program:
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0xed, 0x1, 0x0, 0x0, 0x0, 0x804, 0x14c9, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x1, 0x4}, 0xa0, 0x6, 0x0, 0x4, 0x2, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x8)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff) (fail_nth: 23)

[   93.069215][   T45] Bluetooth: hci0: command tx timeout
[   93.077133][   T10] cfg80211: failed to load regulatory.db
[   93.155136][ T5362] FAULT_INJECTION: forcing a failure.
[   93.155136][ T5362] name failslab, interval 1, probability 0, space 0, times 1
[   93.176537][ T5362] CPU: 0 UID: 0 PID: 5362 Comm: syz.0.0 Not tainted 6.16.0-syzkaller-11129-geacf91b0c78a #0 PREEMPT(full) 
[   93.176556][ T5362] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   93.176563][ T5362] Call Trace:
[   93.176568][ T5362]  <TASK>
[   93.176575][ T5362]  dump_stack_lvl+0x189/0x250
[   93.176675][ T5362]  ? __pfx____ratelimit+0x10/0x10
[   93.176731][ T5362]  ? __pfx_dump_stack_lvl+0x10/0x10
[   93.176744][ T5362]  ? __pfx__printk+0x10/0x10
[   93.176762][ T5362]  ? __pfx___might_resched+0x10/0x10
[   93.176806][ T5362]  should_fail_ex+0x414/0x560
[   93.176827][ T5362]  should_failslab+0xa8/0x100
[   93.176843][ T5362]  __kmalloc_cache_noprof+0x70/0x3d0
[   93.176854][ T5362]  ? percpu_ref_init+0xc5/0x360
[   93.176872][ T5362]  ? __pfx_css_release+0x10/0x10
[   93.176885][ T5362]  percpu_ref_init+0xc5/0x360
[   93.176900][ T5362]  ? init_and_link_css+0x2d8/0x3d0
[   93.176915][ T5362]  cgroup_apply_control_enable+0x42b/0xa80
[   93.176930][ T5362]  ? css_next_descendant_pre+0x183/0x260
[   93.176951][ T5362]  cgroup_mkdir+0xc40/0xe60
[   93.176971][ T5362]  ? __pfx_cgroup_mkdir+0x10/0x10
[   93.176982][ T5362]  kernfs_iop_mkdir+0x211/0x350
[   93.176997][ T5362]  vfs_mkdir+0x306/0x510
[   93.177013][ T5362]  do_mkdirat+0x247/0x590
[   93.177026][ T5362]  ? __pfx_do_mkdirat+0x10/0x10
[   93.177040][ T5362]  ? getname_flags+0x1e5/0x540
[   93.177057][ T5362]  __x64_sys_mkdirat+0x87/0xa0
[   93.177070][ T5362]  do_syscall_64+0xfa/0x3b0
[   93.177080][ T5362]  ? lockdep_hardirqs_on+0x9c/0x150
[   93.177091][ T5362]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   93.177098][ T5362]  ? clear_bhb_loop+0x60/0xb0
[   93.177106][ T5362]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   93.177113][ T5362] RIP: 0033:0x7f2d4e38eb69
[   93.177121][ T5362] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   93.177127][ T5362] RSP: 002b:00007f2d4f166038 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[   93.177136][ T5362] RAX: ffffffffffffffda RBX: 00007f2d4e5b5fa0 RCX: 00007f2d4e38eb69
[   93.177141][ T5362] RDX: 00000000000001ff RSI: 0000200000000040 RDI: ffffffffffffff9c
[   93.177146][ T5362] RBP: 00007f2d4f166090 R08: 0000000000000000 R09: 0000000000000000
[   93.177151][ T5362] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   93.177154][ T5362] R13: 0000000000000000 R14: 00007f2d4e5b5fa0 R15: 00007ffcb9c20d98
[   93.177166][ T5362]  </TASK>
[   93.297392][   T10] BUG: unable to handle page fault for address: ffffed1011a43e01
[   93.300742][   T10] #PF: supervisor read access in kernel mode
[   93.303352][   T10] #PF: error_code(0x0000) - not-present page
[   93.305983][   T10] PGD 5ffcd067 P4D 5ffcd067 PUD 2fff7067 PMD 0 
[   93.308691][   T10] Oops: Oops: 0000 [#1] SMP KASAN NOPTI
[   93.311093][   T10] CPU: 0 UID: 0 PID: 10 Comm: kworker/0:1 Not tainted 6.16.0-syzkaller-11129-geacf91b0c78a #0 PREEMPT(full) 
[   93.316071][   T10] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[   93.320581][   T10] Workqueue: cgroup_destroy css_free_rwork_fn
[   93.322991][   T10] RIP: 0010:css_rstat_flush+0x582/0x1890
