__sock_create+0x345/0x750 [ 2184.221398] io_uring_setup.cold+0x1e6d/0x271c [ 2184.221441] ? io_sqe_files_register+0x230/0x230 [ 2184.221498] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2184.221557] do_syscall_64+0x3b/0x90 [ 2184.221588] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2184.221617] RIP: 0033:0x7f1ab7761b19 [ 2184.221634] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2184.221654] RSP: 002b:00007f1ab4cd7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 2184.221676] RAX: ffffffffffffffda RBX: 00007f1ab7874f60 RCX: 00007f1ab7761b19 [ 2184.221692] RDX: 0000000020ffd000 RSI: 0000000020000340 RDI: 0000000000005c62 [ 2184.221706] RBP: 0000000020000340 R08: 00000000200003c0 R09: 00000000200003c0 [ 2184.221720] R10: 0000000020000200 R11: 0000000000000202 R12: 00000000200003c0 [ 2184.221734] R13: 0000000020ffd000 R14: 0000000020000200 R15: 0000000020ffc000 [ 2184.221772] [ 2198.739587] kmemleak: 4 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 02:49:34 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000000500), &(0x7f0000000540)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x5c62, &(0x7f0000000340)={0x0, 0xb702, 0x10, 0x0, 0x3cd}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000200), &(0x7f00000003c0)) (fail_nth: 28) openat(r0, &(0x7f0000000140)='./file1\x00', 0x404000, 0x180) 02:49:34 executing program 3: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='./file1\x00', 0x80300, 0x47) write$binfmt_aout(r1, &(0x7f0000000c40)=ANY=[], 0x820) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x7fffffff) r3 = clone3(&(0x7f0000000280)={0x133323100, &(0x7f00000000c0)=0xffffffffffffffff, 0x0, 0x0, {0x26}, 0x0, 0x0, 0x0, 0x0}, 0x58) r5 = fork() clone3(&(0x7f00000003c0)={0x0, &(0x7f0000000100), &(0x7f0000000140), &(0x7f0000000180), {0x34}, &(0x7f00000001c0)=""/14, 0xe, &(0x7f0000000300)=""/134, &(0x7f0000000200)=[r3, r5], 0x2, {r4}}, 0x58) r6 = clone3(&(0x7f0000000280)={0x323a3100, &(0x7f00000006c0)=0xffffffffffffffff, 0x0, 0x0, {0x26}, 0x0, 0x0, 0x0, 0x0, 0x51}, 0x58) open_tree(r2, &(0x7f0000000640)='./file1\x00', 0x0) r8 = fork() clone3(&(0x7f00000003c0)={0x0, &(0x7f0000000100), &(0x7f0000000140), &(0x7f0000000180), {0x34}, &(0x7f00000001c0)=""/14, 0xe, &(0x7f0000000780)=""/160, &(0x7f0000000200)=[r6, r8], 0x2, {r7}}, 0x58) preadv(r2, &(0x7f0000000540)=[{&(0x7f0000000440)=""/233, 0xe9}], 0x1, 0x400, 0x10000) r9 = syz_open_dev$vcsa(&(0x7f0000000080), 0x90a, 0x2b3a5138c7df67f6) kcmp$KCMP_EPOLL_TFD(r5, r8, 0x7, r1, &(0x7f00000000c0)={r9, r1, 0x2}) ioctl$SNAPSHOT_SET_SWAP_AREA(r2, 0x400c330d, &(0x7f0000000240)={0xfffffffffffffe01, 0x7}) sendfile(r4, 0xffffffffffffffff, &(0x7f0000000680)=0x2, 0xfffffffffffffff7) setsockopt$bt_l2cap_L2CAP_CONNINFO(r1, 0x6, 0x2, &(0x7f0000000000)={0x3e33, "1dbc16"}, 0x6) ptrace$setregset(0x4205, r8, 0x202, &(0x7f0000000600)={&(0x7f0000000580)="0d8cd95f22f0893fcc41d081e091dc39540fad09edb012a7357df4c66dc7f4304b81e4dbce0bd27b05f830b3f7b98706aeeab6eab0e8f164059a3f3a021c98dd5b30ee1e09f3e10189cfb32c5162083b4857b1a13f", 0x55}) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @none}, 0xfffffd58) 02:49:34 executing program 4: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x7fff, @fixed}, 0xe) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r2, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(r1, r2) fchmod(r2, 0x4c) 02:49:34 executing program 2: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0x0, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) r7 = gettid() perf_event_open(0x0, r7, 0x1, 0xffffffffffffffff, 0x8) 02:49:34 executing program 6: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(0xffffffffffffffff, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) r7 = gettid() perf_event_open(0x0, r7, 0x1, 0xffffffffffffffff, 0x8) 02:49:34 executing program 0: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, 0x0, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x8) 02:49:34 executing program 1: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r0, 0x400, 0x1) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000001300)=0x1, 0x3) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) 02:49:34 executing program 5: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x1000000000000, 0x0) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_open_dev$vcsa(0x0, 0xdda, 0x0) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x0, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) gettid() [ 2206.189998] FAULT_INJECTION: forcing a failure. [ 2206.189998] name failslab, interval 1, probability 0, space 0, times 0 [ 2206.190043] CPU: 1 PID: 7919 Comm: syz-executor.7 Not tainted 5.18.0-rc4-next-20220427 #1 [ 2206.190072] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2206.190087] Call Trace: [ 2206.190093] [ 2206.190101] dump_stack_lvl+0x8b/0xb3 [ 2206.190135] should_fail.cold+0x5/0xa [ 2206.190158] ? create_object.isra.0+0x3a/0xa20 [ 2206.190194] should_failslab+0x5/0x10 [ 2206.190225] kmem_cache_alloc+0x5b/0x480 [ 2206.190255] create_object.isra.0+0x3a/0xa20 [ 2206.190285] ? kasan_unpoison+0x23/0x50 [ 2206.190320] kmem_cache_alloc+0x239/0x480 [ 2206.190349] sk_prot_alloc+0x63/0x2e0 [ 2206.190388] sk_alloc+0x34/0x750 [ 2206.190418] ? lock_downgrade+0x6d0/0x6d0 [ 2206.190453] unix_create1+0xa7/0x8d0 [ 2206.190483] unix_create+0x110/0x220 [ 2206.190511] __sock_create+0x345/0x750 [ 2206.190545] io_uring_setup.cold+0x1e6d/0x271c [ 2206.190587] ? io_sqe_files_register+0x230/0x230 [ 2206.190644] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2206.190693] do_syscall_64+0x3b/0x90 [ 2206.190723] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2206.190754] RIP: 0033:0x7f1ab7761b19 [ 2206.190771] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 02:49:34 executing program 4: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @fixed}, 0xe) ioctl$F2FS_IOC_SET_PIN_FILE(r0, 0x4004f50d, &(0x7f0000000000)) [ 2206.190793] RSP: 002b:00007f1ab4cd7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 2206.190815] RAX: ffffffffffffffda RBX: 00007f1ab7874f60 RCX: 00007f1ab7761b19 [ 2206.190830] RDX: 0000000020ffd000 RSI: 0000000020000340 RDI: 0000000000005c62 [ 2206.190844] RBP: 0000000020000340 R08: 00000000200003c0 R09: 00000000200003c0 [ 2206.190857] R10: 0000000020000200 R11: 0000000000000202 R12: 00000000200003c0 [ 2206.190871] R13: 0000000020ffd000 R14: 0000000020000200 R15: 0000000020ffc000 [ 2206.190910] 02:49:34 executing program 1: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r0, 0x400, 0x1) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000001300)=0x1, 0x3) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) 02:49:34 executing program 5: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x8000000000000, 0x0) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_open_dev$vcsa(0x0, 0xdda, 0x0) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x0, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) gettid() 02:49:34 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000000500), &(0x7f0000000540)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x5c62, &(0x7f0000000340)={0x0, 0xb702, 0x10, 0x0, 0x3cd}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000200), &(0x7f00000003c0)) (fail_nth: 29) openat(r0, &(0x7f0000000140)='./file1\x00', 0x404000, 0x180) 02:49:34 executing program 2: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, 0x0, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x8) 02:49:35 executing program 3: syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) getsockopt$IP_SET_OP_GET_BYINDEX(r0, 0x1, 0x53, &(0x7f0000001100), &(0x7f0000001140)=0x28) r1 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000700)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000680)={0x24, r3, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x9}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_ASSOCIATE(0xffffffffffffffff, &(0x7f0000001300)={&(0x7f0000001180)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000012c0)={&(0x7f0000001580)={0xbc, 0x0, 0x100, 0x70bd2a, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_VHT_CAPABILITY_MASK={0x10, 0xb0, {0x17, {0x7fff, 0x400, 0x2, 0xfff9}}}, @NL80211_ATTR_VHT_CAPABILITY_MASK={0x10, 0xb0, {0x2000001f, {0x6c42, 0x3ff, 0x2, 0x7}}}, @NL80211_ATTR_VHT_CAPABILITY_MASK={0x10, 0xb0, {0x80000, {0x3, 0xf301, 0x9, 0x1}}}, @NL80211_ATTR_HT_CAPABILITY_MASK={0x1e, 0x94, {0xc, 0x1, 0x5, 0x0, {0x8a, 0x40, 0x0, 0x6, 0x0, 0x1, 0x1, 0x2}, 0x400, 0x3, 0x1f}}, @NL80211_ATTR_PREV_BSSID={0xa}, @crypto_settings=[@NL80211_ATTR_WPA_VERSIONS={0x8, 0x4b, 0x1}], @NL80211_ATTR_SSID={0xa, 0x34, @default_ibss_ssid}, @NL80211_ATTR_USE_MFP={0x8, 0x42, 0x2}, @chandef_params=[@NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x5}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x1478}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x1}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x16c}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x175}]]}, 0xbc}, 0x1, 0x0, 0x0, 0x11}, 0x10) setsockopt$SO_TIMESTAMP(r1, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) r5 = dup2(r0, r1) setsockopt$SO_TIMESTAMP(r1, 0x1, 0x23, &(0x7f00000010c0)=0x7ff, 0x4) getsockopt$sock_int(r1, 0x1, 0xa, &(0x7f0000000000), &(0x7f0000001080)=0x4) write(0xffffffffffffffff, &(0x7f0000000080)="269937db37dfec43b528bcb24d115bbf78a6e58eb5331696e7c6c49b54e181cccffceff872fb0f6d4c9c5adcc7b77fb221b1c29ed973540aae9fd3653e15c3587fdc422f9774e691aaf1443548e8dd86914581ddfeec94c3aefd41e047c579cec8f098bee5bf5a84ee5a8bd2002600c866ecfc221887a63d88b32871ce2bdf46c80f9423a897f7459d3aeb58e3f535923d11ac24c8ef5a14003878736722ad3f4c7a3d1ccd09ecb404f943a6e66df178a26ebf1ff562bec25a673b894b0333ef301cc3be3cb3866746384e437857133acb2e34f3e45b993bffd2124c579d4175f8208c72715f9a6a37bc56e46c2f64cf5b8510875f53600a9c5251f04d81195dedf1a117b251a29afe2dd432a42db0398576a62f49a930b8331a055b6ccf845f7c63f14f9f1af0ba9a23bf40a89e1adf5b36122c74b633bc1fd5b5a9ad7d442c6a10ee0355b5cad73fefc62025cab8ec7eb880d1e9a4bd526e2290f4c00e7eeff49fe1e71bb66300b98411807bc5804db56b062a0e227fd41c24875176f000877e473c648115ceae065017029fe06b111910ea33fa33466529971e1e569747baa35f87f64467230d062910cf99530b46baabf18fee01e2b978375437bb30b0b8012948e571e3052c5f9758f0100fb0f3c8ce74f2f49b299288796b7b3413124fab00c7f6ae80a762c12d287d797d94d335ed31527e6489b56216dc639a4a03fae29bde0c747c6bb4c4f3ae1967845336cb02b39a2d149c123a37fe6e0f40703a95d0473bb28e2d4cfcd7715bb76e2589cb485af8a02f9a0e68aab6c9852082ed51bb694b3479c8e23541ee8c6955ab6884f24bbfb99e89cae5488707249b5fde86b594b8b1d5e7737a2ad4de051ccdf696da2e971a314d4bc77d1f6562fd924f49a46378261d90cc7076014e08f5a3213841e615d7d5207c4ddab556176238ebed5b4082a7e0c5f0566ecc6707341dd8ff253c86e3d92ad20a480a57951221d4375269d74f4986d1130309545dbcf916a4fe4b606c18208edf8709271bef5578025cf11c89ebe1c7cc73d24e7069a54f6157258fe60994a89b39a18fa026bce04e7309ff5c6a198dafa5bdc3d18cc3a668a1bad46f323ec61cff7df91c9a7383538ec1f04db37be34a897b76c5237a3b69c9c42b974cc92c1f0e24c9f9f8e31eaa58bbcb583a99d1cbbe8f22f9eaefde726142c89e9584653587323b0d82b398592609fe105b3888f8b97b2b35d4d4e4552ce4dd61e28e1a8d808540ae897c4a5a872acdb10bece86f86bec7047cdded855bd1d72f5adaafa22620aecb4d210d3127453ccaa2ac5f6b14fadb21cf4fb7a36e2d2a2665333312e7628d7585241278e10d573c47dae4561bc8861c155fd63f3d7d78f9ce1da2f59b557f455e43775ee162cd763ac627def78aa80887016f89ed90eb50cf500b5eeb9229e6b72349afe94e69f60a169ad2ab083ae3ab6d768c3f02f8003f2491c403dc79f48145c4cfb0862cb7755f9d5e74f08d08cc8e3b52c780b58c7645045cb604af8ad872253b30c072ab3eae8b5a478b9d468ecc190bdbab3a30e1f0fbe8a8222a6dfce4d279516eb6440a4a4958e3a099bf61b87e9b0dc03612ad6d72c0f6288b6ba50f6ab49c67976c8e2e8af2ffdc3caed4124893b480cafc4c1a5492255044e786692ea9efa60651f73c10f190b2890377b5a6ff7de6feda546c92a7f21c1e7680aed56c3826dfff0dd8ad5de6c668aa437cbaeda67827888a92a16275812a84ae64a97ba3b6a3968a9b8d19f7e95e74e8807cb945f63aa296b61401944ea20b4072efcbc97037cc15c0a77a2b53995d0490226fec6f324221dc20e2dc029d4d047fa4c8f617524187113895cd583a35ed98e9c31a11f344d8033e25679c0c7d5e45919843e40aa16d3e12772e0474182f28d47d60bfa67b40e749c5fcd72cc4026f1a8c15db08a5496e9fa0a56bf4b630a34d733425dde983d16649d5ddbd3432e50b0c5cfd0dea8e91b8fc3c6ceeaee6e1783379c8ffe336bb4e9916c8d63592f2bca04e80d805951ee5132248492ed764dc8fecb8459cd65c729824cbc00bb60f0fcc087bf75a12dd654b221e51f34a650301511587c18e28662ee32774f1268ed6421774293375720128203c85a6619cea054d7be5fd713a3db439a5b4ab96f5b2a3fe81c1dd4ff52228fb6f6f725af8165df8f4969dff49d28fddb9c81e811708047c44ac791c06323cab621fb3acdbbfe2466f10215f2906d3ea4d9d987965f7ca25e8872e0bffe236af0fa4937fcece7e292f34daf2799dfe0a57eb2c3c79d7bdcccab6b191dbb9f5ce37bad73178fb5a8f0ddc47c9db33a27c1f6075fbf572fdfa61dd5248202fdb3963e58ac36e37d38d128a842f92ed6e00ebf6c6210c1ca8f4eb743d92c1169525b30e6402abfe984b89b0b9f591068d364cb64613a9de2efea3fd4fe620b55639be8a22c434ab1d8c3f8ea4c8859e5b74ae89f702b41aa069e98216f0191b650b20d648046e218bc2e171754dc905277864240c108f46d9ac53cddc3a822bcd67c2a92b613cf52f89fd5c1649e29d14441ae5f0202f654f83d8f4a476ada7b95545630c9b3c04af7ca3cd360bbe68a7bdd5e6ce1756576298e9059bbcec42febc49c18618f61f3cc1608a1de51f017685521ae5066e9998ee61fb4a9a99f3c851a3b5efbd5fe8c32cfe0cd88db2bd96f76c84be57d641f271e14f6358017001fbb6554d0de5b88d0feda5b5568745967745e144cf54077bb798b3f7c2420a1c73750426eef5897d689b67b425dc86126c517810d41d381373532efa289431acf82a03e6e9601d1253db8c80204d698a34f6f3bc07cf41081b99291c368081dac7625c70d87be8936868cdb8d23eb2312ee256683ac10f6f0b9be7079432dc2770c293fc71ed1f3292f1f0a338ad1a509827cd603b7108feab81576ef3af2dc032960d30552431b7650b9982cddcdc8ae0ca36899a717e1b24a5d742a80de688e4427b486b015ba4dd7ee777d5f9a17ca371f4587cca991ebe823dda130748fde5f4c474dd1ccb928c85fefb936d29d0811ac23606c6636407d87729debfee68f9171f319a16b987618202ae8c5fd45b4e994fceb304b0de75961cb1b439bdf5a51bd960129ed230abec72a571604014735ea241a0c5b255471f4cf88fded154492729aa89d078c821509bf8d65c37aecb589fffdc5b5e1874312ed5a05029a3ee1981b62b3fa3cf1aa51e59af23ef82c6be287d7cf524dd7edda65f7ae8d4d7e53c47591438595af9bc54dc989abf12742708a6a64f1b1dd58f41d7c3ed04540e234a9195e78e953d392520f4920aa26ebc8d10e56fc49ba0e722899ce842e7abb7123bf8bbfd41fd951b240bad355fed084f8cd7b1db08f8aa5a22fa01c7083e4d9d569471fa231b1a9887bcb11b8d17cbe5e5a4426c4f6a802a75a83a267f15e5265d730a75df08d40e83e74667ac3ee0e63687f1785171671dbe9bcf5d91a4101f68c4d340723e00b401d1b5af4247c000dfceab37c191a6370d3f642992b8284e5fa08889de5454f7d9ab4d74c9c0cde68080cbc2eaa970b3f4f9465d336521a6ace595e86d051ae6855ce6e6a0e9cf5e510a32bb5b67cd9ce19bba3f63f8cbe4167206728c78e591cb3b00fa41285d4d1b764d4ccdae27b77d71ca47b83c780df207c3626ff9620f62242d78384b01e05161d7efa92f66555ba0756cd204cb2c668bcd032d036d9ff4c74e1971c902204dfc072b09dce49db056e8d5a6218004c079f6e46dfae84d93cf15515f300caed8c79d6fa5a573888c36ea714e2325fb3b09d5f9d15b0303f75284c507494c6fc1cff2269a85df17b791cecf4befba285138e39656cf58def2b83c4c010299689b335ef1fef47cdac80819b395370c35defc9a3ec44790a2cb7a6835abac7a5f552503ed91b7cc7dd5999ab66de0dffe80973952236cac1e3f53cea2acccb4ef5ab096735e0422cb9bbe1adc8cbcc33070efdc626647da720e41dcceb3c29a0c85dc245cbaabc4de21aa0d5544685107d7ebee156d1d4a1f8dd9a9781311dc77ea4e66dbd6a02737b0b24dd06752ccb70b9105a60a4e4dc0057f90f832902c48a95bafaa810aaacd19dc9c26fead105b3486566224c531c0354a16fa49cd2a27aa109513b9fd3bbf1180d3695f837a9e43c05632acdecb937d1e408ce00ab135e1aace719ab87d8d9fdf956c71bf5c87677dcc332330a1032264c72dbc533e46ff0214eb8e002a7ad9f47f448b4f9ff0fd0d2d820d198d03977924a6ca611df1d92069e9a84571064a06a1e84b90d3d8d35f9be3f566c54f651c0047f44dc7168672108bc38a8a6bba0fb15f47bdeb1db42df108b25eb9239c516e5d244cbca3fe1c279ef40d7fe8b1726a6e87dc10faac0d6603b00fa39e8a6f1fd616124ed288a2add8bfded13e19d437dcdd34b8885c7f37d4e1f086ad939799eeba36b01dc13d4c600ed7eb2e5bbfbff4f0fe7543bbafce3c23679c76091ad7dd4f5cfb2cd182d224114c7dae32ff92cf37c1db1d2e6e72040c1c0d9ee43ff90bb46163cc001ab0ff6113342634f38b1291ab3717c0aeaefc7408587155eef9063573dfa9846fa9d60f07cd515a0a3a6d4f3d58ffc0f5e782e5764ebd4aee45df7597fd78b79a7cd22780a2193a82eb72caef5d58fbaf1a3a44ac486858cecca93198ff94a7c5863569d57d7ce133ec4b36ae76184f6908665b1c697d23f65bb362e0268750121ff0fc2f39812bb604049530829a9f995bebe585af4a631aa8151a023c6520b0faf7ba7c8c793724258db7f611ce69c2f5d1456bfd1192e776e3a892231339f3f395d803bc216bad7325aa7d66210d9ea0b2a8e94af96f388e73b68b0afa1fe00b88e7e846bd2117701c45a064d217c09740425c6b0b88db78a5e01339c56b954a49a43453be51310f605d81196e5d05c1ba4eafd339a6c5ebbea3bef4e0736f592f061fd5724df115f8b346ce1430dad1cd9b40c8039c7105843a7a64020f5509a07f21365f3e1d57a562ef3640380dcd29b1f2141f387a0ecb7d7b243e03ca20b4f2c239e848ed3b3d698e20661274f8a9650ad99fe1a861a99f75f5751b6455966685974271a33be60201d123957e952c098933d0fb4f5cce66b2225cbb08820330568bf9510502f3a5eeda0fc5bc94f05e80ccf295386c1adb7e0c97417a4db85ccfd6b7204447bea194afd8412afba6f392275872da0b97726720653e343c95bf27d1fc6cdaa61550c786b70885e3bc988b87d02c40ed862e9473ec74c598561e139a85dfbfb755d9999c9645a2692b3a2be2e755ea20ca970e9edaaca965d09239de2ff866b9dcbc1901af9041ab7d97a396df8c25ce6454af73a09603ffe31a19effb032e403d4516989371825a16bc8dc01a9e37290c07c5bc365be90d2e3de5194812c38da077b593e4edb1c695bc4a338fd741f371b04837a4d6bb4a07b1335c34aa1b16b1e6f774b56b02e63a0db442e130b783b07e007a89bd1151bcadaba36d52e7c226bec30a1d0bd543c7b079bfe4c81dae348ba48382d54cf2fdc6dbfdae268284a3c951975c0149e0a9d5c54dfaae7cf7a99ec71cffea601af7d52c14530e77dfa0c8f401c0fe9920221b6e72341615efc1178c2da667037d9e382404bef552cea47c3f63ddaf6997dec21b242d6d56a360e7fdacd5893837412ff64d4e95c910ca47fe2fac794c5c0db9dc334e6886d96f67c61321909bca9365dd60b7f6fc411405b8818b602d43413f862477d77bd321507fdb0328bbcbff", 0x1000) connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000000040)={0x1f, 0xfffd, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x50}, 0x6, 0x1}, 0xe) ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r5, 0x89f0, &(0x7f00000011c0)={'gre0\x00', &(0x7f0000001340)=ANY=[@ANYBLOB="677265746170300000f50e0000008000b0ee4ff1ccffeb68aa6f89d2df607e5c8efcd1429194514a45b7f3d1db2126bf314ec854fccf66ffdd5134d0894dd38736afac4c860e9c01190274bc039c11cca266d60aa3b00081461c45e692f0666ba499d42bb5f725c76768a1ee1287af408bb473d25e92bf8d436805e996970c2f39d43240ca83a270d65cf732dd66372bd46b915dd2a60221b285626e857db0c11c2745e145506f1b4fc1c5c2c7cea2a6ec77e688d818577a4a738ff829c188ea63df8ced657563f2a0caa2fadd4f1f0def987b0bad94cfcb38f40de3920363ec0ace430689fa628fe09be7dc37e9dd86294053457d01cfa033e896d51ba8a807cd67775930bd767c0824c8d469e650f8e06401d512224b7cbd0f8c1315b2cc1b248776b8bf4282f96bcbe8ffdefdf50acca2e02c5f5affb656af6685d2a5d873e20c84d89db5d10ab1281562cce88ab7653569e811e8", @ANYRES32=0x0, @ANYBLOB="008000010000000600000000482400a000660000b6299078ac1414aaac1414bb44343011e000000200000006ac1e010100001912ffffffff00001000e0000002000000080000000000000002ac1e0101000000018313fb6401010100000000ac1414bbac1414138635ffffffff0105aaeca20706feca263c0108d9344aedb6e4020740eece709607112846929baf79c5c3b56603572f5ac40004656a00440cb721ac1414aa00000001000000"]}) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000001280)={'syztnl0\x00', &(0x7f0000001200)={'ip6tnl0\x00', r6, 0x29, 0xad, 0x9d, 0x80, 0x0, @local, @remote, 0x41, 0x700, 0xf79, 0xfffffaad}}) 02:49:35 executing program 0: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, 0x0, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x8) 02:49:35 executing program 6: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(0xffffffffffffffff, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) r7 = gettid() perf_event_open(0x0, r7, 0x1, 0xffffffffffffffff, 0x8) [ 2206.413860] FAULT_INJECTION: forcing a failure. [ 2206.413860] name failslab, interval 1, probability 0, space 0, times 0 [ 2206.413888] CPU: 0 PID: 7955 Comm: syz-executor.7 Not tainted 5.18.0-rc4-next-20220427 #1 [ 2206.413901] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2206.413909] Call Trace: [ 2206.413912] [ 2206.413917] dump_stack_lvl+0x8b/0xb3 [ 2206.413937] should_fail.cold+0x5/0xa [ 2206.413949] ? selinux_sk_alloc_security+0x90/0x200 [ 2206.413968] should_failslab+0x5/0x10 [ 2206.413985] kmem_cache_alloc_trace+0x55/0x3c0 [ 2206.414001] selinux_sk_alloc_security+0x90/0x200 [ 2206.414018] security_sk_alloc+0x56/0xb0 [ 2206.414039] sk_prot_alloc+0xad/0x2e0 [ 2206.414059] sk_alloc+0x34/0x750 [ 2206.414075] ? lock_downgrade+0x6d0/0x6d0 [ 2206.414093] unix_create1+0xa7/0x8d0 [ 2206.414109] unix_create+0x110/0x220 [ 2206.414123] __sock_create+0x345/0x750 [ 2206.414141] io_uring_setup.cold+0x1e6d/0x271c [ 2206.414163] ? io_sqe_files_register+0x230/0x230 [ 2206.414192] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2206.414215] do_syscall_64+0x3b/0x90 [ 2206.414228] entry_SYSCALL_64_after_hwframe+0x44/0xae 02:49:35 executing program 2: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(0xffffffffffffffff, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) r7 = gettid() perf_event_open(0x0, r7, 0x1, 0xffffffffffffffff, 0x8) [ 2206.414244] RIP: 0033:0x7f1ab7761b19 [ 2206.414253] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 02:49:35 executing program 1: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r0, 0x400, 0x1) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000001300)=0x1, 0x3) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) [ 2206.414264] RSP: 002b:00007f1ab4cd7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 2206.414276] RAX: ffffffffffffffda RBX: 00007f1ab7874f60 RCX: 00007f1ab7761b19 [ 2206.414283] RDX: 0000000020ffd000 RSI: 0000000020000340 RDI: 0000000000005c62 [ 2206.414290] RBP: 0000000020000340 R08: 00000000200003c0 R09: 00000000200003c0 02:49:35 executing program 5: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0xf0ffffffffffff, 0x0) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_open_dev$vcsa(0x0, 0xdda, 0x0) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x0, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) gettid() [ 2206.414297] R10: 0000000020000200 R11: 0000000000000202 R12: 00000000200003c0 [ 2206.414304] R13: 0000000020ffd000 R14: 0000000020000200 R15: 0000000020ffc000 [ 2206.414323] [ 2222.348354] kmemleak: 20 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 02:49:58 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000000500), &(0x7f0000000540)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x5c62, &(0x7f0000000340)={0x0, 0xb702, 0x10, 0x0, 0x3cd}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000200), &(0x7f00000003c0)) (fail_nth: 30) openat(r0, &(0x7f0000000140)='./file1\x00', 0x404000, 0x180) 02:49:58 executing program 4: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) fsetxattr$security_selinux(r0, &(0x7f0000000000), &(0x7f00000000c0)='system_u:object_r:mail_spool_t:s0\x00', 0x22, 0x1) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @fixed}, 0xe) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r2, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) r3 = dup2(r1, r2) getsockopt$sock_int(r2, 0x1, 0xf, &(0x7f0000000080), &(0x7f0000000100)=0x4) accept4$inet6(r1, &(0x7f0000000140)={0xa, 0x0, 0x0, @private2}, &(0x7f0000000200)=0x1c, 0x0) openat$hpet(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000340)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_STOP_SCHED_SCAN(r3, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x34, 0x0, 0x800, 0x70bd26, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_COOKIE={0xc, 0x58, 0xf}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x78}]}, 0x34}, 0x1, 0x0, 0x0, 0x20000000}, 0x8000) openat$nvram(0xffffffffffffff9c, &(0x7f0000000180), 0x80500, 0x0) r5 = socket$inet6_udplite(0xa, 0x2, 0x88) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$SO_TIMESTAMP(r7, 0x1, 0x3f, &(0x7f0000000480)=0x4, 0x4) dup2(r5, r6) r8 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000240)='/sys/module/snd_intel_sdw_acpi', 0x52201, 0x1) setsockopt$inet6_udp_int(r8, 0x11, 0x0, &(0x7f0000000280)=0x7, 0x4) 02:49:58 executing program 0: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300), 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x8) 02:49:58 executing program 1: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r0, 0x400, 0x1) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000001300)=0x1, 0x3) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) 02:49:58 executing program 5: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x100000000000000, 0x0) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_open_dev$vcsa(0x0, 0xdda, 0x0) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x0, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) gettid() 02:49:58 executing program 2: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0x0, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) r7 = gettid() perf_event_open(0x0, r7, 0x1, 0xffffffffffffffff, 0x8) 02:49:58 executing program 3: syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) r0 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000000), 0x4e0c00, 0x0) ioctl$F2FS_IOC_SET_PIN_FILE(r0, 0x4004f50d, &(0x7f0000000040)) 02:49:58 executing program 6: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(0xffffffffffffffff, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) r7 = gettid() perf_event_open(0x0, r7, 0x1, 0xffffffffffffffff, 0x8) [ 2229.602413] FAULT_INJECTION: forcing a failure. [ 2229.602413] name failslab, interval 1, probability 0, space 0, times 0 [ 2229.602435] CPU: 1 PID: 7978 Comm: syz-executor.7 Not tainted 5.18.0-rc4-next-20220427 #1 [ 2229.602448] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2229.602456] Call Trace: [ 2229.602459] [ 2229.602464] dump_stack_lvl+0x8b/0xb3 [ 2229.602484] should_fail.cold+0x5/0xa [ 2229.602496] ? create_object.isra.0+0x3a/0xa20 [ 2229.602516] should_failslab+0x5/0x10 [ 2229.602533] kmem_cache_alloc+0x5b/0x480 [ 2229.602549] create_object.isra.0+0x3a/0xa20 [ 2229.602564] ? kasan_unpoison+0x23/0x50 [ 2229.602583] kmem_cache_alloc_trace+0x22e/0x3c0 [ 2229.602598] selinux_sk_alloc_security+0x90/0x200 [ 2229.602617] security_sk_alloc+0x56/0xb0 [ 2229.602638] sk_prot_alloc+0xad/0x2e0 [ 2229.602659] sk_alloc+0x34/0x750 [ 2229.602677] ? lock_downgrade+0x6d0/0x6d0 [ 2229.602696] unix_create1+0xa7/0x8d0 [ 2229.602714] unix_create+0x110/0x220 [ 2229.602730] __sock_create+0x345/0x750 [ 2229.602749] io_uring_setup.cold+0x1e6d/0x271c [ 2229.602771] ? io_sqe_files_register+0x230/0x230 [ 2229.602800] ? syscall_enter_from_user_mode+0x1d/0x50 02:49:58 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000000500), &(0x7f0000000540)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x5c62, &(0x7f0000000340)={0x0, 0xb702, 0x10, 0x0, 0x3cd}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000200), &(0x7f00000003c0)) (fail_nth: 31) openat(r0, &(0x7f0000000140)='./file1\x00', 0x404000, 0x180) [ 2229.602823] do_syscall_64+0x3b/0x90 [ 2229.602836] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2229.602852] RIP: 0033:0x7f1ab7761b19 [ 2229.602861] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2229.602872] RSP: 002b:00007f1ab4cd7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 2229.602884] RAX: ffffffffffffffda RBX: 00007f1ab7874f60 RCX: 00007f1ab7761b19 [ 2229.602891] RDX: 0000000020ffd000 RSI: 0000000020000340 RDI: 0000000000005c62 [ 2229.602898] RBP: 0000000020000340 R08: 00000000200003c0 R09: 00000000200003c0 [ 2229.602905] R10: 0000000020000200 R11: 0000000000000202 R12: 00000000200003c0 [ 2229.602912] R13: 0000000020ffd000 R14: 0000000020000200 R15: 0000000020ffc000 [ 2229.602931] [ 2229.659617] audit: type=1400 audit(1651114198.312:14): avc: denied { relabelto } for pid=7983 comm="syz-executor.4" name="L2CAP" dev="sockfs" ino=32140 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:mail_spool_t:s0 tclass=bluetooth_socket permissive=1 [ 2229.694383] FAULT_INJECTION: forcing a failure. [ 2229.694383] name failslab, interval 1, probability 0, space 0, times 0 [ 2229.694402] CPU: 1 PID: 7995 Comm: syz-executor.7 Not tainted 5.18.0-rc4-next-20220427 #1 [ 2229.694415] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2229.694423] Call Trace: [ 2229.694426] [ 2229.694430] dump_stack_lvl+0x8b/0xb3 [ 2229.694451] should_fail.cold+0x5/0xa [ 2229.694466] should_failslab+0x5/0x10 [ 2229.694483] kmem_cache_alloc_lru+0x60/0x7c0 [ 2229.694495] ? alloc_inode+0x170/0x240 [ 2229.694516] alloc_inode+0x170/0x240 [ 2229.694533] new_inode_pseudo+0x14/0xe0 [ 2229.694550] alloc_anon_inode+0x22/0x3c0 [ 2229.694563] ? _raw_spin_unlock+0x24/0x40 [ 2229.694579] anon_inode_make_secure_inode+0xaa/0x180 [ 2229.694597] ? __x64_sys_epoll_ctl+0x1c0/0x1c0 [ 2229.694611] ? security_socket_post_create+0x9e/0xd0 [ 2229.694634] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 02:49:58 executing program 0: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300), 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x8) [ 2229.694656] anon_inode_getfile_secure+0x73/0x1e0 [ 2229.694678] io_uring_setup.cold+0x1ed0/0x271c [ 2229.694700] ? io_sqe_files_register+0x230/0x230 [ 2229.694729] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2229.694751] do_syscall_64+0x3b/0x90 [ 2229.694765] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2229.694780] RIP: 0033:0x7f1ab7761b19 [ 2229.694789] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2229.694801] RSP: 002b:00007f1ab4cd7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 2229.694813] RAX: ffffffffffffffda RBX: 00007f1ab7874f60 RCX: 00007f1ab7761b19 [ 2229.694820] RDX: 0000000020ffd000 RSI: 0000000020000340 RDI: 0000000000005c62 [ 2229.694827] RBP: 0000000020000340 R08: 00000000200003c0 R09: 00000000200003c0 [ 2229.694834] R10: 0000000020000200 R11: 0000000000000202 R12: 00000000200003c0 [ 2229.694841] R13: 0000000020ffd000 R14: 0000000020000200 R15: 0000000020ffc000 [ 2229.694860] [ 2244.332498] kmemleak: 4 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 02:50:22 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000000500), &(0x7f0000000540)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x5c62, &(0x7f0000000340)={0x0, 0xb702, 0x10, 0x0, 0x3cd}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000200), &(0x7f00000003c0)) (fail_nth: 32) openat(r0, &(0x7f0000000140)='./file1\x00', 0x404000, 0x180) 02:50:22 executing program 4: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @fixed}, 0xe) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0) write$binfmt_aout(r1, &(0x7f0000000c40)=ANY=[], 0x820) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) r4 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r4, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(r3, r4) ioctl$sock_inet_SIOCGIFNETMASK(r4, 0x891b, &(0x7f00000000c0)={'gretap0\x00', {0x2, 0x0, @multicast1}}) sendfile(r1, r2, 0x0, 0x7fffffff) getsockopt$bt_l2cap_L2CAP_OPTIONS(r2, 0x6, 0x1, &(0x7f0000000000), &(0x7f0000000080)=0xc) 02:50:22 executing