68dca1e4c5cf60e7d0f49634de3a98dc3c553fab08f328a580f89958df686aed58b6647fc3f44aa4a15e6a9b832e815b11d910847e643a1fbac378fabfbb07f305b8663a981a760e5205fd6b15f40bf7857ed8e25bea69a0923aa89c724dba52a7733b0ebbc5b5c8a663a911e62f263679e0fd819912898d9b7d345cab67d68041e8f273639ce826576667532a7885304e89c8f9506ae4aca0ed094ec0877640a7bfe40f2eb1a8b6085e1697c1b801bc9045344701539a5da5c5d34435aca81f00996caf6e60258213d6cb5fa8c34e94268955bc6fd9e8c3b118f3b6dda3b07348fab6df0f02f86ecdfaeac8402d03e717fc43eec2ed5eec748fd0a24270234bcc4752a9e327c47cda69ce45ff6982b7da27a47dc78336179830433417da0a6b6483067d6d765e866dc4be02efb21c5c871fd82f87a0fdb4da883c261ff85caf8b001315015c4616853f2b60721c679ae103e89b5d41da126cbf69e35215264971325afe9d6216edd93b9c7e84d292587c097511e854c66112d63da325a746668a1c19ac5ea09eaa17ec112dbfd42090251dccd22dc8fb3b54b2956fa75f5c216d115b7256456b57c9d562bbe05716febe7d8a7084dd4006ab8ab5df9fa3630275be80963b7bfa6412827b6fb74e5bab65eaa84b24aa270a1f4988533365d8ed6c38e2ee302c92a9354507cd883cb468269a15c3d2e34baa731495f20140d1d0e943c28bc1cfbcc08169e4da25353437ececd6c40badb4b09678a87b8ae895ff5310380c887489482f63ad6e7bbcf72972e2b4266b49eb1cf47f73282842221a79ace3f6748350cef2cc142c10f8f3a9faef5be7225eae23042502fb9c2e49d06792f8ae5ace29bb1702e4482dfae1529ea0ed53e1c607a7e672846be6efbffb0ed079390632f967bf8d71b0c1b702584f9a90881088c0596d90e6d0e8c7c736489b5854eca3d74d31422dbb53a356d1a035f3b76ccff5fd827261d5099aa9be71f97c36364a95f67a54acac0ec5e9dcf3634019b8c4f985d156df16d79dde9d94686e0be81cc")
r2 = perf_event_open(&(0x7f00000011c0)={0x4, 0x80, 0x1f, 0xd0, 0x3, 0x5, 0x0, 0xfffffffffffffff9, 0x40238, 0x7, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x2, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000001180)}, 0x2, 0x8000000000000001, 0x7ff, 0x6, 0x0, 0x20, 0x4, 0x0, 0x4, 0x0, 0xfffffffffc907228}, 0xffffffffffffffff, 0x9, 0xffffffffffffffff, 0x1)
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x1, 0x7, 0x81, 0x7f, 0x0, 0x5, 0x40080, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x3, 0x4, @perf_config_ext={0xfffffffffffff001, 0x6}, 0x40c8, 0x6, 0x1, 0x3, 0x6, 0xfffffff7, 0x8001, 0x0, 0x7f, 0x0, 0x800}, r1, 0xe, r2, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)

18:07:07 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)

[  347.828113][T28907] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  347.836015][T28907] RBP: 00007f133f5ec1d0 R08: 0000000000000000 R09: 0000000000000000
[  347.843822][T28907] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  347.851633][T28907] R13: 00007ffcbc4c66ef R14: 00007f133f5ec300 R15: 0000000000022000
[  347.859446][T28907]  </TASK>
18:07:07 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x80001, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200, 0x1, @perf_bp={&(0x7f0000000100)}, 0x80000, 0xbcf7, 0x3, 0x2, 0x1b8, 0x5, 0x0, 0x0, 0x8, 0x0, 0x51}, 0xffffffffffffffff, 0xe, r0, 0x0)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

18:07:07 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x1000100)
close(r2)

18:07:07 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000000)={r0}, 0x8)
r2 = perf_event_open$cgroup(&(0x7f0000000040)={0x3, 0x80, 0x7, 0x12, 0x3, 0x1, 0x0, 0x400, 0x16188, 0xc, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4, 0x4, @perf_config_ext={0x7ec9, 0x3}, 0x100, 0xe62, 0x9, 0x1, 0x401, 0x3f, 0x1ff, 0x0, 0x3, 0x0, 0x4}, r0, 0x0, r1, 0x2) (async)
r3 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r4 = openat$cgroup_ro(r3, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000004000000000000000000850000000f000000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, r4, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
ioctl$TUNSETIFINDEX(r4, 0x400454da, &(0x7f0000000280)) (async)
ioctl$PERF_EVENT_IOC_PERIOD(r4, 0x40082404, &(0x7f0000000100)=0x9) (async)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40806685, 0x0) (async, rerun: 64)
r5 = openat$cgroup_ro(r4, &(0x7f0000000140)='blkio.bfq.group_wait_time\x00', 0x0, 0x0) (async, rerun: 64)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r6=>0xffffffffffffffff}) (async)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000001f00)={0x1, 0x58, &(0x7f0000002380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r8=>0x0}}, 0x10) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001900)={r7, 0xfffffffffffffd18, &(0x7f0000001800)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, &(0x7f00000016c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x9, 0x5, &(0x7f0000001a00)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000017c0)=[0x0, 0x0, 0x0, 0x0, 0x0], <r9=>0x0, 0x8, &(0x7f00000003c0)=[{}, {}, {}, {}, {}, {}], 0x30, 0x10, &(0x7f0000001740), &(0x7f0000001680), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000440)}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000001980)={0xd, 0xa, &(0x7f0000002400)=ANY=[@ANYBLOB="57a00e34a9180000718300005659ad03e287d85855a012000000000007000000ff320600050000000000001810000000001869000002000095d01e39b54b17dcc388275d044bb253b5e1ab171cb71c012b5efadffb92f669d0560e61589606c5e28b7a5fb2df6525691a9054e594f1faeb87b973dc0d2f29df0e245bf2a005c0ba784255f3860d608500c245907a280260b9e159f7ab9ff89aa9dd86adc7000000000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x50000, 0x1000, &(0x7f0000000580)=""/4096, 0x41000, 0xc, '\x00', r8, 0xb, 0xffffffffffffffff, 0x8, &(0x7f00000015c0)={0x7}, 0x8, 0x10, &(0x7f0000001600)={0x5, 0x0, 0xf28f, 0x4}, 0x10, r9, r7, 0x0, &(0x7f0000001940)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}, 0x80)
sendmsg$inet(r6, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000080)="4e6b8309a21bb19a8ab9363f4085031987e3742247366038c587169d25e574978d66e58578748cb93dbdd1421ef9fe2a913b654e8c61331d043e328315bb689fe2dd985daaea2829d356", 0x4a}, {&(0x7f0000000200)="12ff2d175392bec4111edde153590d411f8895a48f9f944f1e31e7acdc2a1a88b0a6aba3cd4709d9de8c6bb11d3355cb5dc6d850b386319cc5af19c69c2486be7a032267758c1fe91ac45d86bf530290620b19975947947765180809cf", 0x5d}, {&(0x7f0000000280)="9ff182f1ef13386338deb9bd1126f03bb818d25a5fb9bdc9cb8c0a446ea7abfe580960eda670bfe64d1151ae173d5d43f848854140168eac97abce15b7dc1de159633ad4085757df6df0f663858b4df19cccb108427a4c64ac30ab6a061380798847b3ce0b5e9df69d2592ef437a7a4b484c16de3b3ded038e57b39ef3733f0a9deb270716296511401b5dc77cfed97f7d3c6421042b5b3d6970e6c2b1965fa41f210be95fa650cbc0135d3ac43b538b5d87410425c2dc74b92e98b4f7841da48b36ae7cf268ddc530612049b37c77e9bfd1e35e534586eb74acf08be33a7220e9ada78cf69a236e00c6621131193cd009a80a8386313ca3281614d92ec31b", 0xff}], 0x3, &(0x7f0000000380)=[@ip_tos_u8={{0x11, 0x0, 0x1, 0xe1}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r8, @broadcast, @broadcast}}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x1}}, @ip_retopts={{0x10}}], 0x60}, 0x10) (async)
r10 = openat$cgroup(r5, &(0x7f0000000480)='syz0\x00', 0x200002, 0x0)
openat$cgroup_freezer_state(r10, &(0x7f00000004c0), 0x2, 0x0) (async)
bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0x16, 0x0, 0xc8, 0x3, 0x10, r5, 0x9, '\x00', r8, r3, 0x1, 0x2, 0x2}, 0x48)

18:07:07 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x0, 0x4, &(0x7f0000002340)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x1e}]}, &(0x7f0000002240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)

18:07:07 executing program 1:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 86)

18:07:07 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x0, 0x4, &(0x7f0000002340)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x1e}]}, &(0x7f0000002240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)

18:07:07 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x1060000)
close(r2)

18:07:07 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000000)={r0}, 0x8)
r2 = perf_event_open$cgroup(&(0x7f0000000040)={0x3, 0x80, 0x7, 0x12, 0x3, 0x1, 0x0, 0x400, 0x16188, 0xc, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4, 0x4, @perf_config_ext={0x7ec9, 0x3}, 0x100, 0xe62, 0x9, 0x1, 0x401, 0x3f, 0x1ff, 0x0, 0x3, 0x0, 0x4}, r0, 0x0, r1, 0x2)
r3 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r4 = openat$cgroup_ro(r3, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000004000000000000000000850000000f000000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, r4, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) (async)
ioctl$TUNSETIFINDEX(r4, 0x400454da, &(0x7f0000000280)) (async)
ioctl$PERF_EVENT_IOC_PERIOD(r4, 0x40082404, &(0x7f0000000100)=0x9) (async)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40806685, 0x0) (async)
r5 = openat$cgroup_ro(r4, &(0x7f0000000140)='blkio.bfq.group_wait_time\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r6=>0xffffffffffffffff}) (async)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000001f00)={0x1, 0x58, &(0x7f0000002380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r8=>0x0}}, 0x10) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001900)={r7, 0xfffffffffffffd18, &(0x7f0000001800)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, &(0x7f00000016c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x9, 0x5, &(0x7f0000001a00)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000017c0)=[0x0, 0x0, 0x0, 0x0, 0x0], <r9=>0x0, 0x8, &(0x7f00000003c0)=[{}, {}, {}, {}, {}, {}], 0x30, 0x10, &(0x7f0000001740), &(0x7f0000001680), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000440)}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000001980)={0xd, 0xa, &(0x7f0000002400)=ANY=[@ANYBLOB="57a00e34a9180000718300005659ad03e287d85855a012000000000007000000ff320600050000000000001810000000001869000002000095d01e39b54b17dcc388275d044bb253b5e1ab171cb71c012b5efadffb92f669d0560e61589606c5e28b7a5fb2df6525691a9054e594f1faeb87b973dc0d2f29df0e245bf2a005c0ba784255f3860d608500c245907a280260b9e159f7ab9ff89aa9dd86adc7000000000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x50000, 0x1000, &(0x7f0000000580)=""/4096, 0x41000, 0xc, '\x00', r8, 0xb, 0xffffffffffffffff, 0x8, &(0x7f00000015c0)={0x7}, 0x8, 0x10, &(0x7f0000001600)={0x5, 0x0, 0xf28f, 0x4}, 0x10, r9, r7, 0x0, &(0x7f0000001940)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}, 0x80) (async)
sendmsg$inet(r6, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000080)="4e6b8309a21bb19a8ab9363f4085031987e3742247366038c587169d25e574978d66e58578748cb93dbdd1421ef9fe2a913b654e8c61331d043e328315bb689fe2dd985daaea2829d356", 0x4a}, {&(0x7f0000000200)="12ff2d175392bec4111edde153590d411f8895a48f9f944f1e31e7acdc2a1a88b0a6aba3cd4709d9de8c6bb11d3355cb5dc6d850b386319cc5af19c69c2486be7a032267758c1fe91ac45d86bf530290620b19975947947765180809cf", 0x5d}, {&(0x7f0000000280)="9ff182f1ef13386338deb9bd1126f03bb818d25a5fb9bdc9cb8c0a446ea7abfe580960eda670bfe64d1151ae173d5d43f848854140168eac97abce15b7dc1de159633ad4085757df6df0f663858b4df19cccb108427a4c64ac30ab6a061380798847b3ce0b5e9df69d2592ef437a7a4b484c16de3b3ded038e57b39ef3733f0a9deb270716296511401b5dc77cfed97f7d3c6421042b5b3d6970e6c2b1965fa41f210be95fa650cbc0135d3ac43b538b5d87410425c2dc74b92e98b4f7841da48b36ae7cf268ddc530612049b37c77e9bfd1e35e534586eb74acf08be33a7220e9ada78cf69a236e00c6621131193cd009a80a8386313ca3281614d92ec31b", 0xff}], 0x3, &(0x7f0000000380)=[@ip_tos_u8={{0x11, 0x0, 0x1, 0xe1}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r8, @broadcast, @broadcast}}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x1}}, @ip_retopts={{0x10}}], 0x60}, 0x10) (async)
r10 = openat$cgroup(r5, &(0x7f0000000480)='syz0\x00', 0x200002, 0x0)
openat$cgroup_freezer_state(r10, &(0x7f00000004c0), 0x2, 0x0) (async)
bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0x16, 0x0, 0xc8, 0x3, 0x10, r5, 0x9, '\x00', r8, r3, 0x1, 0x2, 0x2}, 0x48)

18:07:07 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x1e80200)
close(r2)

18:07:07 executing program 3:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r0, &(0x7f0000000080), 0x2, 0x0)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x200002, 0x0)
openat$cgroup_ro(r1, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x0, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup.cpu/syz0\x00', 0x200002, 0x0)
openat$cgroup_ro(r3, &(0x7f0000000180)='cpuacct.usage_all\x00', 0x0, 0x0)
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r0, 0x3, r2, 0x2)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40806685, 0x0)