[   93.325416][   T10] Code: e4 16 07 00 eb 05 e8 dd 16 07 00 4c 8b 7c 24 08 4c 03 7c 24 10 4d 8d 77 08 4d 89 f5 49 c1 ed 03 48 b8 00 00 00 00 00 fc ff df <41> 80 7c 05 00 00 74 08 4c 89 f7 e8 5e e8 6b 00 49 83 3e 00 0f 84
[   93.333323][   T10] RSP: 0018:ffffc900001c7848 EFLAGS: 00010802
[   93.335973][   T10] RAX: dffffc0000000000 RBX: ffff888045c41108 RCX: ffff88801c2e0000
[   93.339495][   T10] RDX: 0000000000000000 RSI: ffffffff8be30ee0 RDI: ffff88801fc40e10
[   93.343099][   T10] RBP: ffffffff8dbdbd10 R08: ffffffff8fa34537 R09: 1ffffffff1f468a6
[   93.346622][   T10] R10: dffffc0000000000 R11: fffffbfff1f468a7 R12: ffff88801fc40e10
[   93.349934][   T10] R13: 1ffff11011a43e01 R14: ffff88808d21f008 R15: ffff88808d21f000
[   93.353309][   T10] FS:  0000000000000000(0000) GS:ffff88808d21f000(0000) knlGS:0000000000000000
[   93.357186][   T10] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   93.359949][   T10] CR2: ffffed1011a43e01 CR3: 000000000df36000 CR4: 0000000000352ef0
[   93.363384][   T10] Call Trace:
[   93.364933][   T10]  <TASK>
[   93.366257][   T10]  ? __lock_acquire+0xab9/0xd20
[   93.368420][   T10]  css_rstat_exit+0xa9/0x320
[   93.370440][   T10]  ? process_scheduled_works+0x9ef/0x17b0
[   93.372959][   T10]  ? percpu_ref_exit+0xc5/0x1c0
[   93.374956][   T10]  css_free_rwork_fn+0x8b/0xc50
[   93.377186][   T10]  ? process_scheduled_works+0x9ef/0x17b0
[   93.379605][   T10]  ? process_scheduled_works+0x9ef/0x17b0
[   93.382010][   T10]  process_scheduled_works+0xade/0x17b0
[   93.384401][   T10]  ? __pfx_process_scheduled_works+0x10/0x10
[   93.386929][   T10]  worker_thread+0x8a0/0xda0
[   93.388638][   T10]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   93.391004][   T10]  ? __kthread_parkme+0x7b/0x200
[   93.393088][   T10]  kthread+0x711/0x8a0
[   93.395015][   T10]  ? __pfx_worker_thread+0x10/0x10
[   93.397073][   T10]  ? __pfx_kthread+0x10/0x10
[   93.398933][   T10]  ? _raw_spin_unlock_irq+0x23/0x50
[   93.400978][   T10]  ? lockdep_hardirqs_on+0x9c/0x150
[   93.403319][   T10]  ? __pfx_kthread+0x10/0x10
[   93.405366][   T10]  ret_from_fork+0x3f9/0x770
[   93.407430][   T10]  ? __pfx_ret_from_fork+0x10/0x10
[   93.409683][   T10]  ? __pfx_kthread+0x10/0x10
[   93.411673][   T10]  ret_from_fork_asm+0x1a/0x30
[   93.414060][   T10]  </TASK>
[   93.415919][   T10] Modules linked in:
[   93.418019][   T10] CR2: ffffed1011a43e01
[   93.419893][   T10] ---[ end trace 0000000000000000 ]---
[   93.422041][   T10] RIP: 0010:css_rstat_flush+0x582/0x1890
[   93.424470][   T10] Code: e4 16 07 00 eb 05 e8 dd 16 07 00 4c 8b 7c 24 08 4c 03 7c 24 10 4d 8d 77 08 4d 89 f5 49 c1 ed 03 48 b8 00 00 00 00 00 fc ff df <41> 80 7c 05 00 00 74 08 4c 89 f7 e8 5e e8 6b 00 49 83 3e 00 0f 84
[   93.432294][   T10] RSP: 0018:ffffc900001c7848 EFLAGS: 00010802
[   93.434758][   T10] RAX: dffffc0000000000 RBX: ffff888045c41108 RCX: ffff88801c2e0000
[   93.437974][   T10] RDX: 0000000000000000 RSI: ffffffff8be30ee0 RDI: ffff88801fc40e10
[   93.441294][   T10] RBP: ffffffff8dbdbd10 R08: ffffffff8fa34537 R09: 1ffffffff1f468a6
[   93.444896][   T10] R10: dffffc0000000000 R11: fffffbfff1f468a7 R12: ffff88801fc40e10
[   93.448702][   T10] R13: 1ffff11011a43e01 R14: ffff88808d21f008 R15: ffff88808d21f000
[   93.452337][   T10] FS:  0000000000000000(0000) GS:ffff88808d21f000(0000) knlGS:0000000000000000
[   93.456248][   T10] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   93.458729][   T10] CR2: ffffed1011a43e01 CR3: 000000000df36000 CR4: 0000000000352ef0
[   93.462059][   T10] Kernel panic - not syncing: Fatal exception
[   93.465047][   T10] Kernel Offset: disabled
[   93.466955][   T10] Rebooting in 86400 seconds..