program 3: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0) write$binfmt_aout(r1, &(0x7f0000000c40)=ANY=[], 0x820) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x7fffffff) setsockopt$bt_l2cap_L2CAP_OPTIONS(r2, 0x6, 0x1, &(0x7f0000000000)={0xb5e, 0xee, 0x1f, 0x80, 0x1, 0x1, 0x6}, 0xc) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @fixed, 0x0, 0x2}, 0xe) 02:50:22 executing program 6: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, 0xffffffffffffffff, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r3 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r3, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r4, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r5 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r5, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r5) fcntl$dupfd(r3, 0x0, r5) r6 = gettid() perf_event_open(0x0, r6, 0x1, 0xffffffffffffffff, 0x8) 02:50:22 executing program 1: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r0, 0x400, 0x1) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000001300)=0x1, 0x3) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) 02:50:22 executing program 5: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x200000000000000, 0x0) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_open_dev$vcsa(0x0, 0xdda, 0x0) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x0, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) gettid() 02:50:22 executing program 2: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0x0, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) r7 = gettid() perf_event_open(0x0, r7, 0x1, 0xffffffffffffffff, 0x8) 02:50:22 executing program 0: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300), 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x8) [ 2253.499114] FAULT_INJECTION: forcing a failure. [ 2253.499114] name failslab, interval 1, probability 0, space 0, times 0 [ 2253.499141] CPU: 0 PID: 8007 Comm: syz-executor.7 Not tainted 5.18.0-rc4-next-20220427 #1 [ 2253.499159] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 02:50:22 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000000500), &(0x7f0000000540)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x5c62, &(0x7f0000000340)={0x0, 0xb702, 0x10, 0x0, 0x3cd}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000200), &(0x7f00000003c0)) (fail_nth: 33) openat(r0, &(0x7f0000000140)='./file1\x00', 0x404000, 0x180) [ 2253.499170] Call Trace: [ 2253.499174] [ 2253.499180] dump_stack_lvl+0x8b/0xb3 [ 2253.499206] should_fail.cold+0x5/0xa [ 2253.499223] ? create_object.isra.0+0x3a/0xa20 [ 2253.499250] should_failslab+0x5/0x10 [ 2253.499272] kmem_cache_alloc+0x5b/0x480 [ 2253.499294] create_object.isra.0+0x3a/0xa20 [ 2253.499316] ? kasan_unpoison+0x23/0x50 [ 2253.499342] kmem_cache_alloc_lru+0x2d3/0x7c0 [ 2253.499356] ? alloc_inode+0x170/0x240 [ 2253.499386] alloc_inode+0x170/0x240 [ 2253.499409] new_inode_pseudo+0x14/0xe0 02:50:22 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000000500), &(0x7f0000000540)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x5c62, &(0x7f0000000340)={0x0, 0xb702, 0x10, 0x0, 0x3cd}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000200), &(0x7f00000003c0)) (fail_nth: 34) openat(r0, &(0x7f0000000140)='./file1\x00', 0x404000, 0x180) [ 2253.499434] alloc_anon_inode+0x22/0x3c0 [ 2253.499451] ? _raw_spin_unlock+0x24/0x40 [ 2253.499473] anon_inode_make_secure_inode+0xaa/0x180 [ 2253.499497] ? __x64_sys_epoll_ctl+0x1c0/0x1c0 [ 2253.499518] ? security_socket_post_create+0x9e/0xd0 [ 2253.499548] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2253.499583] anon_inode_getfile_secure+0x73/0x1e0 [ 2253.499610] io_uring_setup.cold+0x1ed0/0x271c [ 2253.499641] ? io_sqe_files_register+0x230/0x230 [ 2253.499681] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2253.499712] do_syscall_64+0x3b/0x90 [ 2253.499731] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2253.499753] RIP: 0033:0x7f1ab7761b19 [ 2253.499765] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2253.499781] RSP: 002b:00007f1ab4cd7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 2253.499797] RAX: ffffffffffffffda RBX: 00007f1ab7874f60 RCX: 00007f1ab7761b19 [ 2253.499808] RDX: 0000000020ffd000 RSI: 0000000020000340 RDI: 0000000000005c62 [ 2253.499818] RBP: 0000000020000340 R08: 00000000200003c0 R09: 00000000200003c0 [ 2253.499828] R10: 0000000020000200 R11: 0000000000000202 R12: 00000000200003c0 [ 2253.499837] R13: 0000000020ffd000 R14: 0000000020000200 R15: 0000000020ffc000 [ 2253.499865] [ 2253.541073] FAULT_INJECTION: forcing a failure. [ 2253.541073] name failslab, interval 1, probability 0, space 0, times 0 [ 2253.541096] CPU: 0 PID: 8009 Comm: syz-executor.7 Not tainted 5.18.0-rc4-next-20220427 #1 [ 2253.541114] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2253.541125] Call Trace: [ 2253.541129] [ 2253.541134] dump_stack_lvl+0x8b/0xb3 [ 2253.541156] should_fail.cold+0x5/0xa [ 2253.541173] ? security_inode_alloc+0x34/0x160 [ 2253.541195] should_failslab+0x5/0x10 [ 2253.541217] kmem_cache_alloc+0x5b/0x480 [ 2253.541239] security_inode_alloc+0x34/0x160 [ 2253.541262] inode_init_always+0x5d8/0xd20 [ 2253.541288] alloc_inode+0x84/0x240 [ 2253.541311] new_inode_pseudo+0x14/0xe0 [ 2253.541335] alloc_anon_inode+0x22/0x3c0 [ 2253.541351] ? _raw_spin_unlock+0x24/0x40 [ 2253.541371] anon_inode_make_secure_inode+0xaa/0x180 [ 2253.541394] ? __x64_sys_epoll_ctl+0x1c0/0x1c0 [ 2253.541415] ? security_socket_post_create+0x9e/0xd0 [ 2253.541442] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2253.541472] anon_inode_getfile_secure+0x73/0x1e0 [ 2253.541498] io_uring_setup.cold+0x1ed0/0x271c [ 2253.541527] ? io_sqe_files_register+0x230/0x230 [ 2253.541570] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2253.541600] do_syscall_64+0x3b/0x90 [ 2253.541618] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2253.541639] RIP: 0033:0x7f1ab7761b19 [ 2253.541652] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2253.541666] RSP: 002b:00007f1ab4cd7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 2253.541682] RAX: ffffffffffffffda RBX: 00007f1ab7874f60 RCX: 00007f1ab7761b19 [ 2253.541692] RDX: 0000000020ffd000 RSI: 0000000020000340 RDI: 0000000000005c62 [ 2253.541702] RBP: 0000000020000340 R08: 00000000200003c0 R09: 00000000200003c0 [ 2253.541712] R10: 0000000020000200 R11: 0000000000000202 R12: 00000000200003c0 [ 2253.541721] R13: 0000000020ffd000 R14: 0000000020000200 R15: 0000000020ffc000 [ 2253.541748] [ 2253.615116] FAULT_INJECTION: forcing a failure. [ 2253.615116] name failslab, interval 1, probability 0, space 0, times 0 [ 2253.615146] CPU: 0 PID: 8020 Comm: syz-executor.7 Not tainted 5.18.0-rc4-next-20220427 #1 [ 2253.615162] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2253.615172] Call Trace: [ 2253.615176] [ 2253.615181] dump_stack_lvl+0x8b/0xb3 [ 2253.615201] should_fail.cold+0x5/0xa [ 2253.615217] ? create_object.isra.0+0x3a/0xa20 [ 2253.615242] should_failslab+0x5/0x10 [ 2253.615262] kmem_cache_alloc+0x5b/0x480 [ 2253.615282] create_object.isra.0+0x3a/0xa20 [ 2253.615302] ? kasan_unpoison+0x23/0x50 [ 2253.615325] kmem_cache_alloc+0x239/0x480 [ 2253.615345] security_inode_alloc+0x34/0x160 [ 2253.615367] inode_init_always+0x5d8/0xd20 [ 2253.615391] alloc_inode+0x84/0x240 [ 2253.615413] new_inode_pseudo+0x14/0xe0 [ 2253.615436] alloc_anon_inode+0x22/0x3c0 [ 2253.615451] ? _raw_spin_unlock+0x24/0x40 [ 2253.615470] anon_inode_make_secure_inode+0xaa/0x180 [ 2253.615492] ? __x64_sys_epoll_ctl+0x1c0/0x1c0 [ 2253.615510] ? security_socket_post_create+0x9e/0xd0 [ 2253.615537] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2253.615564] anon_inode_getfile_secure+0x73/0x1e0 [ 2253.615589] io_uring_setup.cold+0x1ed0/0x271c [ 2253.615616] ? io_sqe_files_register+0x230/0x230 [ 2253.615653] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2253.615685] do_syscall_64+0x3b/0x90 [ 2253.615702] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2253.615722] RIP: 0033:0x7f1ab7761b19 [ 2253.615733] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2253.615747] RSP: 002b:00007f1ab4cd7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 2253.615761] RAX: ffffffffffffffda RBX: 00007f1ab7874f60 RCX: 00007f1ab7761b19 02:50:22 executing program 5: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x300000000000000, 0x0) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_open_dev$vcsa(0x0, 0xdda, 0x0) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x0, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) gettid() [ 2253.615771] RDX: 0000000020ffd000 RSI: 0000000020000340 RDI: 0000000000005c62 [ 2253.615780] RBP: 0000000020000340 R08: 00000000200003c0 R09: 00000000200003c0 [ 2253.615789] R10: 0000000020000200 R11: 0000000000000202 R12: 00000000200003c0 [ 2253.615798] R13: 0000000020ffd000 R14: 0000000020000200 R15: 0000000020ffc000 [ 2253.615824] 02:50:22 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000000500), &(0x7f0000000540)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x5c62, &(0x7f0000000340)={0x0, 0xb702, 0x10, 0x0, 0x3cd}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000200), &(0x7f00000003c0)) (fail_nth: 35) openat(r0, &(0x7f0000000140)='./file1\x00', 0x404000, 0x180) 02:50:22 executing program 3: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) setsockopt$bt_l2cap_L2CAP_OPTIONS(r0, 0x6, 0x1, &(0x7f0000000000)={0x1, 0x80, 0x8, 0x7f, 0x3f, 0x7, 0x7ff}, 0xc) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @fixed, 0x0, 0x2}, 0xe) ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0xd0009411, &(0x7f0000000080)={{0x0, 0x10001, 0x80, 0xff, 0x100000001, 0x3, 0x7, 0x5, 0x100, 0x7ff, 0x2, 0x5, 0xb15e, 0xb9d3, 0x1000000000000}}) 02:50:22 executing program 1: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r0, 0x400, 0x1) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000001300)=0x1, 0x3) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) 02:50:22 executing program 5: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x400000000000000, 0x0) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_open_dev$vcsa(0x0, 0xdda, 0x0) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x0, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) gettid() [ 2253.764036] FAULT_INJECTION: forcing a failure. [ 2253.764036] name failslab, interval 1, probability 0, space 0, times 0 [ 2253.764060] CPU: 0 PID: 8033 Comm: syz-executor.7 Not tainted 5.18.0-rc4-next-20220427 #1 [ 2253.764075] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2253.764085] Call Trace: [ 2253.764089] [ 2253.764094] dump_stack_lvl+0x8b/0xb3 [ 2253.764117] should_fail.cold+0x5/0xa [ 2253.764134] should_failslab+0x5/0x10 [ 2253.764157] kmem_cache_alloc_lru+0x60/0x7c0 [ 2253.764170] ? __d_alloc+0x31/0x990 [ 2253.764191] __d_alloc+0x31/0x990 [ 2253.764210] d_alloc_pseudo+0x19/0x70 [ 2253.764227] alloc_file_pseudo+0xce/0x250 [ 2253.764246] ? alloc_file+0x580/0x580 [ 2253.764265] ? __x64_sys_epoll_ctl+0x1c0/0x1c0 [ 2253.764283] ? security_socket_post_create+0x9e/0xd0 [ 2253.764313] anon_inode_getfile_secure+0xb5/0x1e0 [ 2253.764335] io_uring_setup.cold+0x1ed0/0x271c [ 2253.764360] ? io_sqe_files_register+0x230/0x230 [ 2253.764393] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2253.764420] do_syscall_64+0x3b/0x90 [ 2253.764440] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2253.764458] RIP: 0033:0x7f1ab7761b19 [ 2253.764469] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 02:50:22 executing program 6: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, 0xffffffffffffffff, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r3 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r3, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r4, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r5 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r5, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r5) fcntl$dupfd(r3, 0x0, r5) r6 = gettid() perf_event_open(0x0, r6, 0x1, 0xffffffffffffffff, 0x8) [ 2253.764482] RSP: 002b:00007f1ab4cd7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 2253.764495] RAX: ffffffffffffffda RBX: 00007f1ab7874f60 RCX: 00007f1ab7761b19 [ 2253.764504] RDX: 0000000020ffd000 RSI: 0000000020000340 RDI: 0000000000005c62 [ 2253.764513] RBP: 0000000020000340 R08: 00000000200003c0 R09: 00000000200003c0 [ 2253.764521] R10: 0000000020000200 R11: 0000000000000202 R12: 00000000200003c0 [ 2253.764529] R13: 0000000020ffd000 R14: 0000000020000200 R15: 0000000020ffc000 02:50:22 executing program 2: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) fsetxattr$security_selinux(r0, &(0x7f0000000000), &(0x7f00000000c0)='system_u:object_r:mail_spool_t:s0\x00', 0x22, 0x1) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @fixed}, 0xe) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r2, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) r3 = dup2(r1, r2) getsockopt$sock_int(r2, 0x1, 0xf, &(0x7f0000000080), &(0x7f0000000100)=0x4) accept4$inet6(r1, &(0x7f0000000140)={0xa, 0x0, 0x0, @private2}, &(0x7f0000000200)=0x1c, 0x0) openat$hpet(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000340)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_STOP_SCHED_SCAN(r3, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x34, 0x0, 0x800, 0x70bd26, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_COOKIE={0xc, 0x58, 0xf}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x78}]}, 0x34}, 0x1, 0x0, 0x0, 0x20000000}, 0x8000) openat$nvram(0xffffffffffffff9c, &(0x7f0000000180), 0x80500, 0x0) r5 = socket$inet6_udplite(0xa, 0x2, 0x88) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$SO_TIMESTAMP(r7, 0x1, 0x3f, &(0x7f0000000480)=0x4, 0x4) dup2(r5, r6) r8 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000240)='/sys/module/snd_intel_sdw_acpi', 0x52201, 0x1) setsockopt$inet6_udp_int(r8, 0x11, 0x0, &(0x7f0000000280)=0x7, 0x4) [ 2253.764552] [ 2267.536097] kmemleak: 4 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 02:50:46 executing program 0: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x0) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x8) 02:50:46 executing program 5: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x1800000000000000, 0x0) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_open_dev$vcsa(0x0, 0xdda, 0x0) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x0, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) gettid() 02:50:46 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000000500), &(0x7f0000000540)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x5c62, &(0x7f0000000340)={0x0, 0xb702, 0x10, 0x0, 0x3cd}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000200), &(0x7f00000003c0)) (fail_nth: 36) openat(r0, &(0x7f0000000140)='./file1\x00', 0x404000, 0x180) 02:50:46 executing program 2: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, 0xffffffffffffffff, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r3 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r3, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r4, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r5 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r5, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r5) fcntl$dupfd(r3, 0x0, r5) r6 = gettid() perf_event_open(0x0, r6, 0x1, 0xffffffffffffffff, 0x8) 02:50:46 executing program 4: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @fixed}, 0xe) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r2, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(r1, r2) open_by_handle_at(r2, &(0x7f0000000000)=@FILEID_NILFS_WITH_PARENT={0x20, 0x62, {0x5, 0x80000001, 0x1, 0x9, 0x7fff}}, 0x143800) 02:50:46 executing program 1: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) fcntl$setlease(r0, 0x400, 0x1) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000001300)=0x1, 0x3) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) 02:50:46 executing program 6: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, 0xffffffffffffffff, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r3 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r3, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r4, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r5 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r5, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r5) fcntl$dupfd(r3, 0x0, r5) r6 = gettid() perf_event_open(0x0, r6, 0x1, 0xffffffffffffffff, 0x8) 02:50:46 executing program 3: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TIOCSPTLCK(r1, 0x40045431, &(0x7f0000000040)) r2 = ioctl$TIOCGPTPEER(r1, 0x5441, 0x80000001) ioctl$TIOCCONS(r2, 0x541d) dup2(r2, r1) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @fixed, 0x0, 0x2}, 0xe) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x8000, @any, 0x1ff, 0x1}, 0xe) [ 2277.449955] FAULT_INJECTION: forcing a failure. [ 2277.449955] name failslab, interval 1, probability 0, space 0, times 0 [ 2277.449985] CPU: 0 PID: 8062 Comm: syz-executor.7 Not tainted 5.18.0-rc4-next-20220427 #1 [ 2277.450005] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2277.450018] Call Trace: [ 2277.450023] [ 2277.450034] dump_stack_lvl+0x8b/0xb3 [ 2277.450064] should_fail.cold+0x5/0xa [ 2277.450084] ? create_object.isra.0+0x3a/0xa20 [ 2277.450123] should_failslab+0x5/0x10 [ 2277.450149] kmem_cache_alloc+0x5b/0x480 [ 2277.450175] create_object.isra.0+0x3a/0xa20 [ 2277.450200] ? kasan_unpoison+0x23/0x50 [ 2277.450230] kmem_cache_alloc_lru+0x2d3/0x7c0 [ 2277.450247] ? __d_alloc+0x31/0x990 [ 2277.450275] __d_alloc+0x31/0x990 [ 2277.450302] d_alloc_pseudo+0x19/0x70 [ 2277.450325] alloc_file_pseudo+0xce/0x250 [ 2277.450351] ? alloc_file+0x580/0x580 [ 2277.450377] ? __x64_sys_epoll_ctl+0x1c0/0x1c0 [ 2277.450402] ? security_socket_post_create+0x9e/0xd0 [ 2277.450444] anon_inode_getfile_secure+0xb5/0x1e0 [ 2277.450475] io_uring_setup.cold+0x1ed0/0x271c [ 2277.450510] ? io_sqe_files_register+0x230/0x230 [ 2277.450557] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2277.450594] do_syscall_64+0x3b/0x90 [ 2277.450616] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2277.450642] RIP: 0033:0x7f1ab7761b19 [ 2277.450656] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2277.450674] RSP: 002b:00007f1ab4cd7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 2277.450693] RAX: ffffffffffffffda RBX: 00007f1ab7874f60 RCX: 00007f1ab7761b19 [ 2277.450706] RDX: 0000000020ffd000 RSI: 0000000020000340 RDI: 0000000000005c62 [ 2277.450717] RBP: 0000000020000340 R08: 00000000200003c0 R09: 00000000200003c0 [ 2277.450729] R10: 0000000020000200 R11: 0000000000000202 R12: 00000000200003c0 02:50:46 executing program 1: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) fcntl$setlease(r0, 0x400, 0x1) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000001300)=0x1, 0x3) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) [ 2277.450740] R13: 0000000020ffd000 R14: 0000000020000200 R15: 0000000020ffc000 [ 2277.450773] 02:50:46 executing program 5: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0xf6ffffff00000000, 0x0) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_open_dev$vcsa(0x0, 0xdda, 0x0) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x0, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) gettid() 02:50:46 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000000500), &(0x7f0000000540)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x5c62, &(0x7f0000000340)={0x0, 0xb702, 0x10, 0x0, 0x3cd}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000200), &(0x7f00000003c0)) (fail_nth: 37) openat(r0, &(0x7f0000000140)='./file1\x00', 0x404000, 0x180) 02:50:46 executing program 2: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, 0xffffffffffffffff, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r3 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r3, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r4, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r5 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r5, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r5) fcntl$dupfd(r3, 0x0, r5) r6 = gettid() perf_event_open(0x0, r6, 0x1, 0xffffffffffffffff, 0x8) 02:50:46 executing program 3: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @fixed, 0x0, 0x2}, 0xe) write$binfmt_elf32(r0, &(0x7f0000000080)={{0x7f, 0x45, 0x4c, 0x46, 0xfe, 0x81, 0xf5, 0x8, 0x8, 0x2, 0x3e, 0x8, 0xd3, 0x38, 0xd4, 0x2b5, 0x100, 0x20, 0x2, 0x4, 0x8}, [{0x4, 0x4, 0x7, 0x7f, 0xfffffeff, 0xfffffffe, 0x8, 0x3}, {0x70000000, 0x571, 0x97, 0x80000001, 0xe62, 0x7ff, 0x20}], "3d5a706796cf03e1736a349baf2ebeca08a00b503f7da85ce3a4a4a7212cd49c8cb7add30780247a831deaaf798a5dcff8127767bd9326", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x6af) [ 2277.626042] FAULT_INJECTION: forcing a failure. [ 2277.626042] name failslab, interval 1, probability 0, space 0, times 0 [ 2277.626072] CPU: 0 PID: 8081 Comm: syz-executor.7 Not tainted 5.18.0-rc4-next-20220427 #1 [ 2277.626091] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2277.626102] Call Trace: [ 2277.626106] [ 2277.626138] dump_stack_lvl+0x8b/0xb3 [ 2277.626167] should_fail.cold+0x5/0xa [ 2277.626185] ? __alloc_file+0x21/0x230 [ 2277.626210] should_failslab+0x5/0x10 [ 2277.626234] kmem_cache_alloc+0x5b/0x480 [ 2277.626256] __alloc_file+0x21/0x230 [ 2277.626279] alloc_empty_file+0x6d/0x170 [ 2277.626303] alloc_file+0x59/0x580 [ 2277.626328] alloc_file_pseudo+0x16a/0x250 [ 2277.626351] ? alloc_file+0x580/0x580 [ 2277.626388] anon_inode_getfile_secure+0xb5/0x1e0 [ 2277.626417] io_uring_setup.cold+0x1ed0/0x271c [ 2277.626449] ? io_sqe_files_register+0x230/0x230 [ 2277.626495] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2277.626529] do_syscall_64+0x3b/0x90 [ 2277.626548] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2277.626571] RIP: 0033:0x7f1ab7761b19 [ 2277.626584] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2277.626600] RSP: 002b:00007f1ab4cd7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 2277.626617] RAX: ffffffffffffffda RBX: 00007f1ab7874f60 RCX: 00007f1ab7761b19 02:50:46 executing program 6: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, 0x0, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) r7 = gettid() perf_event_open(0x0, r7, 0x1, 0xffffffffffffffff, 0x8) 02:50:46 executing program 0: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x0) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x8) [ 2277.626628] RDX: 0000000020ffd000 RSI: 0000000020000340 RDI: 0000000000005c62 [ 2277.626644] RBP: 0000000020000340 R08: 00000000200003c0 R09: 00000000200003c0 [ 2277.626654] R10: 0000000020000200 R11: 0000000000000202 R12: 00000000200003c0 [ 2277.626664] R13: 0000000020ffd000 R14: 0000000020000200 R15: 0000000020ffc000 [ 2277.626693] 02:50:46 executing program 5: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0xfffffffffffff000, 0x0) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_open_dev$vcsa(0x0, 0xdda, 0x0) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x0, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) gettid() 02:50:46 executing program 1: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) fcntl$setlease(r0, 0x400, 0x1) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000001300)=0x1, 0x3) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) 02:50:46 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000000500), &(0x7f0000000540)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x5c62, &(0x7f0000000340)={0x0, 0xb702, 0x10, 0x0, 0x3cd}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000200), &(0x7f00000003c0)) (fail_nth: 38) openat(r0, &(0x7f0000000140)='./file1\x00', 0x404000, 0x180) 02:50:46 executing program 3: inotify_add_watch(0xffffffffffffffff, &(0x7f0000000080)='./file0\x00', 0x8) ioctl$EVIOCGPROP(0xffffffffffffffff, 0x80404509, &(0x7f0000000000)=""/53) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @fixed, 0x0, 0x2}, 0xe) [ 2277.788307] FAULT_INJECTION: forcing a failure. [ 2277.788307] name failslab, interval 1, probability 0, space 0, times 0 [ 2277.788332] CPU: 0 PID: 8097 Comm: syz-executor.7 Not tainted 5.18.0-rc4-next-20220427 #1 [ 2277.788349] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2277.788359] Call Trace: [ 2277.788363] [ 2277.788369] dump_stack_lvl+0x8b/0xb3 [ 2277.788393] should_fail.cold+0x5/0xa [ 2277.788409] ? create_object.isra.0+0x3a/0xa20 [ 2277.788434] should_failslab+0x5/0x10 [ 2277.788459] kmem_cache_alloc+0x5b/0x480 [ 2277.788479] create_object.isra.0+0x3a/0xa20 [ 2277.788499] ? kasan_unpoison+0x23/0x50 [ 2277.788523] kmem_cache_alloc+0x239/0x480 [ 2277.788542] __alloc_file+0x21/0x230 [ 2277.788562] alloc_empty_file+0x6d/0x170 [ 2277.788584] alloc_file+0x59/0x580 [ 2277.788607] alloc_file_pseudo+0x16a/0x250 [ 2277.788628] ? alloc_file+0x580/0x580 [ 2277.788660] anon_inode_getfile_secure+0xb5/0x1e0 [ 2277.788686] io_uring_setup.cold+0x1ed0/0x271c [ 2277.788714] ? io_sqe_files_register+0x230/0x230 [ 2277.788751] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2277.788780] do_syscall_64+0x3b/0x90 [ 2277.788798] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2277.788818] RIP: 0033:0x7f1ab7761b19 [ 2277.788830] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2277.788844] RSP: 002b:00007f1ab4cd7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 2277.788859] RAX: ffffffffffffffda RBX: 00007f1ab7874f60 RCX: 00007f1ab7761b19 02:50:46 executing program 2: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, 0xffffffffffffffff, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r3 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r3, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r4, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r5 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r5, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r5) fcntl$dupfd(r3, 0x0, r5) r6 = gettid() perf_event_open(0x0, r6, 0x1, 0xffffffffffffffff, 0x8) [ 2277.788869] RDX: 0000000020ffd000 RSI: 0000000020000340 RDI: 0000000000005c62 [ 2277.788878] RBP: 0000000020000340 R08: 00000000200003c0 R09: 00000000200003c0 [ 2277.788887] R10: 0000000020000200 R11: 0000000000000202 R12: 00000000200003c0 [ 2277.788896] R13: 0000000020ffd000 R14: 0000000020000200 R15: 0000000020ffc000 [ 2277.788922] [ 2292.958774] kmemleak: 4 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 02:51:08 executing program 4: request_key(&(0x7f0000000000)='dns_resolver\x00', &(0x7f0000000080)={'syz', 0x2}, &(0x7f00000000c0)='\x00', 0x0) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @fixed}, 0xe) 02:51:08 executing program 2: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x0) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x8) 02:51:08 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000000500), &(0x7f0000000540)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x5c62, &(0x7f0000000340)={0x0, 0xb702, 0x10, 0x0, 0x3cd}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000200), &(0x7f00000003c0)) (fail_nth: 39) openat(r0, &(0x7f0000000140)='./file1\x00', 0x404000, 0x180) 02:51:08 executing program 5: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x2) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_open_dev$vcsa(0x0, 0xdda, 0x0) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x0, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) gettid() 02:51:08 executing program 1: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x1) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000001300)=0x1, 0x3) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) 02:51:08 executing program 3: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) getsockopt$bt_l2cap_L2CAP_LM(r0, 0x6, 0x3, &(0x7f00000000c0), &(0x7f0000000100)=0x4) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @fixed, 0x0, 0x2}, 0xe) ioctl$sock_SIOCGIFVLAN_DEL_VLAN_CMD(r0, 0x8982, &(0x7f0000000140)={0x1, 'ip6gre0\x00', {}, 0x4}) getsockopt$bt_l2cap_L2CAP_OPTIONS(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000000), &(0x7f0000000080)=0xc) 02:51:08 executing program 0: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x0) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x8) 02:51:08 executing program 6: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, 0x0, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) r7 = gettid() perf_event_open(0x0, r7, 0x1, 0xffffffffffffffff, 0x8) 02:51:09 executing program 5: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x3) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_open_dev$vcsa(0x0, 0xdda, 0x0) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x0, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) gettid() [ 2300.392516] FAULT_INJECTION: forcing a failure. [ 2300.392516] name failslab, interval 1, probability 0, space 0, times 0 [ 2300.392548] CPU: 1 PID: 8120 Comm: syz-executor.7 Not tainted 5.18.0-rc4-next-20220427 #1 [ 2300.392572] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2300.392586] Call Trace: [ 2300.392591] [ 2300.392599] dump_stack_lvl+0x8b/0xb3 [ 2300.392629] should_fail.cold+0x5/0xa [ 2300.392657] ? security_file_alloc+0x34/0x170 [ 2300.392689] should_failslab+0x5/0x10 [ 2300.392719] kmem_cache_alloc+0x5b/0x480 [ 2300.392746] security_file_alloc+0x34/0x170 [ 2300.392778] __alloc_file+0xb6/0x230 [ 2300.392806] alloc_empty_file+0x6d/0x170 [ 2300.392837] alloc_file+0x59/0x580 [ 2300.392868] alloc_file_pseudo+0x16a/0x250 [ 2300.392897] ? alloc_file+0x580/0x580 [ 2300.392942] anon_inode_getfile_secure+0xb5/0x1e0 [ 2300.392978] io_uring_setup.cold+0x1ed0/0x271c [ 2300.393017] ? io_sqe_files_register+0x230/0x230 [ 2300.393069] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2300.393109] do_syscall_64+0x3b/0x90 [ 2300.393133] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2300.393162] RIP: 0033:0x7f1ab7761b19 [ 2300.393178] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2300.393198] RSP: 002b:00007f1ab4cd7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 2300.393219] RAX: ffffffffffffffda RBX: 00007f1ab7874f60 RCX: 00007f1ab7761b19 [ 2300.393233] RDX: 0000000020ffd000 RSI: 0000000020000340 RDI: 0000000000005c62 [ 2300.393246] RBP: 0000000020000340 R08: 00000000200003c0 R09: 00000000200003c0 [ 2300.393259] R10: 0000000020000200 R11: 0000000000000202 R12: 00000000200003c0 [ 2300.393271] R13: 0000000020ffd000 R14: 0000000020000200 R15: 0000000020ffc000 [ 2300.393307] 02:51:09 executing program 6: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, 0x0, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) r7 = gettid() perf_event_open(0x0, r7, 0x1, 0xffffffffffffffff, 0x8) 02:51:09 