[  347.971450][T28954] FAULT_INJECTION: forcing a failure.
[  347.971450][T28954] name failslab, interval 1, probability 0, space 0, times 0
[  347.984490][T28954] CPU: 1 PID: 28954 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0
[  347.994566][T28954] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[  348.004459][T28954] Call Trace:
[  348.007600][T28954]  <TASK>
[  348.010381][T28954]  dump_stack_lvl+0x151/0x1b7
[  348.014871][T28954]  ? bfq_pos_tree_add_move+0x43e/0x43e
[  348.020171][T28954]  ? vma_interval_tree_augment_rotate+0x210/0x210
[  348.026415][T28954]  dump_stack+0x15/0x17
[  348.030404][T28954]  should_fail+0x3c0/0x510
[  348.034660][T28954]  __should_failslab+0x9f/0xe0
[  348.039255][T28954]  should_failslab+0x9/0x20
[  348.043594][T28954]  kmem_cache_alloc+0x4f/0x2f0
[  348.048197][T28954]  ? anon_vma_fork+0xf7/0x4f0
[  348.052708][T28954]  anon_vma_fork+0xf7/0x4f0
[  348.057055][T28954]  ? anon_vma_name+0x43/0x70
[  348.061478][T28954]  dup_mmap+0x750/0xea0
[  348.065471][T28954]  ? __delayed_free_task+0x20/0x20
[  348.070415][T28954]  ? mm_init+0x807/0x960
[  348.074493][T28954]  dup_mm+0x91/0x330
[  348.078225][T28954]  copy_mm+0x108/0x1b0
[  348.082130][T28954]  copy_process+0x1295/0x3250
[  348.086656][T28954]  ? proc_fail_nth_write+0x213/0x290
[  348.091767][T28954]  ? proc_fail_nth_read+0x220/0x220
[  348.096886][T28954]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  348.101833][T28954]  ? vfs_write+0x9af/0x1050
[  348.106173][T28954]  ? vmacache_update+0xb7/0x120
[  348.110862][T28954]  kernel_clone+0x22d/0x990
[  348.115202][T28954]  ? file_end_write+0x1b0/0x1b0
[  348.119885][T28954]  ? __kasan_check_write+0x14/0x20
[  348.124833][T28954]  ? create_io_thread+0x1e0/0x1e0
[  348.129694][T28954]  ? __mutex_lock_slowpath+0x10/0x10
[  348.134814][T28954]  __x64_sys_clone+0x289/0x310
[  348.139425][T28954]  ? __do_sys_vfork+0x130/0x130
[  348.144103][T28954]  ? debug_smp_processor_id+0x17/0x20
[  348.149311][T28954]  do_syscall_64+0x44/0xd0
[  348.153561][T28954]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  348.159332][T28954] RIP: 0033:0x7f13408790c9
[  348.163542][T28954] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  348.183119][T28954] RSP: 002b:00007f133f5ec118 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  348.191682][T28954] RAX: ffffffffffffffda RBX: 00007f1340998f80 RCX: 00007f13408790c9
[  348.199497][T28954] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  348.207306][T28954] RBP: 00007f133f5ec1d0 R08: 0000000000000000 R09: 0000000000000000
18:07:07 executing program 2:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
r1 = syz_clone(0x90014280, &(0x7f0000000080)="a4e0f68ee77829259f39861189e509b6b13935759580da6cfd12a6b65102050cd02aa998fdea6156f295d84d562e17d43619e66f2194133ce1d414521dad6fd4a8557f79c9a01a662ffcd41b884982c4d47f686bd0cf69e8dc260328b0467727ecabe2f16c6287ef7ddbf0b3fd95d2ce171102c699811636da8bf969126ab8", 0x7f, &(0x7f0000000100), &(0x7f0000000140), &(0x7f0000000180)="8a8d221b5f9fac6898e5df20e36a620df468748092fc487a5676792a20eebe74c217bc3ddfdd55e747150d48d31c6e53d2e48e274996a2db3f377d72993f2ee2446e6c677e6588e4f2f6275ea9d22d26ade0069e73ccf0ab18d3f5443d304e61eb9f98a6e7c0d44b24d56000e0e06c32bbba743351cab44380cc3c149764024255a70b5b2316209f1a940cc9d7d78fc0c5fbb6901c2d6f5c6d2c0a94cf367b8e28711ba6feeb82f9600afc5a2c2ba3fe10a34bb3548c4677d8069bea911299e7d769d42c2d9b28497a1728b5cbdc4ae2df2b4ded3d3e2bb257e5c1d95261b348952e1283cd35d33d04389efb949c28773e0f261ea783a04a36bb2b302a5a33c9f1d7c827973d1c849578cfd2cff04cd0ecb2f4c16e0a1fe48898c1ac939004508e39e4751c5ac622e8d4883ea0f8a288923bb9990178744597154fb9481a06e7d18c8c20e41de8f76435d58ef91609ef58ca3a32470ccaaef11426c8585fe460693ddc72eeb9d441af19b6ff0af88a0eb22aa0d997b59568312e52e6eb7db3ac9bcbbc15a2c82c119152f32043e8aa613b34211e36d7d58b1171851a1704fb3d62149ae6f15d3d42b831b36c9c5c8feeb973e9c2eaa515f24c5a1a1474771c22c79050515224cb9e46816a342f22c0a9b0a160af6cfb33fca84a5c1d174b812bd86d12c61662de6438696fa7e30813ed7e0ac3925e3a33e5e3bb8aa001a16c5220d60c1180fe75352384125a47ff914caf61f85c3bd31ef199e7967c41a398a150667c94dcd43a1bb9a4200a2f576584b8f90ab3df0436ed261084cfb5c8e54e6b84a71c21f0f550364b12e48c173217ea97250e361af873f0ce473f46f02a937d7be69ad2f4756393d1350a32bb6dd9c8ddbe6f6e37332bb82944d6eec86c4d266e687fb7ec9ddc7e3e7626035ad1869129f206ac45a36b480ec58d5f72caefd0a79ba083bfbbc88139cf2eed452ba81d69b20eb3e1085615ae75f09cebbd7a8e511ad182bff03ac7ad5bfbf5e1a9d8dd3cc3a21b06674c6b8296029931641650bbfd84c68d9a4d91b41433f5a60b47268ffd2ef386bf4b9143fd3fdd5e973b5f99b1c27de03393efdf15b6cca4a07cf56c89619dc7764e3bbe6ea46ce0e668b6848e25f8631c9909c19d62598b8577cc9e53bad2078792017a7d736ce3a0fab2ca7cd8e9b3423b25c40c196cdd40245d91a34f9fc13a2c0c617b3d3ebfe024efb2bfbc4b539f8decbfa0162f92c01746713c55a4f1d9fefb557dc89a360bfb12ad53daca355a1cff4167e5cf9151ff88df076af82b3135f2cdf8bf410a42a2121e49d623943c08a01e9cbfa3686223ba0adae3ad4e6dacdca801288ed1a594e5fadba1c78823b870cbae80e927fa6fa52e2ab186182721691a944779a88d45a39a52666a4718f89f5fa2daea4392a04a72d9345b9b18acbe16cf2b38f0e36d5bc075ee8b30c8777c44af9a9b6c4d50af495b9c6893d380ee0af48a2ee9c7680d46bddc856966bccfa5f39dc62d8a960a1733fb212b60c5e365dfb4addab75ee4de646a1cb06cc0fb7022607b7fd01e05765dda121c9826f6b0650dbbd82f61fa6aa3244d15f65eb01ebbc33dcf0c8f86e80ffb906a453875823ce1bac734117dc205182adf0d92a21c5fad20ffbbc4f41d6033df0022802d84101caeb5dfbd8330fb285aee7c678005b284d673212c3a382c80f11c072cd6e75de3afcefcdf9ea1a4add722b1017d12b233e3fcaa6e72a36a4ad8fbb3dbe1b4a29d49557420de0eade29d23f4a660df4098a14a2f1f6e96a0feab0eb2610764ec024cb5326248e5125cf316639ae58e45bc70639901d70dce29d09486dd26f2354c8559e7dba2c91ade5b59ce9a2d4a06ea6bd8c1a5a5d0e9d8e2edb5d13e66a78cce2b43db52079bfa89bc78f17af799d55bb921ddede10d57f0dcfbfd03f8afffbf13bb2fb7b738dbbb45b088060b6731b15b5525cd84cc40ebc463321c1ec228a42338c213150e075ead034ffa13e5966d403f01afd17cd820b2710f0d1f8fcb90c0fa6d8f71f549e6213c4845399d7cf9eed93d4f267f9aea951a88c8fc42f044b69811dffaf478d491aaf3ec77fe8d7670e54251daf6499eb120ac56fbdb4d6aeff7bd1bc57e347f3217b31c499a712e9a55fd00e578a60ece58e673589f81a2e4ed423eb86cc492e716537fa323906aaed8ec6d22c9bfaa60c24043e7b7d38d16f87efbb2af95b1f34df6a9d4731e747fc88c09cd7ba0f6837b37b5c1917f93f91d643ff7365320fbe65430e04092d061cc8d4d2b3cf695a16937084923d1c53e267d9e63d09987b8537842b3934b6b0c636a781353a16f8fc59f92fa96951b78c4626c8a6052a9518033d710bc89552fba43d947112f32bf72e7b5d9c79270249e23e0133b99888c726c7f2f800b4b61deffe3ec4c07657f4732f8ab465855294fd4a8f24acdb0e1f3caa784c07fc050461ef9eef584e219c920762959b955aa81620556f32128ac44c3c8b5a8fc4d25b3ecda7bf85d35a2b345372d6548260e57d82dfb0ed2948a36d8eb25dc75f5c410287a6a385ee19a14ed3bdc86d35e678d778d12d0a1e25b624053f51a9bcf37846a2266fd879165cf2fab4b71bc74e9a0a69ab7af18c4eb29db17f55933cac2188bfbe0f6e262d35cedb91de28c4802c4147360882f0cf93c4fc64d0594355e3ffe8b6c8ca02e0e967a6b770018a453e7053492f1aefa3d29f3e999e4016ddc1d69335563433f5f22be9a7f9d8ab5980a0c4b74419aebabb1eddf4eae224b92028c05ed6a2c75848a76642f2f3f1e079096b61cc8084d16074d3e5fddf8b4ab4f1c5874333691131310e96aac64a3f912593407f65431e668c4335bbfc6f994ac3034822f13d399bb51e3578139bc4792435dcfc5de7f71eaf87ed5aa5f36004ba6ffad96f868ae13ffd52e16202c8dd5f0236ee30cef8b8e0064396afd4343a9df52845c6f520208b83b2f43848ac7f5a02fa09a7dbaa818eb7845bda057c9e6a08c125dbde71cd19c33b677fc17b804564467a589c97826db91ddad4d3a21ef31373d203390cf3a7f367d2193aa2edd3bb13a023e947b05404ede9575986ddff1d3af33e8317575dfb57a1877fa8a415d616aa9833e26b4539fda126dec81265838876ad73c55e2b936032074617210a0efd686f2e4c9fccc2af87a9b4b827109a90abd379713b59a48d4f4f870780ebba7b9c6dd871147ea21a6f302945e3deba045372814a4ce1d9efbee30eb97b78c446f1cb7a046063b816362cd9a9b47762fa9d72b5dc7a3e3a3c52dff8986d4f3994a7a46d95c79ba8395aed77072accfdf19f3c626b9ab0429bdf2bfa8c5a6ae3645a6851b96c5d06ee42b91aa3eb3cf1c28fdd01f6dee4f19de8ee4aeafa1149c9be5f2481df5bdc2102c6dc028e17ec17cc68623dd6561b818b10bb4c8987d4407de028ff30f8d755018f1cb2f98ffa1aec193a363abb08bc09a095e39147aa882c8f7d35b508cd50fade33a12153c3e584c0b569b136d7082675a6fb0969ab9c0b777d078a4a8073c9756d3a0709b0c7c76b4017b4368432a111fee3388a69c9bb8b875c1069f332dd562d48ee241110bfc053caad0e16abe30a99a9f6a8860e2e023d4c591ae6c4d1d39c3ed24bd7aae9b913b2bbc6a6ab0a380d42b32fe93f8b224416515e24381bde2abd9a32d67cc800c5aed6d632430fa52d183cce0d7d56e25ad8f7ddf5fe984ec5354f6da316559791ed7e8a928f01de8d93d81119fe1077c410a666d24c33ec5e4f956a1c132934ea15b1dcaecd83159fa951804eda589b512b1deca9b2215f44e5ea7ea01a076310597ac4bbcb9d5a3b8c0cfc89f3c2c7c3cbb4f23f64861f2d245d9a08c0640af13a5f784434d0bc59b3e6959a4e3e116837d76a44b1dd0a17b5fe2cdd7d9f448460bf8da2628d04284b1dc21d50fba0b3006bb9247d9a0a98ccd255b56cf84ea2deaa0bc1a4ca5cfec15ec44acba8f3b2bf0fe70bc7c2b1d2bc1f7a310cbb91c78b67fc8b18cc17facd38d139301a1805b38f8e662e54bee034635dc08512f4938f7ff5db637792e5bb9944ae72da9081ea2d78e0918328eb00e6f6d260efe82c97bac1bda4e196f840be03a4a4d1cfabf24126a0c8abeb88320b3b1bb760c6543e5ed0a3252c3c84bb9ecefec3c786dab1a16a15f9aafa2cca764f71de16bb06fbeb608878ee1bdbaf50dde30a72592c7cb681a2fe84a7fe26c90ecf09d0c4be92a0a6802852c0fa1745a753b72f988cd0962b99570bacbed7cbd2bd66a6a05f4e9de2fbcfc29846a14dc26d5b5db833b56996d2a3f199b711cb17ed097a35d6edbb74753e2e2fee3a048cddd1ec657457e7775cbc82fdfe202522a9cf9c5e6d63f5e6ff223d79bcdc15bb163c7428a951c5f860549e295201d6e9a900ab5a2fc9fa13c1173043a228becd177c109a50a3f96338b8b9a4dbd3dfba656e433e6b3ef84424d3ac2cd2d1b96cf4f0632d2485b2a1868f887dc5da8c85ae9e6df58267c8f7d1baf0b92e3b51f46a96d9b4eca58c7308bf0346ea1eee754bb6d48d35a197e3bd15aec802598873ccc8b06183fec9d16f10b7a3511b0d03e438a21446ab074900b4cd023bc637d2fcdf71a4e564f972f2c414a1109f7161ba8cfc19ae4ebd44f92c6c9b4610580abd060207db7d2b37952d1f178e312fedec74ce6e11be7a1562600e2d25c41e450bafc13df19beffae90b4d4b544bd40d5d41dcedafc3d03bbc2d68dca1e4c5cf60e7d0f49634de3a98dc3c553fab08f328a580f89958df686aed58b6647fc3f44aa4a15e6a9b832e815b11d910847e643a1fbac378fabfbb07f305b8663a981a760e5205fd6b15f40bf7857ed8e25bea69a0923aa89c724dba52a7733b0ebbc5b5c8a663a911e62f263679e0fd819912898d9b7d345cab67d68041e8f273639ce826576667532a7885304e89c8f9506ae4aca0ed094ec0877640a7bfe40f2eb1a8b6085e1697c1b801bc9045344701539a5da5c5d34435aca81f00996caf6e60258213d6cb5fa8c34e94268955bc6fd9e8c3b118f3b6dda3b07348fab6df0f02f86ecdfaeac8402d03e717fc43eec2ed5eec748fd0a24270234bcc4752a9e327c47cda69ce45ff6982b7da27a47dc78336179830433417da0a6b6483067d6d765e866dc4be02efb21c5c871fd82f87a0fdb4da883c261ff85caf8b001315015c4616853f2b60721c679ae103e89b5d41da126cbf69e35215264971325afe9d6216edd93b9c7e84d292587c097511e854c66112d63da325a746668a1c19ac5ea09eaa17ec112dbfd42090251dccd22dc8fb3b54b2956fa75f5c216d115b7256456b57c9d562bbe05716febe7d8a7084dd4006ab8ab5df9fa3630275be80963b7bfa6412827b6fb74e5bab65eaa84b24aa270a1f4988533365d8ed6c38e2ee302c92a9354507cd883cb468269a15c3d2e34baa731495f20140d1d0e943c28bc1cfbcc08169e4da25353437ececd6c40badb4b09678a87b8ae895ff5310380c887489482f63ad6e7bbcf72972e2b4266b49eb1cf47f73282842221a79ace3f6748350cef2cc142c10f8f3a9faef5be7225eae23042502fb9c2e49d06792f8ae5ace29bb1702e4482dfae1529ea0ed53e1c607a7e672846be6efbffb0ed079390632f967bf8d71b0c1b702584f9a90881088c0596d90e6d0e8c7c736489b5854eca3d74d31422dbb53a356d1a035f3b76ccff5fd827261d5099aa9be71f97c36364a95f67a54acac0ec5e9dcf3634019b8c4f985d156df16d79dde9d94686e0be81cc")
r2 = perf_event_open(&(0x7f00000011c0)={0x4, 0x80, 0x1f, 0xd0, 0x3, 0x5, 0x0, 0xfffffffffffffff9, 0x40238, 0x7, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x2, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000001180)}, 0x2, 0x8000000000000001, 0x7ff, 0x6, 0x0, 0x20, 0x4, 0x0, 0x4, 0x0, 0xfffffffffc907228}, 0xffffffffffffffff, 0x9, 0xffffffffffffffff, 0x1)
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x1, 0x7, 0x81, 0x7f, 0x0, 0x5, 0x40080, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x3, 0x4, @perf_config_ext={0xfffffffffffff001, 0x6}, 0x40c8, 0x6, 0x1, 0x3, 0x6, 0xfffffff7, 0x8001, 0x0, 0x7f, 0x0, 0x800}, r1, 0xe, r2, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (async)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0) (async)
syz_clone(0x90014280, &(0x7f0000000080)="a4e0f68ee77829259f39861189e509b6b13935759580da6cfd12a6b65102050cd02aa998fdea6156f295d84d562e17d43619e66f2194133ce1d414521dad6fd4a8557f79c9a01a662ffcd41b884982c4d47f686bd0cf69e8dc260328b0467727ecabe2f16c6287ef7ddbf0b3fd95d2ce171102c699811636da8bf969126ab8", 0x7f, &(0x7f0000000100), &(0x7f0000000140), &(0x7f0000000180)="8a8d221b5f9fac6898e5df20e36a620df468748092fc487a5676792a20eebe74c217bc3ddfdd55e747150d48d31c6e53d2e48e274996a2db3f377d72993f2ee2446e6c677e6588e4f2f6275ea9d22d26ade0069e73ccf0ab18d3f5443d304e61eb9f98a6e7c0d44b24d56000e0e06c32bbba743351cab44380cc3c149764024255a70b5b2316209f1a940cc9d7d78fc0c5fbb6901c2d6f5c6d2c0a94cf367b8e28711ba6feeb82f9600afc5a2c2ba3fe10a34bb3548c4677d8069bea911299e7d769d42c2d9b28497a1728b5cbdc4ae2df2b4ded3d3e2bb257e5c1d95261b348952e1283cd35d33d04389efb949c28773e0f261ea783a04a36bb2b302a5a33c9f1d7c827973d1c849578cfd2cff04cd0ecb2f4c16e0a1fe48898c1ac939004508e39e4751c5ac622e8d4883ea0f8a288923bb9990178744597154fb9481a06e7d18c8c20e41de8f76435d58ef91609ef58ca3a32470ccaaef11426c8585fe460693ddc72eeb9d441af19b6ff0af88a0eb22aa0d997b59568312e52e6eb7db3ac9bcbbc15a2c82c119152f32043e8aa613b34211e36d7d58b1171851a1704fb3d62149ae6f15d3d42b831b36c9c5c8feeb973e9c2eaa515f24c5a1a1474771c22c79050515224cb9e46816a342f22c0a9b0a160af6cfb33fca84a5c1d174b812bd86d12c61662de6438696fa7e30813ed7e0ac3925e3a33e5e3bb8aa001a16c5220d60c1180fe75352384125a47ff914caf61f85c3bd31ef199e7967c41a398a150667c94dcd43a1bb9a4200a2f576584b8f90ab3df0436ed261084cfb5c8e54e6b84a71c21f0f550364b12e48c173217ea97250e361af873f0ce473f46f02a937d7be69ad2f4756393d1350a32bb6dd9c8ddbe6f6e37332bb82944d6eec86c4d266e687fb7ec9ddc7e3e7626035ad1869129f206ac45a36b480ec58d5f72caefd0a79ba083bfbbc88139cf2eed452ba81d69b20eb3e1085615ae75f09cebbd7a8e511ad182bff03ac7ad5bfbf5e1a9d8dd3cc3a21b06674c6b8296029931641650bbfd84c68d9a4d91b41433f5a60b47268ffd2ef386bf4b9143fd3fdd5e973b5f99b1c27de03393efdf15b6cca4a07cf56c89619dc7764e3bbe6ea46ce0e668b6848e25f8631c9909c19d62598b8577cc9e53bad2078792017a7d736ce3a0fab2ca7cd8e9b3423b25c40c196cdd40245d91a34f9fc13a2c0c617b3d3ebfe024efb2bfbc4b539f8decbfa0162f92c01746713c55a4f1d9fefb557dc89a360bfb12ad53daca355a1cff4167e5cf9151ff88df076af82b3135f2cdf8bf410a42a2121e49d623943c08a01e9cbfa3686223ba0adae3ad4e6dacdca801288ed1a594e5fadba1c78823b870cbae80e927fa6fa52e2ab186182721691a944779a88d45a39a52666a4718f89f5fa2daea4392a04a72d9345b9b18acbe16cf2b38f0e36d5bc075ee8b30c8777c44af9a9b6c4d50af495b9c6893d380ee0af48a2ee9c7680d46bddc856966bccfa5f39dc62d8a960a1733fb212b60c5e365dfb4addab75ee4de646a1cb06cc0fb7022607b7fd01e05765dda121c9826f6b0650dbbd82f61fa6aa3244d15f65eb01ebbc33dcf0c8f86e80ffb906a453875823ce1bac734117dc205182adf0d92a21c5fad20ffbbc4f41d6033df0022802d84101caeb5dfbd8330fb285aee7c678005b284d673212c3a382c80f11c072cd6e75de3afcefcdf9ea1a4add722b1017d12b233e3fcaa6e72a36a4ad8fbb3dbe1b4a29d49557420de0eade29d23f4a660df4098a14a2f1f6e96a0feab0eb2610764ec024cb5326248e5125cf316639ae58e45bc70639901d70dce29d09486dd26f2354c8559e7dba2c91ade5b59ce9a2d4a06ea6bd8c1a5a5d0e9d8e2edb5d13e66a78cce2b43db52079bfa89bc78f17af799d55bb921ddede10d57f0dcfbfd03f8afffbf13bb2fb7b738dbbb45b088060b6731b15b5525cd84cc40ebc463321c1ec228a42338c213150e075ead034ffa13e5966d403f01afd17cd820b2710f0d1f8fcb90c0fa6d8f71f549e6213c4845399d7cf9eed93d4f267f9aea951a88c8fc42f044b69811dffaf478d491aaf3ec77fe8d7670e54251daf6499eb120ac56fbdb4d6aeff7bd1bc57e347f3217b31c499a712e9a55fd00e578a60ece58e673589f81a2e4ed423eb86cc492e716537fa323906aaed8ec6d22c9bfaa60c24043e7b7d38d16f87efbb2af95b1f34df6a9d4731e747fc88c09cd7ba0f6837b37b5c1917f93f91d643ff7365320fbe65430e04092d061cc8d4d2b3cf695a16937084923d1c53e267d9e63d09987b8537842b3934b6b0c636a781353a16f8fc59f92fa96951b78c4626c8a6052a9518033d710bc89552fba43d947112f32bf72e7b5d9c79270249e23e0133b99888c726c7f2f800b4b61deffe3ec4c07657f4732f8ab465855294fd4a8f24acdb0e1f3caa784c07fc050461ef9eef584e219c920762959b955aa81620556f32128ac44c3c8b5a8fc4d25b3ecda7bf85d35a2b345372d6548260e57d82dfb0ed2948a36d8eb25dc75f5c410287a6a385ee19a14ed3bdc86d35e678d778d12d0a1e25b624053f51a9bcf37846a2266fd879165cf2fab4b71bc74e9a0a69ab7af18c4eb29db17f55933cac2188bfbe0f6e262d35cedb91de28c4802c4147360882f0cf93c4fc64d0594355e3ffe8b6c8ca02e0e967a6b770018a453e7053492f1aefa3d29f3e999e4016ddc1d69335563433f5f22be9a7f9d8ab5980a0c4b74419aebabb1eddf4eae224b92028c05ed6a2c75848a76642f2f3f1e079096b61cc8084d16074d3e5fddf8b4ab4f1c5874333691131310e96aac64a3f912593407f65431e668c4335bbfc6f994ac3034822f13d399bb51e3578139bc4792435dcfc5de7f71eaf87ed5aa5f36004ba6ffad96f868ae13ffd52e16202c8dd5f0236ee30cef8b8e0064396afd4343a9df52845c6f520208b83b2f43848ac7f5a02fa09a7dbaa818eb7845bda057c9e6a08c125dbde71cd19c33b677fc17b804564467a589c97826db91ddad4d3a21ef31373d203390cf3a7f367d2193aa2edd3bb13a023e947b05404ede9575986ddff1d3af33e8317575dfb57a1877fa8a415d616aa9833e26b4539fda126dec81265838876ad73c55e2b936032074617210a0efd686f2e4c9fccc2af87a9b4b827109a90abd379713b59a48d4f4f870780ebba7b9c6dd871147ea21a6f302945e3deba045372814a4ce1d9efbee30eb97b78c446f1cb7a046063b816362cd9a9b47762fa9d72b5dc7a3e3a3c52dff8986d4f3994a7a46d95c79ba8395aed77072accfdf19f3c626b9ab0429bdf2bfa8c5a6ae3645a6851b96c5d06ee42b91aa3eb3cf1c28fdd01f6dee4f19de8ee4aeafa1149c9be5f2481df5bdc2102c6dc028e17ec17cc68623dd6561b818b10bb4c8987d4407de028ff30f8d755018f1cb2f98ffa1aec193a363abb08bc09a095e39147aa882c8f7d35b508cd50fade33a12153c3e584c0b569b136d7082675a6fb0969ab9c0b777d078a4a8073c9756d3a0709b0c7c76b4017b4368432a111fee3388a69c9bb8b875c1069f332dd562d48ee241110bfc053caad0e16abe30a99a9f6a8860e2e023d4c591ae6c4d1d39c3ed24bd7aae9b913b2bbc6a6ab0a380d42b32fe93f8b224416515e24381bde2abd9a32d67cc800c5aed6d632430fa52d183cce0d7d56e25ad8f7ddf5fe984ec5354f6da316559791ed7e8a928f01de8d93d81119fe1077c410a666d24c33ec5e4f956a1c132934ea15b1dcaecd83159fa951804eda589b512b1deca9b2215f44e5ea7ea01a076310597ac4bbcb9d5a3b8c0cfc89f3c2c7c3cbb4f23f64861f2d245d9a08c0640af13a5f784434d0bc59b3e6959a4e3e116837d76a44b1dd0a17b5fe2cdd7d9f448460bf8da2628d04284b1dc21d50fba0b3006bb9247d9a0a98ccd255b56cf84ea2deaa0bc1a4ca5cfec15ec44acba8f3b2bf0fe70bc7c2b1d2bc1f7a310cbb91c78b67fc8b18cc17facd38d139301a1805b38f8e662e54bee034635dc08512f4938f7ff5db637792e5bb9944ae72da9081ea2d78e0918328eb00e6f6d260efe82c97bac1bda4e196f840be03a4a4d1cfabf24126a0c8abeb88320b3b1bb760c6543e5ed0a3252c3c84bb9ecefec3c786dab1a16a15f9aafa2cca764f71de16bb06fbeb608878ee1bdbaf50dde30a72592c7cb681a2fe84a7fe26c90ecf09d0c4be92a0a6802852c0fa1745a753b72f988cd0962b99570bacbed7cbd2bd66a6a05f4e9de2fbcfc29846a14dc26d5b5db833b56996d2a3f199b711cb17ed097a35d6edbb74753e2e2fee3a048cddd1ec657457e7775cbc82fdfe202522a9cf9c5e6d63f5e6ff223d79bcdc15bb163c7428a951c5f860549e295201d6e9a900ab5a2fc9fa13c1173043a228becd177c109a50a3f96338b8b9a4dbd3dfba656e433e6b3ef84424d3ac2cd2d1b96cf4f0632d2485b2a1868f887dc5da8c85ae9e6df58267c8f7d1baf0b92e3b51f46a96d9b4eca58c7308bf0346ea1eee754bb6d48d35a197e3bd15aec802598873ccc8b06183fec9d16f10b7a3511b0d03e438a21446ab074900b4cd023bc637d2fcdf71a4e564f972f2c414a1109f7161ba8cfc19ae4ebd44f92c6c9b4610580abd060207db7d2b37952d1f178e312fedec74ce6e11be7a1562600e2d25c41e450bafc13df19beffae90b4d4b544bd40d5d41dcedafc3d03bbc2d68dca1e4c5cf60e7d0f49634de3a98dc3c553fab08f328a580f89958df686aed58b6647fc3f44aa4a15e6a9b832e815b11d910847e643a1fbac378fabfbb07f305b8663a981a760e5205fd6b15f40bf7857ed8e25bea69a0923aa89c724dba52a7733b0ebbc5b5c8a663a911e62f263679e0fd819912898d9b7d345cab67d68041e8f273639ce826576667532a7885304e89c8f9506ae4aca0ed094ec0877640a7bfe40f2eb1a8b6085e1697c1b801bc9045344701539a5da5c5d34435aca81f00996caf6e60258213d6cb5fa8c34e94268955bc6fd9e8c3b118f3b6dda3b07348fab6df0f02f86ecdfaeac8402d03e717fc43eec2ed5eec748fd0a24270234bcc4752a9e327c47cda69ce45ff6982b7da27a47dc78336179830433417da0a6b6483067d6d765e866dc4be02efb21c5c871fd82f87a0fdb4da883c261ff85caf8b001315015c4616853f2b60721c679ae103e89b5d41da126cbf69e35215264971325afe9d6216edd93b9c7e84d292587c097511e854c66112d63da325a746668a1c19ac5ea09eaa17ec112dbfd42090251dccd22dc8fb3b54b2956fa75f5c216d115b7256456b57c9d562bbe05716febe7d8a7084dd4006ab8ab5df9fa3630275be80963b7bfa6412827b6fb74e5bab65eaa84b24aa270a1f4988533365d8ed6c38e2ee302c92a9354507cd883cb468269a15c3d2e34baa731495f20140d1d0e943c28bc1cfbcc08169e4da25353437ececd6c40badb4b09678a87b8ae895ff5310380c887489482f63ad6e7bbcf72972e2b4266b49eb1cf47f73282842221a79ace3f6748350cef2cc142c10f8f3a9faef5be7225eae23042502fb9c2e49d06792f8ae5ace29bb1702e4482dfae1529ea0ed53e1c607a7e672846be6efbffb0ed079390632f967bf8d71b0c1b702584f9a90881088c0596d90e6d0e8c7c736489b5854eca3d74d31422dbb53a356d1a035f3b76ccff5fd827261d5099aa9be71f97c36364a95f67a54acac0ec5e9dcf3634019b8c4f985d156df16d79dde9d94686e0be81cc") (async)
perf_event_open(&(0x7f00000011c0)={0x4, 0x80, 0x1f, 0xd0, 0x3, 0x5, 0x0, 0xfffffffffffffff9, 0x40238, 0x7, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x2, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000001180)}, 0x2, 0x8000000000000001, 0x7ff, 0x6, 0x0, 0x20, 0x4, 0x0, 0x4, 0x0, 0xfffffffffc907228}, 0xffffffffffffffff, 0x9, 0xffffffffffffffff, 0x1) (async)
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x1, 0x7, 0x81, 0x7f, 0x0, 0x5, 0x40080, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x3, 0x4, @perf_config_ext={0xfffffffffffff001, 0x6}, 0x40c8, 0x6, 0x1, 0x3, 0x6, 0xfffffff7, 0x8001, 0x0, 0x7f, 0x0, 0x800}, r1, 0xe, r2, 0x0) (async)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0) (async)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (async)