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000000500), &(0x7f0000000540)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x5c62, &(0x7f0000000340)={0x0, 0xb702, 0x10, 0x0, 0x3cd}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000200), &(0x7f00000003c0)) (fail_nth: 40) openat(r0, &(0x7f0000000140)='./file1\x00', 0x404000, 0x180) 02:51:09 executing program 5: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x4) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_open_dev$vcsa(0x0, 0xdda, 0x0) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x0, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) gettid() 02:51:09 executing program 1: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000001300)=0x1, 0x3) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) 02:51:09 executing program 0: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x8) 02:51:09 executing program 3: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x8, @fixed, 0x96, 0x2}, 0xfffffffffffffd1c) 02:51:09 executing program 2: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, 0xffffffffffffffff, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r3 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r3, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r4, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r5 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r5, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r5) fcntl$dupfd(r3, 0x0, r5) r6 = gettid() perf_event_open(0x0, r6, 0x1, 0xffffffffffffffff, 0x8) [ 2300.675132] FAULT_INJECTION: forcing a failure. [ 2300.675132] name failslab, interval 1, probability 0, space 0, times 0 [ 2300.675167] CPU: 0 PID: 8141 Comm: syz-executor.7 Not tainted 5.18.0-rc4-next-20220427 #1 [ 2300.675192] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2300.675207] Call Trace: [ 2300.675212] [ 2300.675220] dump_stack_lvl+0x8b/0xb3 [ 2300.675252] should_fail.cold+0x5/0xa [ 2300.675276] ? create_object.isra.0+0x3a/0xa20 [ 2300.675313] should_failslab+0x5/0x10 [ 2300.675345] kmem_cache_alloc+0x5b/0x480 [ 2300.675380] create_object.isra.0+0x3a/0xa20 [ 2300.675412] ? kasan_unpoison+0x23/0x50 [ 2300.675449] kmem_cache_alloc+0x239/0x480 [ 2300.675479] security_file_alloc+0x34/0x170 [ 2300.675515] __alloc_file+0xb6/0x230 [ 2300.675547] alloc_empty_file+0x6d/0x170 [ 2300.675582] alloc_file+0x59/0x580 [ 2300.675617] alloc_file_pseudo+0x16a/0x250 [ 2300.675650] ? alloc_file+0x580/0x580 [ 2300.675700] anon_inode_getfile_secure+0xb5/0x1e0 [ 2300.675740] io_uring_setup.cold+0x1ed0/0x271c [ 2300.675784] ? io_sqe_files_register+0x230/0x230 [ 2300.675842] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2300.675887] do_syscall_64+0x3b/0x90 [ 2300.675913] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2300.675946] RIP: 0033:0x7f1ab7761b19 [ 2300.675963] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2300.675984] RSP: 002b:00007f1ab4cd7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 2300.676006] RAX: ffffffffffffffda RBX: 00007f1ab7874f60 RCX: 00007f1ab7761b19 [ 2300.676022] RDX: 0000000020ffd000 RSI: 0000000020000340 RDI: 0000000000005c62 [ 2300.676036] RBP: 0000000020000340 R08: 00000000200003c0 R09: 00000000200003c0 [ 2300.676049] R10: 0000000020000200 R11: 0000000000000202 R12: 00000000200003c0 [ 2300.676063] R13: 0000000020ffd000 R14: 0000000020000200 R15: 0000000020ffc000 [ 2300.676103] [ 2316.563461] kmemleak: 12 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 02:51:34 executing program 4: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r1, {0x0, 0xee00}}, './file0\x00'}) getsockopt$sock_int(r2, 0x1, 0x28, &(0x7f0000000000), &(0x7f0000000080)=0x4) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @fixed}, 0xe) 02:51:34 executing program 6: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300), 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) r7 = gettid() perf_event_open(0x0, r7, 0x1, 0xffffffffffffffff, 0x8) 02:51:34 executing program 2: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(0xffffffffffffffff, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) r7 = gettid() perf_event_open(0x0, r7, 0x1, 0xffffffffffffffff, 0x8) 02:51:34 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000000500), &(0x7f0000000540)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x5c62, &(0x7f0000000340)={0x0, 0xb702, 0x10, 0x0, 0x3cd}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000200), &(0x7f00000003c0)) (fail_nth: 41) openat(r0, &(0x7f0000000140)='./file1\x00', 0x404000, 0x180) 02:51:34 executing program 1: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x3) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) 02:51:34 executing program 0: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x8) 02:51:34 executing program 5: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x8) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_open_dev$vcsa(0x0, 0xdda, 0x0) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x0, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) gettid() 02:51:34 executing program 3: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @fixed, 0x0, 0x2}, 0xe) getsockopt$bt_BT_SNDMTU(r0, 0x112, 0xc, &(0x7f0000000000)=0x8, &(0x7f0000000080)=0x2) setsockopt$bt_l2cap_L2CAP_OPTIONS(r0, 0x6, 0x1, &(0x7f00000000c0)={0x200, 0x6c8, 0x1, 0x9, 0x8c, 0x9, 0x6}, 0xc) [ 2325.745080] FAULT_INJECTION: forcing a failure. [ 2325.745080] name failslab, interval 1, probability 0, space 0, times 0 [ 2325.745112] CPU: 0 PID: 8172 Comm: syz-executor.7 Not tainted 5.18.0-rc4-next-20220427 #1 [ 2325.745136] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2325.745150] Call Trace: [ 2325.745155] [ 2325.745163] dump_stack_lvl+0x8b/0xb3 [ 2325.745195] should_fail.cold+0x5/0xa [ 2325.745217] ? io_uring_alloc_task_context+0x88/0x5b0 [ 2325.745250] should_failslab+0x5/0x10 [ 2325.745278] __kmalloc+0x72/0x440 [ 2325.745305] io_uring_alloc_task_context+0x88/0x5b0 [ 2325.745335] ? lock_release+0x3b2/0x750 02:51:34 executing program 3: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @fixed, 0x0, 0x2}, 0xe) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r2, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(r1, r2) fcntl$addseals(r1, 0x409, 0x4) [ 2325.745363] ? __io_sqe_files_unregister+0x28f/0x28f [ 2325.745391] ? lock_downgrade+0x6d0/0x6d0 [ 2325.745418] ? do_raw_spin_lock+0x121/0x260 [ 2325.745449] ? rwlock_bug.part.0+0x90/0x90 02:51:34 executing program 5: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x18) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_open_dev$vcsa(0x0, 0xdda, 0x0) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x0, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) gettid() [ 2325.745487] __io_uring_add_tctx_node.cold+0x19/0x188 [ 2325.745518] ? io_eventfd_put+0x50/0x50 [ 2325.745558] io_uring_setup.cold+0x21c1/0x271c [ 2325.745597] ? io_sqe_files_register+0x230/0x230 [ 2325.745654] ? syscall_enter_from_user_mode+0x1d/0x50 02:51:34 executing program 6: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300), 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) r7 = gettid() perf_event_open(0x0, r7, 0x1, 0xffffffffffffffff, 0x8) [ 2325.745694] do_syscall_64+0x3b/0x90 [ 2325.745718] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2325.745747] RIP: 0033:0x7f1ab7761b19 [ 2325.745763] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2325.745783] RSP: 002b:00007f1ab4cd7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 2325.745804] RAX: ffffffffffffffda RBX: 00007f1ab7874f60 RCX: 00007f1ab7761b19 [ 2325.745818] RDX: 0000000020ffd000 RSI: 0000000020000340 RDI: 0000000000005c62 [ 2325.745830] RBP: 0000000020000340 R08: 00000000200003c0 R09: 00000000200003c0 [ 2325.745843] R10: 0000000020000200 R11: 0000000000000202 R12: 00000000200003c0 02:51:34 executing program 1: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) 02:51:34 executing program 3: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @fixed, 0x0, 0x2}, 0xe) [ 2325.745856] R13: 0000000020ffd000 R14: 0000000020000200 R15: 0000000020ffc000 [ 2325.745892] 02:51:34 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000000500), &(0x7f0000000540)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x5c62, &(0x7f0000000340)={0x0, 0xb702, 0x10, 0x0, 0x3cd}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000200), &(0x7f00000003c0)) (fail_nth: 42) openat(r0, &(0x7f0000000140)='./file1\x00', 0x404000, 0x180) [ 2325.919650] FAULT_INJECTION: forcing a failure. [ 2325.919650] name failslab, interval 1, probability 0, space 0, times 0 [ 2325.919684] CPU: 1 PID: 8186 Comm: syz-executor.7 Not tainted 5.18.0-rc4-next-20220427 #1 [ 2325.919698] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2325.919707] Call Trace: [ 2325.919712] [ 2325.919719] dump_stack_lvl+0x8b/0xb3 [ 2325.919741] should_fail.cold+0x5/0xa [ 2325.919756] ? security_file_alloc+0x34/0x170 [ 2325.919779] should_failslab+0x5/0x10 [ 2325.919799] kmem_cache_alloc+0x5b/0x480 [ 2325.919818] security_file_alloc+0x34/0x170 [ 2325.919839] __alloc_file+0xb6/0x230 [ 2325.919857] alloc_empty_file+0x6d/0x170 [ 2325.919876] alloc_file+0x59/0x580 [ 2325.919894] alloc_file_pseudo+0x16a/0x250 [ 2325.919912] ? alloc_file+0x580/0x580 [ 2325.919940] anon_inode_getfile_secure+0xb5/0x1e0 [ 2325.919966] io_uring_setup.cold+0x1ed0/0x271c [ 2325.919990] ? io_sqe_files_register+0x230/0x230 [ 2325.920021] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2325.920044] do_syscall_64+0x3b/0x90 [ 2325.920057] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2325.920080] RIP: 0033:0x7f1ab7761b19 [ 2325.920091] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2325.920103] RSP: 002b:00007f1ab4cd7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 2325.920118] RAX: ffffffffffffffda RBX: 00007f1ab7874f60 RCX: 00007f1ab7761b19 [ 2325.920126] RDX: 0000000020ffd000 RSI: 0000000020000340 RDI: 0000000000005c62 [ 2325.920134] RBP: 0000000020000340 R08: 00000000200003c0 R09: 00000000200003c0 [ 2325.920144] R10: 0000000020000200 R11: 0000000000000202 R12: 00000000200003c0 [ 2325.920153] R13: 0000000020ffd000 R14: 0000000020000200 R15: 0000000020ffc000 [ 2325.920172] [ 2339.510831] kmemleak: 4 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 02:51:57 executing program 6: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300), 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) r7 = gettid() perf_event_open(0x0, r7, 0x1, 0xffffffffffffffff, 0x8) 02:51:57 executing program 5: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0xf0) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_open_dev$vcsa(0x0, 0xdda, 0x0) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x0, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) gettid() 02:51:57 executing program 4: syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) r2 = epoll_create1(0x0) syz_io_uring_submit(r0, r1, &(0x7f00000001c0)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd=r2, 0x0, 0x0, 0x0, 0x4453b12db9d9fce9}, 0x0) r3 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, r1, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x4, 0x2000, @fd_index=0xa, 0x0, &(0x7f0000002400)=[{&(0x7f0000000080)=""/75, 0x4b}, {&(0x7f0000000100)=""/4096, 0x1000}, {&(0x7f0000001100)=""/141, 0x8d}, {&(0x7f00000011c0)=""/145, 0x91}, {&(0x7f0000001280)=""/118, 0x76}, {&(0x7f0000001300)=""/4096, 0x1000}, {&(0x7f0000002300)=""/254, 0xfe}], 0x7, 0x0, 0x1, {0x0, r3}}, 0x1) r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) connect$bt_l2cap(r4, &(0x7f0000000040)={0x1f, 0x1, @fixed}, 0xe) 02:51:57 executing program 3: r0 = openat$incfs(0xffffffffffffff9c, &(0x7f0000000080)='.log\x00', 0x8000, 0x8) ioctl$BLKSECDISCARD(r0, 0x127d, &(0x7f00000000c0)=0x10000) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) prctl$PR_SET_MM_EXE_FILE(0x23, 0xd, r1) bind$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x3, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x6, 0x2}, 0xe) connect$bt_l2cap(r1, &(0x7f0000000040)={0x1f, 0x1, @fixed, 0x0, 0x2}, 0xe) 02:51:57 executing program 2: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300), 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) r7 = gettid() perf_event_open(0x0, r7, 0x1, 0xffffffffffffffff, 0x8) 02:51:57 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000000500), &(0x7f0000000540)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x5c62, &(0x7f0000000340)={0x0, 0xb702, 0x10, 0x0, 0x3cd}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000200), &(0x7f00000003c0)) (fail_nth: 43) openat(r0, &(0x7f0000000140)='./file1\x00', 0x404000, 0x180) 02:51:57 executing program 1: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) 02:51:57 executing program 0: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x8) [ 2348.593537] FAULT_INJECTION: forcing a failure. [ 2348.593537] name failslab, interval 1, probability 0, space 0, times 0 [ 2348.593559] CPU: 1 PID: 8206 Comm: syz-executor.7 Not tainted 5.18.0-rc4-next-20220427 #1 [ 2348.593573] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2348.593582] Call Trace: [ 2348.593585] [ 2348.593590] dump_stack_lvl+0x8b/0xb3 [ 2348.593611] should_fail.cold+0x5/0xa [ 2348.593626] ? io_uring_alloc_task_context+0xad/0x5b0 [ 2348.593645] should_failslab+0x5/0x10 [ 2348.593663] __kmalloc+0x72/0x440 [ 2348.593678] io_uring_alloc_task_context+0xad/0x5b0 [ 2348.593695] ? lock_release+0x3b2/0x750 [ 2348.593712] ? __io_sqe_files_unregister+0x28f/0x28f [ 2348.593727] ? lock_downgrade+0x6d0/0x6d0 [ 2348.593742] ? do_raw_spin_lock+0x121/0x260 [ 2348.593759] ? rwlock_bug.part.0+0x90/0x90 [ 2348.593780] __io_uring_add_tctx_node.cold+0x19/0x188 [ 2348.593798] ? io_eventfd_put+0x50/0x50 [ 2348.593820] io_uring_setup.cold+0x21c1/0x271c [ 2348.593842] ? io_sqe_files_register+0x230/0x230 [ 2348.593871] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2348.593894] do_syscall_64+0x3b/0x90 [ 2348.593908] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2348.593924] RIP: 0033:0x7f1ab7761b19 [ 2348.593934] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 02:51:57 executing program 3: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @fixed, 0x0, 0x2}, 0xe) accept4$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x0, @fixed}, &(0x7f0000000080)=0xe, 0x800) [ 2348.593945] RSP: 002b:00007f1ab4cd7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 2348.593957] RAX: ffffffffffffffda RBX: 00007f1ab7874f60 RCX: 00007f1ab7761b19 [ 2348.593965] RDX: 0000000020ffd000 RSI: 0000000020000340 RDI: 0000000000005c62 [ 2348.593972] RBP: 0000000020000340 R08: 00000000200003c0 R09: 00000000200003c0 [ 2348.593979] R10: 0000000020000200 R11: 0000000000000202 R12: 00000000200003c0 [ 2348.593986] R13: 0000000020ffd000 R14: 0000000020000200 R15: 0000000020ffc000 02:51:57 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000000500), &(0x7f0000000540)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x5c62, &(0x7f0000000340)={0x0, 0xb702, 0x10, 0x0, 0x3cd}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000200), &(0x7f00000003c0)) (fail_nth: 44) openat(r0, &(0x7f0000000140)='./file1\x00', 0x404000, 0x180) [ 2348.594006] 02:51:57 executing program 5: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x300) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_open_dev$vcsa(0x0, 0xdda, 0x0) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x0, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) gettid() 02:51:57 executing program 6: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x0) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) r7 = gettid() perf_event_open(0x0, r7, 0x1, 0xffffffffffffffff, 0x8) 02:51:57 executing program 5: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x1800) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_open_dev$vcsa(0x0, 0xdda, 0x0) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x0, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) gettid() [ 2348.726619] FAULT_INJECTION: forcing a failure. [ 2348.726619] name failslab, interval 1, probability 0, space 0, times 0 [ 2348.726785] CPU: 0 PID: 8218 Comm: syz-executor.7 Not tainted 5.18.0-rc4-next-20220427 #1 [ 2348.726818] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2348.726836] Call Trace: [ 2348.726843] [ 2348.726852] dump_stack_lvl+0x8b/0xb3 [ 2348.726886] should_fail.cold+0x5/0xa [ 2348.726913] ? create_object.isra.0+0x3a/0xa20 [ 2348.726957] should_failslab+0x5/0x10 [ 2348.726990] kmem_cache_alloc+0x5b/0x480 [ 2348.727022] create_object.isra.0+0x3a/0xa20 [ 2348.727056] ? kasan_unpoison+0x23/0x50 [ 2348.727096] __kmalloc+0x25b/0x440 [ 2348.727125] io_uring_alloc_task_context+0xad/0x5b0 [ 2348.727169] ? lock_release+0x3b2/0x750 [ 2348.727200] ? __io_sqe_files_unregister+0x28f/0x28f [ 2348.727234] ? lock_downgrade+0x6d0/0x6d0 [ 2348.727265] ? do_raw_spin_lock+0x121/0x260 [ 2348.727302] ? rwlock_bug.part.0+0x90/0x90 [ 2348.727345] __io_uring_add_tctx_node.cold+0x19/0x188 [ 2348.727381] ? io_eventfd_put+0x50/0x50 [ 2348.727425] io_uring_setup.cold+0x21c1/0x271c [ 2348.727471] ? io_sqe_files_register+0x230/0x230 [ 2348.727530] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2348.727576] do_syscall_64+0x3b/0x90 [ 2348.727606] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2348.727641] RIP: 0033:0x7f1ab7761b19 [ 2348.727659] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 02:51:57 executing program 0: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x0) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x8) [ 2348.727684] RSP: 002b:00007f1ab4cd7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 2348.727708] RAX: ffffffffffffffda RBX: 00007f1ab7874f60 RCX: 00007f1ab7761b19 [ 2348.727723] RDX: 0000000020ffd000 RSI: 0000000020000340 RDI: 0000000000005c62 02:51:57 executing program 3: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @fixed, 0x0, 0x2}, 0xe) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x6, @none, 0x80, 0x2}, 0xe) 02:51:57 executing program 1: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) [ 2348.727739] RBP: 0000000020000340 R08: 00000000200003c0 R09: 00000000200003c0 [ 2348.727760] R10: 0000000020000200 R11: 0000000000000202 R12: 00000000200003c0 [ 2348.727781] R13: 0000000020ffd000 R14: 0000000020000200 R15: 0000000020ffc000 [ 2348.727829] [ 2361.994294] kmemleak: 4 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 02:52:18 executing program 5: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0xf000) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_open_dev$vcsa(0x0, 0xdda, 0x0) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x0, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) gettid() 02:52:18 executing program 2: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300), 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) r7 = gettid() perf_event_open(0x0, r7, 0x1, 0xffffffffffffffff, 0x8) 02:52:18 executing program 6: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x0) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) r7 = gettid() perf_event_open(0x0, r7, 0x1, 0xffffffffffffffff, 0x8) 02:52:18 executing program 3: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0xfffd, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x2, 0x2}, 0xe) 02:52:18 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000000500), &(0x7f0000000540)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x5c62, &(0x7f0000000340)={0x0, 0xb702, 0x10, 0x0, 0x3cd}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000200), &(0x7f00000003c0)) (fail_nth: 45) openat(r0, &(0x7f0000000140)='./file1\x00', 0x404000, 0x180) 02:52:18 executing program 1: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) 02:52:18 executing program 0: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x0) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x8) 02:52:18 executing program 4: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @fixed, 0x0, 0x2}, 0xe) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r2, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) r4 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r4, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(r3, r4) r5 = socket$inet6_udplite(0xa, 0x2, 0x88) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(r5, r6) getsockopt$SO_TIMESTAMP(r5, 0x1, 0x1d, &(0x7f0000002580), &(0x7f00000025c0)=0x4) lstat(&(0x7f0000000280)='./file0\x00', &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0}) lchown(&(0x7f0000000140)='./file0\x00', r7, 0xee00) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000002540)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000002500)={&(0x7f0000001080)={0x145c, 0x32, 0x800, 0x70bd2b, 0x25dfdbfd, {0x1a}, [@nested={0x10e6, 0x68, 0x0, 0x1, [@generic="b5fb", @generic="eb776f3abd38cbc8d1464d831c", @generic="77b6e872dcf3ffb8709edd9672b9f834bca1873f5872e65921b3ed657d4cb61fbb36ce4866a4189bdb7c67c018f4a507ba2fd6159dcf136352b0bbaeb521c876c7319eb545cae0ea7db773ab11e100193a9fffd356a0d410bc9c4cb5ce551b07f53909badb3aeb196020a28617b7d41a92bfd4ae87da0d0ae9505041404c64561a898fa154b3f6b850668a6df328275944f299c88123ce55e12c599bf2fba24e3d13bc68cd12ee608950c59b18cc9994c2357475cbb60a3c20375901ce87a5e9ab3d1ef227183e46a4b27ec40adca5361e6c28a19a5ae10b20d6276d054e5873cff3d321a5e8d143ca9d80e6943b044212da8602fd894ce09c900623c67eb81dd797cfa099b4c4453301dbf1dfa545f79177b207bd7b5735723d7868c4db12e94f84680ca28ddeed185c88bf2cf6a2cc5f9b5ef25d2c7b5c5b7cdefc810bdfb0eb7780b4301f78a43ba726ec5e909b66c730e74916de508874b720b1829e4fe4d06d6db11d0ce640e702af4e40c385565802ed4f660c916213a3e1da1ed11b761dc8c757b1efd50b0262a7067871e3b0aea6debaea20f8d2941e12ac5a885198c42d5d441ec366d6716f06181b9865397d664c19c21c5440ca295e638a12687c1d8b06a8efc7871980f6749d65ca7aba2c337144a9dbb5dd728e86f096b2557fb56f0607108c3c68581c36ee2beef71c3dfcb63d523ace7350cc55af888c5418c32b6f857e5c2581f41296b30103238667c9754e259bcdc36001c4e60a53d52eea1ec424f429663f38efc8b66131ca67938000cfb8089f7e1492f1ea26f864df073001d446e544fb8c5e32da771118cb285ab23dedfbe74aea882a425a0886131cb0a3c33c1696c027514e936a7ad20c8557adc524046608f3d4682d9af6e3408d264b53f47fa76cdf7b64facfc3d8d5a6f3de6527c55328bcbd115c2841e8abe14d5b2484cb0b758908ca238e5aa18b38c300b3e5f2d42373bd25d56d379f5b7287202853ae35b4606cb0751b5f2cfb3bf13a8e83fcd2706ad138b5eaca219444bcd5c5f8a0930543fdfc7918be0b99724f37882bdee21e94b1b829eacd3c342ff9658350409b58c415676e7c2121174e38a13a3b889846b84d13643ba7eccfc385bb9d6763e27276dfc5cec2af8af39b13bf5f7fd6348716605dcd05b9a4995b67a1a5b8894c691c947885262b3b76b98d32fe5d93c5e18c9382f858302fef62f8fb4bf2b1411b4bc57a0ae7a000178aceb8603f944c09fea0ba126e7d632291ee63505203f27e657b9494233dc342dbeb18a8806fdb03e9be78e505ae74c34d26a80e85a0698fd0e2aa6fecc3a7b0dbc8967202d554802daab94cc2dd3e72f9a6751ec0cc32bb26230b6598f38ef85d5fd78734e41049584247ce4736d549c40349eb7e5907d4d211d7b126ce7bcf3b2376bfe6f172282455a957016a57cfc6d094554b92b4538e9acad4c15007ba9b7c13279fa48065822279f280e59e3ea354e09002c3a1183d2deb782fb562190335ca65781c415401fccf5c81182f4063a21acfecbb3e8ca44d4f89bbfcd5e29611a4f3e087fd9c36714401117a43fea22813b15b8314baf3224683fb7cb696b9d84620e6bf75a21c10ac845ebdcfea354ff3ac8aa6d484f9c6571b4338e4f7a391bd1b58f18206105666ba8d871ccb72dcc05f8ec46b67611b98eff71e7a9c1eff64950a6cea5317fb25057872d7c4607e8cd38999967bd27b3d24c695eac4c9a66b9a2226d426908e50a65c7b331b1ea9b3cb06dc51f0c4bc3c16921f0c7c3da26971b1d182c392e46d00f20e795c1c9748fb8bf267fc31ee7937b1a3f59093c7847a4820b62810b36f380b61ac7941bba566d5d558e1d232989551ade1da30dde2648cd4330be975e2d543504aa6d6d8fac3050b218451fd75e81a8cb1a18f9a2a46aeced9d23e5c763a57f83005dbfb94f5347bdfc2b19ee0c1223391923744634f39f3c9cd070686822be84b7a1c7475ae84c832eb81e1de6f34e8b16afdf5ae7282be2deae557945cd5e8d2405f443676a5a45b9e9a89dc8ce6c8fed658a5db1ef253a6f7fae313f120260edc94194a56474b88361991050ca57889619219dfcb67d5a3941c8d8eaca12ab87bb22cf6be9d14a53aa1242373e31fbe0f073751333ae1df3bae3ca242c506e359a2e5b0ee111a6152a63c5359c49abf5425b30a4bd0df7294a6eb3a3c15f015ee3608e544467adbdc4b1c19082b995909d91843d94be61eb1231a01dfcb27f7a5dd7ac960bd94a9061cc12708a3be2086ca4c98e0b4783445dafb547752715c787124f076d96322676c0830388a5eb3cb82ee223499b5e161e42b9061a6c17135e618d46512db0c06faf37fb5388d024eafe6daedcac61d33e8503e60876328140d18c49a2dc14bd13834e04f58abca6851033817fda3409210df8aee062ac7a1ff6c5637a1060d991a41670f6ed6bdc7b5db3a3116bceda546c61664ca7563bfb186c669713b5a9c5b73a8d2e586215b0c70484fb0201ab59107dfb0fb00ea31ecc796dff8a6494156472b9a6140a20259067aba5bfc6e784dcb42cccc9b5e20d3b28693e4675b4510e40f01d100b5de95a2a3086b1ba06b6b9bc275845eb478b28ce349b59dd6e26e603193ffd8a3344747eb7a3240583bea8ac21a171d1a3c1e124823d21b7465335332061a4801ef3ff59e38968f8b321bdc403c9a37d7f5872755f709f296b4937cc0e10e889ba112c97c613946e7f67cdcc9c3068234d827a9a9e0f9ec4a6f315e3958ec3904b8ae375f736907938a2eaf6e374889b1a663e6f96d92dc65f230f1a0ad2198bcfee562bb902a6bd415a0a1c393f8b951d93c2a89bffa48a86e8625364b4c7be060b460f849289f263ff3efcf7ebbb7c680a043e6eef30bbfb53f6d94c679f9d643d6c8e589339e9e43256a394bc16f1d371ca35cc105e433880a53d8e74556fdf139b27dee6888fc77d29f91b02b897b670b8c60411d115542908e0fa695426ebbaf04bf1e2b95d8841e11a2f799e332461af836fd959392fe783ee386b4d77240f0285d180345b01b506e9048f7303638f8253ae5b3726bd74f34e56bd5f440b00dcb01a1de27a3bacf955c8b09052d791bdb293af5e24c04b8a3e56d812609fe25c08a5d582d31256a85d58cca49b175dc9fae38d68b6e00925fe7f996fb553495861a9222743e4a1dc052476e93cda216b9c8cd6c3771ce082057fb20fa0800bf17175485177b91bfc585bdae7590ed7979fa260a74715e73d43f282a86201884d85ae491349ecf95c95c9af0409bd6b02dff86904137b8848c7aa7227e37d21356d4727ef389794f21b7a25da815ae77001bef29c22557ea7b7276374ce588d854db106138c6e64a703f0aa780735a8246e3b7c574d72fcc4aac03373ce58b4c95b392fa030ce0caba0aaf2113f745f276bc42805e8ac1005f6f6148ac0fccda9b2da50154ddd77212aa69ca8a6cf33df115b73fb40a121a00285b64ad3a75c007565c7a4e1e378e7abdfd8a9c6327116de45d79cd9265799c8cf0d4cb38f16b7bd744c762be89dcd39b82306df0dd5beb7d2385b929d2c7dda260d00934e06b921b0114532eeeaad1e35d7e55d230aa69f71140d086aceff81d72f7b32d3f25d8ec642d9dfe9f0de20b87b2db2d84fe7d46edc1f626cec036777d33ac3e80386bbe2af16456d859481f7261735874fc9d16cebb2761109f856c041e3d09ca0e7049448e50021947baf92e2efdcd85cbbf42cf1c20ed0654de36b8047dc44a2268cf175663b8fc9905966d735474012fa957b9762d8c1734a3a24f051e0431f8706424ca7cd55c6191109aebc4131a583add4ab756966e6681b940ac39461cf7fc10404c17392923bdf7c23e97f3546ef705ecf00d4d9775720072d4fcdc53506e86e7a229e9e3d409e583200b033116a5608ab633390dbec23e7176711efea85c8c5c4b2874f8672369ab66fd8250bc95cd11e46057e692903e64838854f7f034c7503e72f5f032c485e7bba8290aded310c3ef9b9d90fff5dca283080fc20a18106862ff40448e127de611014e543a00392a6163325ff8b044406d6a74188c14f19be636b820d524431b79ae2a8243099653b800ae76ed86e224b54f15515e26a3d304baf083d0b07926f99f53747822ee5f588d1b3d8914adb9ecaa268858031cd6acffa7db38ec4600f81bcd7c3114608ee7f0d4c0d7d30847e7d04cec6e344a3e827d3de1dfa58c60c02093c962dbb4d5b523470573cfc02fff242340ea218affeffded185280222285cc42cfca0cb106462cebe942436b2d2f30d7ddcd444b61de940aab20682b09fbe2645cf0bd13cc10553b8ff9907ece58a073435812f2475f0398e561508ec900e6af6565d491401ed1d76e8dbeb459b3f49a9485b517d825ad257a639a770c0f74e56bae883c95228bd1072130734df045e1bae755024d7d9052dd31dc0ec396409a1e818325316c6de3a719f2973acea7ed4f5b2f6dc3f1b69fbc58f90d95ffe2d314cfa41364ca2a88b1b9472eacd3371f8ce0364ce0c3ae657586a8860e2d441f23256fd2d7fd0d104660a5f0643d01e5dcec7a58efdee9091b7ad1013745b45617abb103675f708492bf155e90dd856ab63132f20a386e1fe00b0a3d3383732552e941da002d7c1422bbf5d027408afd3a402f307b831b894c7b53de57f2434a3018aa8e02b87503702dd9a8d74242fe5c5801fe60e34a7e5e4cf152bd654cf5e13b5dfee255ac9b0e5761c262c6dd3affd4ebbc346a07b4ab787242d564b725b039e640ce0b5ebbe43ca20bed7e2e728ec83be488be9684392b8bdcd94b73969d50b566e7aed476e46d6f40914beb388b5349d463a3615d166c9fda52e2f8b1cb226cf25d5f8f479eb2349b919d0fa5dd2cdf0d76640b6f17c4372e3fad228c598d1a60ae43f60e5e26cae9f478a15dab37160bb90eb62ee56ba3c06a13688428e583ce10ef8d5ff7a15df5b6865a06b43e4e84082150f35443383c583031f9e3d91f924b9854aba9f4b8c329deaafb7e5606178600d4574d0e01f5c8430e072e4ea1bd186c57db611f839bc5283e30b96463e91180f656e216ba3969f7d60b61380dd7b4842b50f22e0c2052e1888cdf03c55ceee043c4ed8e7983482f08ad040b85f1026056f0f7efe3a072053c95f3f485481f631509db4c68ab07d0e28a634bdc07f4def9257dc9a9593479bfb7eeb042fcc5eb46bad734fc394178fb509d60e58af2357bd0ebd421f88d477d8c36813a44180a850aaa392941ab05827b536569742f013513914737851e858edc74ae9068de3e95d33f3a348e803413c0de2f5c487726f25e48d803dd8f1100b8e0585346c0c68f4ab8f0aff2f599596ed55851b34f32aa01ad9b71e5108f50beda1925ff56f9fec931517bc6f06efecd20ed29de1594111bb8f2ff6633ca28eaf4a9a6909c027572563221bae07a7e56db6b68ca4881048916f8754b17ee628d3c932b181022a40b5bfc6b40a4c507db7520dec68a6bf46580e35fa1c4d22c43ee333c01741ee9a26b4bcd3a92b6506dad9d83870195668637b5f540ee4acf3fe3654a3ceb3f5c58716e1c66bf806fa1f24caf25527286541239f65fff1fb2fa25881c1af5f9e927485e17f75d446d2dc61dc1094f76c669464d4517bfda7810438e49f133c6856e3e1c2310d1911c2c2d29157716b3b47941ae7bc5d96b6c9f142803c0ecd88408cae7b255c087c3ccdb4c4bb1a54f0d2efced8c408f053e369bb465c7175aa2c1c5e4c9b193321ca94c", @generic="434c075cf0fc3b703f92cba90537f8e2eccbc3f6875bb36a799b4f51d07778b78029626c13b328d8403b80329429ef70ec997558cc4f35cd7b49e846665c2576b064ce4d0014c0941e4ec185327c3865c65ec2427482d828e5d2da5a9290f1556dcbfa4ac2efe69362d1e60ad210879407f8ec499df1ee5e38c4553077f13cfec1168f4f867e8e6e48480c4ea4b7a89d05953774e38bbc3f8e08cdb606ab7a1f7a4beae1162cff89fc9ada60224b66e16c657fa2b6aff94de7a265db5c1f963ecf2cec0238e875588a90480adc6f26db635d6d"]}, @nested={0x34b, 0x8c, 0x0, 0x1, [@generic="67a96fddebe0409d3d14fa4e169063bc2b59b867262e38451280929c052995c94c6d3309fd6ae837220f9158dc5d5912d9204797248abba45352aad861807008df290bce8a39427c7a5430aa24bd387e0f741a5dc2a51e729aa9558be6dc3fa3969a22f43e34455dcb08c2608c5c7c70ae2e009f7cdbb1031c1ce1735b5a4df9d87a7b3474e80bf20ebdce0439208d57e33e507de4a9c60de127c1753adad0160b810241123c064c9a5292c4a3094c216522ea4cf1be32344f23826f837d3208fafab757422d8112ba4bbbea43acef3d64ed562ce466923f4d0787fea6d36776d2ebb757abefe797b7e14940a75c817d2c855e7154", @typed={0x8, 0x25, 0x0, 0x0, @fd=r3}, @typed={0x8, 0x16, 0x0, 0x0, @u32=0x1000}, @generic="f33772fe138ceb16e5c30a58644a79dbb95fae4588fa26dc5fcf66723c5d5e", @generic="6b497dd2904d87f34e06c476150f41b7cd519e1c8c95b973629dfe9e2a932d3a6703e548b7db8ba8c7eacf93e5423cff9c2fc8256a2acc94bf854eaaa2e9013dbc9fdb8bf59541c1857c01e54050f8f98732112871af1d2ab0b377dcd6e4b86d18cdbc6e29f195ad25b4cb192f6025d9bd0afa5f5a34acad822602f277a39b92453530f53973ac7124aa3705ddc2bbb89d8071b6661352789505ad900269e69dffb822f3914e9ce23ee6eaf1839ccad62278f81fdf4e2e519b1988f36d2c302ce6dbf0644f8cc07611bd16d93ab4d5126308e3d0aff482485f", @typed={0x8, 0x2e, 0x0, 0x0, @uid=r7}, @generic="b9e5b72d9c97f52eeef08db96e15b552595561724adb50d990b726cc2937baa5c5a365d82674751ac0d3b158979a96afc2d4810325b384968b464827e07be4e4cb96d9c39b659d1514860cbd40eed00415da2aefe908a13a182c725b715b6861c053db11deef1a45a1e57ee9883c1596c6e57c810d475d0eb43c357aa8757f50f7f7a496db01ceafa0df2c938c8dd5a2057914ecc22944fddca0c8af94f2600438e756253a248f5accb17e6895ddea1cd3916925fbe2b1544c144022dae644f733dfdf37fbf74cb4bb5c53691935c04e776fd11408b79588d97aecc2ba76ac14d2298cdbf83e96a777ff0ea82945e634cc221f3a8845", @generic="d1798a8ec6fafde2bf7f7f6c9a62f0038d521b5d0aba2bfe0fede4c695c5dfec6aa1a81a3890e5ff561298f0743d7aa00c5c7998d37b37ee5aedaaf16895ec14a844b99ba7698e8815c7a40c"]}, @typed={0x14, 0x5b, 0x0, 0x0, @ipv6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}]}, 0x145c}, 0x1, 0x0, 0x0, 0x4000080}, 0x9000) dup2(r1, r2) ioctl$BTRFS_IOC_SNAP_DESTROY_V2(r0, 0x5000943f, &(0x7f0000000080)={{r2}, 0x0, 0x2, @unused=[0x200, 0x800, 0x80, 0x1], @name="986933822efbd1b2350dcf46a434caff1f7c735c3e99651e47f10b4827715e5180747409ca9c79283c5906674855d58dbc74dfd657331948fe8d9f1836bb76b75bd9d7affa7ffa4a8ac71109dd9331274e05a6ce7a06f30f50c1986381f912314b5e9bbb3b87b790173c77a3b9c40bf53a40c1840a5e22d32ba7c77fb76cd85b6fe687b514e70d645ade60a59af4f9f120d4167958421018cbf46830c194e72d535dd0d24e9ccbbe252a684d0a22791fbb376c32ea643436dfe0c0df8bc25abe50022572f1b6c2f5bd26b62c6a4e8d1b99b0b2cabc4b3a9fc039824a73e7a7ee59ab0776b66638310642535bc4e1ca8773bcc33191e6de355112aff67832bb5803c7453260f0751f573445ce8c4eb5fad75ce5d269051fe173d5fa3d02526f7a706dd0a7d286713b568be87d02e83d16097f2a590466bc2616f40fb366403e2611c141c06f051ab5dc666c529c02e75c3a968de1a4c52d009a2f78f73f67315214f9589443c77bdcc4c3af103099cb7d5f0bc7cc5d5dc73b3bb04a86d3b8c91d9040c3a542a866fac81dbf40aea8abfb937e4406f8ccf3becc6beebd246c4f057b89414b63ed50d353c5b049b3e35b19455266e67a5b93ad5d2b171938ebf4f9bdeddf7e246aa689f2c2053d05ff5abf293c06d8daf67818f8504b9cd6c2665d35d16e50a5d24cd28003321e84077e86bbe2769501c2da47539ee7db4197e890195dd02ee1f621bcc6cef16f1e77fd0f7302d52176af244bd213fd3213b7bc8bbc7ad48c8470080b4d09996c9c1d5c52f142b424030d0e37f3c77fb42773f1403a0522bcd1a4bef4f6efb2faeba1bd523303686571cdfad2a301918f2d5e6880c56d18bbdc7678620d69761c2c0a6750ce8756962ea8e6c2cdcf0bd7818eeb4bf1d4159169d7850495411892dba845869170161bd95cf164886735f5fb245f06d56a2d3e85f2177d86de75cb5155949e0b2257bc5256fda095ec293242c514a678e00da16e31ecaaead5cfd0de43e02f397f72e9dd463dd230ba42bda9dd5bcaa5b1f21ac0e85bd3f758f6e690d0b386314b4bc792b5eb18c6e934f3b26c35d2e48cb5c431cd800071bbecf2febbb7a4c8868fbb93162c019d86ae7c3178364d129974c7d738a5e27189406881a0d2563b6e4491d8be10c845cf540d54430bb5fef9b96a8a3b3f157a46224496f1fa65fdfe36b3a2afda0f06a5e62b2ca7f9c11a7836c856e7ed5207e8d01ddee3593fdcaa4082c1fb58eb3808a7796e9b84d8be9f2f281da0e33c4eb64d0dc0bea5f5cb1c2d19f826fd9bf9a4f57ed319cf5748d2308620f311cdcaf4bad2f8e3819a9d624bd204b3f2b2acfed5b53382a8a89763b79b84cd33c16445fc59cc0e4274b23fad6bfe356d275b345ba288a8607170fd24b492434106eff0fbf16655d8ee48e9b7eae7b4a6283ee5161b52dfd52f107397aeb4e2893ede7732e8d60d867a244b732f20c47bde2c89d524def2b47591a705b326399f1fc4a3c3b37c8c375f8a18714fbd50519d33bd25172be7fd0728aabee964259091cc77edd914d2cac797748eba2c658392b4622264db7e8214c2ce2c17aac46ca1ddf71504a32ab66cc3ef9aad787b32c066051be3d49a6e16b9b137c4f3c907a5f5d2744396cbee761a73c332352cd8d704cd6a7481b1fee0faedd8febeb61af38bac9fe01f916c025bb038a1541bc6b5ce5c84e83160634607b61e28487c15ff1b231a01bf9bd37630edfae5436a9000906f1c7de8b7593448c7d11642843a026974c7374bce2ef1e18718fe1183a7c96e25e5f616c55bad5975283ddcff312d06b4b16771e77de051682fe905b1831e2a07a975adebb4fe5b32ece1610c6f65b3fb59b367bf21eef40491e2fa630bcfda06616d90d856dc117d333237192348f629a4b6e7de6e2f537371519f4f3d577a016ba0454aa4ae534c39bf87ad66f44da054201f92234b9a518abf2ed7c609278b74477cd978c90538b672e51d5da449a76e9c83a7f1a984fd42108304924d754adfc887a280ed6fd3de4e6e7442521e271101657b17fcde30a17bae98c6209972d7cc881853877b91798e88416ecd9d9e7a62cb8aa040f14739df24a1684d07c29c899d447392155f15178627a7deb6dd7ddc3b8eac255076e1ca3c402033a75ef29a511a2576c4120d39f1235072bd28f7ddda9760f910a5482cf0cfb1de2bdb69e5ea198f15440803b3b73873e76326607583f05f673e089deb17cf34ca990f9ee25cc83092ec19b923253b69fabfd5f8c7c368c69fc6c9681be6de41622e0d44f795bc0e7fa2ea212633298d1ccfade942aeccc4c9f9c67c5a83038b927d22c53312d408b5f29f05b0f8cdf68aadeb3ff1d3b33803e2778874c236bb90616ebe998381af195343e7a63514955fc46223f49b51691862fd8e0bb3f107f6b4408bed7fe88fd9ca0b484b401a39a318af767af63f851776153ef109bb01d5d3b8814ffd39a15af2280c2ca82b475e1f7c0633548bba8e05d9914b445effabac2151ff8e3a6ea61229749f815734ace0463f122cbe1c8027fcb36155b8d81fcf4110283e3edd67af2ecd91a906cfcd0246dd2881bd8fbf033eee471e4838045780a3492ddd24a72f0f1fe07051d29e3f6047e9b08aba12190517caa7cd04d720a5cc0e8d1f162015ee07451b180b4716e074b5de139d60e8d2d426d8b748b7237822972d62ca1ffbe6a8de66f2683f8dd7d62df234c2fcb98482ff13049dd0910e59cfc92a904a8015a9c08ee67fb2b90524a578f2b1038cc59487f5736c0f603003683e3f00bd649bbd16b819e654970960aa80a3332a2a54ca76220624612f8df6f3546f088a502d87240f675f4b7c415405f6efe3255834388f303b78bca8ff458dd5d4792a62e327ffc086b01dd3be22b77aa5364dd7b3a522384777cd1eb812c72b7f459812a08b3ca3c48575be49a4dcb3df7ecfafe80df1321253d7909ed07a6cf54fa51e1956746fc526efe1d55ddfd7da02741d10da5c20908579fd32fb9903d6017e24263f09edf840c2001783a6a5ed1826c55d1bf814ccf6362380c55ece6d29e168eb868c5e4b9eabde84eea5878cca082899d2bfad9bbd014e2cb932f523c6af1572a8a73b7dff5da589d51c3890c95613e9318f9ecf48adbffefcba61867154eeaeebc8b0838f3bbd4a72b1350309fa83e1f5411944ac63775d3c737e885826ca3004c3431991d14c6e7ecaa78c72ea01d8a24a5bcbf7c1b93adad887a60837693fdb6ea4c69a3d1fcbf3e0df3fecdb28f0eedaf1c77d655e5eaca2a00a7e01581fffe53d72ea907d95320906b097bcad519294f8a599592d3f98a115543970f8bc15b61d7971735396d124062783557eb0649ad36e70d31133d4eb194681159e92af5bb3543d65c03d4428572057287bd88894c1c5180f041140c2e48355c75493eec5fee39af87d00a8471c5e2d2c1f5733a4d4974ff52c82cd1c82ab34f918477942118039fd6296156abdb036e0b42d3c4f7540551f027197623b4eb0de451a2e4ca7aa175f8d34b3dbcefee65926c2d5c37ff93bb2b4dfe19f14ff2204e12bc05c3481833a3b4e8a2fa8418512ab4c3018c7e0e922dfa53e48f437d7f300ab983030da7db1c7dedf53ca39a995fcfdc7d1e110d6fb6d22343120dffc5176e506a7f4d71c156ebf092c46d334a956229521ec61d31a1d738887780f3be7ea3575a2fc57f0169a82458f90f97a91a5304c46f1953619729824a7f97f51e538a5b02521838c439133eb4e91509358c943b5e7a22a225b1dd30470a89db869c906152c59473bd659a9edf3a1635205b0628520d752bb2a974d7b153c6c034c4575cba369fa8731cb8961a4f785205109f2a39ad397f9372f5e2f1940bf2e5b06f3362a48b503553685183d4f5375763b601242199ee13adf53938248f7df4f45ac4e330f1da41936a385692cde084a9eb3eb6ef8f183d266f58180536ff19a8453f46b95c73d8fabb4c176d8bd8eeadc323a370078883cafc49941d93c8d9744e8c67854704c9345e0d4693529da80336c261feba03b9472ab3288b59efaffd95be6d83b7d3220899b3e2f14ebfa3dbf8c7fd06df318aa51755acd359931e4d1809ff00c8cd255e5657903e6e65a7ad62780a1ed9fe8eba23dd68b591052eb77c828f2598cba9ff150dc0b213f5965ba5b9b0dd1f2a06916f14a0348dad44ac1c519a29a49c50ec16872813dbfc181fdaa109e12dacd98659f757beb799abee4b94d56ef10fdba747486873997e8aa348f88f7f060c507667648fdc1a51bc90929251026b3975e3b879bafe07623ffa6795022cb5e13d09b04c0081460d7209117f6fcee32eee5687b5f3e308a4fa5c8c1a369aceae640014317fdc5889bd3050a7ee2e117d71670639f6740c095b35a19ac45718f230072277fe869572ebbacf4c95aa16eda76e3fddbdac93ab1a54b0973aeb8259f11c6c7e33267ebdffae858bdafaaeba5e08931c82506de2f2ee199518001e28740781a9799e3e338d15fdcce74780ab457aaab6a1c5f8ebaa80e0dea14532da7d81379d7551b5c26439a2ffe9765c2093beb5b80dbfdc26c797b0d0c0b37d06338a7e60f6c018fa5fa26add031229f1e5fcc50ed06cc7ed1630199a0ef81126c1b8d79e42e24f201b1b049bce13f2b361eb0546ae96114aacb2c8e4afd63e1de2fabb69dd71be4c26974721cba1d5290de5afda9b78d35b2e11335b2c994e8691e4498959ffd5fe55699feebeb1faf401dc61a8066503affd733174d9881c252b76a03e6e85f200fdb60a84dbb6316a95aa3f891acc771a2cc6f9862c14c2440416b647d2e49bad535f940750975f6b44ac6883dbcf0f5d5bc2d238fbd28332854a42272a26193767316a811a6f14d76cd204c84ccc2be636c3e86fcba15b39e2702dd331fbb598d9403f5e52591864d307452a9eb411599e6cf1a006c8b7e6d5ab04629b5752ea63dfa1afe18970a26499e20e9f6525c097c21a74fbdd00b8ac09ca2db47171e6a492b2a8bfa7c3cb25d6b6a85056e7d58bb0d4c578dd4df954c0ffb57b2c4355f6b914530e54729f0a0981d38da97dc66c01385112e94ebeaf57ecf79943027f3969a618ba1da91a2dd92ca1fce37e50919e521f6dc4ce5b7a6930e17410c6b0408015928744b19218d3e05b3c75e831fb654b1cb181a77e7455e6400a50c9f9234e4659450f33b0aa9bccaa2aeb899609df79ca921f35c36b68edd8502458cc8dac7ab0670d4004998b8438ab362f747d08cc3ed8335144de8f5a035ee24f179106007e09d28f02a8124ddb8fd5a6cffd99e77a39e4a319813f7578410d72110823e8cc9ab57305ef68c796b2f94a45c88d74c9bfffb1f4a9e6336bacdda8b2e6858f01bc7c78563356c06be3bd5d2c77956153fdf282414c6d743c0a06294c0f2eb0be4bc50dd1a81a890d7547530afda799d5168b6aa619886a88a3a693dd68d6de3b633cdb24ab6456cd64612028af52f3b510cb446ac305676f943c03897ba63a1023508830367fbfef77956b63730964b578b552a48cc44dcdcceab21ec9428716be86bab564142081b8ddabf80a669972f29385c594e41516aa00d9eeff99ce388c9d03479fcd10e44d53c4463fcf21543883326b7b39c9f2bead372d2a779da7f509ade6ff1e1864cfc5fc7bde9a8c3c92dc2693195e6a20c02b82fa1f81913801994ff7c5e"}) [ 2370.152599] FAULT_INJECTION: forcing a failure. [ 2370.152599] name failslab, interval 1, probability 0, space 0, times 0 [ 2370.152773] CPU: 0 PID: 8239 Comm: syz-executor.7 Not tainted 5.18.0-rc4-next-20220427 #1 [ 2370.152798] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2370.152812] Call Trace: [ 2370.152818] [ 2370.152826] dump_stack_lvl+0x8b/0xb3 [ 2370.152859] should_fail.cold+0x5/0xa [ 2370.152881] ? create_object.isra.0+0x3a/0xa20 [ 2370.152917] should_failslab+0x5/0x10 [ 2370.152946] kmem_cache_alloc+0x5b/0x480 [ 2370.152975] create_object.isra.0+0x3a/0xa20 [ 2370.153012] kmemleak_alloc_percpu+0xa0/0x100 [ 2370.153052] pcpu_alloc+0x7bf/0x1060 [ 2370.153095] __percpu_counter_init+0xb6/0x250 [ 2370.153129] ? __kasan_kmalloc+0x81/0xa0 [ 2370.153154] io_uring_alloc_task_context+0x118/0x5b0 [ 2370.153188] ? __io_sqe_files_unregister+0x28f/0x28f [ 2370.153217] ? lock_downgrade+0x6d0/0x6d0 [ 2370.153246] ? do_raw_spin_lock+0x121/0x260 [ 2370.153277] ? rwlock_bug.part.0+0x90/0x90 [ 2370.153315] __io_uring_add_tctx_node.cold+0x19/0x188 [ 2370.153346] ? io_eventfd_put+0x50/0x50 [ 2370.153386] io_uring_setup.cold+0x21c1/0x271c [ 2370.153424] ? io_sqe_files_register+0x230/0x230 [ 2370.153477] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2370.153516] do_syscall_64+0x3b/0x90 [ 2370.153540] entry_SYSCALL_64_after_hwframe+0x44/0xae 02:52:18 executing program 2: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300), 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) r7 = gettid() perf_event_open(0x0, r7, 0x1, 0xffffffffffffffff, 0x8) [ 2370.153569] RIP: 0033:0x7f1ab7761b19 [ 2370.153585] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2370.153605] RSP: 002b:00007f1ab4cd7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 2370.153631] RAX: ffffffffffffffda RBX: 00007f1ab7874f60 RCX: 00007f1ab7761b19 02:52:18 executing program 0: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x0) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x8) 02:52:18 executing program 1: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, 0x0) ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) [ 2370.153645] RDX: 0000000020ffd000 RSI: 0000000020000340 RDI: 0000000000005c62 [ 2370.153662] RBP: 0000000020000340 R08: 00000000200003c0 R09: 00000000200003c0 02:52:18 executing program 4: r0 = msgget$private(0x0, 0x0) msgrcv(r0, 0x0, 0x0, 0x0, 0x0) msgctl$IPC_SET(r0, 0x1, &(0x7f0000000580)={{0x1}, 0x0, 0x0, 0x200, 0xfffffffffffffffd, 0x0, 0x0, 0x2000, 0x40}) msgsnd(r0, &(0x7f0000000000)={0x2, "e3a5dfefe22148913baf96af8588f1a9e2ff97a7fb1b3cf3e0e6c35fb69dc6c0703bca990647acf962526da71e358af755c2ef86817c58"}, 0x3f, 0x0) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) connect$bt_l2cap(r1, &(0x7f0000000040)={0x1f, 0x1, @fixed}, 0xe) 02:52:18 executing program 5: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x80000) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_open_dev$vcsa(0x0, 0xdda, 0x0) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x0, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) gettid() [ 2370.153675] R10: 0000000020000200 R11: 0000000000000202 R12: 00000000200003c0 [ 2370.153687] R13: 0000000020ffd000 R14: 0000000020000200 R15: 0000000020ffc000 [ 2370.153724] 02:52:18 executing program 3: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @fixed, 0x0, 0x2}, 0xe) accept(r0, &(0x7f0000000080)=@isdn, &(0x7f0000000000)=0x80) r1 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000140), 0x111000, 0x0) setsockopt$inet6_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f0000000180)=0x1, 0xfffffffffffffd1b) 02:52:18 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000000500), &(0x7f0000000540)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x5c62, &(0x7f0000000340)={0x0, 0xb702, 0x10, 0x0, 0x3cd}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000200), &(0x7f00000003c0)) (fail_nth: 46) openat(r0, &(0x7f0000000140)='./file1\x00', 0x404000, 0x180) 02:52:18 executing program 6: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x0) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) r7 = gettid() perf_event_open(0x0, r7, 0x1, 0xffffffffffffffff, 0x8) 02:52:19 executing program 0: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(0xffffffffffffffff, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x8) 02:52:19 executing program 5: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0xf0ffff) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_open_dev$vcsa(0x0, 0xdda, 0x0) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x0, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) gettid() 02:52:19 executing program 2: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x0) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) r7 = gettid() perf_event_open(0x0, r7, 0x1, 0xffffffffffffffff, 0x8) [ 2370.389345] FAULT_INJECTION: forcing a failure. [ 2370.389345] name failslab, interval 1, probability 0, space 0, times 0 [ 2370.389368] CPU: 1 PID: 8272 Comm: syz-executor.7 Not tainted 5.18.0-rc4-next-20220427 #1 [ 2370.389381] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2370.389389] Call Trace: [ 2370.389393] [ 2370.389398] dump_stack_lvl+0x8b/0xb3 [ 2370.389418] should_fail.cold+0x5/0xa [ 2370.389430] ? create_object.isra.0+0x3a/0xa20 [ 2370.389449] should_failslab+0x5/0x10 [ 2370.389466] kmem_cache_alloc+0x5b/0x480 [ 2370.389481] create_object.isra.0+0x3a/0xa20 [ 2370.389501] kmemleak_alloc_percpu+0xa0/0x100 [ 2370.389523] pcpu_alloc+0x7bf/0x1060 [ 2370.389546] __percpu_counter_init+0xb6/0x250 [ 2370.389565] ? __kasan_kmalloc+0x81/0xa0 [ 2370.389578] io_uring_alloc_task_context+0x118/0x5b0 [ 2370.389597] ? __io_sqe_files_unregister+0x28f/0x28f [ 2370.389612] ? lock_downgrade+0x6d0/0x6d0 [ 2370.389630] ? do_raw_spin_lock+0x121/0x260 [ 2370.389647] ? rwlock_bug.part.0+0x90/0x90 [ 2370.389668] __io_uring_add_tctx_node.cold+0x19/0x188 [ 2370.389685] ? io_eventfd_put+0x50/0x50 [ 2370.389707] io_uring_setup.cold+0x21c1/0x271c [ 2370.389727] ? io_sqe_files_register+0x230/0x230 [ 2370.389755] ? syscall_enter_from_user_mode+0x1d/0x50 02:52:19 executing program 1: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, 0x0) ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) [ 2370.389776] do_syscall_64+0x3b/0x90 [ 2370.389789] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2370.389805] RIP: 0033:0x7f1ab7761b19 [ 2370.389814] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2370.389825] RSP: 002b:00007f1ab4cd7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 2370.389837] RAX: ffffffffffffffda RBX: 00007f1ab7874f60 RCX: 00007f1ab7761b19 [ 2370.389845] RDX: 0000000020ffd000 RSI: 0000000020000340 RDI: 0000000000005c62 [ 2370.389851] RBP: 0000000020000340 R08: 00000000200003c0 R09: 00000000200003c0 [ 2370.389858] R10: 0000000020000200 R11: 0000000000000202 R12: 00000000200003c0 [ 2370.389865] R13: 0000000020ffd000 R14: 0000000020000200 R15: 0000000020ffc000 [ 2370.389885] 02:52:19 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000000500), &(0x7f0000000540)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x5c62, &(0x7f0000000340)={0x0, 0xb702, 0x10, 0x0, 0x3cd}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000200), &(0x7f00000003c0)) (fail_nth: 47) openat(r0, &(0x7f0000000140)='./file1\x00', 0x404000, 0x180) [ 2370.477222] FAULT_INJECTION: forcing a failure. [ 2370.477222] name failslab, interval 1, probability 0, space 0, times 0 [ 2370.477244] CPU: 1 PID: 8287 Comm: syz-executor.7 Not tainted 5.18.0-rc4-next-20220427 #1 [ 2370.477257] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2370.477265] Call Trace: [ 2370.477268] [ 2370.477273] dump_stack_lvl+0x8b/0xb3 [ 2370.477294] should_fail.cold+0x5/0xa [ 2370.477306] ? io_uring_alloc_task_context+0x1ba/0x5b0 [ 2370.477325] should_failslab+0x5/0x10 [ 2370.477342] __kmalloc+0x72/0x440 [ 2370.477357] io_uring_alloc_task_context+0x1ba/0x5b0 [ 2370.477375] ? __io_sqe_files_unregister+0x28f/0x28f [ 2370.477391] ? lock_downgrade+0x6d0/0x6d0 [ 2370.477407] ? do_raw_spin_lock+0x121/0x260 [ 2370.477423] ? rwlock_bug.part.0+0x90/0x90 02:52:19 executing program 3: r0 = syz_io_uring_complete(0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000080)=0xc) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) connect$bt_l2cap(r1, &(0x7f0000000040)={0x1f, 0x1, @fixed, 0x0, 0x2}, 0xe) dup3(r0, r0, 0x80000) [ 2370.477444] __io_uring_add_tctx_node.cold+0x19/0x188 [ 2370.477462] ? io_eventfd_put+0x50/0x50 [ 2370.477484] io_uring_setup.cold+0x21c1/0x271c [ 2370.477506] ? io_sqe_files_register+0x230/0x230 [ 2370.477534] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2370.477557] do_syscall_64+0x3b/0x90 [ 2370.477570] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2370.477586] RIP: 0033:0x7f1ab7761b19 02:52:19 executing program 6: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) r7 = gettid() perf_event_open(0x0, r7, 0x1, 0xffffffffffffffff, 0x8) [ 2370.477598] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2370.477610] RSP: 002b:00007f1ab4cd7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 2370.477622] RAX: ffffffffffffffda RBX: 00007f1ab7874f60 RCX: 00007f1ab7761b19 02:52:19 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000000500), &(0x7f0000000540)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x5c62, &(0x7f0000000340)={0x0, 0xb702, 0x10, 0x0, 0x3cd}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000200), &(0x7f00000003c0)) (fail_nth: 48) openat(r0, &(0x7f0000000140)='./file1\x00', 0x404000, 0x180) [ 2370.477629] RDX: 0000000020ffd000 RSI: 0000000020000340 RDI: 0000000000005c62 [ 2370.477636] RBP: 0000000020000340 R08: 00000000200003c0 R09: 00000000200003c0 [ 2370.477643] R10: 0000000020000200 R11: 0000000000000202 R12: 00000000200003c0 [ 2370.477650] R13: 0000000020ffd000 R14: 0000000020000200 R15: 0000000020ffc000 [ 2370.477671] 02:52:19 executing program 0: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(0xffffffffffffffff, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x8) 02:52:19 executing program 1: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, 0x0) ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x0, &(0x7f00000001c0)=0x6, 0x4) 02:52:19 executing program 2: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x0) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) r7 = gettid() perf_event_open(0x0, r7, 0x1, 0xffffffffffffffff, 0x8) [ 2370.662168] FAULT_INJECTION: forcing a failure. [ 2370.662168] name failslab, interval 1, probability 0, space 0, times 0 [ 2370.662190] CPU: 1 PID: 8298 Comm: syz-executor.7 Not tainted 5.18.0-rc4-next-20220427 #1 [ 2370.662203] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2370.662211] Call Trace: [ 2370.662215] [ 2370.662219] dump_stack_lvl+0x8b/0xb3 [ 2370.662239] should_fail.cold+0x5/0xa [ 2370.662251] ? io_uring_alloc_task_context+0x1ba/0x5b0 [ 2370.662270] should_failslab+0x5/0x10 [ 2370.662287] __kmalloc+0x72/0x440 [ 2370.662302] io_uring_alloc_task_context+0x1ba/0x5b0 [ 2370.662321] ? __io_sqe_files_unregister+0x28f/0x28f [ 2370.662336] ? lock_downgrade+0x6d0/0x6d0 [ 2370.662353] ? do_raw_spin_lock+0x121/0x260 [ 2370.662369] ? rwlock_bug.part.0+0x90/0x90 [ 2370.662390] __io_uring_add_tctx_node.cold+0x19/0x188 [ 2370.662407] ? io_eventfd_put+0x50/0x50 [ 2370.662430] io_uring_setup.cold+0x21c1/0x271c [ 2370.662452] ? io_sqe_files_register+0x230/0x230 [ 2370.662481] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2370.662503] do_syscall_64+0x3b/0x90 [ 2370.662516] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2370.662532] RIP: 0033:0x7f1ab7761b19 [ 2370.662541] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2370.662552] RSP: 002b:00007f1ab4cd7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 2370.662564] RAX: ffffffffffffffda RBX: 00007f1ab7874f60 RCX: 00007f1ab7761b19 [ 2370.662572] RDX: 0000000020ffd000 RSI: 0000000020000340 RDI: 0000000000005c62 [ 2370.662579] RBP: 0000000020000340 R08: 00000000200003c0 R09: 00000000200003c0 [ 2370.662585] R10: 0000000020000200 R11: 0000000000000202 R12: 00000000200003c0 [ 2370.662592] R13: 0000000020ffd000 R14: 0000000020000200 R15: 0000000020ffc000 [ 2370.662613] [ 2385.879570] kmemleak: 4 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 02:52:44 executing program 4: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @fixed}, 0xe) 02:52:44 executing program 0: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(0xffffffffffffffff, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x8) 02:52:44 executing program 3: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) setsockopt$bt_l2cap_L2CAP_OPTIONS(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000000)={0x1, 0x6, 0x4, 0x8, 0x4, 0xfd, 0x8}, 0xc) r1 = memfd_secret(0x80000) close(r1) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) r3 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r3, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(r2, r3) ioctl$BTRFS_IOC_QUOTA_RESCAN_STATUS(r3, 0x8040942d, &(0x7f00000001c0)) r4 = syz_io_uring_setup(0x4585, &(0x7f0000000080)={0x0, 0xb02f, 0x2, 0x2, 0x199, 0x0, r1}, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffb000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) r5 = socket$inet6_udplite(0xa, 0x2, 0x88) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(r5, r6) ioctl$EXT4_IOC_CLEAR_ES_CACHE(r6, 0x6628) dup2(r5, r0) ioctl$BTRFS_IOC_SET_FEATURES(r4, 0x40309439, &(0x7f0000000180)={0x3, 0x2, 0x10}) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @fixed, 0x0, 0x2}, 0xe) sendmsg$inet(r2, &(0x7f0000001800)={&(0x7f0000000200)={0x2, 0x4e21, @multicast1}, 0x10, &(0x7f00000016c0)=[{&(0x7f0000000240)="74b2a1e98c80c242630b52fa77855c460867b14cea59303bdc52785aa1eab05ac685b758bbe87292879499ca8c8770334d74e79afd8305ebf0ed58827a6c8b872bf6cbf90efe271494f48091948d7543985ad9fce3c9cfb6874027718ef300c6070916760c0e4b01bceebf115335bb46816abd6e7bcd4dfd518c2ac4790f24c2767fde9a244bc4e5d91c2bf148ff6c", 0x8f}, {&(0x7f0000000300)="6f35ba6982c94aec1c05fa8274d2cca05bf150c566c43b5f44779f27971c84c42bfbf13a15cd93b1ab5d309075497d7aa1c1d5701ed4b489c0e970008ccba1f62aba7018517d72cd2afdf3581bd8e207b8531cfd56b8e0419b4da6aaea06b0b0a6e7271e563c72272b8b1810fbf4eb637c69ebeea99455c92312d41ae2efb224a0f5c7", 0x83}, {&(0x7f00000003c0)="f0f444c4a9f12dc1a76ccbd34febd30400b115f2ebe1f6783c337616c10de342087ca2e29dd0e5c400502c0b4ca2e07199070717ddf39e5c52f6028863c674092fc04981e2ace4692f86f9642b6fdd82b869ed2d7b303fc4196dbb836b0addd278952d5436c74e6af496bab0652eb0e297e7dd010d08a2abcf8d45aa46ac6ac3c4092be9bc69", 0x86}, {&(0x7f0000000480)="81cfa6a25dee3bf1ea077e3ef49d16373347b00dc7da1349d7fee66f38e9eaf93add71edd288538e971ae99fa6ff0b5c9437e1689f084dda8f305aee45c4ce40c4d757ab35aff42d366295a824bf3a456d9f3d630282518572f0899f2f85ebb6fa2ce50379a847598096f5ce17ed126f48240339799dfbee25b70ceb5ae6b5308daa2200322bb4c6ebb985952946b132ee97b23966cf07c426fb0d362b711230d34b591c2593d91616d22c01ba8da38b74c62f3126d77c2601e2d84f4882120ef4df8e092509d81482bac0073ef3edd1e1d3e3be5cabb9d531c48e182b8b0649d0c5766cdd9d65661160b9dba6fb9bdedc30b7346a19a1d0f069576e9890cda29a8654a86ec0feb7459ac07731ada640647db26f7214767b195c95713fbba5204da954be59c8960209e9521c2b7e6b54b6a9583e3acfd9e0b85b94f9c469768b3a2f5c2d2c84e2690681795a5a3ae051b0fa92c02efef9e0493c5d171df78cdaa15ef002cac7beb1c9e990b0374c0ab0e2f61e1f19463cf904ddc68544606a8d1009fa73574d5284ae0f280c772688ac5b471a3b51af9d82f1e9adddb10228b9ea41b4af8f1fb0486074a2b8203122c2d7ba73787362050141a1eb3dfdae780608ddb11ddbbb2d464913b6f231383537afe9a73ed4acf9cd594763b234ff9a599cb422cf9160ab6bea23af700fa4c83ac0e687844f1fa5e209f3fd89c06bfceb0ae87c5915dcb3a9d707474b0cf4e3c4a422e91a1d77f0be00c67d6d5c9add2d39c9a9214df5ccdf6946d7c6b103d412dbd1155f9c2b402c2f5d1f1a6b9573010f670e86ef1c66c1beba689d9b703903d1e4760897ef49ec95f03de26840c56221569df0af69f0e3e7c87b52b5342ebf22516cb7dcdd1095afb059c8992145448d53e3f0a76dd4d314ee7d6d8550bdfec4f2729a7ca428e1b409fd6dd146664d84b2f250ea45dcd4e58791d19deb47965928a5b732e0a42339e914d23d0ce81defbcbeec20bbbb85973770022a101dc02b0b172bbbd6a952fd55ff11d9e769c2e1d2e9da698973e487dfdc8df9e63189f14eed899f9825d267f85adae221d59b861902ad172936bcb436f5b81763f670b23a19a3309102b48baf5790cd1f03d8a4332b0f23f58c7279c1cdbb60496bbe001d8705cc07cbfea4f85f0352b84da5d8523df2fc0192528de838c61606745032c69b79a090ec562a1628002d6912d38a258ce4c996a78e8755676e900e802ae0d3c50f0425e4093f7d39ba0e5a547b697710c58073df197f02cd85470576fcede6921ec0814d8d2ea8e742d7fcdbf72e211f9e1f5f0e2e622d6358a7b29716471673204fe4252611439eafc92ac6e8f5492a6f7ef0916d0dc9994b1e48bcca130ddcd7335db4c0635ebcb563959d2dca267f6e780d5b5862266277376194c409fc0e3a89070b64cd34bc8d8f219f1ccba5fe7ca84fe1854609b07b0c05e4ac55f991760f1c2b785da073f3668f6afe4e6358f45e5dd74cc842a289c80256b2c24c7100bc1cc3e6b9dd7402bbfba3087322ec19667872b52253696ea71af20d8c60d68d12a2e39b468a72f83112f27f38ae1fb1555339c45e726135f5112db7f67440a95cb954a85504c2c4096d3bbaf489f51305d1054e501743ebbee36d2f4c7ed6acf0c1a00e769f1c381bbb068564fc6d813b26420c48974582b21000acdca42ab68e694ca31e9f10cb986d14b96ce50723893fc70cee8d9554e3f7eae9396101074d8f86411d6792336c638c491df7fe84440830c8afe0cc42052094621f3cc0fb13a1ef0f615f9334bd9dae1977fc4df88066dcf1eb5f055979d7b8f944715c305d4c731b6e5bdbee87f422d36914e6b231cba2c3afcea29e038450950a658e13cb08b0d5a2c7537b7131c53885ab26da892f014ac5966a6de8ec85945661ab8bb18c4ad9ad7c2e4b907cb578278f0deeb7485e98d23b42895c2883a4b9515250425708c473b6022e54f8e9d2ea2283649fe92cce6923c0220e752c3cd77b8fc21ad0cfa947af1a95a40b8946828a71d2ad82132df7af65323f8f0b394c00750e11277d6d22709873ebc5e48ad16888f34c35f8d3f9860da0d91898f58c32f50b496e4907892848a4af377354604a27817a2ca80544eaecd938e3607a30af15be0592965f719623a33fe017c2833fdbe05b22cf513dc4b73be755b3f630ea1d9cdca58ded348a0ecf843fbfad426ee1db20efb980e508a6f93644be36e145eb1a0fe58c05216c830533a0b21bbb89d40721266012fb053e8bdd05f5cf3593e6b0e29594cf7e8123fa8f8809503a55de53db931291e25ef83b5174280b72b8051d0ae2c1bb38452fa919c627d2081246b1ae1aa3d007163fcb31ababab1e5b22408163cfe6abdd267b1eb17da05ec495f63a8c86f1fdb01ec2b0961915a658178374911e59b86aa89745310f43e76cb1ca614aecdcdf83a58d84197ddbfe1212e5ada1dd4dd7bb4b160e15d38c7e8145fadc4ebd991ecd1406871c67c0d236f617421b3b1fa4602207943f68c4769d3050e5489edef6b719d5b43f8cf366adf56949a7c5eef14e8f4fa9fb0e20db370ea7dba4b27c7bcadff2c66e29f90f43762e6aa731d7e7773b135dc38edc2ddfca302240ae3be6edaf8825c703d2577c85e7a81036c1718f39fc288b1e6ccc828c6617be87802e84db9cd247814dc196853ba04eae81ecbe4c802f73489120596b36e9ada5708adbe3322e695c3137972611b95ef046985b92b0fcf7e431574436ac6f82ad947d164b0e68a345d4010a4f47828466346e2bfcae3e650f40a4b346ceccd22af095fbf304bfc8d6c9953abcf3216a0f6092e1b2fa866eeb67fe8276b2ceda6f477198de598b3b51aa080e4360caacf804493962b8121062e94a4409a49a554932cf099361979f78b5c4ecab417863b5c14f8f2a049b99c95e5cefa1429f417bbe75ffee696841f09b53d042571624ac3ba4c36f8e293ac2894336c4f05b13ac75c1d35074f6be3dbe8b439ecfc3b89f1fd20991ee693d898611335de0097862748629ca2051dc814e57e91e690ca4acbc0b3d535fdc92f5c4bca372a62b5ace948992b782c4eeaa29d70b747b1c76b2c7dd0ee017d3e08418bb0b9f47381971eb4bd6e66fb5f2c619c53ef5184204512c15a011da9771f38029df5e2ada9516489267664d23677182f9aad151b18d8e6236c4a50dcbe79adfdbdceb6a0ec53a1676d1ade4a532190ac321c2f7159dc11a259713fc0a09dbb06e9d047eed519df6b467fb134f2b26084262c87d36b8af019c77a1d893a6e3602175b60d8c643f9444f51daf1e1874c8706fd44fe37d8f537ac016fd7f3bcd6f1c99ca1fa6d3beca08b9caf6aa91fa95c03a4e070c963350d5e4dbe5b45f82b45cbc948417619796d7ebdf452df531f034069ca688cf6753c21679731c5ffd5d866590fa0ebe202786ea2f1acd058c050732d1dd4d5c31b60bc5a6154552cbd809a13c96bbcbb198b48c9606dfd6b2dc9440f347576edbe37b85d30efad45f929c52a50cd7c98480b1f13de32118beb516af1bfe7989160207dfe796c16bf991db64e1bafe56fe193d1af6d3762718d27601eea4c9fe0cd2710882a9db8963704ffacd327ac3323e3170a57ba050ddddbabee4870353850c21b11639785f6bcbbc8931945060a944fd907c60a06a6f799add69d8779bc4d276f7efa41d0a80734ae721a32952c400eb5819a238d1e6d67e60f995cb9ed707036b72dc070d7a45d9c9dfe85d55c9035a684673842c1447a007fe0de7cc23e62601f07adff6548ddfd5483ce8038edc52b180e1b50dfa502dc8bda71fbafac5ebf5785954908fd03bcc232cf0fad1f38a5c3a9cd38311571ba871ff4f5beb83a2467a0043695cc30ff121fdc0bae2620c46a524eb7c23b77cbbbcb1b183858fbe05511a7517dd7b5889564658481da095be61ac856b95d19d4fdffd30b11edc271e31cab3fb3fd4de164826be3aea57a95777379ca2a329ae44120f36ccef48df424a3ded94d007bd19e9bf1c199c177388ff39a1eae165758ddbe222dfc3df09a29d47473b4a4b558648779eb2b23ba323dc95d6371444940ddf3641ea6dea97fe5524ab1482547382dfe6e669958c6eff7ec2082d15bda8a14715a10c57667afb41da19688d35bd57158b72266168db43b10e9354bfc5fcb4242cb97756089d68aeff1d837d17eaf8e8637add85027fb5ec23ea4f254f0a8ad42fc3244ba7d86541eefc56386d13b02c8961e6f1c26e818ca8f6755991caac98a9cc270da47885bac284e8d9a91d0db5ca6fd1ab0c79ee1f1f20021ce4ad2a66a4a38afe29653bd4a7ff50439e72d9e69ac9e24ad268be2411a066d7d415d15ea0959a1d65dc7c66720cfc34407b5350e9d8ba4ca0391d266c56ac49e7b6d8176248321ca3f65a1fc0a49a7cbdc95648d93921f800f90076146f600dc04c432a1175aa84244425cdb71f3aa7643e613f59f973299f5a3d7af57588f13c125709e23a6c76b63e8439f72174f8d246d93697754a5154f6f65ce14589e1281327308d2737f9d75fcae7ce1914c709ad1e584e7f7d784161b60ae7d10359fb78e38eb40252e5896ef191f4306595fe18e97331858c27a5101ed8c61b109ed97512bd135684cd17c45efc6b9e4a02396713e880ad5b046056f8676fd07f390772dab4d58569979602f24874afafd258b1d057579e747d8885a0d8a82b10a75f46e4d836f5b466ec18e3be687afd2ae7c636cf1e5a78fc2aab82a052ef2fb3b1fb3705016d5d4a0ba58a379c833327a2710d1f70aa66d2b2625807a42b3a6b190da854798b57fd1f1f2bca290faf35ecd7956ae94c5f022e7cbc5d6a5ac26356a850707526e9bb08e1a57a68894590ae56fb1725fcd683e93f3dbedae203d96e6021bc5876382a5af7943ea41d8fd437ae5c9ece3fd9729cfb3b5fbe052d585b168c549939ed670f40b6dbb6fb5358cc7d57ca741e97df5388edb49a2245223ea05ffe143ddcf2a2a151f9f22ea8465b318b9d2f3ab7eca85b756d8fbf5e0fffee8c3fa1f80364a1c804f885f24d9623ff5a3e2fb20a6c174cee1533c4d4fedce285001a7be91c56eec78ed4ff637ebb0f736d3a1de776d56da58bb4ddd38ef5935fe09c46681d75b06545253bc8d9d0beb10274d3196ac4f9c5a9579e9f18d5cdd7b1c2fba89038ee360006f56fd8def3f3431d5bd52a66dd443c6a90e7844abd3535ff836ac5deaae32e6a668f03deaaf93a4930728af4250811d114d32d46866e5e5f5818797a445ffd63745ec0a2c5a8fbf67a6e39245a6da8ad052b50217bd96d1479c4feb6c2c9f37ff8ad9196bd56e64e0c628cc24dbbac503eec906a24873a04e1944e1ed8c1e5d50e1b186918d6f6745f8f31e998fe333e7c10d059826118c466338f4b72424486a48767bc1d46dabe1f7044c557d3ebc9894b490f078d0f40819794db09dee345985ad316c655b685a7a38f2c74c78da9e59d3df4cdcc86c4beeaff3a336a102afee00df5087be08df74ac8736e17d415a474cf4bab728687de6baf6cb64139580670f7c9a5242e5037793015d8c6df2b179dce1fc2cc2a39d1c2c243499bacb767bbce4a818d539077809470614b351d991940fe16affba8a77a7d2f7f5da495043c769e54a6de08c62bcbdbd24b04299de078cd4b1922864e778e584f2597b85d3a1727b6e5c2ba747bf27a7220334e415b043ae72ecc0c37c86b6e67c8233696ce9ae6663bad36da647d8e5b969cc7d8e789788bd42f6dac8aea287ed7a250cd50477f", 