18:07:07 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x2000000)
close(r2)

[  348.215117][T28954] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  348.222928][T28954] R13: 00007ffcbc4c66ef R14: 00007f133f5ec300 R15: 0000000000022000
[  348.230744][T28954]  </TASK>
[  348.352922][T28954] ==================================================================
[  348.360826][T28954] BUG: KASAN: use-after-free in vm_area_free+0x7e/0x230
[  348.367606][T28954] Write of size 4 at addr ffff88811084fbe8 by task syz-executor.1/28954
[  348.375751][T28954] 
[  348.377928][T28954] CPU: 0 PID: 28954 Comm: syz-executor.1 Not tainted 5.15.78-syzkaller-00911-gc73b4619ad86 #0
[  348.387996][T28954] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[  348.397884][T28954] Call Trace:
[  348.401006][T28954]  <TASK>
[  348.403785][T28954]  dump_stack_lvl+0x151/0x1b7
[  348.408297][T28954]  ? bfq_pos_tree_add_move+0x43e/0x43e
[  348.413589][T28954]  ? panic+0x727/0x727
[  348.417500][T28954]  ? slab_free_freelist_hook+0xc9/0x1a0
[  348.422880][T28954]  print_address_description+0x87/0x3d0
[  348.428268][T28954]  kasan_report+0x1a6/0x1f0
[  348.432613][T28954]  ? vm_area_free+0x7e/0x230
[  348.437027][T28954]  ? vm_area_free+0x7e/0x230
[  348.441453][T28954]  kasan_check_range+0x2aa/0x2e0
[  348.446226][T28954]  __kasan_check_write+0x14/0x20
[  348.451000][T28954]  vm_area_free+0x7e/0x230
[  348.455253][T28954]  dup_mmap+0xbcd/0xea0
[  348.459277][T28954]  ? __delayed_free_task+0x20/0x20
[  348.464193][T28954]  ? mm_init+0x807/0x960
[  348.468271][T28954]  dup_mm+0x91/0x330
[  348.472092][T28954]  copy_mm+0x108/0x1b0
[  348.475996][T28954]  copy_process+0x1295/0x3250
[  348.480512][T28954]  ? proc_fail_nth_write+0x213/0x290
[  348.485631][T28954]  ? proc_fail_nth_read+0x220/0x220
[  348.490669][T28954]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  348.495609][T28954]  ? vfs_write+0x9af/0x1050
[  348.499951][T28954]  ? vmacache_update+0xb7/0x120
[  348.504635][T28954]  kernel_clone+0x22d/0x990
[  348.508976][T28954]  ? file_end_write+0x1b0/0x1b0
[  348.513666][T28954]  ? __kasan_check_write+0x14/0x20
[  348.518610][T28954]  ? create_io_thread+0x1e0/0x1e0
[  348.523471][T28954]  ? __mutex_lock_slowpath+0x10/0x10
[  348.528593][T28954]  __x64_sys_clone+0x289/0x310
[  348.533192][T28954]  ? __do_sys_vfork+0x130/0x130
[  348.537879][T28954]  ? debug_smp_processor_id+0x17/0x20
[  348.543176][T28954]  do_syscall_64+0x44/0xd0
[  348.547424][T28954]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  348.553154][T28954] RIP: 0033:0x7f13408790c9
[  348.557410][T28954] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  348.576852][T28954] RSP: 002b:00007f133f5ec118 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  348.585092][T28954] RAX: ffffffffffffffda RBX: 00007f1340998f80 RCX: 00007f13408790c9
[  348.592904][T28954] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  348.600714][T28954] RBP: 00007f133f5ec1d0 R08: 0000000000000000 R09: 0000000000000000
[  348.608528][T28954] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  348.616347][T28954] R13: 00007ffcbc4c66ef R14: 00007f133f5ec300 R15: 0000000000022000
[  348.624241][T28954]  </TASK>
[  348.627107][T28954] 
[  348.629271][T28954] Allocated by task 28907:
[  348.633523][T28954]  __kasan_slab_alloc+0xb2/0xe0
[  348.638211][T28954]  kmem_cache_alloc+0x189/0x2f0
[  348.642894][T28954]  vm_area_dup+0x26/0x1d0
[  348.647066][T28954]  dup_mmap+0x6b8/0xea0
[  348.651052][T28954]  dup_mm+0x91/0x330
[  348.654786][T28954]  copy_mm+0x108/0x1b0
[  348.658866][T28954]  copy_process+0x1295/0x3250
[  348.663385][T28954]  kernel_clone+0x22d/0x990
[  348.667724][T28954]  __x64_sys_clone+0x289/0x310
[  348.672316][T28954]  do_syscall_64+0x44/0xd0
[  348.676570][T28954]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  348.682386][T28954] 
[  348.684556][T28954] Freed by task 28938:
[  348.688459][T28954]  kasan_set_track+0x4c/0x70
[  348.692891][T28954]  kasan_set_free_info+0x23/0x40
[  348.697660][T28954]  ____kasan_slab_free+0x126/0x160
[  348.702607][T28954]  __kasan_slab_free+0x11/0x20
[  348.707408][T28954]  slab_free_freelist_hook+0xc9/0x1a0
[  348.712698][T28954]  kmem_cache_free+0x11a/0x2e0
[  348.717326][T28954]  vm_area_free+0x1ae/0x230
[  348.721736][T28954]  exit_mmap+0x5dd/0x7a0
[  348.725800][T28954]  __mmput+0x95/0x300
[  348.729638][T28954]  mmput+0x50/0x60
[  348.733181][T28954]  exit_mm+0x50d/0x760
[  348.737170][T28954]  do_exit+0x63c/0x24d0
[  348.741163][T28954]  __ia32_sys_exit+0x0/0x40
[  348.745594][T28954]  do_syscall_64+0x44/0xd0
[  348.749843][T28954]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  348.755571][T28954] 
[  348.757743][T28954] The buggy address belongs to the object at ffff88811084fb90
[  348.757743][T28954]  which belongs to the cache vm_area_struct of size 232
[  348.771886][T28954] The buggy address is located 88 bytes inside of
[  348.771886][T28954]  232-byte region [ffff88811084fb90, ffff88811084fc78)
[  348.784906][T28954] The buggy address belongs to the page:
[  348.790377][T28954] page:ffffea00044213c0 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x11084f
[  348.800442][T28954] flags: 0x4000000000000200(slab|zone=1)
[  348.805917][T28954] raw: 4000000000000200 0000000000000000 dead000000000122 ffff888100274600
[  348.814340][T28954] raw: 0000000000000000 00000000000d000d 00000001ffffffff 0000000000000000
[  348.822746][T28954] page dumped because: kasan: bad access detected
[  348.829001][T28954] page_owner tracks the page as allocated
[  348.834557][T28954] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x112cc0(GFP_USER|__GFP_NOWARN|__GFP_NORETRY), pid 28907, ts 347578154048, free_ts 347484087896
[  348.850611][T28954]  post_alloc_hook+0x1ab/0x1b0
[  348.855208][T28954]  get_page_from_freelist+0x38b/0x400
[  348.860442][T28954]  __alloc_pages+0x3a8/0x7c0
[  348.864841][T28954]  allocate_slab+0x62/0x580
[  348.869214][T28954]  ___slab_alloc+0x2e2/0x6f0
[  348.873606][T28954]  __slab_alloc+0x4a/0x90
[  348.877773][T28954]  kmem_cache_alloc+0x205/0x2f0
[  348.882458][T28954]  vm_area_dup+0x26/0x1d0
[  348.886626][T28954]  dup_mmap+0x6b8/0xea0
[  348.890707][T28954]  dup_mm+0x91/0x330
[  348.894440][T28954]  copy_mm+0x108/0x1b0
[  348.898343][T28954]  copy_process+0x1295/0x3250
[  348.902854][T28954]  kernel_clone+0x22d/0x990
[  348.907194][T28954]  __x64_sys_clone+0x289/0x310
[  348.911793][T28954]  do_syscall_64+0x44/0xd0
[  348.916076][T28954]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  348.921779][T28954] page last free stack trace:
[  348.926290][T28954]  free_pcp_prepare+0x448/0x450
[  348.930978][T28954]  free_unref_page+0x9c/0x370
[  348.935491][T28954]  __free_pages+0xd8/0x100
[  348.939743][T28954]  __vunmap+0x846/0x980
[  348.943743][T28954]  free_work+0x66/0x90
[  348.947643][T28954]  process_one_work+0x6db/0xc00
[  348.952330][T28954]  worker_thread+0xb3e/0x1340
[  348.956839][T28954]  kthread+0x41c/0x500
[  348.960745][T28954]  ret_from_fork+0x1f/0x30
[  348.965009][T28954] 
[  348.967169][T28954] Memory state around the buggy address:
[  348.972640][T28954]  ffff88811084fa80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  348.980538][T28954]  ffff88811084fb00: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc
[  348.988435][T28954] >ffff88811084fb80: fc fc fa fb fb fb fb fb fb fb fb fb fb fb fb fb
[  348.996329][T28954]                                                           ^
[  349.003623][T28954]  ffff88811084fc00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fc
[  349.011528][T28954]  ffff88811084fc80: fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb fb
[  349.019418][T28954] ==================================================================
[  349.027321][T28954] Disabling lock debugging due to kernel taint
18:07:08 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x2020100)
close(r2)

18:07:08 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x0, 0x4, &(0x7f0000002340)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x1e}]}, &(0x7f0000002240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)

18:07:08 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x80001, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200, 0x1, @perf_bp={&(0x7f0000000100)}, 0x80000, 0xbcf7, 0x3, 0x2, 0x1b8, 0x5, 0x0, 0x0, 0x8, 0x0, 0x51}, 0xffffffffffffffff, 0xe, r0, 0x0)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

18:07:08 executing program 3:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r0, &(0x7f0000000080), 0x2, 0x0)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x200002, 0x0)
openat$cgroup_ro(r1, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x0, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup.cpu/syz0\x00', 0x200002, 0x0)
openat$cgroup_ro(r3, &(0x7f0000000180)='cpuacct.usage_all\x00', 0x0, 0x0)
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r0, 0x3, r2, 0x2)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40806685, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0) (async)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0) (async)
openat$cgroup_freezer_state(r0, &(0x7f0000000080), 0x2, 0x0) (async)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x200002, 0x0) (async)
openat$cgroup_ro(r1, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x0, 0x0) (async)
perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (async)
close(r2) (async)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00') (async)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup.cpu/syz0\x00', 0x200002, 0x0) (async)
openat$cgroup_ro(r3, &(0x7f0000000180)='cpuacct.usage_all\x00', 0x0, 0x0) (async)
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r0, 0x3, r2, 0x2) (async)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40806685, 0x0) (async)

18:07:08 executing program 1:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 87)