0x1000}, {&(0x7f0000001480)="589ed9d08b87d20049b4fce27e4972e013ab8780857c3389e71de118c667d2022dd861eb1cc8bd78058bbb987476c5", 0x2f}, {&(0x7f00000014c0)="9a45317d6eb9bb512bf96e7f6bfcc07caa925aafa1fad0880edffb81481dd9915beb9177669dc7633b98cfa6e9a139924b82fc5bcb74fe2d054dda4fa53eaa3953cf1fdc679bde8f9659de9230064721489730e8d5508a8af6b062aa622999f894", 0x61}, {&(0x7f0000001540)="a67170e673eafeaf1824cfc1113e77f529b542341c1143760568dab15664b912d252f99976bf6cc18f377e5c78de6b9c8c8f28a0e184d55cece5452439599d5ea18a99dd453aaf332177fc7fc1bd917679993809c3152154c49b064f54dfc2ed59f91126998a4e2186cbaadce5ae45962785a87b1d71c2582336a81c9c8f92547b51f9f74692a0d52fc0ed76384ace402883c8d3ad4b3d4ea1d6e3c1267fc4deae928620a325b04b6d39ca839383dd2fb0ac35cc22857ccf972f63f40cf6059df4289e57f0cbfd425c063d4ad621436463302613ac", 0xd5}, {&(0x7f0000001640)="b52a23d126268cda3e110d58011b1330062be54dc87f44e66910817ccc8a27ab19f5c4322082cb9af9ff4f6a98ebb8dd8af021e4c008645caabc15e5b6be9671369f033a717df5b92f82bbb32ce6b767a555a053e26c3d80f1fe6a97", 0x5c}], 0x8, &(0x7f0000001740)=[@ip_tos_int={{0x14}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x3}}, @ip_tos_int={{0x14, 0x0, 0x1, 0xab}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x4}}, @ip_tos_int={{0x14}}, @ip_ttl={{0x14, 0x0, 0x2, 0x2}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}}}], 0xb0}, 0x0) 02:52:44 executing program 5: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x1000000) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_open_dev$vcsa(0x0, 0xdda, 0x0) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x0, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) gettid() 02:52:44 executing program 1: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, 0x0) ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x0, &(0x7f00000001c0)=0x6, 0x4) 02:52:44 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000000500), &(0x7f0000000540)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x5c62, &(0x7f0000000340)={0x0, 0xb702, 0x10, 0x0, 0x3cd}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000200), &(0x7f00000003c0)) (fail_nth: 49) openat(r0, &(0x7f0000000140)='./file1\x00', 0x404000, 0x180) 02:52:44 executing program 6: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) r7 = gettid() perf_event_open(0x0, r7, 0x1, 0xffffffffffffffff, 0x8) 02:52:44 executing program 2: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) connect$bt_l2cap(0xffffffffffffffff, &(0x7f00000000c0)={0x1f, 0x0, @any, 0x7, 0x2}, 0xe) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x6a8, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}}, 0xe) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @fixed, 0x40, 0x2}, 0xe) setsockopt$bt_l2cap_L2CAP_OPTIONS(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000080)={0x46, 0xe5, 0x1, 0x20, 0x0, 0x9, 0x7}, 0xc) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0) write$binfmt_aout(r1, &(0x7f0000000c40)=ANY=[], 0x820) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x7fffffff) setsockopt$bt_BT_SECURITY(r2, 0x112, 0x4, &(0x7f00000001c0)={0x1}, 0x2) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) r4 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$inet6_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000180)=0x1, 0x4) ioctl$int_in(r3, 0x5452, &(0x7f0000000140)=0x100000001) r5 = dup2(r3, r4) sendmsg$NL80211_CMD_GET_INTERFACE(r5, &(0x7f0000000400)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x20, 0x0, 0x8, 0x70bd2c, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0xffffffff, 0x4e}}}}, ["", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x4001000}, 0x1) fsconfig$FSCONFIG_SET_FD(0xffffffffffffffff, 0x5, &(0x7f0000000100)='\x00', 0x0, r3) writev(r0, &(0x7f0000000300)=[{&(0x7f0000000200)="9f290ea6b2815194e6516a65b7c685f52f9203ac7731f81da0fbc8bf73f2a403d798468fe01490e82a4d9d77991d8e8a76eb4eea6ad0fb0da657266e34a4fa24230e4f6a1e4f900c618a46748775b0a83e366504bb63ee0a1ae7f6e59fb3138717776a80d9eefce67b45615f5957ce20a9c4faf9b6e98cc12f54d647e7b9d5809774791f10551bf7386de95f1e3589e978f9865000e0f4011f610be7c14e2aa69b1250b0301241d26f7d5e9f3798f87c8c384951810d1a639dbb3e8d2d72965141294764290d94610f47f6e2a8", 0xcd}], 0x1) [ 2396.109492] FAULT_INJECTION: forcing a failure. [ 2396.109492] name failslab, interval 1, probability 0, space 0, times 0 [ 2396.109523] CPU: 1 PID: 8318 Comm: syz-executor.7 Not tainted 5.18.0-rc4-next-20220427 #1 [ 2396.109546] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2396.109560] Call Trace: [ 2396.109565] [ 2396.109573] dump_stack_lvl+0x8b/0xb3 [ 2396.109609] should_fail.cold+0x5/0xa [ 2396.109632] ? io_wq_create+0xe4/0xd40 [ 2396.109671] should_failslab+0x5/0x10 [ 2396.109701] __kmalloc+0x72/0x440 [ 2396.109727] io_wq_create+0xe4/0xd40 [ 2396.109770] io_uring_alloc_task_context+0x324/0x5b0 [ 2396.109804] ? __io_sqe_files_unregister+0x28f/0x28f [ 2396.109835] ? __ia32_sys_io_uring_enter+0x1b0/0x1b0 [ 2396.109864] ? __io_arm_ltimeout+0x270/0x270 [ 2396.109893] ? rwlock_bug.part.0+0x90/0x90 [ 2396.109932] __io_uring_add_tctx_node.cold+0x19/0x188 [ 2396.109964] ? io_eventfd_put+0x50/0x50 [ 2396.110002] io_uring_setup.cold+0x21c1/0x271c [ 2396.110041] ? io_sqe_files_register+0x230/0x230 [ 2396.110092] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2396.110133] do_syscall_64+0x3b/0x90 [ 2396.110157] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2396.110186] RIP: 0033:0x7f1ab7761b19 [ 2396.110202] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2396.110221] RSP: 002b:00007f1ab4cd7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 2396.110242] RAX: ffffffffffffffda RBX: 00007f1ab7874f60 RCX: 00007f1ab7761b19 02:52:44 executing program 1: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, 0x0) ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x0, &(0x7f00000001c0)=0x6, 0x4) [ 2396.110256] RDX: 0000000020ffd000 RSI: 0000000020000340 RDI: 0000000000005c62 02:52:44 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000000500), &(0x7f0000000540)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x5c62, &(0x7f0000000340)={0x0, 0xb702, 0x10, 0x0, 0x3cd}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000200), &(0x7f00000003c0)) (fail_nth: 50) openat(r0, &(0x7f0000000140)='./file1\x00', 0x404000, 0x180) [ 2396.110269] RBP: 0000000020000340 R08: 00000000200003c0 R09: 00000000200003c0 [ 2396.110282] R10: 0000000020000200 R11: 0000000000000202 R12: 00000000200003c0 [ 2396.110295] R13: 0000000020ffd000 R14: 0000000020000200 R15: 0000000020ffc000 [ 2396.110331] 02:52:44 executing program 2: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) connect$bt_l2cap(0xffffffffffffffff, &(0x7f00000000c0)={0x1f, 0x0, @any, 0x7, 0x2}, 0xe) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x6a8, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}}, 0xe) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @fixed, 0x40, 0x2}, 0xe) setsockopt$bt_l2cap_L2CAP_OPTIONS(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000080)={0x46, 0xe5, 0x1, 0x20, 0x0, 0x9, 0x7}, 0xc) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0) write$binfmt_aout(r1, &(0x7f0000000c40)=ANY=[], 0x820) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x7fffffff) setsockopt$bt_BT_SECURITY(r2, 0x112, 0x4, &(0x7f00000001c0)={0x1}, 0x2) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) r4 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$inet6_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000180)=0x1, 0x4) ioctl$int_in(r3, 0x5452, &(0x7f0000000140)=0x100000001) r5 = dup2(r3, r4) sendmsg$NL80211_CMD_GET_INTERFACE(r5, &(0x7f0000000400)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x20, 0x0, 0x8, 0x70bd2c, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0xffffffff, 0x4e}}}}, ["", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x4001000}, 0x1) fsconfig$FSCONFIG_SET_FD(0xffffffffffffffff, 0x5, &(0x7f0000000100)='\x00', 0x0, r3) writev(r0, &(0x7f0000000300)=[{&(0x7f0000000200)="9f290ea6b2815194e6516a65b7c685f52f9203ac7731f81da0fbc8bf73f2a403d798468fe01490e82a4d9d77991d8e8a76eb4eea6ad0fb0da657266e34a4fa24230e4f6a1e4f900c618a46748775b0a83e366504bb63ee0a1ae7f6e59fb3138717776a80d9eefce67b45615f5957ce20a9c4faf9b6e98cc12f54d647e7b9d5809774791f10551bf7386de95f1e3589e978f9865000e0f4011f610be7c14e2aa69b1250b0301241d26f7d5e9f3798f87c8c384951810d1a639dbb3e8d2d72965141294764290d94610f47f6e2a8", 0xcd}], 0x1) 02:52:44 executing program 5: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x2000000) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_open_dev$vcsa(0x0, 0xdda, 0x0) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x0, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) gettid() 02:52:44 executing program 6: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) r7 = gettid() perf_event_open(0x0, r7, 0x1, 0xffffffffffffffff, 0x8) [ 2396.322408] FAULT_INJECTION: forcing a failure. [ 2396.322408] name failslab, interval 1, probability 0, space 0, times 0 [ 2396.322448] CPU: 0 PID: 8332 Comm: syz-executor.7 Not tainted 5.18.0-rc4-next-20220427 #1 [ 2396.322477] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2396.322498] Call Trace: [ 2396.322504] [ 2396.322514] dump_stack_lvl+0x8b/0xb3 [ 2396.322551] should_fail.cold+0x5/0xa [ 2396.322578] ? create_object.isra.0+0x3a/0xa20 [ 2396.322621] should_failslab+0x5/0x10 [ 2396.322654] kmem_cache_alloc+0x5b/0x480 [ 2396.322684] create_object.isra.0+0x3a/0xa20 [ 2396.322717] ? kasan_unpoison+0x23/0x50 [ 2396.322759] __kmalloc+0x25b/0x440 [ 2396.322788] io_wq_create+0xe4/0xd40 [ 2396.322841] io_uring_alloc_task_context+0x324/0x5b0 [ 2396.322879] ? __io_sqe_files_unregister+0x28f/0x28f [ 2396.322915] ? __ia32_sys_io_uring_enter+0x1b0/0x1b0 [ 2396.322956] ? __io_arm_ltimeout+0x270/0x270 [ 2396.322989] ? rwlock_bug.part.0+0x90/0x90 [ 2396.323036] __io_uring_add_tctx_node.cold+0x19/0x188 [ 2396.323070] ? io_eventfd_put+0x50/0x50 [ 2396.323116] io_uring_setup.cold+0x21c1/0x271c [ 2396.323169] ? io_sqe_files_register+0x230/0x230 [ 2396.323231] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2396.323282] do_syscall_64+0x3b/0x90 [ 2396.323313] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2396.323348] RIP: 0033:0x7f1ab7761b19 [ 2396.323368] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2396.323394] RSP: 002b:00007f1ab4cd7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 2396.323418] RAX: ffffffffffffffda RBX: 00007f1ab7874f60 RCX: 00007f1ab7761b19 [ 2396.323435] RDX: 0000000020ffd000 RSI: 0000000020000340 RDI: 0000000000005c62 [ 2396.323453] RBP: 0000000020000340 R08: 00000000200003c0 R09: 00000000200003c0 [ 2396.323474] R10: 0000000020000200 R11: 0000000000000202 R12: 00000000200003c0 [ 2396.323492] R13: 0000000020ffd000 R14: 0000000020000200 R15: 0000000020ffc000 [ 2396.323542] [ 2412.303516] kmemleak: 4 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 02:53:11 executing program 4: r0 = syz_open_dev$vcsn(&(0x7f0000000200), 0x1, 0x400) ioctl$AUTOFS_DEV_IOCTL_READY(r0, 0xc0189376, &(0x7f0000000100)=ANY=[@ANYBLOB="010000000100f1c718000000", @ANYRES32=r0, @ANYBLOB="05000000000000002e2f66696c653000"]) syz_genetlink_get_family_id$tipc2(&(0x7f0000000180), r1) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) connect$bt_l2cap(r2, &(0x7f0000000040)={0x1f, 0x1, @fixed}, 0xe) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) connect(r3, &(0x7f0000000080)=@ieee802154={0x24, @none={0x0, 0x1}}, 0x80) ioctl$FIBMAP(0xffffffffffffffff, 0x1, &(0x7f0000000140)=0x36) 02:53:11 executing program 0: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, 0x0, 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x8) 02:53:11 executing program 2: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) connect$bt_l2cap(0xffffffffffffffff, &(0x7f00000000c0)={0x1f, 0x0, @any, 0x7, 0x2}, 0xe) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x6a8, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}}, 0xe) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @fixed, 0x40, 0x2}, 0xe) setsockopt$bt_l2cap_L2CAP_OPTIONS(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000080)={0x46, 0xe5, 0x1, 0x20, 0x0, 0x9, 0x7}, 0xc) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0) write$binfmt_aout(r1, &(0x7f0000000c40)=ANY=[], 0x820) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x7fffffff) setsockopt$bt_BT_SECURITY(r2, 0x112, 0x4, &(0x7f00000001c0)={0x1}, 0x2) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) r4 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$inet6_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000180)=0x1, 0x4) ioctl$int_in(r3, 0x5452, &(0x7f0000000140)=0x100000001) r5 = dup2(r3, r4) sendmsg$NL80211_CMD_GET_INTERFACE(r5, &(0x7f0000000400)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x20, 0x0, 0x8, 0x70bd2c, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0xffffffff, 0x4e}}}}, ["", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x4001000}, 0x1) fsconfig$FSCONFIG_SET_FD(0xffffffffffffffff, 0x5, &(0x7f0000000100)='\x00', 0x0, r3) writev(r0, &(0x7f0000000300)=[{&(0x7f0000000200)="9f290ea6b2815194e6516a65b7c685f52f9203ac7731f81da0fbc8bf73f2a403d798468fe01490e82a4d9d77991d8e8a76eb4eea6ad0fb0da657266e34a4fa24230e4f6a1e4f900c618a46748775b0a83e366504bb63ee0a1ae7f6e59fb3138717776a80d9eefce67b45615f5957ce20a9c4faf9b6e98cc12f54d647e7b9d5809774791f10551bf7386de95f1e3589e978f9865000e0f4011f610be7c14e2aa69b1250b0301241d26f7d5e9f3798f87c8c384951810d1a639dbb3e8d2d72965141294764290d94610f47f6e2a8", 0xcd}], 0x1) 02:53:11 executing program 5: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x3000000) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_open_dev$vcsa(0x0, 0xdda, 0x0) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x0, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) gettid() 02:53:11 executing program 3: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @fixed, 0x0, 0x2}, 0xe) io_uring_enter(0xffffffffffffffff, 0x61a4, 0x8199, 0x3, &(0x7f0000000000)={[0x269]}, 0x8) 02:53:11 executing program 1: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, 0x0) ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x3f, 0x0, 0x0) 02:53:11 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000000500), &(0x7f0000000540)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x5c62, &(0x7f0000000340)={0x0, 0xb702, 0x10, 0x0, 0x3cd}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000200), &(0x7f00000003c0)) (fail_nth: 51) openat(r0, &(0x7f0000000140)='./file1\x00', 0x404000, 0x180) 02:53:11 executing program 6: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x0) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) r7 = gettid() perf_event_open(0x0, r7, 0x1, 0xffffffffffffffff, 0x8) [ 2422.513134] FAULT_INJECTION: forcing a failure. [ 2422.513134] name failslab, interval 1, probability 0, space 0, times 0 [ 2422.513157] CPU: 0 PID: 8348 Comm: syz-executor.7 Not tainted 5.18.0-rc4-next-20220427 #1 [ 2422.513172] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2422.513181] Call Trace: [ 2422.513185] [ 2422.513190] dump_stack_lvl+0x8b/0xb3 [ 2422.513211] should_fail.cold+0x5/0xa [ 2422.513227] ? io_wq_create+0x3e2/0xd40 [ 2422.513247] should_failslab+0x5/0x10 [ 2422.513266] kmem_cache_alloc_node_trace+0x59/0x3f0 [ 2422.513285] io_wq_create+0x3e2/0xd40 [ 2422.513312] io_uring_alloc_task_context+0x324/0x5b0 [ 2422.513333] ? __io_sqe_files_unregister+0x28f/0x28f [ 2422.513352] ? __ia32_sys_io_uring_enter+0x1b0/0x1b0 [ 2422.513370] ? __io_arm_ltimeout+0x270/0x270 [ 2422.513388] ? rwlock_bug.part.0+0x90/0x90 [ 2422.513413] __io_uring_add_tctx_node.cold+0x19/0x188 [ 2422.513432] ? io_eventfd_put+0x50/0x50 [ 2422.513456] io_uring_setup.cold+0x21c1/0x271c [ 2422.513480] ? io_sqe_files_register+0x230/0x230 [ 2422.513512] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2422.513538] do_syscall_64+0x3b/0x90 [ 2422.513553] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2422.513571] RIP: 0033:0x7f1ab7761b19 [ 2422.513582] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2422.513599] RSP: 002b:00007f1ab4cd7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 2422.513612] RAX: ffffffffffffffda RBX: 00007f1ab7874f60 RCX: 00007f1ab7761b19 [ 2422.513621] RDX: 0000000020ffd000 RSI: 0000000020000340 RDI: 0000000000005c62 [ 2422.513629] RBP: 0000000020000340 R08: 00000000200003c0 R09: 00000000200003c0 [ 2422.513637] R10: 0000000020000200 R11: 0000000000000202 R12: 00000000200003c0 [ 2422.513645] R13: 0000000020ffd000 R14: 0000000020000200 R15: 0000000020ffc000 [ 2422.513671] 02:53:11 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000000500), &(0x7f0000000540)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x5c62, &(0x7f0000000340)={0x0, 0xb702, 0x10, 0x0, 0x3cd}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000200), &(0x7f00000003c0)) (fail_nth: 52) openat(r0, &(0x7f0000000140)='./file1\x00', 0x404000, 0x180) 02:53:11 executing program 3: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @fixed, 0x0, 0x2}, 0xe) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x8, @none, 0x1000, 0x2}, 0xe) 02:53:11 executing program 6: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x0) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) r7 = gettid() perf_event_open(0x0, r7, 0x1, 0xffffffffffffffff, 0x8) 02:53:11 executing program 1: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, 0x0) ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x3f, 0x0, 0x0) [ 2422.674180] FAULT_INJECTION: forcing a failure. [ 2422.674180] name failslab, interval 1, probability 0, space 0, times 0 [ 2422.674243] CPU: 1 PID: 8369 Comm: syz-executor.7 Not tainted 5.18.0-rc4-next-20220427 #1 [ 2422.674267] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2422.674281] Call Trace: [ 2422.674287] [ 2422.674295] dump_stack_lvl+0x8b/0xb3 [ 2422.674327] should_fail.cold+0x5/0xa [ 2422.674350] ? create_object.isra.0+0x3a/0xa20 [ 2422.674386] should_failslab+0x5/0x10 [ 2422.674415] kmem_cache_alloc+0x5b/0x480 [ 2422.674445] create_object.isra.0+0x3a/0xa20 [ 2422.674473] ? kasan_unpoison+0x23/0x50 [ 2422.674506] kmem_cache_alloc_node_trace+0x256/0x3f0 [ 2422.674537] io_wq_create+0x3e2/0xd40 [ 2422.674581] io_uring_alloc_task_context+0x324/0x5b0 [ 2422.674620] ? __io_sqe_files_unregister+0x28f/0x28f [ 2422.674651] ? __ia32_sys_io_uring_enter+0x1b0/0x1b0 [ 2422.674681] ? __io_arm_ltimeout+0x270/0x270 [ 2422.674709] ? rwlock_bug.part.0+0x90/0x90 [ 2422.674749] __io_uring_add_tctx_node.cold+0x19/0x188 [ 2422.674781] ? io_eventfd_put+0x50/0x50 [ 2422.674820] io_uring_setup.cold+0x21c1/0x271c [ 2422.674859] ? io_sqe_files_register+0x230/0x230 [ 2422.674911] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2422.674952] do_syscall_64+0x3b/0x90 [ 2422.674976] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2422.675005] RIP: 0033:0x7f1ab7761b19 [ 2422.675021] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2422.675041] RSP: 002b:00007f1ab4cd7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 2422.675063] RAX: ffffffffffffffda RBX: 00007f1ab7874f60 RCX: 00007f1ab7761b19 [ 2422.675077] RDX: 0000000020ffd000 RSI: 0000000020000340 RDI: 0000000000005c62 [ 2422.675090] RBP: 0000000020000340 R08: 00000000200003c0 R09: 00000000200003c0 [ 2422.675103] R10: 0000000020000200 R11: 0000000000000202 R12: 00000000200003c0 [ 2422.675116] R13: 0000000020ffd000 R14: 0000000020000200 R15: 0000000020ffc000 [ 2422.675153] [ 2438.707614] kmemleak: 12 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 02:53:36 executing program 5: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x4000000) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_open_dev$vcsa(0x0, 0xdda, 0x0) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x0, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) gettid() 02:53:36 executing program 4: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0) write$binfmt_aout(r1, &(0x7f0000000c40)=ANY=[], 0x820) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x7fffffff) bind$bt_l2cap(r1, &(0x7f0000000080)={0x1f, 0x7, @any, 0x100}, 0xe) connect$bt_l2cap(r2, &(0x7f0000000040)={0x1f, 0x100, @fixed, 0x6, 0x2}, 0xe) ioctl$FICLONE(r0, 0x40049409, r0) write$rfkill(0xffffffffffffffff, &(0x7f00000000c0)={0x2, 0x9, 0x0, 0x1}, 0x8) 02:53:36 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000000500), &(0x7f0000000540)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x5c62, &(0x7f0000000340)={0x0, 0xb702, 0x10, 0x0, 0x3cd}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000200), &(0x7f00000003c0)) (fail_nth: 53) openat(r0, &(0x7f0000000140)='./file1\x00', 0x404000, 0x180) 02:53:36 executing program 3: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @fixed, 0x0, 0x2}, 0xe) ioctl$FS_IOC_GETFSLABEL(r0, 0x81009431, &(0x7f0000000140)) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0) write$binfmt_aout(r1, &(0x7f0000000c40)=ANY=[], 0x820) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x7fffffff) connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x20, @none, 0x7fff}, 0xe) 02:53:36 executing program 2: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) connect$bt_l2cap(0xffffffffffffffff, &(0x7f00000000c0)={0x1f, 0x0, @any, 0x7, 0x2}, 0xe) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x6a8, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}}, 0xe) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @fixed, 0x40, 0x2}, 0xe) setsockopt$bt_l2cap_L2CAP_OPTIONS(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000080)={0x46, 0xe5, 0x1, 0x20, 0x0, 0x9, 0x7}, 0xc) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0) write$binfmt_aout(r1, &(0x7f0000000c40)=ANY=[], 0x820) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x7fffffff) setsockopt$bt_BT_SECURITY(r2, 0x112, 0x4, &(0x7f00000001c0)={0x1}, 0x2) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) r4 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$inet6_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000180)=0x1, 0x4) ioctl$int_in(r3, 0x5452, &(0x7f0000000140)=0x100000001) r5 = dup2(r3, r4) sendmsg$NL80211_CMD_GET_INTERFACE(r5, &(0x7f0000000400)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x20, 0x0, 0x8, 0x70bd2c, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0xffffffff, 0x4e}}}}, ["", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x4001000}, 0x1) fsconfig$FSCONFIG_SET_FD(0xffffffffffffffff, 0x5, &(0x7f0000000100)='\x00', 0x0, r3) 02:53:36 executing program 0: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, 0x0, 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x8) 02:53:36 executing program 6: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x0) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) r7 = gettid() perf_event_open(0x0, r7, 0x1, 0xffffffffffffffff, 0x8) 02:53:36 executing program 1: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, 0x0) ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x3f, 0x0, 0x0) 02:53:36 executing program 5: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x18000000) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_open_dev$vcsa(0x0, 0xdda, 0x0) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x0, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) gettid() [ 2447.588932] FAULT_INJECTION: forcing a failure. [ 2447.588932] name failslab, interval 1, probability 0, space 0, times 0 [ 2447.588967] CPU: 0 PID: 8393 Comm: syz-executor.7 Not tainted 5.18.0-rc4-next-20220427 #1 [ 2447.588993] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2447.589007] Call Trace: [ 2447.589013] [ 2447.589021] dump_stack_lvl+0x8b/0xb3 [ 2447.589054] should_fail.cold+0x5/0xa [ 2447.589077] ? __io_uring_add_tctx_node+0x15f/0x390 [ 2447.589109] should_failslab+0x5/0x10 [ 2447.589140] kmem_cache_alloc_trace+0x55/0x3c0 [ 2447.589176] __io_uring_add_tctx_node+0x15f/0x390 [ 2447.589206] ? io_eventfd_put+0x50/0x50 [ 2447.589247] io_uring_setup.cold+0x21c1/0x271c [ 2447.589289] ? io_sqe_files_register+0x230/0x230 [ 2447.589345] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2447.589389] do_syscall_64+0x3b/0x90 [ 2447.589415] entry_SYSCALL_64_after_hwframe+0x44/0xae 02:53:36 executing program 0: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, 0x0, 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x8) 02:53:36 executing program 2: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) connect$bt_l2cap(0xffffffffffffffff, &(0x7f00000000c0)={0x1f, 0x0, @any, 0x7, 0x2}, 0xe) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x6a8, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}}, 0xe) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @fixed, 0x40, 0x2}, 0xe) setsockopt$bt_l2cap_L2CAP_OPTIONS(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000080)={0x46, 0xe5, 0x1, 0x20, 0x0, 0x9, 0x7}, 0xc) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0) write$binfmt_aout(r1, &(0x7f0000000c40)=ANY=[], 0x820) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x7fffffff) setsockopt$bt_BT_SECURITY(r2, 0x112, 0x4, &(0x7f00000001c0)={0x1}, 0x2) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) r4 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$inet6_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000180)=0x1, 0x4) ioctl$int_in(r3, 0x5452, &(0x7f0000000140)=0x100000001) r5 = dup2(r3, r4) sendmsg$NL80211_CMD_GET_INTERFACE(r5, &(0x7f0000000400)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x20, 0x0, 0x8, 0x70bd2c, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0xffffffff, 0x4e}}}}, ["", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x4001000}, 0x1) [ 2447.589446] RIP: 0033:0x7f1ab7761b19 [ 2447.589463] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2447.589484] RSP: 002b:00007f1ab4cd7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 02:53:36 executing program 5: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0xf6ffffff) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_open_dev$vcsa(0x0, 0xdda, 0x0) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x0, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) gettid() [ 2447.589507] RAX: ffffffffffffffda RBX: 00007f1ab7874f60 RCX: 00007f1ab7761b19 [ 2447.589522] RDX: 0000000020ffd000 RSI: 0000000020000340 RDI: 0000000000005c62 [ 2447.589536] RBP: 0000000020000340 R08: 00000000200003c0 R09: 00000000200003c0 [ 2447.589549] R10: 0000000020000200 R11: 0000000000000202 R12: 00000000200003c0 [ 2447.589563] R13: 0000000020ffd000 R14: 0000000020000200 R15: 0000000020ffc000 [ 2447.589602] 02:53:36 executing program 6: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(0xffffffffffffffff, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) r7 = gettid() perf_event_open(0x0, r7, 0x1, 0xffffffffffffffff, 0x8) 02:53:36 executing program 4: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) r1 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140)) io_uring_enter(r1, 0x1, 0x0, 0x0, 0x0, 0x0) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) r3 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r3, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(r2, r3) r4 = syz_open_pts(0xffffffffffffffff, 0x400000) r5 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000000), 0x200081, 0x0) recvmmsg(r0, &(0x7f0000002dc0)=[{{&(0x7f0000000080)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, 0x80, &(0x7f00000012c0)=[{&(0x7f0000000100)=""/135, 0x87}, {&(0x7f00000001c0)=""/200, 0xc8}, {&(0x7f00000002c0)=""/4096, 0x1000}], 0x3, &(0x7f0000001300)=""/192, 0xc0}, 0x4}, {{&(0x7f00000013c0)=@isdn, 0x80, &(0x7f0000001780)=[{&(0x7f0000001440)=""/179, 0xb3}, {&(0x7f0000001500)=""/152, 0x98}, {&(0x7f00000015c0)=""/135, 0x87}, {&(0x7f0000001680)=""/69, 0x45}, {&(0x7f0000001700)=""/72, 0x48}], 0x5}, 0x6}, {{&(0x7f0000001800)=@isdn, 0x80, &(0x7f0000002ac0)=[{&(0x7f0000001880)=""/121, 0x79}, {&(0x7f0000001900)=""/183, 0xb7}, {&(0x7f00000019c0)=""/238, 0xee}, {&(0x7f0000001ac0)=""/4096, 0x1000}], 0x4, &(0x7f0000002b00)=""/87, 0x57}, 0xfff}, {{&(0x7f0000002b80)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @private}}}, 0x80, &(0x7f0000002c80)=[{&(0x7f0000002c00)=""/84, 0x54}], 0x1, &(0x7f0000002cc0)=""/247, 0xf7}, 0xfffffffd}], 0x4, 0x2, 0x0) io_uring_register$IORING_REGISTER_FILES_UPDATE(r1, 0x6, &(0x7f0000002f00)={0x7, 0x0, &(0x7f0000002ec0)=[r0, r2, r4, r5, r6, r0]}, 0x6) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @fixed}, 0xe) [ 2461.683704] kmemleak: 4 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 02:53:57 executing program 4: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = socket(0x11, 0x1, 0x2f) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) r5 = socket$nl_audit(0x10, 0x3, 0x9) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000340)={'sit0\x00', 0x0}) sendmsg$ETHTOOL_MSG_RINGS_SET(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)={0x20, r4, 0x1, 0x0, 0x0, {0x6}, [@ETHTOOL_A_RINGS_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}]}]}, 0x20}}, 0x0) setsockopt$inet6_mreq(r2, 0x29, 0x1c, &(0x7f0000000040)={@mcast1, r6}, 0x14) r7 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r7, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(r1, r7) signalfd4(r7, &(0x7f0000000000)={[0x9]}, 0x8, 0x32d9219e3ada926e) connect$bt_l2cap(r0, &(0x7f0000000080)={0x1f, 0x5, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x40}, 0xe) 02:53:57 executing program 6: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(0xffffffffffffffff, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) r7 = gettid() perf_event_open(0x0, r7, 0x1, 0xffffffffffffffff, 0x8) 02:53:57 executing program 1: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, 0x0) ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x3f, &(0x7f00000001c0), 0x4) 02:53:57 executing program 0: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x8) 