18:07:08 executing program 2:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
r1 = syz_clone(0x90014280, &(0x7f0000000080)="a4e0f68ee77829259f39861189e509b6b13935759580da6cfd12a6b65102050cd02aa998fdea6156f295d84d562e17d43619e66f2194133ce1d414521dad6fd4a8557f79c9a01a662ffcd41b884982c4d47f686bd0cf69e8dc260328b0467727ecabe2f16c6287ef7ddbf0b3fd95d2ce171102c699811636da8bf969126ab8", 0x7f, &(0x7f0000000100), &(0x7f0000000140), &(0x7f0000000180)="8a8d221b5f9fac6898e5df20e36a620df468748092fc487a5676792a20eebe74c217bc3ddfdd55e747150d48d31c6e53d2e48e274996a2db3f377d72993f2ee2446e6c677e6588e4f2f6275ea9d22d26ade0069e73ccf0ab18d3f5443d304e61eb9f98a6e7c0d44b24d56000e0e06c32bbba743351cab44380cc3c149764024255a70b5b2316209f1a940cc9d7d78fc0c5fbb6901c2d6f5c6d2c0a94cf367b8e28711ba6feeb82f9600afc5a2c2ba3fe10a34bb3548c4677d8069bea911299e7d769d42c2d9b28497a1728b5cbdc4ae2df2b4ded3d3e2bb257e5c1d95261b348952e1283cd35d33d04389efb949c28773e0f261ea783a04a36bb2b302a5a33c9f1d7c827973d1c849578cfd2cff04cd0ecb2f4c16e0a1fe48898c1ac939004508e39e4751c5ac622e8d4883ea0f8a288923bb9990178744597154fb9481a06e7d18c8c20e41de8f76435d58ef91609ef58ca3a32470ccaaef11426c8585fe460693ddc72eeb9d441af19b6ff0af88a0eb22aa0d997b59568312e52e6eb7db3ac9bcbbc15a2c82c119152f32043e8aa613b34211e36d7d58b1171851a1704fb3d62149ae6f15d3d42b831b36c9c5c8feeb973e9c2eaa515f24c5a1a1474771c22c79050515224cb9e46816a342f22c0a9b0a160af6cfb33fca84a5c1d174b812bd86d12c61662de6438696fa7e30813ed7e0ac3925e3a33e5e3bb8aa001a16c5220d60c1180fe75352384125a47ff914caf61f85c3bd31ef199e7967c41a398a150667c94dcd43a1bb9a4200a2f576584b8f90ab3df0436ed261084cfb5c8e54e6b84a71c21f0f550364b12e48c173217ea97250e361af873f0ce473f46f02a937d7be69ad2f4756393d1350a32bb6dd9c8ddbe6f6e37332bb82944d6eec86c4d266e687fb7ec9ddc7e3e7626035ad1869129f206ac45a36b480ec58d5f72caefd0a79ba083bfbbc88139cf2eed452ba81d69b20eb3e1085615ae75f09cebbd7a8e511ad182bff03ac7ad5bfbf5e1a9d8dd3cc3a21b06674c6b8296029931641650bbfd84c68d9a4d91b41433f5a60b47268ffd2ef386bf4b9143fd3fdd5e973b5f99b1c27de03393efdf15b6cca4a07cf56c89619dc7764e3bbe6ea46ce0e668b6848e25f8631c9909c19d62598b8577cc9e53bad2078792017a7d736ce3a0fab2ca7cd8e9b3423b25c40c196cdd40245d91a34f9fc13a2c0c617b3d3ebfe024efb2bfbc4b539f8decbfa0162f92c01746713c55a4f1d9fefb557dc89a360bfb12ad53daca355a1cff4167e5cf9151ff88df076af82b3135f2cdf8bf410a42a2121e49d623943c08a01e9cbfa3686223ba0adae3ad4e6dacdca801288ed1a594e5fadba1c78823b870cbae80e927fa6fa52e2ab186182721691a944779a88d45a39a52666a4718f89f5fa2daea4392a04a72d9345b9b18acbe16cf2b38f0e36d5bc075ee8b30c8777c44af9a9b6c4d50af495b9c6893d380ee0af48a2ee9c7680d46bddc856966bccfa5f39dc62d8a960a1733fb212b60c5e365dfb4addab75ee4de646a1cb06cc0fb7022607b7fd01e05765dda121c9826f6b0650dbbd82f61fa6aa3244d15f65eb01ebbc33dcf0c8f86e80ffb906a453875823ce1bac734117dc205182adf0d92a21c5fad20ffbbc4f41d6033df0022802d84101caeb5dfbd8330fb285aee7c678005b284d673212c3a382c80f11c072cd6e75de3afcefcdf9ea1a4add722b1017d12b233e3fcaa6e72a36a4ad8fbb3dbe1b4a29d49557420de0eade29d23f4a660df4098a14a2f1f6e96a0feab0eb2610764ec024cb5326248e5125cf316639ae58e45bc70639901d70dce29d09486dd26f2354c8559e7dba2c91ade5b59ce9a2d4a06ea6bd8c1a5a5d0e9d8e2edb5d13e66a78cce2b43db52079bfa89bc78f17af799d55bb921ddede10d57f0dcfbfd03f8afffbf13bb2fb7b738dbbb45b088060b6731b15b5525cd84cc40ebc463321c1ec228a42338c213150e075ead034ffa13e5966d403f01afd17cd820b2710f0d1f8fcb90c0fa6d8f71f549e6213c4845399d7cf9eed93d4f267f9aea951a88c8fc42f044b69811dffaf478d491aaf3ec77fe8d7670e54251daf6499eb120ac56fbdb4d6aeff7bd1bc57e347f3217b31c499a712e9a55fd00e578a60ece58e673589f81a2e4ed423eb86cc492e716537fa323906aaed8ec6d22c9bfaa60c24043e7b7d38d16f87efbb2af95b1f34df6a9d4731e747fc88c09cd7ba0f6837b37b5c1917f93f91d643ff7365320fbe65430e04092d061cc8d4d2b3cf695a16937084923d1c53e267d9e63d09987b8537842b3934b6b0c636a781353a16f8fc59f92fa96951b78c4626c8a6052a9518033d710bc89552fba43d947112f32bf72e7b5d9c79270249e23e0133b99888c726c7f2f800b4b61deffe3ec4c07657f4732f8ab465855294fd4a8f24acdb0e1f3caa784c07fc050461ef9eef584e219c920762959b955aa81620556f32128ac44c3c8b5a8fc4d25b3ecda7bf85d35a2b345372d6548260e57d82dfb0ed2948a36d8eb25dc75f5c410287a6a385ee19a14ed3bdc86d35e678d778d12d0a1e25b624053f51a9bcf37846a2266fd879165cf2fab4b71bc74e9a0a69ab7af18c4eb29db17f55933cac2188bfbe0f6e262d35cedb91de28c4802c4147360882f0cf93c4fc64d0594355e3ffe8b6c8ca02e0e967a6b770018a453e7053492f1aefa3d29f3e999e4016ddc1d69335563433f5f22be9a7f9d8ab5980a0c4b74419aebabb1eddf4eae224b92028c05ed6a2c75848a76642f2f3f1e079096b61cc8084d16074d3e5fddf8b4ab4f1c5874333691131310e96aac64a3f912593407f65431e668c4335bbfc6f994ac3034822f13d399bb51e3578139bc4792435dcfc5de7f71eaf87ed5aa5f36004ba6ffad96f868ae13ffd52e16202c8dd5f0236ee30cef8b8e0064396afd4343a9df52845c6f520208b83b2f43848ac7f5a02fa09a7dbaa818eb7845bda057c9e6a08c125dbde71cd19c33b677fc17b804564467a589c97826db91ddad4d3a21ef31373d203390cf3a7f367d2193aa2edd3bb13a023e947b05404ede9575986ddff1d3af33e8317575dfb57a1877fa8a415d616aa9833e26b4539fda126dec81265838876ad73c55e2b936032074617210a0efd686f2e4c9fccc2af87a9b4b827109a90abd379713b59a48d4f4f870780ebba7b9c6dd871147ea21a6f302945e3deba045372814a4ce1d9efbee30eb97b78c446f1cb7a046063b816362cd9a9b47762fa9d72b5dc7a3e3a3c52dff8986d4f3994a7a46d95c79ba8395aed77072accfdf19f3c626b9ab0429bdf2bfa8c5a6ae3645a6851b96c5d06ee42b91aa3eb3cf1c28fdd01f6dee4f19de8ee4aeafa1149c9be5f2481df5bdc2102c6dc028e17ec17cc68623dd6561b818b10bb4c8987d4407de028ff30f8d755018f1cb2f98ffa1aec193a363abb08bc09a095e39147aa882c8f7d35b508cd50fade33a12153c3e584c0b569b136d7082675a6fb0969ab9c0b777d078a4a8073c9756d3a0709b0c7c76b4017b4368432a111fee3388a69c9bb8b875c1069f332dd562d48ee241110bfc053caad0e16abe30a99a9f6a8860e2e023d4c591ae6c4d1d39c3ed24bd7aae9b913b2bbc6a6ab0a380d42b32fe93f8b224416515e24381bde2abd9a32d67cc800c5aed6d632430fa52d183cce0d7d56e25ad8f7ddf5fe984ec5354f6da316559791ed7e8a928f01de8d93d81119fe1077c410a666d24c33ec5e4f956a1c132934ea15b1dcaecd83159fa951804eda589b512b1deca9b2215f44e5ea7ea01a076310597ac4bbcb9d5a3b8c0cfc89f3c2c7c3cbb4f23f64861f2d245d9a08c0640af13a5f784434d0bc59b3e6959a4e3e116837d76a44b1dd0a17b5fe2cdd7d9f448460bf8da2628d04284b1dc21d50fba0b3006bb9247d9a0a98ccd255b56cf84ea2deaa0bc1a4ca5cfec15ec44acba8f3b2bf0fe70bc7c2b1d2bc1f7a310cbb91c78b67fc8b18cc17facd38d139301a1805b38f8e662e54bee034635dc08512f4938f7ff5db637792e5bb9944ae72da9081ea2d78e0918328eb00e6f6d260efe82c97bac1bda4e196f840be03a4a4d1cfabf24126a0c8abeb88320b3b1bb760c6543e5ed0a3252c3c84bb9ecefec3c786dab1a16a15f9aafa2cca764f71de16bb06fbeb608878ee1bdbaf50dde30a72592c7cb681a2fe84a7fe26c90ecf09d0c4be92a0a6802852c0fa1745a753b72f988cd0962b99570bacbed7cbd2bd66a6a05f4e9de2fbcfc29846a14dc26d5b5db833b56996d2a3f199b711cb17ed097a35d6edbb74753e2e2fee3a048cddd1ec657457e7775cbc82fdfe202522a9cf9c5e6d63f5e6ff223d79bcdc15bb163c7428a951c5f860549e295201d6e9a900ab5a2fc9fa13c1173043a228becd177c109a50a3f96338b8b9a4dbd3dfba656e433e6b3ef84424d3ac2cd2d1b96cf4f0632d2485b2a1868f887dc5da8c85ae9e6df58267c8f7d1baf0b92e3b51f46a96d9b4eca58c7308bf0346ea1eee754bb6d48d35a197e3bd15aec802598873ccc8b06183fec9d16f10b7a3511b0d03e438a21446ab074900b4cd023bc637d2fcdf71a4e564f972f2c414a1109f7161ba8cfc19ae4ebd44f92c6c9b4610580abd060207db7d2b37952d1f178e312fedec74ce6e11be7a1562600e2d25c41e450bafc13df19beffae90b4d4b544bd40d5d41dcedafc3d03bbc2d68dca1e4c5cf60e7d0f49634de3a98dc3c553fab08f328a580f89958df686aed58b6647fc3f44aa4a15e6a9b832e815b11d910847e643a1fbac378fabfbb07f305b8663a981a760e5205fd6b15f40bf7857ed8e25bea69a0923aa89c724dba52a7733b0ebbc5b5c8a663a911e62f263679e0fd819912898d9b7d345cab67d68041e8f273639ce826576667532a7885304e89c8f9506ae4aca0ed094ec0877640a7bfe40f2eb1a8b6085e1697c1b801bc9045344701539a5da5c5d34435aca81f00996caf6e60258213d6cb5fa8c34e94268955bc6fd9e8c3b118f3b6dda3b07348fab6df0f02f86ecdfaeac8402d03e717fc43eec2ed5eec748fd0a24270234bcc4752a9e327c47cda69ce45ff6982b7da27a47dc78336179830433417da0a6b6483067d6d765e866dc4be02efb21c5c871fd82f87a0fdb4da883c261ff85caf8b001315015c4616853f2b60721c679ae103e89b5d41da126cbf69e35215264971325afe9d6216edd93b9c7e84d292587c097511e854c66112d63da325a746668a1c19ac5ea09eaa17ec112dbfd42090251dccd22dc8fb3b54b2956fa75f5c216d115b7256456b57c9d562bbe05716febe7d8a7084dd4006ab8ab5df9fa3630275be80963b7bfa6412827b6fb74e5bab65eaa84b24aa270a1f4988533365d8ed6c38e2ee302c92a9354507cd883cb468269a15c3d2e34baa731495f20140d1d0e943c28bc1cfbcc08169e4da25353437ececd6c40badb4b09678a87b8ae895ff5310380c887489482f63ad6e7bbcf72972e2b4266b49eb1cf47f73282842221a79ace3f6748350cef2cc142c10f8f3a9faef5be7225eae23042502fb9c2e49d06792f8ae5ace29bb1702e4482dfae1529ea0ed53e1c607a7e672846be6efbffb0ed079390632f967bf8d71b0c1b702584f9a90881088c0596d90e6d0e8c7c736489b5854eca3d74d31422dbb53a356d1a035f3b76ccff5fd827261d5099aa9be71f97c36364a95f67a54acac0ec5e9dcf3634019b8c4f985d156df16d79dde9d94686e0be81cc") (async)
r2 = perf_event_open(&(0x7f00000011c0)={0x4, 0x80, 0x1f, 0xd0, 0x3, 0x5, 0x0, 0xfffffffffffffff9, 0x40238, 0x7, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x2, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000001180)}, 0x2, 0x8000000000000001, 0x7ff, 0x6, 0x0, 0x20, 0x4, 0x0, 0x4, 0x0, 0xfffffffffc907228}, 0xffffffffffffffff, 0x9, 0xffffffffffffffff, 0x1)
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x1, 0x7, 0x81, 0x7f, 0x0, 0x5, 0x40080, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x3, 0x4, @perf_config_ext={0xfffffffffffff001, 0x6}, 0x40c8, 0x6, 0x1, 0x3, 0x6, 0xfffffff7, 0x8001, 0x0, 0x7f, 0x0, 0x800}, r1, 0xe, r2, 0x0) (async)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)

18:07:08 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x3, 0x0, 0x0, &(0x7f0000002240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)

18:07:08 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x2120000)
close(r2)

18:07:08 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x3, 0x0, 0x0, &(0x7f0000002240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)

18:07:08 executing program 3:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0) (async)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r0, &(0x7f0000000080), 0x2, 0x0) (async)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x200002, 0x0)
openat$cgroup_ro(r1, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x0, 0x0) (async)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2) (async)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00') (async)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup.cpu/syz0\x00', 0x200002, 0x0)
openat$cgroup_ro(r3, &(0x7f0000000180)='cpuacct.usage_all\x00', 0x0, 0x0)
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r0, 0x3, r2, 0x2)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40806685, 0x0)

18:07:08 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x3000000)
close(r2)

18:07:08 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x3, 0x0, 0x0, &(0x7f0000002240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)

18:07:08 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x3040000)
close(r2)

18:07:08 executing program 3:
r0 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000180)={0xffffffffffffffff, 0x8}, 0xc)
r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r2 = openat$cgroup_ro(r1, 0x0, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000880)={r1, 0xe0, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000580)=[0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, &(0x7f00000005c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000640)=[0x0], 0x0, 0x8, &(0x7f0000000680)=[{}, {}, {}, {}, {}, {}, {}], 0x38, 0x10, &(0x7f00000006c0), &(0x7f0000000700), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000740)}}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000000)={@map, r2, 0x11, 0x0, r2}, 0x14)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000001c0)='cpuacct.usage_sys\x00', 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="08486d232ee1ffff1855000004000000000000002dc2450bdd430b2b49988fc4e45dfd000000008510000004000000940cbe6a5f8b2ad8b2d15b54027066d13f4de93eea59415f59b1375e1e718f46b78f70ab67755ce6e53ce6af59a9d379d2c180602f"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x29, &(0x7f0000000080)=""/41, 0x0, 0xc, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000100)={0x0, 0x2}, 0x8, 0x10, &(0x7f0000000140)={0x1, 0x2, 0xf5d3, 0x2}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000200)=[r0, r1, 0xffffffffffffffff, 0x1, r3, 0x1]}, 0x80)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
r5 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000b00)={0x3, 0x80, 0x0, 0x0, 0x8, 0x0, 0x0, 0x401, 0x40, 0xa, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000a00), 0xd}, 0x100800, 0x0, 0x6, 0x9}, r5, 0x100000000000000a, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x4, 0x80, 0x0, 0x3f, 0x7, 0x40, 0x0, 0x0, 0x90240, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0xffffffff, 0x1, @perf_bp={&(0x7f0000000340), 0x8}, 0x2100, 0x54b3, 0x3, 0x0, 0x2, 0x80000000, 0x1f, 0x0, 0x200, 0x0, 0x1}, r5, 0x0, r4, 0xa)
ioctl$PERF_EVENT_IOC_PERIOD(r4, 0x40806685, 0x0)

[  349.154624][T28996] FAULT_INJECTION: forcing a failure.
[  349.154624][T28996] name fail_page_alloc, interval 1, probability 0, space 0, times 0
18:07:08 executing program 3:
r0 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000180)={0xffffffffffffffff, 0x8}, 0xc)
r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r2 = openat$cgroup_ro(r1, 0x0, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000880)={r1, 0xe0, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000580)=[0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, &(0x7f00000005c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000640)=[0x0], 0x0, 0x8, &(0x7f0000000680)=[{}, {}, {}, {}, {}, {}, {}], 0x38, 0x10, &(0x7f00000006c0), &(0x7f0000000700), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000740)}}, 0x10) (async)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000000)={@map, r2, 0x11, 0x0, r2}, 0x14) (async)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000001c0)='cpuacct.usage_sys\x00', 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="08486d232ee1ffff1855000004000000000000002dc2450bdd430b2b49988fc4e45dfd000000008510000004000000940cbe6a5f8b2ad8b2d15b54027066d13f4de93eea59415f59b1375e1e718f46b78f70ab67755ce6e53ce6af59a9d379d2c180602f"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x29, &(0x7f0000000080)=""/41, 0x0, 0xc, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000100)={0x0, 0x2}, 0x8, 0x10, &(0x7f0000000140)={0x1, 0x2, 0xf5d3, 0x2}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000200)=[r0, r1, 0xffffffffffffffff, 0x1, r3, 0x1]}, 0x80)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0) (async)
r5 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000b00)={0x3, 0x80, 0x0, 0x0, 0x8, 0x0, 0x0, 0x401, 0x40, 0xa, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000a00), 0xd}, 0x100800, 0x0, 0x6, 0x9}, r5, 0x100000000000000a, 0xffffffffffffffff, 0x0) (async, rerun: 64)
perf_event_open(&(0x7f0000000380)={0x4, 0x80, 0x0, 0x3f, 0x7, 0x40, 0x0, 0x0, 0x90240, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0xffffffff, 0x1, @perf_bp={&(0x7f0000000340), 0x8}, 0x2100, 0x54b3, 0x3, 0x0, 0x2, 0x80000000, 0x1f, 0x0, 0x200, 0x0, 0x1}, r5, 0x0, r4, 0xa) (async, rerun: 64)
ioctl$PERF_EVENT_IOC_PERIOD(r4, 0x40806685, 0x0)

[  349.200133][T28996] CPU: 1 PID: 28996 Comm: syz-executor.1 Tainted: G    B             5.15.78-syzkaller-00911-gc73b4619ad86 #0
[  349.211649][T28996] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[  349.221612][T28996] Call Trace:
[  349.224732][T28996]  <TASK>
[  349.227587][T28996]  dump_stack_lvl+0x151/0x1b7
[  349.232027][T28996]  ? bfq_pos_tree_add_move+0x43e/0x43e
[  349.237449][T28996]  dump_stack+0x15/0x17
[  349.241398][T28996]  should_fail+0x3c0/0x510
[  349.245652][T28996]  should_fail_alloc_page+0x58/0x70
[  349.250782][T28996]  __alloc_pages+0x1de/0x7c0
[  349.255303][T28996]  ? __count_vm_events+0x30/0x30
[  349.260070][T28996]  pte_alloc_one+0x73/0x1b0
[  349.264427][T28996]  ? pfn_modify_allowed+0x2e0/0x2e0
[  349.269962][T28996]  __pte_alloc+0x86/0x350
[  349.274350][T28996]  ? is_module_text_address+0xe1/0x140
[  349.279718][T28996]  ? free_pgtables+0x210/0x210
[  349.284320][T28996]  ? __kernel_text_address+0x9a/0x110
[  349.289628][T28996]  ? unwind_get_return_address+0x4c/0x90
[  349.295086][T28996]  copy_pte_range+0x1b1f/0x20b0
[  349.299769][T28996]  ? stack_trace_save+0x12d/0x1f0
[  349.304630][T28996]  ? anon_vma_clone+0xa1/0x4f0
[  349.309242][T28996]  ? __kunmap_atomic+0x80/0x80
[  349.313826][T28996]  ? dup_mmap+0x750/0xea0
[  349.317993][T28996]  ? dup_mm+0x91/0x330
[  349.321898][T28996]  ? copy_mm+0x108/0x1b0
[  349.325978][T28996]  ? copy_process+0x1295/0x3250
[  349.330665][T28996]  ? kernel_clone+0x22d/0x990
[  349.335179][T28996]  ? __x64_sys_clone+0x289/0x310
[  349.339952][T28996]  ? do_syscall_64+0x44/0xd0
[  349.344379][T28996]  ? entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  349.350292][T28996]  copy_page_range+0xc1e/0x1090
[  349.354999][T28996]  ? pfn_valid+0x1e0/0x1e0
[  349.359231][T28996]  dup_mmap+0x99f/0xea0
[  349.363220][T28996]  ? __delayed_free_task+0x20/0x20
[  349.368163][T28996]  ? mm_init+0x807/0x960
[  349.372238][T28996]  dup_mm+0x91/0x330
[  349.375971][T28996]  copy_mm+0x108/0x1b0
[  349.379877][T28996]  copy_process+0x1295/0x3250
[  349.384401][T28996]  ? proc_fail_nth_write+0x213/0x290
[  349.389510][T28996]  ? proc_fail_nth_read+0x220/0x220
[  349.394545][T28996]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  349.399488][T28996]  ? vfs_write+0x9af/0x1050
[  349.403827][T28996]  ? vmacache_update+0xb7/0x120
[  349.408520][T28996]  kernel_clone+0x22d/0x990
[  349.412864][T28996]  ? file_end_write+0x1b0/0x1b0
[  349.417542][T28996]  ? __kasan_check_write+0x14/0x20
[  349.422495][T28996]  ? create_io_thread+0x1e0/0x1e0
[  349.427356][T28996]  ? __mutex_lock_slowpath+0x10/0x10
[  349.432473][T28996]  __x64_sys_clone+0x289/0x310
[  349.437077][T28996]  ? __do_sys_vfork+0x130/0x130
[  349.441762][T28996]  ? debug_smp_processor_id+0x17/0x20
[  349.447129][T28996]  do_syscall_64+0x44/0xd0
[  349.451385][T28996]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  349.457114][T28996] RIP: 0033:0x7f13408790c9
[  349.461365][T28996] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  349.480805][T28996] RSP: 002b:00007f133f5ec118 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  349.489053][T28996] RAX: ffffffffffffffda RBX: 00007f1340998f80 RCX: 00007f13408790c9
18:07:08 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x80001, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200, 0x1, @perf_bp={&(0x7f0000000100)}, 0x80000, 0xbcf7, 0x3, 0x2, 0x1b8, 0x5, 0x0, 0x0, 0x8, 0x0, 0x51}, 0xffffffffffffffff, 0xe, r0, 0x0)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

18:07:09 executing program 1:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 88)

[  349.496859][T28996] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  349.504670][T28996] RBP: 00007f133f5ec1d0 R08: 0000000000000000 R09: 0000000000000000
[  349.512658][T28996] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  349.520467][T28996] R13: 00007ffcbc4c66ef R14: 00007f133f5ec300 R15: 0000000000022000
[  349.528288][T28996]  </TASK>
18:07:09 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x3, 0x3, &(0x7f0000002340)=@framed, &(0x7f0000002240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)

18:07:09 executing program 3:
r0 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000180)={0xffffffffffffffff, 0x8}, 0xc) (async)
r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r2 = openat$cgroup_ro(r1, 0x0, 0x0, 0x0) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000880)={r1, 0xe0, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000580)=[0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, &(0x7f00000005c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000640)=[0x0], 0x0, 0x8, &(0x7f0000000680)=[{}, {}, {}, {}, {}, {}, {}], 0x38, 0x10, &(0x7f00000006c0), &(0x7f0000000700), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000740)}}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000000)={@map, r2, 0x11, 0x0, r2}, 0x14)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000001c0)='cpuacct.usage_sys\x00', 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="08486d232ee1ffff1855000004000000000000002dc2450bdd430b2b49988fc4e45dfd000000008510000004000000940cbe6a5f8b2ad8b2d15b54027066d13f4de93eea59415f59b1375e1e718f46b78f70ab67755ce6e53ce6af59a9d379d2c180602f"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x29, &(0x7f0000000080)=""/41, 0x0, 0xc, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000100)={0x0, 0x2}, 0x8, 0x10, &(0x7f0000000140)={0x1, 0x2, 0xf5d3, 0x2}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000200)=[r0, r1, 0xffffffffffffffff, 0x1, r3, 0x1]}, 0x80)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0) (async)
r5 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000b00)={0x3, 0x80, 0x0, 0x0, 0x8, 0x0, 0x0, 0x401, 0x40, 0xa, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000a00), 0xd}, 0x100800, 0x0, 0x6, 0x9}, r5, 0x100000000000000a, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000380)={0x4, 0x80, 0x0, 0x3f, 0x7, 0x40, 0x0, 0x0, 0x90240, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0xffffffff, 0x1, @perf_bp={&(0x7f0000000340), 0x8}, 0x2100, 0x54b3, 0x3, 0x0, 0x2, 0x80000000, 0x1f, 0x0, 0x200, 0x0, 0x1}, r5, 0x0, r4, 0xa) (async)
ioctl$PERF_EVENT_IOC_PERIOD(r4, 0x40806685, 0x0)

18:07:09 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x4000000)
close(r2)

18:07:09 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x80001, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200, 0x1, @perf_bp={&(0x7f0000000100)}, 0x80000, 0xbcf7, 0x3, 0x2, 0x1b8, 0x5, 0x0, 0x0, 0x8, 0x0, 0x51}, 0xffffffffffffffff, 0xe, r0, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

18:07:09 executing program 2:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x40000000}}, 0xffffffffffffffff, 0x0, r0, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r3 = openat$cgroup_ro(r2, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000004000000000000000000000100010f000000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, r3, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r4=>0xffffffffffffffff})
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000001f00)={0x1, 0x58, &(0x7f0000002380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r6=>0x0}}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001900)={r5, 0xe0, &(0x7f0000001800)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, &(0x7f00000016c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x9, 0x5, &(0x7f0000001a00)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000001c80)=[0x0, 0x0, 0x0, 0x0, 0x0], <r7=>0x0, 0x8, &(0x7f00000003c0)=[{}, {}, {}, {}, {}, {}], 0x30, 0x10, &(0x7f0000001740), &(0x7f0000001680), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000440)}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000001980)={0xd, 0xa, &(0x7f0000002400)=ANY=[@ANYBLOB="57a00e34a9180000718300005659ad03e287d85855a012000000000007000000ff320600050000000000001810000000001869000002000095d01e39b54b17dcc388275d044bb253b5e1ab171cb71c012b5efadffb92f669d0560e61589606c5e28b7a5fb2df6525691a9054e594f1faeb87b973dc0d2f29df0e245bf2a005c0ba784255f3860d608500c245907a280260b9e159f7ab9ff89aa9dd86adc7000000000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x50000, 0x1000, &(0x7f0000000580)=""/4096, 0x41000, 0xc, '\x00', r6, 0xb, 0xffffffffffffffff, 0x8, &(0x7f00000015c0)={0x7}, 0x8, 0x10, &(0x7f0000001600)={0x5, 0x0, 0xf28f, 0x4}, 0x10, r7, r5, 0x0, &(0x7f0000001940)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}, 0x80)
sendmsg$inet(r4, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000080)="4e6b8309a21bb19a8ab9363f4085031987e3742247366038c587169d25e574978d66e58578748cb93dbdd1421ef9fe2a913b654e8c61331d043e328315bb689fe2dd985daaea2829d356", 0x4a}, {&(0x7f0000000200)="12ff2d175392bec4111edde153590d411f8895a48f9f944f1e31e7acdc2a1a88b0a6aba3cd4709d9de8c6bb11d3355cb5dc6d850b386319cc5af19c69c2486be7a032267758c1fe91ac45d86bf530290620b19975947947765180809cf", 0x5d}, {&(0x7f0000000280)="9ff182f1ef13386338deb9bd1126f03bb818d25a5fb9bdc9cb8c0a446ea7abfe580960eda670bfe64d1151ae173d5d43f848854140168eac97abce15b7dc1de159633ad4085757df6df0f663858b4df19cccb108427a4c64ac30ab6a061380798847b3ce0b5e9df69d2592ef437a7a4b484c16de3b3ded038e57b39ef3733f0a9deb270716296511401b5dc77cfed97f7d3c6421042b5b3d6970e6c2b1965fa41f210be95fa650cbc0135d3ac43b538b5d87410425c2dc74b92e98b4f7841da48b36ae7cf268ddc530612049b37c77e9bfd1e35e534586eb74acf08be33a7220e9ada78cf69a236e00c6621131193cd009a80a8386313ca3281614d92ec31b", 0xff}], 0x3, &(0x7f0000000380)=ANY=[@ANYBLOB="11000000000000000000000001000000e1000000000000001c000000000000000000000008000000", @ANYRES32=r6, @ANYBLOB="ffffffffffffffff0000000011000000976fa1436ec1ae6fefd3f39670b200000000000000000100000001000000000000001000"], 0x60}, 0x10)
r8 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
openat$cgroup_ro(r8, 0x0, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000880)={r8, 0xe0, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000580)=[0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, &(0x7f00000005c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000640)=[0x0], 0x0, 0x8, &(0x7f0000000680)=[{}, {}, {}, {}, {}, {}, {}], 0x38, 0x10, &(0x7f00000006c0), &(0x7f0000000700), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000740)}}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000480)=@base={0x14, 0x3, 0x80000027, 0x8, 0x200, r1, 0xd0d, '\x00', 0x0, r3, 0x2, 0x5, 0x1}, 0x48)
ioctl$TUNSETIFINDEX(r3, 0x400454da, &(0x7f0000000280))
r9 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000004000000000000000000850000000f000000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, r9, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
ioctl$TUNSETIFINDEX(r9, 0x400454da, &(0x7f0000000280))
r10 = bpf$ITER_CREATE(0x21, &(0x7f0000001580)={r8}, 0x8)
r11 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r12 = openat$cgroup_ro(r11, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000004000000000000000000850000000f000000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, r12, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
ioctl$TUNSETIFINDEX(r12, 0x400454da, &(0x7f0000000280))
r13 = bpf$MAP_CREATE(0x0, &(0x7f0000001b80)=@bloom_filter={0x1e, 0xfffffff7, 0x5, 0x6, 0x100, 0xffffffffffffffff, 0x1, '\x00', 0x0, r2, 0x0, 0x0, 0x2, 0x6}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001c00)={0x18, 0x5, &(0x7f0000000500)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x3}, [@map_val={0x18, 0xb, 0x2, 0x0, r9}]}, &(0x7f0000000540)='syzkaller\x00', 0x101, 0xea, &(0x7f0000001a80)=""/234, 0x40f00, 0x9, '\x00', 0x0, 0x0, r10, 0x8, &(0x7f0000001640)={0x2, 0x5}, 0x8, 0x10, &(0x7f0000001700)={0x2, 0x8, 0x80, 0x3f}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000001780)=[r3, r12, r13, r3, r3]}, 0x80)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x8, 0x4, 0xc4, 0x9, 0x0, 0x9, 0x94, 0x7, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xa25, 0x4, @perf_bp={&(0x7f0000000000), 0x6}, 0x100c0, 0xfff, 0x80000000, 0x5, 0x7, 0x80, 0x1, 0x0, 0x80, 0x0, 0x6}, 0xffffffffffffffff, 0x2, r3, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$TUNSETVNETBE(r3, 0x400454de, &(0x7f0000000140)=0x1)

[  349.588649][T29039] FAULT_INJECTION: forcing a failure.
[  349.588649][T29039] name failslab, interval 1, probability 0, space 0, times 0
[  349.604877][T29039] CPU: 1 PID: 29039 Comm: syz-executor.1 Tainted: G    B             5.15.78-syzkaller-00911-gc73b4619ad86 #0
[  349.616340][T29039] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[  349.626235][T29039] Call Trace:
[  349.629362][T29039]  <TASK>
[  349.632137][T29039]  dump_stack_lvl+0x151/0x1b7
18:07:09 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0)
r1 = getpid()
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x20, 0x2, 0xb0, 0x27, 0x0, 0x6, 0xc882, 0xb, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x8, 0x1, @perf_config_ext={0x400, 0x8001}, 0x700, 0x7, 0xfff, 0x3, 0x7d, 0x1, 0x20, 0x0, 0x4, 0x0, 0x7}, r1, 0x3, 0xffffffffffffffff, 0xa)

18:07:09 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0) (async)
r1 = getpid()
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x20, 0x2, 0xb0, 0x27, 0x0, 0x6, 0xc882, 0xb, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x8, 0x1, @perf_config_ext={0x400, 0x8001}, 0x700, 0x7, 0xfff, 0x3, 0x7d, 0x1, 0x20, 0x0, 0x4, 0x0, 0x7}, r1, 0x3, 0xffffffffffffffff, 0xa)

18:07:09 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40806685, 0x0) (async, rerun: 64)
r1 = getpid() (rerun: 64)
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x20, 0x2, 0xb0, 0x27, 0x0, 0x6, 0xc882, 0xb, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x8, 0x1, @perf_config_ext={0x400, 0x8001}, 0x700, 0x7, 0xfff, 0x3, 0x7d, 0x1, 0x20, 0x0, 0x4, 0x0, 0x7}, r1, 0x3, 0xffffffffffffffff, 0xa)

[  349.636653][T29039]  ? bfq_pos_tree_add_move+0x43e/0x43e
[  349.641946][T29039]  ? do_syscall_64+0x44/0xd0
[  349.646373][T29039]  dump_stack+0x15/0x17
[  349.650368][T29039]  should_fail+0x3c0/0x510
[  349.654619][T29039]  __should_failslab+0x9f/0xe0
[  349.659216][T29039]  should_failslab+0x9/0x20
[  349.663554][T29039]  kmem_cache_alloc+0x4f/0x2f0
[  349.668156][T29039]  ? anon_vma_clone+0xa1/0x4f0
[  349.672756][T29039]  anon_vma_clone+0xa1/0x4f0
[  349.677185][T29039]  anon_vma_fork+0x91/0x4f0
[  349.681521][T29039]  ? anon_vma_name+0x43/0x70
18:07:09 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000880)={r0, 0xe0, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000580)=[0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, &(0x7f00000005c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000640)=[0x0], 0x0, 0x8, &(0x7f0000000680)=[{}, {}, {}, {}, {}, {}, {}], 0x38, 0x10, &(0x7f00000006c0), &(0x7f0000000700), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000740)}}, 0x10)
r1 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
ioctl$TUNSETSTEERINGEBPF(r1, 0x800454e0, &(0x7f0000000080))
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000001500)=@bpf_lsm={0x1d, 0x6, &(0x7f00000003c0)=@raw=[@initr0={0x18, 0x0, 0x0, 0x0, 0x838, 0x0, 0x0, 0x0, 0x5}, @ldst={0x0, 0x1, 0x2, 0x2, 0xa, 0x30, 0xffffffffffffffff}, @exit, @map_idx={0x18, 0x4, 0x5, 0x0, 0x4}], &(0x7f0000000400)='GPL\x00', 0x7, 0x8a, &(0x7f0000000440)=""/138, 0x40f00, 0x0, '\x00', 0x0, 0x1b, r1, 0x8, &(0x7f0000000500)={0x7, 0x5}, 0x8, 0x10, 0x0}, 0x80)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0xf, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x7}, [@exit, @initr0={0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0xd337}, @cb_func={0x18, 0x1, 0x4, 0x0, 0xffffffffffffffff}, @btf_id={0x18, 0x6, 0x3, 0x0, 0x5}, @map_fd={0x18, 0x1}, @func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x0, 0x1, 0x0, r0}]}, &(0x7f0000000080)='GPL\x00', 0x5, 0x97, &(0x7f0000000100)=""/151, 0x41100, 0x10, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f00000001c0)={0x8, 0x2}, 0x8, 0x10, &(0x7f0000000200)={0x5, 0x5, 0x0, 0x80000000}, 0x10}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40806685, 0x0)

[  349.686037][T29039]  dup_mmap+0x750/0xea0
[  349.690038][T29039]  ? __delayed_free_task+0x20/0x20
[  349.694972][T29039]  ? mm_init+0x807/0x960
[  349.699056][T29039]  dup_mm+0x91/0x330
[  349.702782][T29039]  copy_mm+0x108/0x1b0
[  349.706705][T29039]  copy_process+0x1295/0x3250
[  349.711205][T29039]  ? proc_fail_nth_write+0x213/0x290
[  349.716329][T29039]  ? proc_fail_nth_read+0x220/0x220
[  349.721360][T29039]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  349.726307][T29039]  ? vfs_write+0x9af/0x1050
[  349.730644][T29039]  ? vmacache_update+0xb7/0x120
[  349.735333][T29039]  kernel_clone+0x22d/0x990
[  349.739671][T29039]  ? file_end_write+0x1b0/0x1b0
[  349.744361][T29039]  ? __kasan_check_write+0x14/0x20
[  349.749389][T29039]  ? create_io_thread+0x1e0/0x1e0
[  349.754248][T29039]  ? __mutex_lock_slowpath+0x10/0x10
[  349.759368][T29039]  __x64_sys_clone+0x289/0x310
[  349.763969][T29039]  ? __do_sys_vfork+0x130/0x130
[  349.768658][T29039]  ? debug_smp_processor_id+0x17/0x20
[  349.773862][T29039]  do_syscall_64+0x44/0xd0
[  349.778115][T29039]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  349.783845][T29039] RIP: 0033:0x7f13408790c9
[  349.788099][T29039] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  349.807536][T29039] RSP: 002b:00007f133f5ec118 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  349.815782][T29039] RAX: ffffffffffffffda RBX: 00007f1340998f80 RCX: 00007f13408790c9
[  349.823593][T29039] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  349.831665][T29039] RBP: 00007f133f5ec1d0 R08: 0000000000000000 R09: 0000000000000000
18:07:09 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000880)={r0, 0xe0, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000580)=[0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, &(0x7f00000005c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000640)=[0x0], 0x0, 0x8, &(0x7f0000000680)=[{}, {}, {}, {}, {}, {}, {}], 0x38, 0x10, &(0x7f00000006c0), &(0x7f0000000700), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000740)}}, 0x10)
r1 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
ioctl$TUNSETSTEERINGEBPF(r1, 0x800454e0, &(0x7f0000000080))
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000001500)=@bpf_lsm={0x1d, 0x6, &(0x7f00000003c0)=@raw=[@initr0={0x18, 0x0, 0x0, 0x0, 0x838, 0x0, 0x0, 0x0, 0x5}, @ldst={0x0, 0x1, 0x2, 0x2, 0xa, 0x30, 0xffffffffffffffff}, @exit, @map_idx={0x18, 0x4, 0x5, 0x0, 0x4}], &(0x7f0000000400)='GPL\x00', 0x7, 0x8a, &(0x7f0000000440)=""/138, 0x40f00, 0x0, '\x00', 0x0, 0x1b, r1, 0x8, &(0x7f0000000500)={0x7, 0x5}, 0x8, 0x10, 0x0}, 0x80)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0xf, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x7}, [@exit, @initr0={0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0xd337}, @cb_func={0x18, 0x1, 0x4, 0x0, 0xffffffffffffffff}, @btf_id={0x18, 0x6, 0x3, 0x0, 0x5}, @map_fd={0x18, 0x1}, @func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x0, 0x1, 0x0, r0}]}, &(0x7f0000000080)='GPL\x00', 0x5, 0x97, &(0x7f0000000100)=""/151, 0x41100, 0x10, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f00000001c0)={0x8, 0x2}, 0x8, 0x10, &(0x7f0000000200)={0x5, 0x5, 0x0, 0x80000000}, 0x10}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40806685, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) (async)
openat$cgroup_ro(r0, 0x0, 0x0, 0x0) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000880)={r0, 0xe0, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000580)=[0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, &(0x7f00000005c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000640)=[0x0], 0x0, 0x8, &(0x7f0000000680)=[{}, {}, {}, {}, {}, {}, {}], 0x38, 0x10, &(0x7f00000006c0), &(0x7f0000000700), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000740)}}, 0x10) (async)
bpf$ITER_CREATE(0x21, 0x0, 0x0) (async)
ioctl$TUNSETSTEERINGEBPF(r1, 0x800454e0, &(0x7f0000000080)) (async)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000001500)=@bpf_lsm={0x1d, 0x6, &(0x7f00000003c0)=@raw=[@initr0={0x18, 0x0, 0x0, 0x0, 0x838, 0x0, 0x0, 0x0, 0x5}, @ldst={0x0, 0x1, 0x2, 0x2, 0xa, 0x30, 0xffffffffffffffff}, @exit, @map_idx={0x18, 0x4, 0x5, 0x0, 0x4}], &(0x7f0000000400)='GPL\x00', 0x7, 0x8a, &(0x7f0000000440)=""/138, 0x40f00, 0x0, '\x00', 0x0, 0x1b, r1, 0x8, &(0x7f0000000500)={0x7, 0x5}, 0x8, 0x10, 0x0}, 0x80) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0xf, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x7}, [@exit, @initr0={0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0xd337}, @cb_func={0x18, 0x1, 0x4, 0x0, 0xffffffffffffffff}, @btf_id={0x18, 0x6, 0x3, 0x0, 0x5}, @map_fd={0x18, 0x1}, @func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x0, 0x1, 0x0, r0}]}, &(0x7f0000000080)='GPL\x00', 0x5, 0x97, &(0x7f0000000100)=""/151, 0x41100, 0x10, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f00000001c0)={0x8, 0x2}, 0x8, 0x10, &(0x7f0000000200)={0x5, 0x5, 0x0, 0x80000000}, 0x10}, 0x80) (async)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0) (async)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40806685, 0x0) (async)

18:07:09 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000880)={r0, 0xe0, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000580)=[0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, &(0x7f00000005c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000640)=[0x0], 0x0, 0x8, &(0x7f0000000680)=[{}, {}, {}, {}, {}, {}, {}], 0x38, 0x10, &(0x7f00000006c0), &(0x7f0000000700), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000740)}}, 0x10) (async)
r1 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
ioctl$TUNSETSTEERINGEBPF(r1, 0x800454e0, &(0x7f0000000080)) (async)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000001500)=@bpf_lsm={0x1d, 0x6, &(0x7f00000003c0)=@raw=[@initr0={0x18, 0x0, 0x0, 0x0, 0x838, 0x0, 0x0, 0x0, 0x5}, @ldst={0x0, 0x1, 0x2, 0x2, 0xa, 0x30, 0xffffffffffffffff}, @exit, @map_idx={0x18, 0x4, 0x5, 0x0, 0x4}], &(0x7f0000000400)='GPL\x00', 0x7, 0x8a, &(0x7f0000000440)=""/138, 0x40f00, 0x0, '\x00', 0x0, 0x1b, r1, 0x8, &(0x7f0000000500)={0x7, 0x5}, 0x8, 0x10, 0x0}, 0x80)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0xf, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x7}, [@exit, @initr0={0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0xd337}, @cb_func={0x18, 0x1, 0x4, 0x0, 0xffffffffffffffff}, @btf_id={0x18, 0x6, 0x3, 0x0, 0x5}, @map_fd={0x18, 0x1}, @func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x0, 0x1, 0x0, r0}]}, &(0x7f0000000080)='GPL\x00', 0x5, 0x97, &(0x7f0000000100)=""/151, 0x41100, 0x10, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f00000001c0)={0x8, 0x2}, 0x8, 0x10, &(0x7f0000000200)={0x5, 0x5, 0x0, 0x80000000}, 0x10}, 0x80) (async)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40806685, 0x0)

[  349.839572][T29039] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  349.847641][T29039] R13: 00007ffcbc4c66ef R14: 00007f133f5ec300 R15: 0000000000022000
[  349.855457][T29039]  </TASK>
18:07:09 executing program 1:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 89)

18:07:09 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x5000000)
close(r2)

18:07:09 executing program 2:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x40000000}}, 0xffffffffffffffff, 0x0, r0, 0x0) (async)
r2 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r3 = openat$cgroup_ro(r2, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000004000000000000000000000100010f000000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, r3, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) (async)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r4=>0xffffffffffffffff})
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000001f00)={0x1, 0x58, &(0x7f0000002380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r6=>0x0}}, 0x10) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001900)={r5, 0xe0, &(0x7f0000001800)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, &(0x7f00000016c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x9, 0x5, &(0x7f0000001a00)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000001c80)=[0x0, 0x0, 0x0, 0x0, 0x0], <r7=>0x0, 0x8, &(0x7f00000003c0)=[{}, {}, {}, {}, {}, {}], 0x30, 0x10, &(0x7f0000001740), &(0x7f0000001680), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000440)}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000001980)={0xd, 0xa, &(0x7f0000002400)=ANY=[@ANYBLOB="57a00e34a9180000718300005659ad03e287d85855a012000000000007000000ff320600050000000000001810000000001869000002000095d01e39b54b17dcc388275d044bb253b5e1ab171cb71c012b5efadffb92f669d0560e61589606c5e28b7a5fb2df6525691a9054e594f1faeb87b973dc0d2f29df0e245bf2a005c0ba784255f3860d608500c245907a280260b9e159f7ab9ff89aa9dd86adc7000000000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x50000, 0x1000, &(0x7f0000000580)=""/4096, 0x41000, 0xc, '\x00', r6, 0xb, 0xffffffffffffffff, 0x8, &(0x7f00000015c0)={0x7}, 0x8, 0x10, &(0x7f0000001600)={0x5, 0x0, 0xf28f, 0x4}, 0x10, r7, r5, 0x0, &(0x7f0000001940)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}, 0x80) (async, rerun: 32)
sendmsg$inet(r4, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000080)="4e6b8309a21bb19a8ab9363f4085031987e3742247366038c587169d25e574978d66e58578748cb93dbdd1421ef9fe2a913b654e8c61331d043e328315bb689fe2dd985daaea2829d356", 0x4a}, {&(0x7f0000000200)="12ff2d175392bec4111edde153590d411f8895a48f9f944f1e31e7acdc2a1a88b0a6aba3cd4709d9de8c6bb11d3355cb5dc6d850b386319cc5af19c69c2486be7a032267758c1fe91ac45d86bf530290620b19975947947765180809cf", 0x5d}, {&(0x7f0000000280)="9ff182f1ef13386338deb9bd1126f03bb818d25a5fb9bdc9cb8c0a446ea7abfe580960eda670bfe64d1151ae173d5d43f848854140168eac97abce15b7dc1de159633ad4085757df6df0f663858b4df19cccb108427a4c64ac30ab6a061380798847b3ce0b5e9df69d2592ef437a7a4b484c16de3b3ded038e57b39ef3733f0a9deb270716296511401b5dc77cfed97f7d3c6421042b5b3d6970e6c2b1965fa41f210be95fa650cbc0135d3ac43b538b5d87410425c2dc74b92e98b4f7841da48b36ae7cf268ddc530612049b37c77e9bfd1e35e534586eb74acf08be33a7220e9ada78cf69a236e00c6621131193cd009a80a8386313ca3281614d92ec31b", 0xff}], 0x3, &(0x7f0000000380)=ANY=[@ANYBLOB="11000000000000000000000001000000e1000000000000001c000000000000000000000008000000", @ANYRES32=r6, @ANYBLOB="ffffffffffffffff0000000011000000976fa1436ec1ae6fefd3f39670b200000000000000000100000001000000000000001000"], 0x60}, 0x10) (rerun: 32)
r8 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
openat$cgroup_ro(r8, 0x0, 0x0, 0x0) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000880)={r8, 0xe0, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000580)=[0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, &(0x7f00000005c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000640)=[0x0], 0x0, 0x8, &(0x7f0000000680)=[{}, {}, {}, {}, {}, {}, {}], 0x38, 0x10, &(0x7f00000006c0), &(0x7f0000000700), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000740)}}, 0x10) (async, rerun: 32)
bpf$MAP_CREATE(0x0, &(0x7f0000000480)=@base={0x14, 0x3, 0x80000027, 0x8, 0x200, r1, 0xd0d, '\x00', 0x0, r3, 0x2, 0x5, 0x1}, 0x48) (rerun: 32)
ioctl$TUNSETIFINDEX(r3, 0x400454da, &(0x7f0000000280)) (async)
r9 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000004000000000000000000850000000f000000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, r9, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) (async)
ioctl$TUNSETIFINDEX(r9, 0x400454da, &(0x7f0000000280)) (async)
r10 = bpf$ITER_CREATE(0x21, &(0x7f0000001580)={r8}, 0x8) (async, rerun: 64)
r11 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) (rerun: 64)
r12 = openat$cgroup_ro(r11, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000004000000000000000000850000000f000000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, r12, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) (async, rerun: 64)
ioctl$TUNSETIFINDEX(r12, 0x400454da, &(0x7f0000000280)) (async, rerun: 64)
r13 = bpf$MAP_CREATE(0x0, &(0x7f0000001b80)=@bloom_filter={0x1e, 0xfffffff7, 0x5, 0x6, 0x100, 0xffffffffffffffff, 0x1, '\x00', 0x0, r2, 0x0, 0x0, 0x2, 0x6}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001c00)={0x18, 0x5, &(0x7f0000000500)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x3}, [@map_val={0x18, 0xb, 0x2, 0x0, r9}]}, &(0x7f0000000540)='syzkaller\x00', 0x101, 0xea, &(0x7f0000001a80)=""/234, 0x40f00, 0x9, '\x00', 0x0, 0x0, r10, 0x8, &(0x7f0000001640)={0x2, 0x5}, 0x8, 0x10, &(0x7f0000001700)={0x2, 0x8, 0x80, 0x3f}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000001780)=[r3, r12, r13, r3, r3]}, 0x80)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x8, 0x4, 0xc4, 0x9, 0x0, 0x9, 0x94, 0x7, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xa25, 0x4, @perf_bp={&(0x7f0000000000), 0x6}, 0x100c0, 0xfff, 0x80000000, 0x5, 0x7, 0x80, 0x1, 0x0, 0x80, 0x0, 0x6}, 0xffffffffffffffff, 0x2, r3, 0x0) (async, rerun: 64)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0) (async, rerun: 64)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$TUNSETVNETBE(r3, 0x400454de, &(0x7f0000000140)=0x1)

18:07:09 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x3, 0x3, &(0x7f0000002340)=@framed, &(0x7f0000002240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)

18:07:09 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x80001, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200, 0x1, @perf_bp={&(0x7f0000000100)}, 0x80000, 0xbcf7, 0x3, 0x2, 0x1b8, 0x5, 0x0, 0x0, 0x8, 0x0, 0x51}, 0xffffffffffffffff, 0xe, r0, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

[  349.912253][T29086] FAULT_INJECTION: forcing a failure.
[  349.912253][T29086] name failslab, interval 1, probability 0, space 0, times 0
[  349.925464][T29086] CPU: 0 PID: 29086 Comm: syz-executor.1 Tainted: G    B             5.15.78-syzkaller-00911-gc73b4619ad86 #0
[  349.936917][T29086] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[  349.946810][T29086] Call Trace:
[  349.949938][T29086]  <TASK>
[  349.952711][T29086]  dump_stack_lvl+0x151/0x1b7
[  349.957224][T29086]  ? bfq_pos_tree_add_move+0x43e/0x43e
[  349.962521][T29086]  dump_stack+0x15/0x17
[  349.966511][T29086]  should_fail+0x3c0/0x510
[  349.970765][T29086]  __should_failslab+0x9f/0xe0
[  349.975363][T29086]  should_failslab+0x9/0x20
[  349.979703][T29086]  kmem_cache_alloc+0x4f/0x2f0
[  349.984302][T29086]  ? vm_area_dup+0x26/0x1d0
[  349.988644][T29086]  ? __kasan_check_read+0x11/0x20
[  349.993501][T29086]  vm_area_dup+0x26/0x1d0
[  349.997671][T29086]  dup_mmap+0x6b8/0xea0
[  350.001661][T29086]  ? __delayed_free_task+0x20/0x20
[  350.006610][T29086]  ? mm_init+0x807/0x960
[  350.010690][T29086]  dup_mm+0x91/0x330
[  350.014419][T29086]  copy_mm+0x108/0x1b0
[  350.018331][T29086]  copy_process+0x1295/0x3250
[  350.022842][T29086]  ? proc_fail_nth_write+0x213/0x290
[  350.027962][T29086]  ? proc_fail_nth_read+0x220/0x220
[  350.032997][T29086]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  350.037942][T29086]  ? vfs_write+0x9af/0x1050
[  350.042281][T29086]  ? vmacache_update+0xb7/0x120
[  350.046973][T29086]  kernel_clone+0x22d/0x990
[  350.051306][T29086]  ? file_end_write+0x1b0/0x1b0
[  350.055994][T29086]  ? __kasan_check_write+0x14/0x20
[  350.060941][T29086]  ? create_io_thread+0x1e0/0x1e0
[  350.065802][T29086]  ? __mutex_lock_slowpath+0x10/0x10
[  350.070923][T29086]  __x64_sys_clone+0x289/0x310
[  350.075523][T29086]  ? __do_sys_vfork+0x130/0x130
[  350.080209][T29086]  ? debug_smp_processor_id+0x17/0x20
[  350.085415][T29086]  do_syscall_64+0x44/0xd0
[  350.089670][T29086]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  350.095398][T29086] RIP: 0033:0x7f13408790c9
[  350.099652][T29086] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  350.119092][T29086] RSP: 002b:00007f133f5ec118 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  350.127336][T29086] RAX: ffffffffffffffda RBX: 00007f1340998f80 RCX: 00007f13408790c9
[  350.135146][T29086] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  350.142958][T29086] RBP: 00007f133f5ec1d0 R08: 0000000000000000 R09: 0000000000000000
[  350.151639][T29086] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
18:07:09 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x6000000)
close(r2)

18:07:09 executing program 3:
openat$cgroup(0xffffffffffffffff, &(0x7f0000000000)='syz1\x00', 0x200002, 0x0)
r0 = bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x4030582a, &(0x7f0000000040))
r2 = openat$cgroup_ro(r0, &(0x7f00000000c0)='blkio.bfq.io_wait_time\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40806685, 0x0)

18:07:09 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x7000000)
close(r2)

18:07:09 executing program 3:
openat$cgroup(0xffffffffffffffff, &(0x7f0000000000)='syz1\x00', 0x200002, 0x0)
r0 = bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x4030582a, &(0x7f0000000040))
r2 = openat$cgroup_ro(r0, &(0x7f00000000c0)='blkio.bfq.io_wait_time\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40806685, 0x0)
openat$cgroup(0xffffffffffffffff, &(0x7f0000000000)='syz1\x00', 0x200002, 0x0) (async)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8) (async)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) (async)
ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x4030582a, &(0x7f0000000040)) (async)
openat$cgroup_ro(r0, &(0x7f00000000c0)='blkio.bfq.io_wait_time\x00', 0x26e1, 0x0) (async)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40806685, 0x0) (async)

18:07:09 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x80001, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200, 0x1, @perf_bp={&(0x7f0000000100)}, 0x80000, 0xbcf7, 0x3, 0x2, 0x1b8, 0x5, 0x0, 0x0, 0x8, 0x0, 0x51}, 0xffffffffffffffff, 0xe, r0, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_freezer_state(r1, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

[  350.159450][T29086] R13: 00007ffcbc4c66ef R14: 00007f133f5ec300 R15: 0000000000022000
[  350.167261][T29086]  </TASK>
18:07:09 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x8000000)
close(r2)

18:07:09 executing program 3:
openat$cgroup(0xffffffffffffffff, &(0x7f0000000000)='syz1\x00', 0x200002, 0x0)
r0 = bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x4030582a, &(0x7f0000000040))
r2 = openat$cgroup_ro(r0, &(0x7f00000000c0)='blkio.bfq.io_wait_time\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40806685, 0x0)
openat$cgroup(0xffffffffffffffff, &(0x7f0000000000)='syz1\x00', 0x200002, 0x0) (async)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8) (async)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) (async)
ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x4030582a, &(0x7f0000000040)) (async)
openat$cgroup_ro(r0, &(0x7f00000000c0)='blkio.bfq.io_wait_time\x00', 0x26e1, 0x0) (async)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40806685, 0x0) (async)

18:07:09 executing program 1:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 90)

18:07:09 executing program 2:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x40000000}}, 0xffffffffffffffff, 0x0, r0, 0x0) (async)
r2 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r3 = openat$cgroup_ro(r2, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000004000000000000000000000100010f000000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, r3, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) (async)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r4=>0xffffffffffffffff})
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) (async)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000001f00)={0x1, 0x58, &(0x7f0000002380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r6=>0x0}}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001900)={r5, 0xe0, &(0x7f0000001800)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, &(0x7f00000016c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x9, 0x5, &(0x7f0000001a00)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000001c80)=[0x0, 0x0, 0x0, 0x0, 0x0], <r7=>0x0, 0x8, &(0x7f00000003c0)=[{}, {}, {}, {}, {}, {}], 0x30, 0x10, &(0x7f0000001740), &(0x7f0000001680), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000440)}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000001980)={0xd, 0xa, &(0x7f0000002400)=ANY=[@ANYBLOB="57a00e34a9180000718300005659ad03e287d85855a012000000000007000000ff320600050000000000001810000000001869000002000095d01e39b54b17dcc388275d044bb253b5e1ab171cb71c012b5efadffb92f669d0560e61589606c5e28b7a5fb2df6525691a9054e594f1faeb87b973dc0d2f29df0e245bf2a005c0ba784255f3860d608500c245907a280260b9e159f7ab9ff89aa9dd86adc7000000000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x50000, 0x1000, &(0x7f0000000580)=""/4096, 0x41000, 0xc, '\x00', r6, 0xb, 0xffffffffffffffff, 0x8, &(0x7f00000015c0)={0x7}, 0x8, 0x10, &(0x7f0000001600)={0x5, 0x0, 0xf28f, 0x4}, 0x10, r7, r5, 0x0, &(0x7f0000001940)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}, 0x80) (async)
sendmsg$inet(r4, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000080)="4e6b8309a21bb19a8ab9363f4085031987e3742247366038c587169d25e574978d66e58578748cb93dbdd1421ef9fe2a913b654e8c61331d043e328315bb689fe2dd985daaea2829d356", 0x4a}, {&(0x7f0000000200)="12ff2d175392bec4111edde153590d411f8895a48f9f944f1e31e7acdc2a1a88b0a6aba3cd4709d9de8c6bb11d3355cb5dc6d850b386319cc5af19c69c2486be7a032267758c1fe91ac45d86bf530290620b19975947947765180809cf", 0x5d}, {&(0x7f0000000280)="9ff182f1ef13386338deb9bd1126f03bb818d25a5fb9bdc9cb8c0a446ea7abfe580960eda670bfe64d1151ae173d5d43f848854140168eac97abce15b7dc1de159633ad4085757df6df0f663858b4df19cccb108427a4c64ac30ab6a061380798847b3ce0b5e9df69d2592ef437a7a4b484c16de3b3ded038e57b39ef3733f0a9deb270716296511401b5dc77cfed97f7d3c6421042b5b3d6970e6c2b1965fa41f210be95fa650cbc0135d3ac43b538b5d87410425c2dc74b92e98b4f7841da48b36ae7cf268ddc530612049b37c77e9bfd1e35e534586eb74acf08be33a7220e9ada78cf69a236e00c6621131193cd009a80a8386313ca3281614d92ec31b", 0xff}], 0x3, &(0x7f0000000380)=ANY=[@ANYBLOB="11000000000000000000000001000000e1000000000000001c000000000000000000000008000000", @ANYRES32=r6, @ANYBLOB="ffffffffffffffff0000000011000000976fa1436ec1ae6fefd3f39670b200000000000000000100000001000000000000001000"], 0x60}, 0x10) (async)
r8 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
openat$cgroup_ro(r8, 0x0, 0x0, 0x0) (async, rerun: 64)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000880)={r8, 0xe0, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000580)=[0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, &(0x7f00000005c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000640)=[0x0], 0x0, 0x8, &(0x7f0000000680)=[{}, {}, {}, {}, {}, {}, {}], 0x38, 0x10, &(0x7f00000006c0), &(0x7f0000000700), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000740)}}, 0x10) (rerun: 64)
bpf$MAP_CREATE(0x0, &(0x7f0000000480)=@base={0x14, 0x3, 0x80000027, 0x8, 0x200, r1, 0xd0d, '\x00', 0x0, r3, 0x2, 0x5, 0x1}, 0x48) (async)
ioctl$TUNSETIFINDEX(r3, 0x400454da, &(0x7f0000000280)) (async)
r9 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000004000000000000000000850000000f000000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, r9, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) (async)
ioctl$TUNSETIFINDEX(r9, 0x400454da, &(0x7f0000000280)) (async)
r10 = bpf$ITER_CREATE(0x21, &(0x7f0000001580)={r8}, 0x8)
r11 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r12 = openat$cgroup_ro(r11, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000004000000000000000000850000000f000000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, r12, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) (async)
ioctl$TUNSETIFINDEX(r12, 0x400454da, &(0x7f0000000280)) (async)
r13 = bpf$MAP_CREATE(0x0, &(0x7f0000001b80)=@bloom_filter={0x1e, 0xfffffff7, 0x5, 0x6, 0x100, 0xffffffffffffffff, 0x1, '\x00', 0x0, r2, 0x0, 0x0, 0x2, 0x6}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001c00)={0x18, 0x5, &(0x7f0000000500)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x3}, [@map_val={0x18, 0xb, 0x2, 0x0, r9}]}, &(0x7f0000000540)='syzkaller\x00', 0x101, 0xea, &(0x7f0000001a80)=""/234, 0x40f00, 0x9, '\x00', 0x0, 0x0, r10, 0x8, &(0x7f0000001640)={0x2, 0x5}, 0x8, 0x10, &(0x7f0000001700)={0x2, 0x8, 0x80, 0x3f}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000001780)=[r3, r12, r13, r3, r3]}, 0x80) (async)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x8, 0x4, 0xc4, 0x9, 0x0, 0x9, 0x94, 0x7, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xa25, 0x4, @perf_bp={&(0x7f0000000000), 0x6}, 0x100c0, 0xfff, 0x80000000, 0x5, 0x7, 0x80, 0x1, 0x0, 0x80, 0x0, 0x6}, 0xffffffffffffffff, 0x2, r3, 0x0) (async, rerun: 32)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0) (async, rerun: 32)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$TUNSETVNETBE(r3, 0x400454de, &(0x7f0000000140)=0x1)

18:07:09 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x8040000)
close(r2)

18:07:09 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x3, 0x3, &(0x7f0000002340)=@framed, &(0x7f0000002240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)

18:07:09 executing program 3:
ioctl$TUNGETVNETLE(0xffffffffffffffff, 0x800454dd, &(0x7f0000000180))
r0 = openat$cgroup(0xffffffffffffffff, &(0x7f0000000100)='syz0\x00', 0x200002, 0x0)
openat$cgroup_ro(r0, &(0x7f0000000140)='blkio.throttle.io_service_bytes\x00', 0x0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='cgroup.events\x00', 0x26e1, 0x0)
r2 = perf_event_open$cgroup(&(0x7f0000000040)={0x3, 0x80, 0x0, 0x7, 0x6, 0x87, 0x0, 0x7, 0x22008, 0x4, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x3, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x76ca, 0x2, @perf_config_ext={0x4fc, 0x3}, 0x0, 0x9, 0x100, 0x0, 0x6, 0x0, 0x1, 0x0, 0x7ff, 0x0, 0x7}, r1, 0x3, 0xffffffffffffffff, 0x4)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x40082406, &(0x7f00000000c0)='cgroup.events\x00')
openat$cgroup(r0, &(0x7f00000001c0)='syz0\x00', 0x200002, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r4 = openat$cgroup_ro(r3, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000004000000000000000000850000000f000000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, r4, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
ioctl$TUNSETIFINDEX(r4, 0x400454da, &(0x7f0000000280))
sendmsg$inet(r4, &(0x7f0000001480)={&(0x7f0000000200)={0x2, 0x4e22, @local}, 0x10, &(0x7f0000001440)=[{&(0x7f0000000240)="fd4c4e18f962759c5b7a3863c7a44c6788a5c6b606536e3e9d642f6d29855ffa38d5237819c6ab0d38642bc3903e9269b0d0f8e35de15876ee06ae46dd96fa4628477ba1105e1e2bc47ec393d752294e03d967a4b76228fc551743f684695c30115393e1acfc63ab0951bcf68e5eb70078e56f57a172f4fbbbeb4fefd4d421655814a78123a74f7549195f77f84beaf3b7fe00c802aa2acca8b7f7c4dbedd08734dd2bc440acc82d5c0fc070138da4087aaa270992f7e41f384b358574aa5e331a7e9fab0a1a2ce18a6e952998b5a6fc89894feeb30257ef83ed02c0b17c490880d91737d9323441b863fcdf215fd5f0ff83d63efffa70d12f0e9b78cb7ef452c8cb1e9218ebc24b8b23ca5fa600307ae21532a769fe0257467b83017356538e3b6b7ee6985901cbe76922ab8a2e7b52b9d709a5fa1e42c91dedde9107bf1504323cb50987877c7d9d82b35628fbb5c347baa2d5147bf21259f985bdcaa92f5919d0c9310774426789401a0b60f8872cb4cece9e1a14840a8de23962a9f0db148f40fc8e3835a0e4cbc5cefa0797201dbf2e850ee0348f1b185f246772f045cfabc64a89c48e9091ff7704c87df320e9c284637535f8e4ca888b7b7199cdeb0c59bd1835647b2863aaa1f93301e1056b8711359ce19d42d89d31496f0057a5e26f69196edfce04ecf3eb73665e712fe267b8514c9f9e587cd15d7d045190fdf488556e92628b422c190a7a03a9bd46efae19d799853a3b7c027b3ac0f17ffe7b4cf1adaa3a40b91fa1a96301810e6a70e2bc4e8023afd4874e8f14203b543f9bc01a6ea60cfdedd9ab119fca5693ea369a93a8ec8a0b562a1ca2336b22456ab30f96d29b378a184e8c915c4c611710b8fedf87d08575b3dfcbb9ae4390bff2bf01d847e865c621bc6eb9a5c9a03b598ce48824597090ac8feb790bab9002dd49643bcf956dff5f539adcf2fcba9b3f49a8136a02eced8ae6a8436d8831d923323d5565107199a3ed1c448209cf50ce63f1c915baa75976e34efa90cd0823465e7f2e93584331128cf1fca942bbeb4a5de170321b180a9aada3eab04e532ff963bf937d91f867cbb48b91cd9192f698779eb05e018946aa7b774f8fefad08f1616e4dc4e1b4b21bc5ea98a4d276987b88049be060ad912f3d0da369157dca17eb49faf428b358f18dea4a6f358011443e1f96596ea07ccf1ce846896a484be5b301b825c0d84c57e14de601d96c53c04dc9423d3b9a39e25eca1093cfa3b5a64b247dc51f2987419b48ee6538710c12ac970b7d4207a8903eaa4d4aad88b6408cc99a92abe0ec0d49119ed033a746c524030710e3116012b94c1f99bda5e9f5581a724472772e541426c24ecd80b805d8010bf48024f6a331cf55a62cfaab655ea4ee574def473e41a91cf498642840068d053d738dd24d2beb16641b3201bbf5232cfaf6aaa99b9a24a7b22d417418bce82208b38adc3253400702665f7d03f235b7e5c37cb2aa551d708391d0b3737972a4eaa67ff68ab8f73308a4291b7bebf21d0abf2fb17e2228800ac886acac7ea49a4693c60bd4c3ea674fc1c57d05cd948e29bcf9e3a8e927634a33288f3b93ccd952abfa13c8595c87a7f3586ace0d3f76ec777b545883082e1114dd0d25880873fee9cffe0e8f2b5c0ea18db0a7d3c605b28940f4813b504917a14072ecda1f71871cb7371629eb450af37911f9d5bad5a3486d29ae9e4aa86cfbd5b6a2f337a142cae72b0d20ced405df8d737807b048f45a4646b312eb751e476854384ae6c847c7de9bd629bbb4c8859a4271a4415c9aaa73ed26e708de121eb6714b64088e2fe6e4348f43dd9230e40664a655124d337a4d2dca4f98c211d2b72de1f5bb4a718d1df396f84fae3e8bb41612f3a705fc2dd891837cb5a075c39074785d5b243922c9ca5f210dd8ce5ef780106c12212c3ffb91bf6054b7f9e1b85ef5a47df28fb202a35f2039b652f73b19f0a9e090bb065d16d9b3f2015a1d8bd3f2d3a91fd79a09ab91662772438fdff4f86f82fc9bb141c08bf8da9b918eb2d1efc769207352060f116a82d9b360ec2526ee9345325f680e196410ed1f76463a5ec217f8103d824f8879afdd780fb17b02c771fdc16b5128c7560e330d77eb9f1f10132d8bfb02d6855d5f3622a7fda8e001e4787328b3ece5e8c88ce86fcb606775ac5240ab0b85a67307a19cb808abc965d64c00a7143849b6062c5fb09c0c3da76007cd5770f15f99a53fef0b7d1d8b85e3129860d45b353f154346a3b4f41d9ff8e5798a0025bd6f931abca8c54b699b89561be3cc656584c9bf050fd20f3df88e1bd4b61b2ee50067571e585fbb502b5b63b60c64acf97c90bc4822abae92634dca373afde8ced0e6faa6833907bfe5f1b3de074c87cebae6313aca3c8c739d0ac99061bc16837660295d560cb89f835593dc6d36aff838cdcc0cdbf028b9f2c8e5f02d73316876ebb8e077e115479d39046f8c91dbd390a7c1f1561cd7030a3a6fe690695fb8f2b31dd49a279373e615c5b7cbef8411d5a677d7621aea82ff726b942a5fca15d02ed37f6280c535214a4f9aaed5b924f01c739d716eab9f01071816e7d22259188a0c0bec231514edf05561139e24034a0ec386575fb567724d2ada76fcab85f0f4ddc8e1e526995efc9290ed77270dc54da639731a10af7129b93cff185ba84316f9a40c7479644f46c19621e4e67e7dc27829d68540b00c76cdf0d3fffba5482bcf48fc39bda13a694af80fcc806584715cbe36f8b1641a092bd6a8d2aba8dc92b48f324b4cf886be37088cf37c76d82e590b15b5025d1d76e545df1195cf32ef1fc448f5e1d19a8383eb4e434ce45b7746d56b4bd4e8f0bc109e78382241fa02ea51d14a15468607d5202851f558928e44ac876c175adc068918bedb00ee93af5ad8c48840d91545a5cbfd39792e26be4d49c59cdf884d1a5b8c1dfe5d32d4ce94834eec707211fec98368109a78684b9883f78c4325271b7c5064ea23816380316b83ff3fb74ceac1538e62e1944e7cdc4d94414c9b45b03d3e9b731d9a1567e95e421fe47685be296151386211af6f75aa4019b120c55613190612437f23bcb184a7f311c5931f0e2ec52f343abb8b7272fcf1575d9a1fe2d4f93589eff89f2d058382614dee70250ea20e372f719c98c36241884586a293ed24bbd97cde2f4db16ad0052db8802cf1aa8c0a1260ee37426ff688441f65babde937121ccb551dca0f720ab9d9a39b17eb0007dc272c3db58d5dbeb2514f9737dd3fd56bb8bceb9bb9400b9ab06fe3f64e6dd439bb60bc36c8ec4232a1fb35d23e2fa1ef1ade9ec52adbe47dc15189e81df8d2eeda95c0ea9f25f07bac80e559edc7c88c2c851f32ab8bff293becd34740e8fcf828da5894856e823f2ab77febb35878b2c221fc3fcd59766ee6944beb1454970eb788045bccedbee57d9ed5113473927a9cbb7b62cd562d9e111ab827b72b168e8ee74308e35d5b8313bef9852a71b5252e99545358228ab5592dafcf4c21424f3d9ed8a01f9431d277a8ad2427fdb67b456b40a537dba6d78b4838b5d20a39573f56592337ab8011a4867100f0a532523d2f37347b2d98c2ad6a5eca8a699d978e281453c2c1d725c3047a44e996a9e36fdbbc6f00da5544718857242b5ab5ad9a11c70050bb9d281195b5c308e33d0628da24042ba9beddb624e784168a14fc6660b40a10ffc3d43ad1f002214039cdf0c4e69135b56c778282a10eabe21f5a1a7032a69ec2e5dc2fc405912241d690a882b21c1dc5479884cf837c242c879f700f6bc2dbade2c388422068ea71876cdc4b0c53483c60cfe447223d21ceecfac5343e73ee107b54ba8d6b1c12dbac790fbf52c6082314a76ed41187e80c0504a20be6e894a4bed066966c4a436abc58b627fd1abf030ab791a109fe5d8a0f66eaba1581bee9fc6c2e9f623fc816895c13f1da001648711430b2b4373025e0eddeafa23325d28a32e2903f58ff14599636bb2d97d6230fc596e8131c5221c61b7f089f1eb1881fdce704757bdf05d793dde7c332d056e956a93e87604f12f59df5601c94fbb4eede4270e2d0bc28a7e052842bc37d1bb89d78d6e9db02291d61f92e7a74eef468bdc61aba7f4d804ed816050cebe6aa5d964c13bb53fff77a92f064b87b095ff8e893baa2c1acc61ba27d0fd4969dbf2aa315122b3e60bd5f61029d36ab7838b70c50caa10f05ea5a187fe567e9feee3ab6418dd5ab040ed3d4546753d7358a623e5fedc0c4e061bec7269e4ab4420b13a564b182809fdb7873e1bb82c9087ee9885667b33d72ef04ac21661de3d7ec880e87e6c61a6adea4184356fabe5e71cc85d22a38dea9e64a0e873203fa56af88e45f92608b79426396350e5c4d2b07f6866d430d3b1a099c0b86c0add6fa575faa251fb94886195c17ea370afade51688edc1a3f7806826433cc2c9498c193769b48a13b6c3959bf350866d8ed8554417ba2f21ad372ac0c8c3cb59e7a4e4439da451e3fe6da032ee8eade065da784d26e2c02d6c3373cfda36c1468e424c83cae0d7a3fb84bc0c282033219e5956194647506154c7e9a8a5026e92e6c61e4af3a8ff1d94cf225447589b18c06ace4ca697b461ff8eddb9e7c570684709d7c22e70ee26ae5f167002fd79160266224cf9ce7851a6df2274755bfed0eca06684ececf78a4d50b5feacae160da0bf45240429bf202d9f51657b3d7961d03e172193a59e4b220eaaeeaec196d1b989f1580ee7acbdda3f5359a1abd32291c5036bf872876416bc5297087c69b416cc0f6c38e4a875e815e0f757009c53721434f66994190526f9de67042e36e60b96b4cc6592c88f93a8092eff6f135feae10941ad764b60f6df438c78c94dcd44f026d2020debb9a1eebb1970cd0ad11d7b391da7bacb36226d62cd9f20389a8649812a67f1fef4afbe0f2a015072ef696014efe0d3a5fe218759bfb837fa05d1d60caa176554a7126cd40fd5b7b969d73b0097a177d379a1fef676d8fe010818dd09564b6a1b0a316ab0d0a7e3eac27fde58cc8e4ae12c37b2a528849f3f5998703be759f987087aabf66776ab04849d9fa2e0982cf719e07e7c9ebab1b2b6d528d43b178271aa89282a976108b64225ea3b2bae4a0fd4b7c7e6ea87bd640fb319b3abe15efdbb4b45bcad691eee37e195848044b7410a1c8600228b9c7038496920fd438c3796ffb55e7f5f775e669b769f33125eb8c13727ce42924044d8329b6071a871a71f1297791444d4d42b3cea76218463f9803203748c88143daa8ef291b1fb696eb2b68a83a60a61f98216af70faeef205a5c8454a028a97bdf1b7beb42caa1ff553255c4822838391d1bab6199a4e79594314b29fc29e73a81f344f78278a61953fad15bec0bdaa449f4a6550d437231e068efd76e8f0db05891bd5f7af13eebc45f4215b4a3af322162fa6bb3f8059171bd7acf04dc011c3c4ef5bdc49884c9ef698be3864543b29f9c0bcfb02bc05b91ff9afa82d94ea2eb8a8482724fa26abb6a3ea4c5c46768e40a0199ea098e8e93b0c0134595b7f1c8ef726b998aa03d77e996dfb8b6004fe5076508ac4a2e1c759a5aaa40d40f65907e08cde9e2acf1c82f09a817fee6562e6ad360768f42fe5cdcb753e7180be98eaf73c56af062cd9e1a6130adb8d2477bfbec3f8fb46047e95bc84e187d431580528cb7bd68da771a94dd17439619df798e2c0f051a2e570ec3278d8b0fbd140e6c1e1982b983a330b31dfcc008fa944b59a6d5d1fe2559", 0x1000}, {&(0x7f0000001240)="fd35df0f634dad8db9fc8c62627cdc49e27883973ba7ee930b5d872c9dcddcd5de113822508f3fc2c40d2a4e4f02988abacc5f5797b9afffff38dc15bb630e58f350152553342c6ca03467cc70fea8aaa7040018fac9e970114b57feb42e3694902d0fb75d026b0dc00f89a1fe153e6f268baf45ff3ba1e9a1751c5a11dc7ed160cb64d12bbd3794a9ba247149c5071c0421515f7387ee21bb87ce83a93d45ae785193d526525f050e1e8b7e1db3103782297906ef67a707bbcab665736f677b6459677fd6cb118efc14c878d9b6e5b1b0", 0xd1}, {&(0x7f0000001340)="297e37bc80e8e353678b8d11c240689b6762a344332a8d34a049383bb9d2d95cffc7dc138132c9f91ba651eb65c5424cd43d3b82c2f587951085e4220b5edcffa785b7a59c67ebadbdbe0030e90a21fe775722d9d6d5ff8781d023a058064a713f6b3ba15c69f4bfe2804dc286e4b39ad98afea68277def569b6346a45ff2bb96f47da8279e4a698add9ee7f193712b1708c8648ea028943c214704c4933dc41d9c0fcd7c1b9141a13bb8f0d73028ccb824e315fae39f9e5497a686257a50e1670c7c80745d47a7f03485f029edd6ff34bfd0c71940b29383e147be9733cb9fcb93153f9ef17ac1912ce73237d17e06bcfdeda", 0xf3}], 0x3}, 0x2)
ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40806685, 0x0)

18:07:09 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0x8120000)
close(r2)

18:07:09 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x3, 0x4, &(0x7f0000002340)=@framed={{}, [@call]}, &(0x7f0000002240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)

18:07:09 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x3, 0x4, &(0x7f0000002340)=@framed={{}, [@call]}, &(0x7f0000002240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)

18:07:09 executing program 2:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000b00)={0x3, 0x80, 0x0, 0x0, 0x8, 0x0, 0x0, 0x401, 0x40, 0xa, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000a00), 0xd}, 0x100800, 0x0, 0x6, 0x9}, r1, 0x100000000000000a, 0xffffffffffffffff, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
openat$cgroup_ro(r2, 0x0, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000880)={r2, 0xe0, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000580)=[0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, &(0x7f00000005c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000640)=[0x0], 0x0, 0x8, &(0x7f0000000680)=[{}, {}, {}, {}, {}, {}, {}], 0x38, 0x10, &(0x7f00000006c0), &(0x7f0000000700), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000740)}}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x20, 0x1, 0x0, 0x5, 0x0, 0xfff, 0x40010, 0x5, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x2, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, @perf_bp={&(0x7f0000000000), 0x1}, 0x81324, 0x6, 0x4, 0x5, 0x6, 0x6, 0x7, 0x0, 0x0, 0x0, 0x7fff}, r1, 0x0, r2, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x4, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x9)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)

18:07:09 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_merged\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40086602, &(0x7f0000000140)=0xff)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x6611, 0x0)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x28, 0x2, 0x9e, 0x80, 0x0, 0xa2, 0x80001, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x200, 0x1, @perf_bp={&(0x7f0000000100)}, 0x80000, 0xbcf7, 0x3, 0x2, 0x1b8, 0x5, 0x0, 0x0, 0x8, 0x0, 0x51}, 0xffffffffffffffff, 0xe, r0, 0x2)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
openat$cgroup_freezer_state(0xffffffffffffffff, &(0x7f0000000080), 0x2, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0xc004743e, &(0x7f0000000680)='&@[\x00')
perf_event_open$cgroup(&(0x7f00000008c0)={0x5, 0x80, 0x2, 0x7f, 0x8, 0x0, 0x0, 0x4, 0x20000, 0xd, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfff, 0x0, @perf_bp={&(0x7f0000000140), 0x2}, 0x30, 0x3f, 0xc2, 0x1, 0x3, 0x60000000, 0x200, 0x0, 0x7}, r1, 0x3, r2, 0x2)

18:07:09 executing program 3:
ioctl$TUNGETVNETLE(0xffffffffffffffff, 0x800454dd, &(0x7f0000000180)) (async)
r0 = openat$cgroup(0xffffffffffffffff, &(0x7f0000000100)='syz0\x00', 0x200002, 0x0)
openat$cgroup_ro(r0, &(0x7f0000000140)='blkio.throttle.io_service_bytes\x00', 0x0, 0x0) (async)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='cgroup.events\x00', 0x26e1, 0x0)
r2 = perf_event_open$cgroup(&(0x7f0000000040)={0x3, 0x80, 0x0, 0x7, 0x6, 0x87, 0x0, 0x7, 0x22008, 0x4, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x3, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x76ca, 0x2, @perf_config_ext={0x4fc, 0x3}, 0x0, 0x9, 0x100, 0x0, 0x6, 0x0, 0x1, 0x0, 0x7ff, 0x0, 0x7}, r1, 0x3, 0xffffffffffffffff, 0x4)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x40082406, &(0x7f00000000c0)='cgroup.events\x00') (async)
openat$cgroup(r0, &(0x7f00000001c0)='syz0\x00', 0x200002, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r4 = openat$cgroup_ro(r3, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000004000000000000000000850000000f000000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, r4, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) (async)
ioctl$TUNSETIFINDEX(r4, 0x400454da, &(0x7f0000000280))
sendmsg$inet(r4, &(0x7f0000001480)={&(0x7f0000000200)={0x2, 0x4e22, @local}, 0x10, &(0x7f0000001440)=[{&(0x7f0000000240)="fd4c4e18f962759c5b7a3863c7a44c6788a5c6b606536e3e9d642f6d29855ffa38d5237819c6ab0d38642bc3903e9269b0d0f8e35de15876ee06ae46dd96fa4628477ba1105e1e2bc47ec393d752294e03d967a4b76228fc551743f684695c30115393e1acfc63ab0951bcf68e5eb70078e56f57a172f4fbbbeb4fefd4d421655814a78123a74f7549195f77f84beaf3b7fe00c802aa2acca8b7f7c4dbedd08734dd2bc440acc82d5c0fc070138da4087aaa270992f7e41f384b358574aa5e331a7e9fab0a1a2ce18a6e952998b5a6fc89894feeb30257ef83ed02c0b17c490880d91737d9323441b863fcdf215fd5f0ff83d63efffa70d12f0e9b78cb7ef452c8cb1e9218ebc24b8b23ca5fa600307ae21532a769fe0257467b83017356538e3b6b7ee6985901cbe76922ab8a2e7b52b9d709a5fa1e42c91dedde9107bf1504323cb50987877c7d9d82b35628fbb5c347baa2d5147bf21259f985bdcaa92f5919d0c9310774426789401a0b60f8872cb4cece9e1a14840a8de23962a9f0db148f40fc8e3835a0e4cbc5cefa0797201dbf2e850ee0348f1b185f246772f045cfabc64a89c48e9091ff7704c87df320e9c284637535f8e4ca888b7b7199cdeb0c59bd1835647b2863aaa1f93301e1056b8711359ce19d42d89d31496f0057a5e26f69196edfce04ecf3eb73665e712fe267b8514c9f9e587cd15d7d045190fdf488556e92628b422c190a7a03a9bd46efae19d799853a3b7c027b3ac0f17ffe7b4cf1adaa3a40b91fa1a96301810e6a70e2bc4e8023afd4874e8f14203b543f9bc01a6ea60cfdedd9ab119fca5693ea369a93a8ec8a0b562a1ca2336b22456ab30f96d29b378a184e8c915c4c611710b8fedf87d08575b3dfcbb9ae4390bff2bf01d847e865c621bc6eb9a5c9a03b598ce48824597090ac8feb790bab9002dd49643bcf956dff5f539adcf2fcba9b3f49a8136a02eced8ae6a8436d8831d923323d5565107199a3ed1c448209cf50ce63f1c915baa75976e34efa90cd0823465e7f2e93584331128cf1fca942bbeb4a5de170321b180a9aada3eab04e532ff963bf937d91f867cbb48b91cd9192f698779eb05e018946aa7b774f8fefad08f1616e4dc4e1b4b21bc5ea98a4d276987b88049be060ad912f3d0da369157dca17eb49faf428b358f18dea4a6f358011443e1f96596ea07ccf1ce846896a484be5b301b825c0d84c57e14de601d96c53c04dc9423d3b9a39e25eca1093cfa3b5a64b247dc51f2987419b48ee6538710c12ac970b7d4207a8903eaa4d4aad88b6408cc99a92abe0ec0d49119ed033a746c524030710e3116012b94c1f99bda5e9f5581a724472772e541426c24ecd80b805d8010bf48024f6a331cf55a62cfaab655ea4ee574def473e41a91cf498642840068d053d738dd24d2beb16641b3201bbf5232cfaf6aaa99b9a24a7b22d417418bce82208b38adc3253400702665f7d03f235b7e5c37cb2aa551d708391d0b3737972a4eaa67ff68ab8f73308a4291b7bebf21d0abf2fb17e2228800ac886acac7ea49a4693c60bd4c3ea674fc1c57d05cd948e29bcf9e3a8e927634a33288f3b93ccd952abfa13c8595c87a7f3586ace0d3f76ec777b545883082e1114dd0d25880873fee9cffe0e8f2b5c0ea18db0a7d3c605b28940f4813b504917a14072ecda1f71871cb7371629eb450af37911f9d5bad5a3486d29ae9e4aa86cfbd5b6a2f337a142cae72b0d20ced405df8d737807b048f45a4646b312eb751e476854384ae6c847c7de9bd629bbb4c8859a4271a4415c9aaa73ed26e708de121eb6714b64088e2fe6e4348f43dd9230e40664a655124d337a4d2dca4f98c211d2b72de1f5bb4a718d1df396f84fae3e8bb41612f3a705fc2dd891837cb5a075c39074785d5b243922c9ca5f210dd8ce5ef780106c12212c3ffb91bf6054b7f9e1b85ef5a47df28fb202a35f2039b652f73b19f0a9e090bb065d16d9b3f2015a1d8bd3f2d3a91fd79a09ab91662772438fdff4f86f82fc9bb141c08bf8da9b918eb2d1efc769207352060f116a82d9b360ec2526ee9345325f680e196410ed1f76463a5ec217f8103d824f8879afdd780fb17b02c771fdc16b5128c7560e330d77eb9f1f10132d8bfb02d6855d5f3622a7fda8e001e4787328b3ece5e8c88ce86fcb606775ac5240ab0b85a67307a19cb808abc965d64c00a7143849b6062c5fb09c0c3da76007cd5770f15f99a53fef0b7d1d8b85e3129860d45b353f154346a3b4f41d9ff8e5798a0025bd6f931abca8c54b699b89561be3cc656584c9bf050fd20f3df88e1bd4b61b2ee50067571e585fbb502b5b63b60c64acf97c90bc4822abae92634dca373afde8ced0e6faa6833907bfe5f1b3de074c87cebae6313aca3c8c739d0ac99061bc16837660295d560cb89f835593dc6d36aff838cdcc0cdbf028b9f2c8e5f02d73316876ebb8e077e115479d39046f8c91dbd390a7c1f1561cd7030a3a6fe690695fb8f2b31dd49a279373e615c5b7cbef8411d5a677d7621aea82ff726b942a5fca15d02ed37f6280c535214a4f9aaed5b924f01c739d716eab9f01071816e7d22259188a0c0bec231514edf05561139e24034a0ec386575fb567724d2ada76fcab85f0f4ddc8e1e526995efc9290ed77270dc54da639731a10af7129b93cff185ba84316f9a40c7479644f46c19621e4e67e7dc27829d68540b00c76cdf0d3fffba5482bcf48fc39bda13a694af80fcc806584715cbe36f8b1641a092bd6a8d2aba8dc92b48f324b4cf886be37088cf37c76d82e590b15b5025d1d76e545df1195cf32ef1fc448f5e1d19a8383eb4e434ce45b7746d56b4bd4e8f0bc109e78382241fa02ea51d14a15468607d5202851f558928e44ac876c175adc068918bedb00ee93af5ad8c48840d91545a5cbfd39792e26be4d49c59cdf884d1a5b8c1dfe5d32d4ce94834eec707211fec98368109a78684b9883f78c4325271b7c5064ea23816380316b83ff3fb74ceac1538e62e1944e7cdc4d94414c9b45b03d3e9b731d9a1567e95e421fe47685be296151386211af6f75aa4019b120c55613190612437f23bcb184a7f311c5931f0e2ec52f343abb8b7272fcf1575d9a1fe2d4f93589eff89f2d058382614dee70250ea20e372f719c98c36241884586a293ed24bbd97cde2f4db16ad0052db8802cf1aa8c0a1260ee37426ff688441f65babde937121ccb551dca0f720ab9d9a39b17eb0007dc272c3db58d5dbeb2514f9737dd3fd56bb8bceb9bb9400b9ab06fe3f64e6dd439bb60bc36c8ec4232a1fb35d23e2fa1ef1ade9ec52adbe47dc15189e81df8d2eeda95c0ea9f25f07bac80e559edc7c88c2c851f32ab8bff293becd34740e8fcf828da5894856e823f2ab77febb35878b2c221fc3fcd59766ee6944beb1454970eb788045bccedbee57d9ed5113473927a9cbb7b62cd562d9e111ab827b72b168e8ee74308e35d5b8313bef9852a71b5252e99545358228ab5592dafcf4c21424f3d9ed8a01f9431d277a8ad2427fdb67b456b40a537dba6d78b4838b5d20a39573f56592337ab8011a4867100f0a532523d2f37347b2d98c2ad6a5eca8a699d978e281453c2c1d725c3047a44e996a9e36fdbbc6f00da5544718857242b5ab5ad9a11c70050bb9d281195b5c308e33d0628da24042ba9beddb624e784168a14fc6660b40a10ffc3d43ad1f002214039cdf0c4e69135b56c778282a10eabe21f5a1a7032a69ec2e5dc2fc405912241d690a882b21c1dc5479884cf837c242c879f700f6bc2dbade2c388422068ea71876cdc4b0c53483c60cfe447223d21ceecfac5343e73ee107b54ba8d6b1c12dbac790fbf52c6082314a76ed41187e80c0504a20be6e894a4bed066966c4a436abc58b627fd1abf030ab791a109fe5d8a0f66eaba1581bee9fc6c2e9f623fc816895c13f1da001648711430b2b4373025e0eddeafa23325d28a32e2903f58ff14599636bb2d97d6230fc596e8131c5221c61b7f089f1eb1881fdce704757bdf05d793dde7c332d056e956a93e87604f12f59df5601c94fbb4eede4270e2d0bc28a7e052842bc37d1bb89d78d6e9db02291d61f92e7a74eef468bdc61aba7f4d804ed816050cebe6aa5d964c13bb53fff77a92f064b87b095ff8e893baa2c1acc61ba27d0fd4969dbf2aa315122b3e60bd5f61029d36ab7838b70c50caa10f05ea5a187fe567e9feee3ab6418dd5ab040ed3d4546753d7358a623e5fedc0c4e061bec7269e4ab4420b13a564b182809fdb7873e1bb82c9087ee9885667b33d72ef04ac21661de3d7ec880e87e6c61a6adea4184356fabe5e71cc85d22a38dea9e64a0e873203fa56af88e45f92608b79426396350e5c4d2b07f6866d430d3b1a099c0b86c0add6fa575faa251fb94886195c17ea370afade51688edc1a3f7806826433cc2c9498c193769b48a13b6c3959bf350866d8ed8554417ba2f21ad372ac0c8c3cb59e7a4e4439da451e3fe6da032ee8eade065da784d26e2c02d6c3373cfda36c1468e424c83cae0d7a3fb84bc0c282033219e5956194647506154c7e9a8a5026e92e6c61e4af3a8ff1d94cf225447589b18c06ace4ca697b461ff8eddb9e7c570684709d7c22e70ee26ae5f167002fd79160266224cf9ce7851a6df2274755bfed0eca06684ececf78a4d50b5feacae160da0bf45240429bf202d9f51657b3d7961d03e172193a59e4b220eaaeeaec196d1b989f1580ee7acbdda3f5359a1abd32291c5036bf872876416bc5297087c69b416cc0f6c38e4a875e815e0f757009c53721434f66994190526f9de67042e36e60b96b4cc6592c88f93a8092eff6f135feae10941ad764b60f6df438c78c94dcd44f026d2020debb9a1eebb1970cd0ad11d7b391da7bacb36226d62cd9f20389a8649812a67f1fef4afbe0f2a015072ef696014efe0d3a5fe218759bfb837fa05d1d60caa176554a7126cd40fd5b7b969d73b0097a177d379a1fef676d8fe010818dd09564b6a1b0a316ab0d0a7e3eac27fde58cc8e4ae12c37b2a528849f3f5998703be759f987087aabf66776ab04849d9fa2e0982cf719e07e7c9ebab1b2b6d528d43b178271aa89282a976108b64225ea3b2bae4a0fd4b7c7e6ea87bd640fb319b3abe15efdbb4b45bcad691eee37e195848044b7410a1c8600228b9c7038496920fd438c3796ffb55e7f5f775e669b769f33125eb8c13727ce42924044d8329b6071a871a71f1297791444d4d42b3cea76218463f9803203748c88143daa8ef291b1fb696eb2b68a83a60a61f98216af70faeef205a5c8454a028a97bdf1b7beb42caa1ff553255c4822838391d1bab6199a4e79594314b29fc29e73a81f344f78278a61953fad15bec0bdaa449f4a6550d437231e068efd76e8f0db05891bd5f7af13eebc45f4215b4a3af322162fa6bb3f8059171bd7acf04dc011c3c4ef5bdc49884c9ef698be3864543b29f9c0bcfb02bc05b91ff9afa82d94ea2eb8a8482724fa26abb6a3ea4c5c46768e40a0199ea098e8e93b0c0134595b7f1c8ef726b998aa03d77e996dfb8b6004fe5076508ac4a2e1c759a5aaa40d40f65907e08cde9e2acf1c82f09a817fee6562e6ad360768f42fe5cdcb753e7180be98eaf73c56af062cd9e1a6130adb8d2477bfbec3f8fb46047e95bc84e187d431580528cb7bd68da771a94dd17439619df798e2c0f051a2e570ec3278d8b0fbd140e6c1e1982b983a330b31dfcc008fa944b59a6d5d1fe2559", 0x1000}, {&(0x7f0000001240)="fd35df0f634dad8db9fc8c62627cdc49e27883973ba7ee930b5d872c9dcddcd5de113822508f3fc2c40d2a4e4f02988abacc5f5797b9afffff38dc15bb630e58f350152553342c6ca03467cc70fea8aaa7040018fac9e970114b57feb42e3694902d0fb75d026b0dc00f89a1fe153e6f268baf45ff3ba1e9a1751c5a11dc7ed160cb64d12bbd3794a9ba247149c5071c0421515f7387ee21bb87ce83a93d45ae785193d526525f050e1e8b7e1db3103782297906ef67a707bbcab665736f677b6459677fd6cb118efc14c878d9b6e5b1b0", 0xd1}, {&(0x7f0000001340)="297e37bc80e8e353678b8d11c240689b6762a344332a8d34a049383bb9d2d95cffc7dc138132c9f91ba651eb65c5424cd43d3b82c2f587951085e4220b5edcffa785b7a59c67ebadbdbe0030e90a21fe775722d9d6d5ff8781d023a058064a713f6b3ba15c69f4bfe2804dc286e4b39ad98afea68277def569b6346a45ff2bb96f47da8279e4a698add9ee7f193712b1708c8648ea028943c214704c4933dc41d9c0fcd7c1b9141a13bb8f0d73028ccb824e315fae39f9e5497a686257a50e1670c7c80745d47a7f03485f029edd6ff34bfd0c71940b29383e147be9733cb9fcb93153f9ef17ac1912ce73237d17e06bcfdeda", 0xf3}], 0x3}, 0x2) (async)
ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40806685, 0x0)

[  350.289637][T29127] FAULT_INJECTION: forcing a failure.
[  350.289637][T29127] name failslab, interval 1, probability 0, space 0, times 0
[  350.302855][T29127] CPU: 1 PID: 29127 Comm: syz-executor.1 Tainted: G    B             5.15.78-syzkaller-00911-gc73b4619ad86 #0
[  350.314314][T29127] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
[  350.324210][T29127] Call Trace:
[  350.327336][T29127]  <TASK>
[  350.330110][T29127]  dump_stack_lvl+0x151/0x1b7
[  350.334621][T29127]  ? bfq_pos_tree_add_move+0x43e/0x43e
[  350.339920][T29127]  dump_stack+0x15/0x17
[  350.343909][T29127]  should_fail+0x3c0/0x510
[  350.348157][T29127]  __should_failslab+0x9f/0xe0
[  350.352757][T29127]  should_failslab+0x9/0x20
[  350.357095][T29127]  kmem_cache_alloc+0x4f/0x2f0
[  350.361700][T29127]  ? anon_vma_clone+0xa1/0x4f0
[  350.366295][T29127]  anon_vma_clone+0xa1/0x4f0
[  350.370726][T29127]  anon_vma_fork+0x91/0x4f0
[  350.375062][T29127]  ? anon_vma_name+0x4c/0x70
[  350.379489][T29127]  dup_mmap+0x750/0xea0
[  350.383485][T29127]  ? __delayed_free_task+0x20/0x20
[  350.388427][T29127]  ? mm_init+0x807/0x960
[  350.392508][T29127]  dup_mm+0x91/0x330
[  350.396240][T29127]  copy_mm+0x108/0x1b0
[  350.400145][T29127]  copy_process+0x1295/0x3250
[  350.404746][T29127]  ? proc_fail_nth_write+0x213/0x290
[  350.409973][T29127]  ? proc_fail_nth_read+0x220/0x220
[  350.415009][T29127]  ? pidfd_show_fdinfo+0x2b0/0x2b0
[  350.419955][T29127]  ? vfs_write+0x9af/0x1050
[  350.424295][T29127]  ? vmacache_update+0xb7/0x120
[  350.428988][T29127]  kernel_clone+0x22d/0x990
[  350.433324][T29127]  ? file_end_write+0x1b0/0x1b0
[  350.438008][T29127]  ? __kasan_check_write+0x14/0x20
[  350.442956][T29127]  ? create_io_thread+0x1e0/0x1e0
[  350.447813][T29127]  ? __mutex_lock_slowpath+0x10/0x10
[  350.452933][T29127]  __x64_sys_clone+0x289/0x310
[  350.457532][T29127]  ? __do_sys_vfork+0x130/0x130
[  350.462220][T29127]  ? debug_smp_processor_id+0x17/0x20
[  350.467425][T29127]  do_syscall_64+0x44/0xd0
[  350.471679][T29127]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  350.477405][T29127] RIP: 0033:0x7f13408790c9
[  350.481665][T29127] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[  350.501103][T29127] RSP: 002b:00007f133f5ec118 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  350.509348][T29127] RAX: ffffffffffffffda RBX: 00007f1340998f80 RCX: 00007f13408790c9
[  350.517156][T29127] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  350.524968][T29127] RBP: 00007f133f5ec1d0 R08: 0000000000000000 R09: 0000000000000000
[  350.532784][T29127] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
18:07:10 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0xa000000)
close(r2)

18:07:10 executing program 1:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (fail_nth: 91)

18:07:10 executing program 0:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x3, 0x4, &(0x7f0000002340)=@framed={{}, [@call]}, &(0x7f0000002240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)

18:07:10 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x1, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x4030582a, &(0x7f0000000040)=0xc000000)
close(r2)

18:07:10 executing program 2:
r0 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0)
r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000b00)={0x3, 0x80, 0x0, 0x0, 0x8, 0x0, 0x0, 0x401, 0x40, 0xa, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000a00), 0xd}, 0x100800, 0x0, 0x6, 0x9}, r1, 0x100000000000000a, 0xffffffffffffffff, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
openat$cgroup_ro(r2, 0x0, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000880)={r2, 0xe0, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000580)=[0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, &(0x7f00000005c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000640)=[0x0], 0x0, 0x8, &(0x7f0000000680)=[{}, {}, {}, {}, {}, {}, {}], 0x38, 0x10, &(0x7f00000006c0), &(0x7f0000000700), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000740)}}, 0x10)
perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x20, 0x1, 0x0, 0x5, 0x0, 0xfff, 0x40010, 0x5, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x2, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, @perf_bp={&(0x7f0000000000), 0x1}, 0x81324, 0x6, 0x4, 0x5, 0x6, 0x6, 0x7, 0x0, 0x0, 0x0, 0x7fff}, r1, 0x0, r2, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x4, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x9)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (async)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0) (async)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
perf_event_open(&(0x7f0000000b00)={0x3, 0x80, 0x0, 0x0, 0x8, 0x0, 0x0, 0x401, 0x40, 0xa, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000a00), 0xd}, 0x100800, 0x0, 0x6, 0x9}, r1, 0x100000000000000a, 0xffffffffffffffff, 0x0) (async)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) (async)
openat$cgroup_ro(r2, 0x0, 0x0, 0x0) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000880)={r2, 0xe0, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000580)=[0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, &(0x7f00000005c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000640)=[0x0], 0x0, 0x8, &(0x7f0000000680)=[{}, {}, {}, {}, {}, {}, {}], 0x38, 0x10, &(0x7f00000006c0), &(0x7f0000000700), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000740)}}, 0x10) (async)
perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x20, 0x1, 0x0, 0x5, 0x0, 0xfff, 0x40010, 0x5, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x2, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, @perf_bp={&(0x7f0000000000), 0x1}, 0x81324, 0x6, 0x4, 0x5, 0x6, 0x6, 0x7, 0x0, 0x0, 0x0, 0x7fff}, r1, 0x0, r2, 0x0) (async)
perf_event_open(&(0x7f0000c86f88)={0x2, 0x80, 0xa0, 0x0, 0x4, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x9) (async)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (async)

18:07:10 executing program 3:
ioctl$TUNGETVNETLE(0xffffffffffffffff, 0x800454dd, &(0x7f0000000180)) (async)
r0 = openat$cgroup(0xffffffffffffffff, &(0x7f0000000100)='syz0\x00', 0x200002, 0x0)
openat$cgroup_ro(r0, &(0x7f0000000140)='blkio.throttle.io_service_bytes\x00', 0x0, 0x0) (async)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='cgroup.events\x00', 0x26e1, 0x0)
r2 = perf_event_open$cgroup(&(0x7f0000000040)={0x3, 0x80, 0x0, 0x7, 0x6, 0x87, 0x0, 0x7, 0x22008, 0x4, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x3, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x76ca, 0x2, @perf_config_ext={0x4fc, 0x3}, 0x0, 0x9, 0x100, 0x0, 0x6, 0x0, 0x1, 0x0, 0x7ff, 0x0, 0x7}, r1, 0x3, 0xffffffffffffffff, 0x4)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x40082406, &(0x7f00000000c0)='cgroup.events\x00') (async)
openat$cgroup(r0, &(0x7f00000001c0)='syz0\x00', 0x200002, 0x0) (async, rerun: 64)
r3 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) (rerun: 64)
r4 = openat$cgroup_ro(r3, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000004000000000000000000850000000f000000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, r4, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) (async, rerun: 32)
ioctl$TUNSETIFINDEX(r4, 0x400454da, &(0x7f0000000280)) (rerun: 32)
sendmsg$inet(r4, &(0x7f0000001480)={&(0x7f0000000200)={0x2, 0x4e22, @local}, 0x10, &(0x7f0000001440)=[{&(0x7f0000000240)="fd4c4e18f962759c5b7a3863c7a44c6788a5c6b606536e3e9d642f6d29855ffa38d5237819c6ab0d38642bc3903e9269b0d0f8e35de15876ee06ae46dd96fa4628477ba1105e1e2bc47ec393d752294e03d967a4b76228fc551743f684695c30115393e1acfc63ab0951bcf68e5eb70078e56f57a172f4fbbbeb4fefd4d421655814a78123a74f7549195f77f84beaf3b7fe00c802aa2acca8b7f7c4dbedd08734dd2bc440acc82d5c0fc070138da4087aaa270992f7e41f384b358574aa5e331a7e9fab0a1a2ce18a6e952998b5a6fc89894feeb30257ef83ed02c