02:53:57 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000000500), &(0x7f0000000540)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x5c62, &(0x7f0000000340)={0x0, 0xb702, 0x10, 0x0, 0x3cd}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000200), &(0x7f00000003c0)) (fail_nth: 54) openat(r0, &(0x7f0000000140)='./file1\x00', 0x404000, 0x180) 02:53:57 executing program 2: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) connect$bt_l2cap(0xffffffffffffffff, &(0x7f00000000c0)={0x1f, 0x0, @any, 0x7, 0x2}, 0xe) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x6a8, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}}, 0xe) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @fixed, 0x40, 0x2}, 0xe) setsockopt$bt_l2cap_L2CAP_OPTIONS(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000080)={0x46, 0xe5, 0x1, 0x20, 0x0, 0x9, 0x7}, 0xc) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0) write$binfmt_aout(r1, &(0x7f0000000c40)=ANY=[], 0x820) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x7fffffff) setsockopt$bt_BT_SECURITY(r2, 0x112, 0x4, &(0x7f00000001c0)={0x1}, 0x2) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) r4 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$inet6_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000180)=0x1, 0x4) ioctl$int_in(r3, 0x5452, &(0x7f0000000140)=0x100000001) dup2(r3, r4) 02:53:57 executing program 5: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0xfffff000) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_open_dev$vcsa(0x0, 0xdda, 0x0) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x0, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) gettid() 02:53:57 executing program 3: r0 = semget$private(0x0, 0x4000, 0x0) semctl$IPC_STAT(r0, 0x0, 0x2, &(0x7f0000000280)=""/26) semctl$IPC_RMID(r0, 0x0, 0x0) semctl$IPC_RMID(r0, 0x0, 0x0) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) connect$bt_l2cap(r1, &(0x7f0000000040)={0x1f, 0x1, @fixed, 0x0, 0x2}, 0xe) semctl$GETPID(r0, 0x0, 0xb, &(0x7f0000000080)=""/125) 02:53:57 executing program 0: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x8) 02:53:57 executing program 2: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) connect$bt_l2cap(0xffffffffffffffff, &(0x7f00000000c0)={0x1f, 0x0, @any, 0x7, 0x2}, 0xe) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x6a8, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}}, 0xe) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @fixed, 0x40, 0x2}, 0xe) setsockopt$bt_l2cap_L2CAP_OPTIONS(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000080)={0x46, 0xe5, 0x1, 0x20, 0x0, 0x9, 0x7}, 0xc) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0) write$binfmt_aout(r1, &(0x7f0000000c40)=ANY=[], 0x820) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x7fffffff) setsockopt$bt_BT_SECURITY(r2, 0x112, 0x4, &(0x7f00000001c0)={0x1}, 0x2) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$inet6_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000180)=0x1, 0x4) ioctl$int_in(r3, 0x5452, &(0x7f0000000140)=0x100000001) 02:53:57 executing program 5: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0xfffffff6) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_open_dev$vcsa(0x0, 0xdda, 0x0) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x0, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) gettid() [ 2469.227574] FAULT_INJECTION: forcing a failure. [ 2469.227574] name failslab, interval 1, probability 0, space 0, times 0 [ 2469.227803] CPU: 0 PID: 8435 Comm: syz-executor.7 Not tainted 5.18.0-rc4-next-20220427 #1 [ 2469.227827] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2469.227841] Call Trace: [ 2469.227847] [ 2469.227855] dump_stack_lvl+0x8b/0xb3 [ 2469.227886] should_fail.cold+0x5/0xa [ 2469.227909] ? create_object.isra.0+0x3a/0xa20 [ 2469.227942] should_failslab+0x5/0x10 [ 2469.227971] kmem_cache_alloc+0x5b/0x480 [ 2469.228000] create_object.isra.0+0x3a/0xa20 [ 2469.228028] ? kasan_unpoison+0x23/0x50 [ 2469.228061] kmem_cache_alloc_trace+0x22e/0x3c0 [ 2469.228089] __io_uring_add_tctx_node+0x15f/0x390 [ 2469.228118] ? io_eventfd_put+0x50/0x50 [ 2469.228156] io_uring_setup.cold+0x21c1/0x271c [ 2469.228196] ? io_sqe_files_register+0x230/0x230 [ 2469.228248] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2469.228289] do_syscall_64+0x3b/0x90 [ 2469.228313] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2469.228342] RIP: 0033:0x7f1ab7761b19 02:53:57 executing program 6: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(0xffffffffffffffff, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) r7 = gettid() perf_event_open(0x0, r7, 0x1, 0xffffffffffffffff, 0x8) [ 2469.228359] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2469.228379] RSP: 002b:00007f1ab4cd7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 2469.228400] RAX: ffffffffffffffda RBX: 00007f1ab7874f60 RCX: 00007f1ab7761b19 [ 2469.228414] RDX: 0000000020ffd000 RSI: 0000000020000340 RDI: 0000000000005c62 02:53:57 executing program 1: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, 0x0) ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x3f, &(0x7f00000001c0), 0x4) 02:53:57 executing program 3: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000000)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0xee66}}, './file0\x00'}) setsockopt$bt_BT_VOICE(r1, 0x112, 0xb, &(0x7f0000000080), 0x2) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @fixed}, 0xe) [ 2469.228427] RBP: 0000000020000340 R08: 00000000200003c0 R09: 00000000200003c0 [ 2469.228440] R10: 0000000020000200 R11: 0000000000000202 R12: 00000000200003c0 [ 2469.228452] R13: 0000000020ffd000 R14: 0000000020000200 R15: 0000000020ffc000 [ 2469.228489] 02:53:57 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000000500), &(0x7f0000000540)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x5c62, &(0x7f0000000340)={0x0, 0xb702, 0x10, 0x0, 0x3cd}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000200), &(0x7f00000003c0)) (fail_nth: 55) openat(r0, &(0x7f0000000140)='./file1\x00', 0x404000, 0x180) 02:53:57 executing program 5: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x1000000000000) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_open_dev$vcsa(0x0, 0xdda, 0x0) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x0, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) gettid() 02:53:57 executing program 4: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0) write$binfmt_aout(r1, &(0x7f0000000c40)=ANY=[], 0x820) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x7fffffff) connect$bt_l2cap(r2, &(0x7f00000000c0)={0x1f, 0x7, @none, 0x8000, 0x2}, 0xe) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @fixed}, 0xe) r3 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000000), 0x600400, 0x0) signalfd(r3, &(0x7f0000000080)={[0x8001]}, 0x8) [ 2469.402798] FAULT_INJECTION: forcing a failure. [ 2469.402798] name failslab, interval 1, probability 0, space 0, times 0 [ 2469.402820] CPU: 1 PID: 8454 Comm: syz-executor.7 Not tainted 5.18.0-rc4-next-20220427 #1 [ 2469.402833] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2469.402842] Call Trace: [ 2469.402845] [ 2469.402850] dump_stack_lvl+0x8b/0xb3 [ 2469.402870] should_fail.cold+0x5/0xa [ 2469.402885] should_failslab+0x5/0x10 [ 2469.402902] kmem_cache_alloc_lru+0x60/0x7c0 [ 2469.402913] ? xas_alloc+0x35d/0x480 [ 2469.402934] xas_alloc+0x35d/0x480 [ 2469.402952] xas_create+0x35b/0x1030 [ 2469.402979] xas_store+0x90/0x1c40 [ 2469.403000] ? lock_acquire+0x1db/0x530 [ 2469.403019] __xa_store+0x16d/0x2d0 [ 2469.403036] ? xa_delete_node+0x270/0x270 [ 2469.403056] ? rwlock_bug.part.0+0x90/0x90 [ 2469.403080] xa_store+0x31/0x50 [ 2469.403096] __io_uring_add_tctx_node+0x1d2/0x390 [ 2469.403112] ? io_eventfd_put+0x50/0x50 [ 2469.403133] io_uring_setup.cold+0x21c1/0x271c [ 2469.403154] ? io_sqe_files_register+0x230/0x230 [ 2469.403183] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2469.403205] do_syscall_64+0x3b/0x90 [ 2469.403218] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2469.403234] RIP: 0033:0x7f1ab7761b19 [ 2469.403243] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2469.403254] RSP: 002b:00007f1ab4cd7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 2469.403266] RAX: ffffffffffffffda RBX: 00007f1ab7874f60 RCX: 00007f1ab7761b19 [ 2469.403274] RDX: 0000000020ffd000 RSI: 0000000020000340 RDI: 0000000000005c62 [ 2469.403281] RBP: 0000000020000340 R08: 00000000200003c0 R09: 00000000200003c0 [ 2469.403287] R10: 0000000020000200 R11: 0000000000000202 R12: 00000000200003c0 [ 2469.403294] R13: 0000000020ffd000 R14: 0000000020000200 R15: 0000000020ffc000 [ 2469.403315] [ 2482.820942] kmemleak: 4 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 02:54:19 executing program 5: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x8000000000000) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_open_dev$vcsa(0x0, 0xdda, 0x0) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x0, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) gettid() 02:54:19 executing program 2: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) connect$bt_l2cap(0xffffffffffffffff, &(0x7f00000000c0)={0x1f, 0x0, @any, 0x7, 0x2}, 0xe) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x6a8, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}}, 0xe) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @fixed, 0x40, 0x2}, 0xe) setsockopt$bt_l2cap_L2CAP_OPTIONS(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000080)={0x46, 0xe5, 0x1, 0x20, 0x0, 0x9, 0x7}, 0xc) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0) write$binfmt_aout(r1, &(0x7f0000000c40)=ANY=[], 0x820) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x7fffffff) setsockopt$bt_BT_SECURITY(r2, 0x112, 0x4, &(0x7f00000001c0)={0x1}, 0x2) socket$inet6_udplite(0xa, 0x2, 0x88) syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$inet6_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000180)=0x1, 0x4) 02:54:19 executing program 4: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) fgetxattr(r1, &(0x7f0000000000)=@random={'btrfs.', '\xaa\xaa\xaa\xaa\xaa'}, &(0x7f0000000080)=""/140, 0x8c) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @fixed}, 0xe) 02:54:19 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0) write$binfmt_aout(r0, &(0x7f0000000c40)=ANY=[], 0x820) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) faccessat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x1) sendfile(r0, r1, 0x0, 0x7fffffff) sendmsg$NL80211_CMD_TDLS_CHANNEL_SWITCH(r1, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000140)={&(0x7f0000000080)=ANY=[@ANYBLOB='l\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="01002dbd7000fbdbdf256f0000000c00990002000000430000000500d6009a00000005001801170000000800a1000100000008009f000400d600400000000500d60002000000050018013c0000000a00060008021100000100008ebd982f5678ca3eab80945e63d100"/116], 0x6c}, 0x1, 0x0, 0x0, 0x2040}, 0x40801) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) connect$bt_l2cap(r2, &(0x7f0000000040)={0x1f, 0x1, @fixed, 0x0, 0x2}, 0xe) 02:54:19 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000000500), &(0x7f0000000540)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x5c62, &(0x7f0000000340)={0x0, 0xb702, 0x10, 0x0, 0x3cd}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000200), &(0x7f00000003c0)) (fail_nth: 56) openat(r0, &(0x7f0000000140)='./file1\x00', 0x404000, 0x180) 02:54:19 executing program 6: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, 0x0, 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) r7 = gettid() perf_event_open(0x0, r7, 0x1, 0xffffffffffffffff, 0x8) 02:54:19 executing program 1: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, 0x0) ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x3f, &(0x7f00000001c0), 0x4) 02:54:19 executing program 0: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x8) [ 2490.599987] FAULT_INJECTION: forcing a failure. [ 2490.599987] name failslab, interval 1, probability 0, space 0, times 0 [ 2490.600021] CPU: 0 PID: 8476 Comm: syz-executor.7 Not tainted 5.18.0-rc4-next-20220427 #1 [ 2490.600044] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2490.600057] Call Trace: [ 2490.600063] [ 2490.600070] dump_stack_lvl+0x8b/0xb3 [ 2490.600102] should_fail.cold+0x5/0xa [ 2490.600124] ? create_object.isra.0+0x3a/0xa20 [ 2490.600158] should_failslab+0x5/0x10 [ 2490.600186] kmem_cache_alloc+0x5b/0x480 [ 2490.600205] ? arch_stack_walk+0x99/0xf0 [ 2490.600243] create_object.isra.0+0x3a/0xa20 [ 2490.600271] ? kasan_unpoison+0x23/0x50 [ 2490.600304] kmem_cache_alloc_lru+0x2d3/0x7c0 [ 2490.600323] ? xas_alloc+0x35d/0x480 [ 2490.600359] xas_alloc+0x35d/0x480 [ 2490.600392] xas_create+0x35b/0x1030 [ 2490.600433] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 2490.600468] xas_store+0x90/0x1c40 [ 2490.600516] __xa_store+0x16d/0x2d0 [ 2490.600548] ? xa_delete_node+0x270/0x270 [ 2490.600589] ? rwlock_bug.part.0+0x90/0x90 [ 2490.600638] xa_store+0x31/0x50 [ 2490.600668] __io_uring_add_tctx_node+0x1d2/0x390 [ 2490.600696] ? io_eventfd_put+0x50/0x50 [ 2490.600736] io_uring_setup.cold+0x21c1/0x271c [ 2490.600776] ? io_sqe_files_register+0x230/0x230 [ 2490.600833] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2490.600874] do_syscall_64+0x3b/0x90 [ 2490.600898] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2490.600927] RIP: 0033:0x7f1ab7761b19 [ 2490.600943] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2490.600963] RSP: 002b:00007f1ab4cd7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 2490.600983] RAX: ffffffffffffffda RBX: 00007f1ab7874f60 RCX: 00007f1ab7761b19 [ 2490.600997] RDX: 0000000020ffd000 RSI: 0000000020000340 RDI: 0000000000005c62 [ 2490.601014] RBP: 0000000020000340 R08: 00000000200003c0 R09: 00000000200003c0 02:54:19 executing program 2: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) connect$bt_l2cap(0xffffffffffffffff, &(0x7f00000000c0)={0x1f, 0x0, @any, 0x7, 0x2}, 0xe) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x6a8, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}}, 0xe) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @fixed, 0x40, 0x2}, 0xe) setsockopt$bt_l2cap_L2CAP_OPTIONS(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000080)={0x46, 0xe5, 0x1, 0x20, 0x0, 0x9, 0x7}, 0xc) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0) write$binfmt_aout(r1, &(0x7f0000000c40)=ANY=[], 0x820) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x7fffffff) setsockopt$bt_BT_SECURITY(r2, 0x112, 0x4, &(0x7f00000001c0)={0x1}, 0x2) socket$inet6_udplite(0xa, 0x2, 0x88) syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) [ 2490.601027] R10: 0000000020000200 R11: 0000000000000202 R12: 00000000200003c0 [ 2490.601040] R13: 0000000020ffd000 R14: 0000000020000200 R15: 0000000020ffc000 [ 2490.601078] 02:54:19 executing program 5: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0xf0ffffffffffff) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_open_dev$vcsa(0x0, 0xdda, 0x0) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x0, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) gettid() [ 2506.668967] kmemleak: 4 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 02:54:42 executing program 3: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @fixed, 0x0, 0x2}, 0xe) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0) write$binfmt_aout(r1, &(0x7f0000000c40)=ANY=[], 0x820) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x7fffffff) connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x3, @any, 0xffff}, 0xe) 02:54:42 executing program 0: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(0x0, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x8) 02:54:42 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000000500), &(0x7f0000000540)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x5c62, &(0x7f0000000340)={0x0, 0xb702, 0x10, 0x0, 0x3cd}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000200), &(0x7f00000003c0)) (fail_nth: 57) openat(r0, &(0x7f0000000140)='./file1\x00', 0x404000, 0x180) 02:54:42 executing program 5: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x100000000000000) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_open_dev$vcsa(0x0, 0xdda, 0x0) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x0, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) gettid() 02:54:42 executing program 6: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, 0x0, 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) r7 = gettid() perf_event_open(0x0, r7, 0x1, 0xffffffffffffffff, 0x8) 02:54:42 executing program 1: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, 0x0, 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) r7 = gettid() perf_event_open(0x0, r7, 0x1, 0xffffffffffffffff, 0x8) 02:54:42 executing program 4: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x0, @none, 0x8, 0x1}, 0xe) bind$bt_l2cap(0xffffffffffffffff, &(0x7f0000000000)={0x1f, 0x8001, @none, 0x4, 0x1}, 0xe) 02:54:42 executing program 2: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) connect$bt_l2cap(0xffffffffffffffff, &(0x7f00000000c0)={0x1f, 0x0, @any, 0x7, 0x2}, 0xe) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x6a8, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}}, 0xe) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @fixed, 0x40, 0x2}, 0xe) setsockopt$bt_l2cap_L2CAP_OPTIONS(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000080)={0x46, 0xe5, 0x1, 0x20, 0x0, 0x9, 0x7}, 0xc) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0) write$binfmt_aout(r1, &(0x7f0000000c40)=ANY=[], 0x820) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x7fffffff) setsockopt$bt_BT_SECURITY(r2, 0x112, 0x4, &(0x7f00000001c0)={0x1}, 0x2) socket$inet6_udplite(0xa, 0x2, 0x88) [ 2514.101878] FAULT_INJECTION: forcing a failure. [ 2514.101878] name failslab, interval 1, probability 0, space 0, times 0 [ 2514.101915] CPU: 1 PID: 8508 Comm: syz-executor.7 Not tainted 5.18.0-rc4-next-20220427 #1 [ 2514.101928] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2514.101936] Call Trace: [ 2514.101940] [ 2514.101945] dump_stack_lvl+0x8b/0xb3 [ 2514.101966] should_fail.cold+0x5/0xa [ 2514.101981] should_failslab+0x5/0x10 [ 2514.101999] kmem_cache_alloc_lru+0x60/0x7c0 [ 2514.102010] ? xas_alloc+0x35d/0x480 [ 2514.102032] xas_alloc+0x35d/0x480 [ 2514.102049] xas_create+0x35b/0x1030 [ 2514.102071] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 2514.102092] xas_store+0x90/0x1c40 [ 2514.102118] __xa_store+0x16d/0x2d0 [ 2514.102135] ? xa_delete_node+0x270/0x270 [ 2514.102155] ? rwlock_bug.part.0+0x90/0x90 [ 2514.102179] xa_store+0x31/0x50 [ 2514.102195] __io_uring_add_tctx_node+0x1d2/0x390 [ 2514.102212] ? io_eventfd_put+0x50/0x50 [ 2514.102233] io_uring_setup.cold+0x21c1/0x271c [ 2514.102255] ? io_sqe_files_register+0x230/0x230 [ 2514.102285] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2514.102308] do_syscall_64+0x3b/0x90 [ 2514.102322] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2514.102338] RIP: 0033:0x7f1ab7761b19 [ 2514.102347] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2514.102358] RSP: 002b:00007f1ab4cd7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 2514.102370] RAX: ffffffffffffffda RBX: 00007f1ab7874f60 RCX: 00007f1ab7761b19 [ 2514.102378] RDX: 0000000020ffd000 RSI: 0000000020000340 RDI: 0000000000005c62 [ 2514.102385] RBP: 0000000020000340 R08: 00000000200003c0 R09: 00000000200003c0 [ 2514.102392] R10: 0000000020000200 R11: 0000000000000202 R12: 00000000200003c0 [ 2514.102399] R13: 0000000020ffd000 R14: 0000000020000200 R15: 0000000020ffc000 02:54:42 executing program 0: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(0x0, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x8) [ 2514.102419] 02:54:42 executing program 3: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @fixed, 0x0, 0x2}, 0xe) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @any, 0x4}, 0xe) 02:54:42 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000000500), &(0x7f0000000540)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x5c62, &(0x7f0000000340)={0x0, 0xb702, 0x10, 0x0, 0x3cd}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000200), &(0x7f00000003c0)) (fail_nth: 58) openat(r0, &(0x7f0000000140)='./file1\x00', 0x404000, 0x180) 02:54:42 executing program 6: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, 0x0, 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) r7 = gettid() perf_event_open(0x0, r7, 0x1, 0xffffffffffffffff, 0x8) 02:54:42 executing program 4: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @fixed}, 0xe) bind$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x7, @none, 0x3105, 0x1}, 0xe) 02:54:42 executing program 2: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) connect$bt_l2cap(0xffffffffffffffff, &(0x7f00000000c0)={0x1f, 0x0, @any, 0x7, 0x2}, 0xe) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x6a8, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}}, 0xe) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @fixed, 0x40, 0x2}, 0xe) setsockopt$bt_l2cap_L2CAP_OPTIONS(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000080)={0x46, 0xe5, 0x1, 0x20, 0x0, 0x9, 0x7}, 0xc) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0) write$binfmt_aout(r1, &(0x7f0000000c40)=ANY=[], 0x820) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x7fffffff) setsockopt$bt_BT_SECURITY(r2, 0x112, 0x4, &(0x7f00000001c0)={0x1}, 0x2) 02:54:42 executing program 5: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x200000000000000) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_open_dev$vcsa(0x0, 0xdda, 0x0) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x0, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) gettid() [ 2514.253386] FAULT_INJECTION: forcing a failure. [ 2514.253386] name failslab, interval 1, probability 0, space 0, times 0 [ 2514.253406] CPU: 1 PID: 8522 Comm: syz-executor.7 Not tainted 5.18.0-rc4-next-20220427 #1 [ 2514.253419] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2514.253428] Call Trace: [ 2514.253431] [ 2514.253436] dump_stack_lvl+0x8b/0xb3 [ 2514.253456] should_fail.cold+0x5/0xa [ 2514.253467] ? kmem_cache_alloc_lru+0x2d3/0x7c0 [ 2514.253481] ? create_object.isra.0+0x3a/0xa20 [ 2514.253500] should_failslab+0x5/0x10 [ 2514.253535] kmem_cache_alloc+0x5b/0x480 [ 2514.253545] ? mark_held_locks+0x9e/0xe0 [ 2514.253567] create_object.isra.0+0x3a/0xa20 [ 2514.253583] ? kasan_unpoison+0x23/0x50 [ 2514.253601] kmem_cache_alloc_lru+0x2d3/0x7c0 [ 2514.253612] ? xas_alloc+0x35d/0x480 [ 2514.253633] xas_alloc+0x35d/0x480 [ 2514.253650] xas_create+0x35b/0x1030 [ 2514.253673] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 2514.253691] xas_store+0x90/0x1c40 [ 2514.253717] __xa_store+0x16d/0x2d0 [ 2514.253735] ? xa_delete_node+0x270/0x270 [ 2514.253755] ? rwlock_bug.part.0+0x90/0x90 02:54:42 executing program 3: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @fixed, 0x0, 0x2}, 0xe) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x3d, @none, 0xa442, 0x1}, 0xe) [ 2514.253779] xa_store+0x31/0x50 [ 2514.253795] __io_uring_add_tctx_node+0x1d2/0x390 [ 2514.253811] ? io_eventfd_put+0x50/0x50 [ 2514.253833] io_uring_setup.cold+0x21c1/0x271c [ 2514.253855] ? io_sqe_files_register+0x230/0x230 [ 2514.253884] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2514.253908] do_syscall_64+0x3b/0x90 [ 2514.253921] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2514.253938] RIP: 0033:0x7f1ab7761b19 [ 2514.253946] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2514.253957] RSP: 002b:00007f1ab4cd7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 2514.253969] RAX: ffffffffffffffda RBX: 00007f1ab7874f60 RCX: 00007f1ab7761b19 [ 2514.253977] RDX: 0000000020ffd000 RSI: 0000000020000340 RDI: 0000000000005c62 [ 2514.253984] RBP: 0000000020000340 R08: 00000000200003c0 R09: 00000000200003c0 [ 2514.253991] R10: 0000000020000200 R11: 0000000000000202 R12: 00000000200003c0 [ 2514.253998] R13: 0000000020ffd000 R14: 0000000020000200 R15: 0000000020ffc000 [ 2514.254018] 02:54:42 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000000500), &(0x7f0000000540)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x5c62, &(0x7f0000000340)={0x0, 0xb702, 0x10, 0x0, 0x3cd}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000200), &(0x7f00000003c0)) (fail_nth: 59) openat(r0, &(0x7f0000000140)='./file1\x00', 0x404000, 0x180) 02:54:42 executing program 6: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) r7 = gettid() perf_event_open(0x0, r7, 0x1, 0xffffffffffffffff, 0x8) 02:54:42 executing program 0: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(0x0, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x8) 02:54:43 executing program 1: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, 0x0, 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) r7 = gettid() perf_event_open(0x0, r7, 0x1, 0xffffffffffffffff, 0x8) [ 2514.405915] FAULT_INJECTION: forcing a failure. [ 2514.405915] name failslab, interval 1, probability 0, space 0, times 0 [ 2514.405948] CPU: 0 PID: 8538 Comm: syz-executor.7 Not tainted 5.18.0-rc4-next-20220427 #1 [ 2514.405974] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2514.405989] Call Trace: [ 2514.405994] [ 2514.406002] dump_stack_lvl+0x8b/0xb3 [ 2514.406037] should_fail.cold+0x5/0xa [ 2514.406079] should_failslab+0x5/0x10 [ 2514.406113] kmem_cache_alloc_lru+0x60/0x7c0 [ 2514.406134] ? xas_alloc+0x35d/0x480 [ 2514.406174] xas_alloc+0x35d/0x480 [ 2514.406212] xas_create+0x35b/0x1030 [ 2514.406258] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 2514.406297] xas_store+0x90/0x1c40 [ 2514.406345] __xa_store+0x16d/0x2d0 [ 2514.406379] ? xa_delete_node+0x270/0x270 [ 2514.406424] ? rwlock_bug.part.0+0x90/0x90 [ 2514.406472] xa_store+0x31/0x50 [ 2514.406504] __io_uring_add_tctx_node+0x1d2/0x390 [ 2514.406534] ? io_eventfd_put+0x50/0x50 [ 2514.406574] io_uring_setup.cold+0x21c1/0x271c [ 2514.406616] ? io_sqe_files_register+0x230/0x230 [ 2514.406677] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2514.406727] do_syscall_64+0x3b/0x90 [ 2514.406755] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2514.406799] RIP: 0033:0x7f1ab7761b19 [ 2514.406817] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2514.406842] RSP: 002b:00007f1ab4cd7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 2514.406867] RAX: ffffffffffffffda RBX: 00007f1ab7874f60 RCX: 00007f1ab7761b19 [ 2514.406883] RDX: 0000000020ffd000 RSI: 0000000020000340 RDI: 0000000000005c62 [ 2514.406899] RBP: 0000000020000340 R08: 00000000200003c0 R09: 00000000200003c0 [ 2514.406917] R10: 0000000020000200 R11: 0000000000000202 R12: 00000000200003c0 [ 2514.406937] R13: 0000000020ffd000 R14: 0000000020000200 R15: 0000000020ffc000 [ 2514.406991] [ 2529.166954] kmemleak: 4 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 02:55:05 executing program 3: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x0, @any, 0xfff9, 0x1}, 0xe) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @fixed, 0x0, 0x2}, 0xe) 02:55:05 executing program 5: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x300000000000000) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_open_dev$vcsa(0x0, 0xdda, 0x0) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x0, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) gettid() 02:55:05 executing program 4: ioctl$BTRFS_IOC_SUBVOL_GETFLAGS(0xffffffffffffffff, 0x80089419, &(0x7f0000000000)) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) fcntl$dupfd(r0, 0x406, r0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0) write$binfmt_aout(r1, &(0x7f0000000c40)=ANY=[], 0x820) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x7fffffff) ioctl$SNAPSHOT_FREE_SWAP_PAGES(r1, 0x3309) connect$bt_l2cap(r2, &(0x7f0000000040)={0x1f, 0x2, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7}, 0xe) openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x41, 0x0) 02:55:05 executing program 1: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(0x0, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x8) 02:55:05 executing program 6: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) r7 = gettid() perf_event_open(0x0, r7, 0x1, 0xffffffffffffffff, 0x8) 02:55:05 executing program 0: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x0, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x8) 02:55:05 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000000500), &(0x7f0000000540)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x5c62, &(0x7f0000000340)={0x0, 0xb702, 0x10, 0x0, 0x3cd}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000200), &(0x7f00000003c0)) (fail_nth: 60) openat(r0, &(0x7f0000000140)='./file1\x00', 0x404000, 0x180) 02:55:05 executing program 2: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) connect$bt_l2cap(0xffffffffffffffff, &(0x7f00000000c0)={0x1f, 0x0, @any, 0x7, 0x2}, 0xe) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x6a8, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}}, 0xe) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @fixed, 0x40, 0x2}, 0xe) setsockopt$bt_l2cap_L2CAP_OPTIONS(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000080)={0x46, 0xe5, 0x1, 0x20, 0x0, 0x9, 0x7}, 0xc) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0) write$binfmt_aout(r1, &(0x7f0000000c40)=ANY=[], 0x820) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x7fffffff) 02:55:06 executing program 3: r0 = socket$packet(0x11, 0x3, 0x300) ioctl$F2FS_IOC_GARBAGE_COLLECT(r0, 0x4004f506, &(0x7f0000000000)) connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000000080)={0x1f, 0xf13, @none, 0x7b, 0x2}, 0xe) [ 2537.384847] FAULT_INJECTION: forcing a failure. [ 2537.384847] name failslab, interval 1, probability 0, space 0, times 0 [ 2537.384868] CPU: 0 PID: 8555 Comm: syz-executor.7 Not tainted 5.18.0-rc4-next-20220427 #1 [ 2537.384881] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2537.384890] Call Trace: [ 2537.384893] [ 2537.384898] dump_stack_lvl+0x8b/0xb3 [ 2537.384919] should_fail.cold+0x5/0xa [ 2537.384929] ? xas_alloc+0x35d/0x480 [ 2537.384948] ? create_object.isra.0+0x3a/0xa20 [ 2537.384967] should_failslab+0x5/0x10 [ 2537.384984] kmem_cache_alloc+0x5b/0x480 [ 2537.384995] ? mark_held_locks+0x9e/0xe0 [ 2537.385015] create_object.isra.0+0x3a/0xa20 [ 2537.385030] ? kasan_unpoison+0x23/0x50 [ 2537.385049] kmem_cache_alloc_lru+0x2d3/0x7c0 [ 2537.385059] ? xas_alloc+0x35d/0x480 [ 2537.385078] xas_alloc+0x35d/0x480 02:55:06 executing program 1: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(0x0, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x8) [ 2537.385095] xas_create+0x35b/0x1030 [ 2537.385118] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 2537.385137] xas_store+0x90/0x1c40 [ 2537.385162] __xa_store+0x16d/0x2d0 [ 2537.385180] ? xa_delete_node+0x270/0x270 [ 2537.385199] ? rwlock_bug.part.0+0x90/0x90 [ 2537.385226] xa_store+0x31/0x50 [ 2537.385243] __io_uring_add_tctx_node+0x1d2/0x390 [ 2537.385258] ? io_eventfd_put+0x50/0x50 [ 2537.385280] io_uring_setup.cold+0x21c1/0x271c [ 2537.385301] ? io_sqe_files_register+0x230/0x230 [ 2537.385331] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2537.385354] do_syscall_64+0x3b/0x90 [ 2537.385367] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2537.385383] RIP: 0033:0x7f1ab7761b19 [ 2537.385392] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2537.385403] RSP: 002b:00007f1ab4cd7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 2537.385415] RAX: ffffffffffffffda RBX: 00007f1ab7874f60 RCX: 00007f1ab7761b19 [ 2537.385423] RDX: 0000000020ffd000 RSI: 0000000020000340 RDI: 0000000000005c62 [ 2537.385430] RBP: 0000000020000340 R08: 00000000200003c0 R09: 00000000200003c0 [ 2537.385437] R10: 0000000020000200 R11: 0000000000000202 R12: 00000000200003c0 [ 2537.385444] R13: 0000000020ffd000 R14: 0000000020000200 R15: 0000000020ffc000 [ 2537.385464] 02:55:06 executing program 3: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) socket$inet6(0xa, 0x6, 0xff) setsockopt$SO_TIMESTAMP(r1, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(r0, r1) fremovexattr(r0, &(0x7f0000000000)=@random={'security.', '\\,$\x00'}) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) connect$bt_l2cap(r2, &(0x7f0000000040)={0x1f, 0x1, @any, 0x0, 0x2}, 0xe) 02:55:06 executing program 2: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) connect$bt_l2cap(0xffffffffffffffff, &(0x7f00000000c0)={0x1f, 0x0, @any, 0x7, 0x2}, 0xe) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x6a8, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}}, 0xe) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @fixed, 0x40, 0x2}, 0xe) setsockopt$bt_l2cap_L2CAP_OPTIONS(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000080)={0x46, 0xe5, 0x1, 0x20, 0x0, 0x9, 0x7}, 0xc) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0) write$binfmt_aout(r1, &(0x7f0000000c40)=ANY=[], 0x820) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) 02:55:06 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000000500), &(0x7f0000000540)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x5c62, &(0x7f0000000340)={0x0, 0xb702, 0x10, 0x0, 0x3cd}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000200), &(0x7f00000003c0)) (fail_nth: 61) openat(r0, &(0x7f0000000140)='./file1\x00', 0x404000, 0x180) 02:55:06 executing program 5: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x400000000000000) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_open_dev$vcsa(0x0, 0xdda, 0x0) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x0, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) gettid() 02:55:06 executing program 6: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) r7 = gettid() perf_event_open(0x0, r7, 0x1, 0xffffffffffffffff, 0x8) [ 2537.625621] audit: type=1400 audit(1651114506.279:15): avc: denied { create } for pid=8570 comm="syz-executor.3" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=dccp_socket permissive=1 02:55:06 executing program 4: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) bind$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0xec, @none, 0x2}, 0xe) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @fixed}, 0xe) write$binfmt_aout(r0, &(0x7f0000000100)={{0x108, 0x3f, 0x81, 0x3b1, 0x260, 0x6, 0xa9, 0x7}, "cf03122a30565c844526f9759a0ab1410949354429ae1bf5c97f983db72f1a51839824ba3ee4fa6b195526234a0d941c0bd265b5b7593d4cd4bb0513000f4ab9dc3f7be26c84e9241e3435"}, 0x6b) socketpair(0x27, 0x800, 0x12, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$bt_BT_SECURITY(r1, 0x112, 0x4, &(0x7f0000000880)={0x5d, 0x2}, 0x2) bind$bt_l2cap(r1, &(0x7f00000000c0)={0x1f, 0x8, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0xd6, 0x2}, 0xe) [ 2537.718131] FAULT_INJECTION: forcing a failure. [ 2537.718131] name failslab, interval 1, probability 0, space 0, times 0 [ 2537.718165] CPU: 0 PID: 8583 Comm: syz-executor.7 Not tainted 5.18.0-rc4-next-20220427 #1 [ 2537.718189] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2537.718204] Call Trace: [ 2537.718209] [ 2537.718217] dump_stack_lvl+0x8b/0xb3 [ 2537.718250] should_fail.cold+0x5/0xa [ 2537.718278] should_failslab+0x5/0x10 [ 2537.718310] kmem_cache_alloc_lru+0x60/0x7c0 [ 2537.718337] ? xas_alloc+0x35d/0x480 [ 2537.718373] xas_alloc+0x35d/0x480 [ 2537.718406] xas_create+0x35b/0x1030 02:55:06 executing program 5: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x1800000000000000) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_open_dev$vcsa(0x0, 0xdda, 0x0) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x0, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) gettid() [ 2537.718448] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 2537.718484] xas_store+0x90/0x1c40 [ 2537.718532] __xa_store+0x16d/0x2d0 [ 2537.718564] ? xa_delete_node+0x270/0x270 [ 2537.718601] ? rwlock_bug.part.0+0x90/0x90 [ 2537.718645] xa_store+0x31/0x50 [ 2537.718676] __io_uring_add_tctx_node+0x1d2/0x390 [ 2537.718704] ? io_eventfd_put+0x50/0x50 [ 2537.718744] io_uring_setup.cold+0x21c1/0x271c [ 2537.718784] ? io_sqe_files_register+0x230/0x230 [ 2537.718838] ? syscall_enter_from_user_mode+0x1d/0x50 02:55:06 executing program 0: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x0, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x8) 02:55:06 executing program 6: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(0x0, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) r7 = gettid() perf_event_open(0x0, r7, 0x1, 0xffffffffffffffff, 0x8) [ 2537.718880] do_syscall_64+0x3b/0x90 [ 2537.718904] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2537.718933] RIP: 0033:0x7f1ab7761b19 [ 2537.718949] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2537.718969] RSP: 002b:00007f1ab4cd7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 2537.718990] RAX: ffffffffffffffda RBX: 00007f1ab7874f60 RCX: 00007f1ab7761b19 02:55:06 executing program 2: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) connect$bt_l2cap(0xffffffffffffffff, &(0x7f00000000c0)={0x1f, 0x0, @any, 0x7, 0x2}, 0xe) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x6a8, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}}, 0xe) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @fixed, 0x40, 0x2}, 0xe) setsockopt$bt_l2cap_L2CAP_OPTIONS(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000080)={0x46, 0xe5, 0x1, 0x20, 0x0, 0x9, 0x7}, 0xc) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0) write$binfmt_aout(r1, &(0x7f0000000c40)=ANY=[], 0x820) [ 2537.719004] RDX: 0000000020ffd000 RSI: 0000000020000340 RDI: 0000000000005c62 [ 2537.719017] RBP: 0000000020000340 R08: 00000000200003c0 R09: 00000000200003c0 [ 2537.719030] R10: 0000000020000200 R11: 0000000000000202 R12: 00000000200003c0 [ 2537.719043] R13: 0000000020ffd000 R14: 0000000020000200 R15: 0000000020ffc000 [ 2537.719081] 02:55:06 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000000500), &(0x7f0000000540)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x5c62, &(0x7f0000000340)={0x0, 0xb702, 0x10, 0x0, 0x3cd}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000200), &(0x7f00000003c0)) (fail_nth: 62) openat(r0, &(0x7f0000000140)='./file1\x00', 0x404000, 0x180) 02:55:06 executing program 1: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x0, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x8) 02:55:06 executing program 5: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0xf6ffffff00000000) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_open_dev$vcsa(0x0, 0xdda, 0x0) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x0, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) gettid() [ 2538.010786] FAULT_INJECTION: forcing a failure. [ 2538.010786] name failslab, interval 1, probability 0, space 0, times 0 [ 2538.010820] CPU: 0 PID: 8603 Comm: syz-executor.7 Not tainted 5.18.0-rc4-next-20220427 #1 [ 2538.010844] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2538.010858] Call Trace: [ 2538.010863] [ 2538.010871] dump_stack_lvl+0x8b/0xb3 [ 2538.010903] should_fail.cold+0x5/0xa [ 2538.010928] ? kmem_cache_alloc_lru+0x2d3/0x7c0 [ 2538.010962] ? create_object.isra.0+0x3a/0xa20 [ 2538.011000] should_failslab+0x5/0x10 [ 2538.011029] kmem_cache_alloc+0x5b/0x480 [ 2538.011047] ? mark_held_locks+0x9e/0xe0 [ 2538.011082] create_object.isra.0+0x3a/0xa20 [ 2538.011110] ? kasan_unpoison+0x23/0x50 [ 2538.011144] kmem_cache_alloc_lru+0x2d3/0x7c0 [ 2538.011163] ? xas_alloc+0x35d/0x480 [ 2538.011200] xas_alloc+0x35d/0x480 [ 2538.011233] xas_create+0x35b/0x1030 [ 2538.011279] ? lockdep_hardirqs_on_prepare+0x400/0x400 02:55:06 executing program 6: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(0x0, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) r7 = gettid() perf_event_open(0x0, r7, 0x1, 0xffffffffffffffff, 0x8) [ 2538.011314] xas_store+0x90/0x1c40 [ 2538.011361] __xa_store+0x16d/0x2d0 [ 2538.011393] ? xa_delete_node+0x270/0x270 [ 2538.011430] ? rwlock_bug.part.0+0x90/0x90 [ 2538.011474] xa_store+0x31/0x50 [ 2538.011505] __io_uring_add_tctx_node+0x1d2/0x390 02:55:06 executing program 2: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) connect$bt_l2cap(0xffffffffffffffff, &(0x7f00000000c0)={0x1f, 0x0, @any, 0x7, 0x2}, 0xe) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x6a8, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}}, 0xe) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @fixed, 0x40, 0x2}, 0xe) setsockopt$bt_l2cap_L2CAP_OPTIONS(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000080)={0x46, 0xe5, 0x1, 0x20, 0x0, 0x9, 0x7}, 0xc) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0) [ 2538.011533] ? io_eventfd_put+0x50/0x50 [ 2538.011576] io_uring_setup.cold+0x21c1/0x271c [ 2538.011624] ? io_sqe_files_register+0x230/0x230 [ 2538.011678] ? syscall_enter_from_user_mode+0x1d/0x50 02:55:06 executing program 0: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x0, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x8) [ 2538.011719] do_syscall_64+0x3b/0x90 [ 2538.011743] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2538.011773] RIP: 0033:0x7f1ab7761b19 [ 2538.011789] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2538.011808] RSP: 002b:00007f1ab4cd7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 2538.011830] RAX: ffffffffffffffda RBX: 00007f1ab7874f60 RCX: 00007f1ab7761b19 [ 2538.011844] RDX: 0000000020ffd000 RSI: 0000000020000340 RDI: 0000000000005c62 [ 2538.011856] RBP: 0000000020000340 R08: 00000000200003c0 R09: 00000000200003c0 [ 2538.011869] R10: 0000000020000200 R11: 0000000000000202 R12: 00000000200003c0 [ 2538.011882] R13: 0000000020ffd000 R14: 0000000020000200 R15: 0000000020ffc000 [ 2538.011920] [ 2551.202349] kmemleak: 28 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 02:55:29 executing program 4: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) dup3(r0, r0, 0x0) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @none, 0x0, 0x2}, 0xe) r1 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) sync_file_range(r1, 0x4, 0x7, 0x1) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x81, @none, 0x8001, 0x2}, 0xe) 02:55:29 executing program 0: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x0, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x8) 02:55:29 executing program 3: ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000000)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0xffffffffffffffff}}, './file0\x00'}) inotify_add_watch(r0, &(0x7f0000000080)='./file0\x00', 0xc000601) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0) write$binfmt_aout(r2, &(0x7f0000000c40)=ANY=[], 0x820) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) sendfile(r2, r3, 0x0, 0x7fffffff) inotify_add_watch(r2, &(0x7f00000000c0)='./file0\x00', 0x1000151) connect$bt_l2cap(r1, &(0x7f0000000040)={0x1f, 0x1, @fixed, 0x0, 0x2}, 0xe) 02:55:29 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000000500), &(0x7f0000000540)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x5c62, &(0x7f0000000340)={0x0, 0xb702, 0x10, 0x0, 0x3cd}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000200), &(0x7f00000003c0)) (fail_nth: 63) openat(r0, &(0x7f0000000140)='./file1\x00', 0x404000, 0x180) 02:55:29 executing program 2: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) connect$bt_l2cap(0xffffffffffffffff, &(0x7f00000000c0)={0x1f, 0x0, @any, 0x7, 0x2}, 0xe) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x6a8, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}}, 0xe) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @fixed, 0x40, 0x2}, 0xe) setsockopt$bt_l2cap_L2CAP_OPTIONS(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000080)={0x46, 0xe5, 0x1, 0x20, 0x0, 0x9, 0x7}, 0xc) 02:55:29 executing program 5: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0xfffffffffffff000) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_open_dev$vcsa(0x0, 0xdda, 0x0) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x0, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) gettid() 02:55:29 executing program 1: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) r7 = gettid() perf_event_open(0x0, r7, 0x1, 0xffffffffffffffff, 0x8) 02:55:29 executing program 6: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(0x0, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) r7 = gettid() perf_event_open(0x0, r7, 0x1, 0xffffffffffffffff, 0x8) [ 2560.585864] FAULT_INJECTION: forcing a failure. [ 2560.585864] name failslab, interval 1, probability 0, space 0, times 0 [ 2560.585892] CPU: 1 PID: 8632 Comm: syz-executor.7 Not tainted 5.18.0-rc4-next-20220427 #1 [ 2560.585910] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2560.585921] Call Trace: [ 2560.585925] [ 2560.585932] dump_stack_lvl+0x8b/0xb3 [ 2560.585958] should_fail.cold+0x5/0xa [ 2560.585980] should_failslab+0x5/0x10 [ 2560.586005] kmem_cache_alloc_lru+0x60/0x7c0 [ 2560.586021] ? xas_alloc+0x35d/0x480 [ 2560.586050] xas_alloc+0x35d/0x480 [ 2560.586076] xas_create+0x35b/0x1030 [ 2560.586108] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 2560.586136] xas_store+0x90/0x1c40 [ 2560.586182] __xa_store+0x16d/0x2d0 [ 2560.586208] ? xa_delete_node+0x270/0x270 [ 2560.586236] ? rwlock_bug.part.0+0x90/0x90 [ 2560.586271] xa_store+0x31/0x50 [ 2560.586294] __io_uring_add_tctx_node+0x1d2/0x390 [ 2560.586317] ? io_eventfd_put+0x50/0x50 02:55:29 executing program 5: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_open_dev$vcsa(0x0, 0xdda, 0x0) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, 0x0) read(r0, &(0x7f0000000000)=""/62, 0x3e) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x0, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) gettid() [ 2560.586348] io_uring_setup.cold+0x21c1/0x271c [ 2560.586380] ? io_sqe_files_register+0x230/0x230 [ 2560.586443] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2560.586490] do_syscall_64+0x3b/0x90 [ 2560.586509] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2560.586532] RIP: 0033:0x7f1ab7761b19 [ 2560.586549] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2560.586565] RSP: 002b:00007f1ab4cd7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 2560.586581] RAX: ffffffffffffffda RBX: 00007f1ab7874f60 RCX: 00007f1ab7761b19 [ 2560.586592] RDX: 0000000020ffd000 RSI: 0000000020000340 RDI: 0000000000005c62 [ 2560.586602] RBP: 0000000020000340 R08: 00000000200003c0 R09: 00000000200003c0 [ 2560.586612] R10: 0000000020000200 R11: 0000000000000202 R12: 00000000200003c0 [ 2560.586622] R13: 0000000020ffd000 R14: 0000000020000200 R15: 0000000020ffc000 [ 2560.586652] 02:55:29 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000000500), &(0x7f0000000540)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x5c62, &(0x7f0000000340)={0x0, 0xb702, 0x10, 0x0, 0x3cd}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000200), &(0x7f00000003c0)) (fail_nth: 64) openat(r0, &(0x7f0000000140)='./file1\x00', 0x404000, 0x180) 02:55:29 executing program 2: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) connect$bt_l2cap(0xffffffffffffffff, &(0x7f00000000c0)={0x1f, 0x0, @any, 0x7, 0x2}, 0xe) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x6a8, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}}, 0xe) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @fixed, 0x40, 0x2}, 0xe) 02:55:29 executing program 1: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0) write$binfmt_aout(r1, &(0x7f0000000c40)=ANY=[], 0x820) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x7fffffff) connect$bt_l2cap(r2, &(0x7f00000000c0)={0x1f, 0x7, @none, 0x8000, 0x2}, 0xe) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @fixed}, 0xe) r3 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000000), 0x600400, 0x0) signalfd(r3, &(0x7f0000000080)={[0x8001]}, 0x8) 02:55:29 executing program 3: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0) write$binfmt_aout(r1, &(0x7f0000000c40)=ANY=[], 0x820) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x7fffffff) bind$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x5, @none, 0x1f, 0x2}, 0xe) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x401, @fixed, 0x0, 0x2}, 0xe) [ 2560.764106] FAULT_INJECTION: forcing a failure. [ 2560.764106] name failslab, interval 1, probability 0, space 0, times 0 [ 2560.764135] CPU: 0 PID: 8649 Comm: syz-executor.7 Not tainted 5.18.0-rc4-next-20220427 #1 [ 2560.764155] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2560.764167] Call Trace: [ 2560.764172] [ 2560.764178] dump_stack_lvl+0x8b/0xb3 [ 2560.764206] should_fail.cold+0x5/0xa [ 2560.764222] ? xas_alloc+0x35d/0x480 [ 2560.764247] ? create_object.isra.0+0x3a/0xa20 [ 2560.764276] should_failslab+0x5/0x10 [ 2560.764305] kmem_cache_alloc+0x5b/0x480 [ 2560.764321] ? mark_held_locks+0x9e/0xe0 [ 2560.764352] create_object.isra.0+0x3a/0xa20 [ 2560.764375] ? kasan_unpoison+0x23/0x50 [ 2560.764403] kmem_cache_alloc_lru+0x2d3/0x7c0 [ 2560.764420] ? xas_alloc+0x35d/0x480 [ 2560.764450] xas_alloc+0x35d/0x480 [ 2560.764479] xas_create+0x35b/0x1030 [ 2560.764514] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 2560.764543] xas_store+0x90/0x1c40 [ 2560.764584] __xa_store+0x16d/0x2d0 [ 2560.764612] ? xa_delete_node+0x270/0x270 [ 2560.764643] ? rwlock_bug.part.0+0x90/0x90 [ 2560.764680] xa_store+0x31/0x50 [ 2560.764706] __io_uring_add_tctx_node+0x1d2/0x390 [ 2560.764732] ? io_eventfd_put+0x50/0x50 [ 2560.764765] io_uring_setup.cold+0x21c1/0x271c [ 2560.764797] ? xfd_validate_state+0x59/0x180 [ 2560.764823] ? io_sqe_files_register+0x230/0x230 [ 2560.764870] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2560.764913] do_syscall_64+0x3b/0x90 [ 2560.764934] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2560.764959] RIP: 0033:0x7f1ab7761b19 [ 2560.764973] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2560.764993] RSP: 002b:00007f1ab4cd7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 2560.765016] RAX: ffffffffffffffda RBX: 00007f1ab7874f60 RCX: 00007f1ab7761b19 [ 2560.765029] RDX: 0000000020ffd000 RSI: 0000000020000340 RDI: 0000000000005c62 [ 2560.765041] RBP: 0000000020000340 R08: 00000000200003c0 R09: 00000000200003c0 [ 2560.765054] R10: 0000000020000200 R11: 0000000000000202 R12: 00000000200003c0 [ 2560.765069] R13: 0000000020ffd000 R14: 0000000020000200 R15: 0000000020ffc000 [ 2560.765103] [ 2572.962640] kmemleak: 4 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 02:55:57 executing program 0: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x0, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x8) 02:55:57 executing program 4: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) bind$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0xab, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x2, 0x2}, 0xe) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0) bind$bt_l2cap(r1, &(0x7f0000000180)={0x1f, 0x1, @any, 0x401}, 0xe) write$binfmt_aout(r1, &(0x7f0000000c40)=ANY=[], 0x820) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x7fffffff) r3 = openat$bsg(0xffffffffffffff9c, &(0x7f00000000c0), 0x101040, 0x0) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r3, 0x40089413, &(0x7f0000000140)) connect$bt_l2cap(r2, &(0x7f0000000080)={0x1f, 0x1f, @none, 0x1}, 0xe) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @fixed}, 0xe) 02:55:57 executing program 1: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(0xffffffffffffffff, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) r7 = gettid() perf_event_open(0x0, r7, 0x1, 0xffffffffffffffff, 0x8) 02:55:57 executing program 3: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @none, 0x0, 0x2}, 0xe) io_uring_register$IORING_UNREGISTER_FILES(0xffffffffffffffff, 0x3, 0x0, 0x0) ioctl$BTRFS_IOC_QGROUP_ASSIGN(r0, 0x40189429, &(0x7f0000000000)={0x0, 0x6, 0x7}) ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, &(0x7f00000001c0)=ANY=[@ANYRESHEX, @ANYRES32=r0, @ANYBLOB="05000000000000002e2f66696c6530009c70d8c7c0410290280ed888872ba443ba31fdfecece42623100a5baf0d2c8fb884db2624b748e9b3e4fa23a3fcc0c07ca12e47af421f1d0d4d3ebc3b6af98f5ad8bc3cea8212b845f2e6a60b4f012cbe7fea1a80b4bc44c4d74a4d4ae133c8de9abc6bc3b1103b6bcc8b80bd41a07e387d07b39a4b664a9c1ff4475e8476475e8a7bc0a10d4"]) connect$bt_l2cap(r1, &(0x7f0000000180)={0x1f, 0xfffc, @any, 0x80, 0x2}, 0xe) 02:55:57 executing program 5: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_open_dev$vcsa(0x0, 0xdda, 0x0) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x0, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, 0xffffffffffffffff) r1 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) ioctl$sock_inet6_tcp_SIOCOUTQNSD(r1, 0x894b, &(0x7f0000000000)) gettid() 02:55:57 executing program 2: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) connect$bt_l2cap(0xffffffffffffffff, &(0x7f00000000c0)={0x1f, 0x0, @any, 0x7, 0x2}, 0xe) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x6a8, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}}, 0xe) 02:55:57 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000000500), &(0x7f0000000540)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x5c62, &(0x7f0000000340)={0x0, 0xb702, 0x10, 0x0, 0x3cd}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000200), &(0x7f00000003c0)) (fail_nth: 65) openat(r0, &(0x7f0000000140)='./file1\x00', 0x404000, 0x180) 02:55:57 executing program 6: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x0, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) r7 = gettid() perf_event_open(0x0, r7, 0x1, 0xffffffffffffffff, 0x8) [ 2589.046223] FAULT_INJECTION: forcing a failure. [ 2589.046223] name failslab, interval 1, probability 0, space 0, times 0 [ 2589.046256] CPU: 1 PID: 8668 Comm: syz-executor.7 Not tainted 5.18.0-rc4-next-20220427 #1 [ 2589.046279] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2589.046294] Call Trace: [ 2589.046299] [ 2589.046307] dump_stack_lvl+0x8b/0xb3 [ 2589.046340] should_fail.cold+0x5/0xa [ 2589.046367] should_failslab+0x5/0x10 [ 2589.046403] kmem_cache_alloc_lru+0x60/0x7c0 [ 2589.046425] ? xas_alloc+0x35d/0x480 [ 2589.046467] xas_alloc+0x35d/0x480 [ 2589.046500] xas_create+0x35b/0x1030 [ 2589.046541] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 2589.046606] xas_store+0x90/0x1c40 [ 2589.046654] __xa_store+0x16d/0x2d0 [ 2589.046687] ? xa_delete_node+0x270/0x270 [ 2589.046723] ? rwlock_bug.part.0+0x90/0x90 [ 2589.046768] xa_store+0x31/0x50 [ 2589.046798] __io_uring_add_tctx_node+0x1d2/0x390 [ 2589.046827] ? io_eventfd_put+0x50/0x50 [ 2589.046866] io_uring_setup.cold+0x21c1/0x271c [ 2589.046907] ? io_sqe_files_register+0x230/0x230 [ 2589.046960] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2589.047002] do_syscall_64+0x3b/0x90 [ 2589.047026] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2589.047055] RIP: 0033:0x7f1ab7761b19 [ 2589.047071] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2589.047091] RSP: 002b:00007f1ab4cd7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 02:55:57 executing program 2: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x6a8, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}}, 0xe) [ 2589.047112] RAX: ffffffffffffffda RBX: 00007f1ab7874f60 RCX: 00007f1ab7761b19 02:55:57 executing program 5: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0) write$binfmt_aout(r1, &(0x7f0000000c40)=ANY=[], 0x820) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x7fffffff) ioctl$VT_SETMODE(r1, 0x5602, &(0x7f0000000000)={0xea, 0x1, 0x7, 0x7fff, 0x1}) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_open_dev$vcsa(0x0, 0xdda, 0x0) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x0, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) gettid() [ 2589.047127] RDX: 0000000020ffd000 RSI: 0000000020000340 RDI: 0000000000005c62 [ 2589.047139] RBP: 0000000020000340 R08: 00000000200003c0 R09: 00000000200003c0 [ 2589.047152] R10: 0000000020000200 R11: 0000000000000202 R12: 00000000200003c0 [ 2589.047165] R13: 0000000020ffd000 R14: 0000000020000200 R15: 0000000020ffc000 [ 2589.047203] [ 2604.040926] kmemleak: 4 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 02:56:19 executing program 6: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x0, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) r7 = gettid() perf_event_open(0x0, r7, 0x1, 0xffffffffffffffff, 0x8) 02:56:19 executing program 4: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @fixed, 0x400, 0x1}, 0x2) 02:56:19 executing program 5: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_open_dev$vcsa(0x0, 0xdda, 0x0) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x0, &(0x7f00000001c0)=0x6, 0x4) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r2, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(r1, r2) dup2(0xffffffffffffffff, r1) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) gettid() ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000056dc0)={0x80000001, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0}], 0x20, "61b5b8e7ca1734"}) r4 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f00000005c0)={0x0, ""/256, 0x0, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r4, 0xd000943d, &(0x7f0000070280)={0x0, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r5}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r6}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r5}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r6}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r5}], 0x5, "af2f1a9317bc6f"}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000057dc0)={0x1, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r3}, {r5}], 0x4, "d61eb9c92b5ecf"}) 02:56:19 executing program 0: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x0, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x8) 02:56:19 executing program 1: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, 0x0) ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x3f, 0x0, 0x0) 02:56:19 executing program 2: connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000000000)={0x1f, 0x6a8, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}}, 0xe) 02:56:19 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000000500), &(0x7f0000000540)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x5c62, &(0x7f0000000340)={0x0, 0xb702, 0x10, 0x0, 0x3cd}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000200), &(0x7f00000003c0)) (fail_nth: 66) openat(r0, &(0x7f0000000140)='./file1\x00', 0x404000, 0x180) [ 2611.147750] FAULT_INJECTION: forcing a failure. [ 2611.147750] name failslab, interval 1, probability 0, space 0, times 0 [ 2611.147772] CPU: 1 PID: 8691 Comm: syz-executor.7 Not tainted 5.18.0-rc4-next-20220427 #1 [ 2611.147784] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2611.147793] Call Trace: [ 2611.147796] [ 2611.147801] dump_stack_lvl+0x8b/0xb3 [ 2611.147821] should_fail.cold+0x5/0xa [ 2611.147832] ? kmem_cache_alloc_lru+0x2d3/0x7c0 02:56:19 executing program 2: connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000000000)={0x1f, 0x6a8, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}}, 0xe) [ 2611.147846] ? create_object.isra.0+0x3a/0xa20 [ 2611.147864] should_failslab+0x5/0x10 [ 2611.147880] kmem_cache_alloc+0x5b/0x480 [ 2611.147890] ? mark_held_locks+0x9e/0xe0 [ 2611.147909] create_object.isra.0+0x3a/0xa20 [ 2611.147924] ? kasan_unpoison+0x23/0x50 [ 2611.147942] kmem_cache_alloc_lru+0x2d3/0x7c0 [ 2611.147952] ? xas_alloc+0x35d/0x480 02:56:19 executing program 3: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @fixed, 0x0, 0x2}, 0xe) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r2, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(r1, r2) sendfile(r1, r0, &(0x7f0000000000)=0x60, 0xfffffffffffff797) [ 2611.147972] xas_alloc+0x35d/0x480 02:56:19 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000000500), &(0x7f0000000540)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x5c62, &(0x7f0000000340)={0x0, 0xb702, 0x10, 0x0, 0x3cd}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000200), &(0x7f00000003c0)) (fail_nth: 67) openat(r0, &(0x7f0000000140)='./file1\x00', 0x404000, 0x180) [ 2611.147990] xas_create+0x35b/0x1030 [ 2611.148012] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 2611.148031] xas_store+0x90/0x1c40 [ 2611.148056] __xa_store+0x16d/0x2d0 [ 2611.148074] ? xa_delete_node+0x270/0x270 [ 2611.148094] ? rwlock_bug.part.0+0x90/0x90 [ 2611.148117] xa_store+0x31/0x50 [ 2611.148134] __io_uring_add_tctx_node+0x1d2/0x390 [ 2611.148152] ? io_eventfd_put+0x50/0x50 [ 2611.148173] io_uring_setup.cold+0x21c1/0x271c [ 2611.148195] ? io_sqe_files_register+0x230/0x230 [ 2611.148223] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2611.148246] do_syscall_64+0x3b/0x90 02:56:19 executing program 4: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0) write$binfmt_aout(r1, &(0x7f0000000c40)=ANY=[], 0x820) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x7fffffff) connect$bt_l2cap(r2, &(0x7f00000000c0)={0x1f, 0x40, @any, 0x7f, 0x1}, 0xe) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0xfffe, @any, 0x4}, 0xe) getsockopt$bt_l2cap_L2CAP_OPTIONS(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000000), &(0x7f0000000080)=0xc) [ 2611.148260] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2611.148275] RIP: 0033:0x7f1ab7761b19 [ 2611.148284] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 02:56:19 executing program 2: connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000000000)={0x1f, 0x6a8, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}}, 0xe) [ 2611.148295] RSP: 002b:00007f1ab4cd7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 2611.148307] RAX: ffffffffffffffda RBX: 00007f1ab7874f60 RCX: 00007f1ab7761b19 [ 2611.148315] RDX: 0000000020ffd000 RSI: 0000000020000340 RDI: 0000000000005c62 02:56:19 executing program 0: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x0, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x8) [ 2611.148321] RBP: 0000000020000340 R08: 00000000200003c0 R09: 00000000200003c0 [ 2611.148328] R10: 0000000020000200 R11: 0000000000000202 R12: 00000000200003c0 [ 2611.148335] R13: 0000000020ffd000 R14: 0000000020000200 R15: 0000000020ffc000 [ 2611.148356] [ 2611.252482] FAULT_INJECTION: forcing a failure. [ 2611.252482] name failslab, interval 1, probability 0, space 0, times 0 02:56:19 executing program 1: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, 0x0) ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x3f, 0x0, 0x0) [ 2611.252502] CPU: 1 PID: 8708 Comm: syz-executor.7 Not tainted 5.18.0-rc4-next-20220427 #1 02:56:19 executing program 6: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x0, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) r7 = gettid() perf_event_open(0x0, r7, 0x1, 0xffffffffffffffff, 0x8) [ 2611.252514] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2611.252523] Call Trace: [ 2611.252526] [ 2611.252534] dump_stack_lvl+0x8b/0xb3 [ 2611.252555] should_fail.cold+0x5/0xa [ 2611.252569] should_failslab+0x5/0x10 [ 2611.252586] kmem_cache_alloc_lru+0x60/0x7c0 [ 2611.252598] ? xas_alloc+0x35d/0x480 [ 2611.252618] xas_alloc+0x35d/0x480 [ 2611.252636] xas_create+0x35b/0x1030 [ 2611.252658] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 2611.252678] xas_store+0x90/0x1c40 [ 2611.252704] __xa_store+0x16d/0x2d0 [ 2611.252721] ? xa_delete_node+0x270/0x270 [ 2611.252741] ? rwlock_bug.part.0+0x90/0x90 [ 2611.252764] xa_store+0x31/0x50 [ 2611.252781] __io_uring_add_tctx_node+0x1d2/0x390 [ 2611.252796] ? io_eventfd_put+0x50/0x50 [ 2611.252818] io_uring_setup.cold+0x21c1/0x271c [ 2611.252840] ? io_sqe_files_register+0x230/0x230 [ 2611.252868] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2611.252891] do_syscall_64+0x3b/0x90 [ 2611.252904] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2611.252920] RIP: 0033:0x7f1ab7761b19 [ 2611.252929] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2611.252940] RSP: 002b:00007f1ab4cd7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 2611.252952] RAX: ffffffffffffffda RBX: 00007f1ab7874f60 RCX: 00007f1ab7761b19 [ 2611.252960] RDX: 0000000020ffd000 RSI: 0000000020000340 RDI: 0000000000005c62 [ 2611.252967] RBP: 0000000020000340 R08: 00000000200003c0 R09: 00000000200003c0 [ 2611.252973] R10: 0000000020000200 R11: 0000000000000202 R12: 00000000200003c0 [ 2611.252980] R13: 0000000020ffd000 R14: 0000000020000200 R15: 0000000020ffc000 [ 2611.253000] [ 2623.919173] kmemleak: 4 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 02:56:39 executing program 3: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @fixed, 0x0, 0x2}, 0xe) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='cgroup.freeze\x00', 0x0, 0x0) bind$bt_l2cap(r1, &(0x7f0000000140)={0x1f, 0x101, @none, 0x22, 0x1}, 0xe) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x4040, 0x158) write$binfmt_aout(r2, &(0x7f0000000c40)=ANY=[], 0x820) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) sendfile(r2, r3, 0x0, 0x7fffffff) connect$bt_l2cap(r3, &(0x7f00000000c0)={0x1f, 0x40, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x2000, 0x2}, 0xe) 02:56:39 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000000500), &(0x7f0000000540)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x5c62, &(0x7f0000000340)={0x0, 0xb702, 0x10, 0x0, 0x3cd}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000200), &(0x7f00000003c0)) (fail_nth: 68) openat(r0, &(0x7f0000000140)='./file1\x00', 0x404000, 0x180) 02:56:39 executing program 0: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x0, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x8) 02:56:39 executing program 6: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x0, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) r7 = gettid() perf_event_open(0x0, r7, 0x1, 0xffffffffffffffff, 0x8) 02:56:39 executing program 2: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x6a8, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}}, 0xe) 02:56:39 executing program 4: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) r1 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) shutdown(r1, 0x1) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @fixed}, 0xe) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x4042, 0x9b) write$binfmt_aout(r2, &(0x7f0000000c40)=ANY=[], 0x820) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) sendfile(r2, r3, 0x0, 0x7fffffff) bind$bt_l2cap(r3, &(0x7f0000000000)={0x1f, 0xef02, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x5bf}, 0xe) 02:56:39 executing program 1: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x0, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x8) 02:56:39 executing program 5: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_open_dev$vcsa(0x0, 0xdda, 0x0) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x0, &(0x7f00000001c0)=0x6, 0x4) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r2, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(r1, r2) ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r2, 0x8982, &(0x7f0000000000)={0x0, 'macvtap0\x00', {0x1}, 0x3}) dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) gettid() [ 2631.048354] FAULT_INJECTION: forcing a failure. [ 2631.048354] name failslab, interval 1, probability 0, space 0, times 0 [ 2631.048375] CPU: 0 PID: 8732 Comm: syz-executor.7 Not tainted 5.18.0-rc4-next-20220427 #1 [ 2631.048388] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2631.048396] Call Trace: [ 2631.048399] [ 2631.048404] dump_stack_lvl+0x8b/0xb3 [ 2631.048424] should_fail.cold+0x5/0xa [ 2631.048434] ? kmem_cache_alloc_lru+0x2d3/0x7c0 [ 2631.048448] ? create_object.isra.0+0x3a/0xa20 [ 2631.048466] should_failslab+0x5/0x10 [ 2631.048482] kmem_cache_alloc+0x5b/0x480 [ 2631.048492] ? mark_held_locks+0x9e/0xe0 [ 2631.048511] create_object.isra.0+0x3a/0xa20 [ 2631.048530] ? kasan_unpoison+0x23/0x50 [ 2631.048548] kmem_cache_alloc_lru+0x2d3/0x7c0 [ 2631.048558] ? xas_alloc+0x35d/0x480 [ 2631.048578] xas_alloc+0x35d/0x480 [ 2631.048596] xas_create+0x35b/0x1030 02:56:39 executing program 5: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_open_dev$vcsa(0x0, 0xdda, 0x0) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x0, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) gettid() fsetxattr$security_capability(0xffffffffffffffff, &(0x7f0000000000), &(0x7f0000000080)=@v3={0x3000000, [{0x200, 0xffff}, {0x6, 0x8}]}, 0x18, 0x3) 02:56:39 executing program 3: stat(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0) write$binfmt_aout(r2, &(0x7f0000000c40)=ANY=[], 0x820) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) sendfile(r2, r3, 0x0, 0x7fffffff) lstat(&(0x7f0000000280)='./file0\x00', &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0}) lchown(&(0x7f0000000140)='./file0\x00', r4, 0xee00) r5 = getgid() ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000600)=0x0) r7 = openat(r3, &(0x7f0000001d40)='./file1\x00', 0x8800, 0x14) preadv(r7, &(0x7f0000002140)=[{&(0x7f0000001d80)}, {&(0x7f0000001dc0)=""/166, 0xa6}, {&(0x7f0000001e80)=""/253, 0xfd}, {&(0x7f0000001f80)=""/192, 0xc0}, {&(0x7f0000002040)=""/167, 0xa7}, {&(0x7f0000002100)=""/7, 0x7}], 0x6, 0xf87f, 0x0) sendmmsg$unix(r2, &(0x7f0000000680)=[{{&(0x7f0000000340)=@abs={0x1, 0x0, 0x4e22}, 0x6e, &(0x7f0000000580)=[{&(0x7f00000003c0)="6d578ed4a6afa75cdf35d8426fad9f230b6a5417b108748a3a7626785563b482b8ba80d3463671336338b08cb54c721f9c306cb9a5bdecd2f5f0cbd04b3714c81a9cf08f1b6ff04eac47bdc54d7c17a54142d431282fa752588f3172e66a14f9146cf5a6679ce2de7068b298f0aeb8ed8e5a3d6ba7837a221782417a3791936338d74dcd3ea42f3e1f7940d05950f1dcd1567ce1180d2705c7e784a65a47e790e31a7c3f0b9e73960055d483c32882361f111451abf8be4935413dd723", 0xbd}, {&(0x7f0000000480)="6f6eda4c6bf1261e58c617925b5ad3e15125dc4f76290fd1660eb2aca801734c22443c06b6cf3c4274b9f55c80c634f5cd66f5a3b460933ba94186beed4e8e4d7d217b071fbdbe8eb39222217b9a418bca44a702ad750ef1bd1d0272aa08e95dbe84c23e1ba5fbdc0b475e4894c72270f1ffc026daab2e62fffa7fcacabced9904ffc4a643e695f126b013cfad342562fd84a20dd6c9d954283c6b1e10fc74913e4b5b1f84ffd9258504a45cac130356993b2b18de68d171c599fc315972af5ed6d6b9db58bb", 0xc6}], 0x2, &(0x7f0000000640)=[@cred={{0x1c, 0x1, 0x2, {0x0, r4, r5}}}, @cred={{0x1c, 0x1, 0x2, {r6, r0, r1}}}], 0x40, 0x1}}], 0x1, 0x4000004) syz_mount_image$tmpfs(&(0x7f00000000c0), &(0x7f0000000100)='./file1\x00', 0x82, 0x0, &(0x7f0000000140), 0x8, &(0x7f0000000240)={[{@huge_advise}, {@huge_advise}, {@nr_blocks={'nr_blocks', 0x3d, [0x2d, 0x36, 0x39]}}, {@size={'size', 0x3d, [0x52, 0x41, 0x5, 0x33, 0x35]}}, {@huge_never}], [{@audit}, {@seclabel}, {@euid_eq={'euid', 0x3d, 0xee00}}, {@hash}, {@smackfsdef={'smackfsdef', 0x3d, '\xaa\xaa\xaa\xaa\xaa'}}, {@fsmagic={'fsmagic', 0x3d, 0x3}}, {@fscontext={'fscontext', 0x3d, 'user_u'}}, {@euid_lt={'euid<', r0}}, {@fscontext={'fscontext', 0x3d, 'system_u'}}]}) syz_mount_image$tmpfs(&(0x7f0000000a40), &(0x7f0000000a80)='./file1\x00', 0x26, 0x3, &(0x7f0000001c40)=[{&(0x7f0000000ac0)="4bc3858e0e009a50b724830bb16a4dffff4ca78266570dd05669ad25ac49ba9d8163319bb122e0d2a1ecf893b231060a92abdd035b777d99652a67a37d4c57bb0d70590a532d80433ea230911da54c9771a8b77f584607f09bb0a607abfd42246e2c09eec7b9", 0x66, 0x4}, {&(0x7f0000000b40)="307663b0591b279e5ea96230c52ab6107028984ca1f454197808bc177ba1adbb01c1a06c594e58093b67fa7af52306cfc036967e0faa665d01cc4ab8a9c60c86ff1f5e781ed6225b371dad1f754fe54c21c3d916f161fd65c67757c79615651fed3f5434314367c62618b09b5e44ca7e1290a2049bfb87ebf2f8c1b07d3b3182038aa623f84d384386bcc2d50cef5a56ff505add4e9e01c5e2c6d8610bf01fa318a6682bbb7963f84743dc9c7b536b7b3726f9dc6a24516c4a26407a55324201a30d5f47d5b1584aa7f7372ef1cacc68b0040d781413a947de52d441028a688c75ee04fdf52e1a0bd406f36f332e598f8ec703afd42f2f03381fef4b39ccb65eb4a55d556d9bb1a4cea7db31f87125d596f2e70a5bab00305db3e56dc2788d5c49fa15aa8541fbb3e8f709bff273f70c8703b0388df7d5d2a6913a9313c7dc067ce2e4f80b89992a3541bc3a784fc50f57dd94906a594ca2fad76fdf1efb91630121b315702fdd8748f88a214e8890dd333ec114461a8cda5be2d62c854eca0190c3c50f1d6b4b1bdf9f2e219d1c1edb1375556536bee20198529afca397a89a98d68df2e385341c1bfc38a6de444d69949f2642c455b184634bb34838e689889380e5a5bf4ef0e2accc9eb3345501c8e18684f3697077b0fd21cefaf1c48d03afa4da5c22f046d911d130fbce5f7db072db3ac883843d1aa525be17f23fe0c4dd8ec74f5757968611097559f95e79ff195226c186084dd485a148c7298c2357dba08593e85e0778adf6180fd565f5d9b4050786048f9428342c36abf084909c581f7558f00d501bda972deb3a1b73d948a1511001fa5152fdde7e8253d658f686ba8deeab92f8aa4b5d083509d50b018c996d5409c548558f051005c3fb44919ed3aa1b639f23c742555ccc508b1d8b372642d5b984c84ce82958d8e7aaa21efb72ee733b581a191f45720f4b89e4c95d71ed7e54e0ebfb9473c3cebc44643ba8e9d357862b1cd89c14e7118c02649b19358480a1463ae3da6e7c1cef66d7055387aa7c40a1b4fe6cbff6daea4b1b8d530a8229fb24b5299fe9333becee039557db06f642e77c845d82c2396b5dba18ead66b3274a8c3e0ac5283cb8b3b601c0d7899fc72df52f4ccbcd03a92f6f5d45ce91999a691a6e5ca82381b993ef16ac8b902fdb51e9a692f279b69d94a131f645bcf49881f11883bc9e266b8f079287fa5f6beacb39e1ffad90f77f479aceee96ec5e899acc2555e30cbcaad963155fca244f2950479314d98c40379ba07cb954e0c38123871ca597de970932c91996d1c1e4d5f53aefe8da464d127acbafafb8f0259cd87fa14f18e25910adcede5eb11865ead316833f31e9512574c2197796afd1a71130677bb73406c5f5703f45fde45a2ebec621983098f19380d41eb7ba8ede03b23a34d5106bb9a7292e6b364e0fc65af2f41d125d8901280395798357d1dcb4bf36be0d010cafa20f5e64d99cf7c2a81658b70ac4b05b8208d0441a3916b026dea8f4f159ab6c1fe1ff9a47936463c8aec6ab7b7fa7d067b17ef644602818681f239408fed3f8da9ba0ef1ae2cab26a11ea62292b122dbc531f0927aa6677cc6f98823c143a1390318d1878f6e01ad47a024704c773fa130a370e65a032849822a2dad5d8343b4870a5760eb0aa7fd4662544c618668238b0706da3bbf2d2048b0a6abdc0b27b8a77fa240b4897eadecc5324672f9c32e6616de797f59669023f587f7380424580d9bdec06b238560b995da48cd173f90f77de23b1ba1b4ff26b4394a43dbe176c4da2c3d5d691c2838553dc292c3160723565b4325515f50469a2ad545e9a64c56e474008108d5a4f667cc08f4b72257fd8591ff831d501e71bb4866de2967f41ef89257c94d0eaca422e8fb0f0c75a00d19ad4caefb60416040150aa1eb366af47eac463f4df8c36dfe7697c25127aaeb63d2f8c8195e20ce64ff5374157cae17264efe0a13a3d95b19ee54e0917d332ff8ec2d71a808a73fee86eff28492d9df220e389f5c01dd671c935cd5f8ec1dff9b29bcbcba542f1c57eb901544ed2014042f8680317dd9d3e7d0a084eb821b32536e8cae7a72175aaf1b91763ec471c5986bda1bc44cfc959c26d490fd079d131567730e785c98992b5f34c5b687d3bd891750583aef1352d5b2c6eea7ac09237ed427cd5fc3e9b033692f51b75421e3103c4755abaf0c82aece1ef4dbfbfd98777ced6a7f2346b7fcde877b352381ae017af0dec9c03c0ad3d5cb706d43a00260e30d00b62d49d0476f3902cba7e733f3cd112dab600f71a1123ae231fdb6a34c16e1c45d1844b7d9df46a78d4c47a0d2b16bc84444e0855ad4ab9e7ace9d3b1b68f190761510c3ea6804ef96527c53299d6564b7e49393aaa63ee9708b0ef0ce86543b20e383d0a15d234a158696d80d8cd8e867e0f54dc3797d413820b2510597a92de7ad44d25b0b91e32624863303dbfdfab028bab87f206808b6dff415357ec6de440dce26c24a8458d4b28fa76b75527eb675a3faed77c0ba2eda12dac364520f855a37c3f8808fd2165f5489c6be89b14b0dafafe37adc2814e6bb38c289bca0bb3cd30209a60723183409997738e711f0e0dddc9245ac9ebbc51bff903c959192c8e7f0431e18a751e4077a2f9d41771cdf669e0d0a02fc18d2ca3d8e37f2638cfca7aa9c765824897d539b184c98ea99020eab83e1d3fdcae449cc31d135891862b59bcec0b2d5066fec95cd73313f9e23ba32ace678106437609600764b60c4f945d3a9b4472920da808c9d15c5a134e450814638207472c072f9ab0654f14787af5a4c16ee93bde637d99f03a2bdd0c1085dc0b0eb226159547f1f314ca6035767a83f6e12ec9b90be16236d1d22e02275ebba1f207c45f2b12ad128310cd2e592fae67d8d05a84eee170a4ae4838c5e2e1e9499057a553192a7f7526d032363685fca74f11aec86ab53a49da581ecb8d17029de36052ab6471e00ea475f6e8879083bc60a63268e82a416e095cf80a51abca30a0dc0545b07854f576aa13a06909a083c5bba5139b6da7ad68c9e13997e5579bb6a331f8716cb1705b7180de0b90b8a0b5d08204b924a4721b0fe4a546d88719a302018a6714d79db73e86ce7f301a2e5e843b74b6a536312a3f6c1d46be6e6e4977826d67ecca37fd923b9789b2a608de0adc0b96044ab17cf9935280d092ff8b568615b215341919319d2e185f3c6c49f8175ddac7d1c8595048b96eb124e7d588378a9818d9c78a93e0663f21748dd6a3502dbcabfb7a91199edc833557364bfc5255aa0f3afb377cc30d0318a29257c2b9fdc649583f54d1d2cdd1be77f327ca7f9e19be0d26a7be98fbbde94bbad360ab7ba5eb3945269fdd511836780fc81383d3969460869ef1a2ab869133d33dd231fa8e4ce44d808b5aeeab57314e46570a00c727864377648dae69c88fb80de836728208d03ff17a7f8ebbc4c5136a918ce3b4b2287dcb242c63245b1a6894182041f21a0eaba5290c8d386010ca4e201168289f98b567530f3687f075d3e0820f67a7196183c697325c8231f0b348aaa920a869115e1a0e7fbebc3dbcae2cdbcd74ef0eec773d0323c8c1431d93ed503b9d574adf368e65afed06a95c795a6785ef8361ea2621add2357e4384f6952dcf674d575c50b9b58219c23806b61f77dab5d3440f65171478d392ef23a1548dd85f35b84c6cf9b517594865b56921f1738b8f7bf4ef08d5c0b04a699b3db2a7cfc69e52fdbc55f3be2670b69e50e0129872b517491edec7c7958d7feac43ad3254b150db20b1dc2c19174980e705ff52f64c6016150ab86300ac57c56731860939af4720784a5f863072f4f8135c99d0a751e062031cab33e8e1eee9bbb44996dd0ca470f8555b8d96586e8e3e675e333bcc5d03cf18f488c971bef8c2c77228a80c46899cd0547753dfd4ad2a693dabf62455cdb2c5e0eb3c69743575fa02e662499b69c93a5b3d1a308eb616c2828d4e2329d7bf975fa82e69b751795e0ecd4eddc4da9d7b86d355bf8145c62f16139656b9808c94a4d1812ea6527921ca59d8cdb075d28a6a4329122df5b7d996bdbb3271780a5cd427e861a6d4d8ae1597c1b9459437f72e93bffe1bef771e112d57c6289cd8ec5f4c0415bc7fcea4d42784281e002808b91d4daae20124286e4d0fb947d3d16ecf080934ffc9b364adf933922d328091f4471edf4012739e3c3dc39762db73e1473497b3d975f59494d7091198e9cbf237d6ec52f42c1c99d7693ec2dae849000b0a774ccc8373a3d7ff40ad45c23a4560cf6f66faba79a14ad951c8994a88b4774c62102c25e4d4810be74147dcaa6508a71d821a1bbeb77d070584ea86241ccb2411a0319a5af8c39810d71cb42d35c75210ae71148f827f0448c074dd1607eeab9c78de8d7a50daa91d1ce7ce622d7ca0bc4509703447dda1a8c8bb77e8a2bca7d03d4307348cdd50932fe065e0f0b6d3f853f66d6a7f277490f7d7e7f751d552eaa4366b58c9fa08a22c3ceea7744580e9279628e1c6218084b8681551995046577b9d1d166c06f4416a3e0ea36cbf459d9090555bd37ce5b12b517b220dedff4cc479f4ee9e1a38a7a8c73ea1d31d2a9ba31dbf83f6bd1c025a8529d6b76eb02ec350a06fcacb2c1b8f9dfa9a262c2421c1ccb48973f6ce4ba1c35accf3a8617bc62c61ecffaa848998e91295e73aa8bf57083f817ea4295dc7a34af95699f0880c6bd6cf084d5b13a9f4e2dc7fa9617d7f2f6f02b92cff656ddbebcc22bd91c3cfa734db02ab27118f4911ad6b7e428b702609f6b7fcd0ce72ea9a944218b90a307a7f6b372d40ea443285b244e0d7d75ff459c9b61a2b73bc079ffc3f98e53dafa470cc794d765155d175637d252a116ce9fd9b6fdd905e5badc9834c45c6af907a0f49ab20f94d342d3aa0bcdc7959847054f6ad2ac226b2e3486a7894a7a643646804716b3d9ff7bf887351a1adfd68b3f01200cb72ffcf45a02a002022405723eb63571e4244215bad318fd5bc5b11c475c9de17dbe563626e686a2f3659218b8018366c296178d344ecc03ac741bcd89f00283d6e1ceb735df3dd1cd25b98ccfdd31655ae3af5b06e3d302c85437d38886fa6728c1ded923ee2e88a21ae4902a213d9b86dacaa2f16312df12cf7be8920d526dbfcf0abd9d1c525b8e153b7950bde78c3e312154f94009ce9363b244b3936e83e32c4d4cb56a17d68f17709fa4e528d4f2a03907035d5c491a993aec334f24b7e9536c532e87c5229c1a3f0f9634d7518faad462a0ff600ed010bb800af56274dc8c209ac16dd5d64adb79c8ba4e0d3fdbef20718c339214b8cfa9cb1cfe72ce5fb3476dfb6da48a38b5134d30bba0d086d9e3cbeec1470810a4ad68004b285d8a2faad36ad4682d62c37f82edae1d0d25945247105db28afccc6e976e653941c1e54b2f4f652dac0878bbbb0c73e1b61e417e32a15301007b77579574ff491325809bf1e8726ace15a49941ea7523bd28e1bbbe72d640f0dace37bfe8b1609a8040e7005fc09da8f6df32320752080ab6494dabd6eb900cd77385bf7178983a120abb56049eb9a8d7242a6fa1a41834451dcb9b6a8d64bdfe670a779fc087f8db597df7b3c57925655793ae39f369d738f2480d6e053fb95b532cafaf01b4946e66d98e1be520fb9f73285386be68367370df48f5e5abd343b0dabf6555bfbff707af9a61403d206893c9f0c7d4834a2375006eb4334ff73b5f73b316e7b979e66c94c0541395936", 0x1000, 0x1}, {&(0x7f0000001b40)="7e25d728e8d66923fb2fb1a84c24880c93f90b296ddc7e70cf560f2b527b57bed2bc16143b6847f387beef3fabc3c7098d60b45c8354155132480f9865bba713d47779656d5016fb683c6b0e09e7866a16b8f17d2a5097934567cd6efb17c28333097de2b5f1bd44a1d029ccc3209e5deec7500837b04bd6d2290f0459ca2ddf31dc155b249e7a1720d1ef7b2f6ac1b40f613e6ef79890606c8d2f734a8dd6c1ec395fc7f5ad6a49bf4e14025bb8c6129a643afe529c050bdce86cc7d5d868de2d58fcbd2de15b3c46f41b7dbe6e5425b52b", 0xd2, 0x80}], 0x10, &(0x7f0000001cc0)={[{@huge_always}, {@huge_within_size}], [{@dont_measure}, {@dont_appraise}, {@rootcontext={'rootcontext', 0x3d, 'system_u'}}, {@defcontext={'defcontext', 0x3d, 'user_u'}}]}) openat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0xc000, 0x82) r8 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f0000000000)={{0x1, 0x1, 0x18, r8, @in_args={0x1}}, './file0\x00'}) connect$bt_l2cap(r9, &(0x7f0000000080)={0x1f, 0x8, @none, 0x1, 0x1}, 0xe) syz_mount_image$vfat(&(0x7f00000005c0), &(0x7f00000006c0)='./file0\x00', 0x1, 0x4, &(0x7f0000000940)=[{&(0x7f0000000700)="df89f07c82518890386494d849019c427a2acbb3e370d807248d7cd03a36580a9175da0fee5d11cae9b083838347d1b3272173bfa12db6254eedcc6fb91f5ebac08c5245dd0d6ed94542784c7ea7614dcb0fd1fdd6289d62327391d2e5e93564e829c38f73f7b68b2daae44bb0b8f9dbfc7ed9e567d726ca86498c1cd78f4520f3f465be37a71cdf3a0084cddb3e4c8db137560b72661fe71c75cd0653180f95a1535853971518c16983973fb4c9f72e315b01ae2446e8e690f663adb169ce2deef74496eed82f12db738bbbdc4fa4072666812e04c877823403c74081b8", 0xde, 0x7}, {&(0x7f0000000800)="2c97843b1913e9784f57e8af960e6e2cc89246255e81c570b6dd6a3842424bc32ee76f85bbacdc6bd8a9e9e3cf32a9ffc895dcf7c4", 0x35, 0x19}, {&(0x7f0000000840)="5b50ddd3d4fed3076e8167cb4483da56a89d6000e8f8a2ad41e8bec00181d8722bf48c29fe7122b61762877784e0d9e75b9d1c105609a81a30fe6ea8b507ed0887bbab0c788dc270a7ab51e508be553c0a92b263a638", 0x56, 0x7fff}, {&(0x7f00000008c0)="0002daf8565ecb01ee98219d867a9d56d39899d1b8ffac22ad628d7aeec3d73ff0f0bfa6fe03d1dd7431f23a757f9fa05232ff85427eb400f03c5a3d7c89e33113c986f17a77135081bf12e9487394bbbe7ce9ef863612b1346c19d04f94f3ad365fed9ee3a99172cbbe12c695c954ccdd39cd8bb84041d73c980636951b56", 0x7f, 0x7960}], 0x908400, &(0x7f00000009c0)={[{@utf8}, {@numtail}, {@utf8}], [{@euid_gt={'euid>', r0}}, {@fsmagic={'fsmagic', 0x3d, 0x8}}]}) connect$bt_l2cap(r8, &(0x7f0000000040)={0x1f, 0x1, @fixed, 0x0, 0x2}, 0xe) [ 2631.048618] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 2631.048636] xas_store+0x90/0x1c40 [ 2631.048662] __xa_store+0x16d/0x2d0 [ 2631.048679] ? xa_delete_node+0x270/0x270 [ 2631.048699] ? rwlock_bug.part.0+0x90/0x90 [ 2631.048722] xa_store+0x31/0x50 02:56:39 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000000500), &(0x7f0000000540)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x5c62, &(0x7f0000000340)={0x0, 0xb702, 0x10, 0x0, 0x3cd}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000200), &(0x7f00000003c0)) (fail_nth: 69) openat(r0, &(0x7f0000000140)='./file1\x00', 0x404000, 0x180) [ 2631.048739] __io_uring_add_tctx_node+0x1d2/0x390 [ 2631.048754] ? io_eventfd_put+0x50/0x50 [ 2631.048775] io_uring_setup.cold+0x21c1/0x271c [ 2631.048797] ? io_sqe_files_register+0x230/0x230 02:56:39 executing program 6: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x0, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) r7 = gettid() perf_event_open(0x0, r7, 0x1, 0xffffffffffffffff, 0x8) [ 2631.048826] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2631.048848] do_syscall_64+0x3b/0x90 [ 2631.048861] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2631.048877] RIP: 0033:0x7f1ab7761b19 [ 2631.048886] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2631.048897] RSP: 002b:00007f1ab4cd7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 2631.048909] RAX: ffffffffffffffda RBX: 00007f1ab7874f60 RCX: 00007f1ab7761b19 [ 2631.048916] RDX: 0000000020ffd000 RSI: 0000000020000340 RDI: 0000000000005c62 [ 2631.048923] RBP: 0000000020000340 R08: 00000000200003c0 R09: 00000000200003c0 [ 2631.048930] R10: 0000000020000200 R11: 0000000000000202 R12: 00000000200003c0 [ 2631.048937] R13: 0000000020ffd000 R14: 0000000020000200 R15: 0000000020ffc000 02:56:39 executing program 0: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x0, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x8) 02:56:39 executing program 5: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/mdstat\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_open_dev$vcsa(0x0, 0xdda, 0x0) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, 0x0) ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x401c5820, &(0x7f0000000040)={0x6, 0x80000000, 0x6, 0x2, 0xd5cc}) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x0, &(0x7f00000001c0)=0x6, 0x4) r2 = syz_open_procfs$userns(0xffffffffffffffff, &(0x7f0000000000)) sendfile(r1, r2, &(0x7f0000000080), 0x5) dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) gettid() [ 2631.048957] 02:56:39 executing program 2: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x6a8, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}}, 0xe) [ 2631.198084] FAULT_INJECTION: forcing a failure. [ 2631.198084] name failslab, interval 1, probability 0, space 0, times 0 [ 2631.198121] CPU: 1 PID: 8747 Comm: syz-executor.7 Not tainted 5.18.0-rc4-next-20220427 #1 [ 2631.198148] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2631.198164] Call Trace: [ 2631.198170] [ 2631.198178] dump_stack_lvl+0x8b/0xb3 [ 2631.198214] should_fail.cold+0x5/0xa [ 2631.198245] should_failslab+0x5/0x10 [ 2631.198279] kmem_cache_alloc_lru+0x60/0x7c0 [ 2631.198302] ? xas_alloc+0x35d/0x480 [ 2631.198345] xas_alloc+0x35d/0x480 [ 2631.198383] xas_create+0x35b/0x1030 [ 2631.198431] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 2631.198473] xas_store+0x90/0x1c40 [ 2631.198535] __xa_store+0x16d/0x2d0 [ 2631.198572] ? xa_delete_node+0x270/0x270 [ 2631.198615] ? rwlock_bug.part.0+0x90/0x90 [ 2631.198666] xa_store+0x31/0x50 [ 2631.198701] __io_uring_add_tctx_node+0x1d2/0x390 [ 2631.198735] ? io_eventfd_put+0x50/0x50 [ 2631.198781] io_uring_setup.cold+0x21c1/0x271c [ 2631.198828] ? io_sqe_files_register+0x230/0x230 [ 2631.198890] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2631.198937] do_syscall_64+0x3b/0x90 [ 2631.198965] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2631.198998] RIP: 0033:0x7f1ab7761b19 [ 2631.199017] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 02:56:39 executing program 3: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) r1 = openat2(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)={0x10000, 0x10, 0x1a}, 0x18) r2 = openat$cdrom(0xffffffffffffff9c, &(0x7f00000000c0), 0x101000, 0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) r4 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r4, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(r3, r4) r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000100)='cpuacct.usage_user\x00', 0x0, 0x0) io_uring_register$IORING_REGISTER_FILES_UPDATE(r1, 0x6, &(0x7f0000000180)={0xc8e7, 0x0, &(0x7f0000000140)=[r2, r4, r5, r0, r0, r0]}, 0x6) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @fixed, 0x0, 0x2}, 0xe) [ 2631.199040] RSP: 002b:00007f1ab4cd7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 02:56:39 executing program 2: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x6a8, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}}, 0xe) [ 2631.199065] RAX: ffffffffffffffda RBX: 00007f1ab7874f60 RCX: 00007f1ab7761b19 [ 2631.199081] RDX: 0000000020ffd000 RSI: 0000000020000340 RDI: 0000000000005c62 [ 2631.199096] RBP: 0000000020000340 R08: 00000000200003c0 R09: 00000000200003c0 [ 2631.199110] R10: 0000000020000200 R11: 0000000000000202 R12: 00000000200003c0 [ 2631.199125] R13: 0000000020ffd000 R14: 0000000020000200 R15: 0000000020ffc000 [ 2631.199169] 02:56:39 executing program 2: syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000000000)={0x1f, 0x6a8, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}}, 0xe) [ 2647.145431] kmemleak: 4 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 02:57:03 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000000500), &(0x7f0000000540)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x5c62, &(0x7f0000000340)={0x0, 0xb702, 0x10, 0x0, 0x3cd}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000200), &(0x7f00000003c0)) (fail_nth: 70) openat(r0, &(0x7f0000000140)='./file1\x00', 0x404000, 0x180) 02:57:03 executing program 0: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x0, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x8) 02:57:03 executing program 4: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_PAUSE_SET(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000500)=ANY=[@ANYBLOB="14000000", @ANYRES16=r2, @ANYBLOB="0108000000c4b33e3bfe1a"], 0x14}}, 0x0) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @fixed}, 0xe) 02:57:03 executing program 3: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'erspan0\x00'}) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @fixed, 0x0, 0x2}, 0xe) getsockopt$bt_BT_CHANNEL_POLICY(r0, 0x112, 0xa, &(0x7f0000000000)=0x4, &(0x7f0000000080)=0x4) 02:57:03 executing program 6: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x0, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) r7 = gettid() perf_event_open(0x0, r7, 0x1, 0xffffffffffffffff, 0x8) 02:57:03 executing program 5: openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_open_dev$vcsa(0x0, 0xdda, 0x0) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0) write$binfmt_aout(r0, &(0x7f0000000c40)=ANY=[], 0x820) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x7fffffff) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) pwrite64(r1, &(0x7f0000000680)="d7fbde4102ef417207ac314d32c2a9192dbd43530c98058e423abd36c78d7d19f65d08a447ae7a9e4b565b3933955b5cf31287c122835d7dbe0e3c318073e2523157322bc4b13a6de4b3f14dd354e44174b70fa58cf0fe3d71bb2bb15882c9f1fc0894f2a9e17477062add29ffdd1bc29d986bfc2b86438d653c3e8274f99c8bf5aa833dddc1fad76e31d2610bca801dda2f066b505aff889d80e0c3840b95abc3eac7bf652fd6e2d929538c6fb418455f", 0xb1, 0x6) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x0, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, 0xffffffffffffffff) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file1\x00', 0x9, 0x4, &(0x7f0000000140)=[{&(0x7f0000000200)="d6c6500f5c94f2e94db5f5b32834f0f9d1f7cee0e5575d4a53df4b08a402c2b1f88592714f4f4ed6fa0056dd4eaf7e972b907b4949472ba13dd42e18dc2188659a5229416abb48d7bda7d991c10c5a8589b7ecde8d65599694124321ede8d88fe422fec48cd176df67ad6372e0367fe09c53d898e517a4792a30a230f693c538e3ddf4449735adce5e56273f98fa51668fdbac34c38957e2fac6b260e6b378374fcc5cd5114587278c54e5ea7b41e337dce0c970f29da5dacf4afee866baaddae63783552b2015661feda0644742beb0be661ae7702230c5c207d28d64f1b46dfa", 0xe1, 0x5}, {&(0x7f0000000300)="49667ae42248c816576be9290425e9133686039c9a6ca9a07ca2520e994b3317c3a8832b5d55a8d8ed00d701c33f13d3830c4f0fe13c35bab2aa64da01a4f112588e077f7a8cd19b134f4ba9225715fbe3d0e460218a0ed90bb6e488f05632322c15e21af16eaa045300f26a18546fe89b6065ff03514dbd5492fca78f55d97a59cf7e98544c24104ea0ab77f8fe8eda2b5240b949b753e97890f671ad1cf960e5bdb5d7e66ab7b8a772b49db4391441946a227f25ed519f1d6917a06c128bb09691722464553cdba37032e40301de177186a233cc6f6033cfb05bf79fe8c7942334f510bc543fc9cafb413dd2bfbbe3d65888f140fb7aef0590811d23", 0xfd, 0x5fba}, {&(0x7f0000000400)="009aa4eb05f2dd0723b9d0889952f58d31ec2d2fb7abdc3368616fe3b25bfca10175ad8f03ee0dccfbc0f980d5beabb453eaef3c0a81df7b04e7d34dc79d35c495de6a275c2f57c8851f0ca26d3cc7fc92e23ac4a1e997e0fb8933eb41cdc1c9644d7f550938e2ad15039a8b0f7c4f81cba40f4efe0b3ebc9d91138d34f34a1fb42273e2feeda02c5aa5d7239b17fd1c95e012fbc747d588da82308e68c74e7e7af3d93fb9d8bd363413d691f96fd0510ad0b41f58fd11d1e96dfbe48b7f73db560947a505c6a820c3d9b25f0d3de421fea234bfb579e045c4d4f8836a4c4ffd87a74940", 0xe4, 0xc0}, {&(0x7f0000000500)="818c23a7be3fd8727f8d193afe9821eb926209cab2c444a67a2d1fc8487f5eb47130e4b15c70b5318d1a6a5c09a44cca7d89d26dfa5d1fcd5d85ac7e664ad69d5f35e2d984cbd8b018542dba9c2440c3936f691a6dd25f5e3b47a283d674383e7c0b2fdc32d43c28642ca02eff032eea36531f677c0b3eea8bfdce67ff26cd57ea6e3e6bb65b18a03c50a555982ef7e1b7543d81a2a6d28e12dec1c9eda0f4ca69aefdca", 0xa4, 0xfffffffffffffffe}], 0x1000, &(0x7f00000005c0)={[{@uni_xlateno}, {@utf8no}], [{@seclabel}, {@appraise}, {@mask={'mask', 0x3d, '^MAY_APPEND'}}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@smackfshat={'smackfshat', 0x3d, '/proc/keys\x00'}}, {@fowner_eq}, {@subj_type={'subj_type', 0x3d, '(}'}}]}) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) gettid() 02:57:03 executing program 2: syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000000000)={0x1f, 0x6a8, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}}, 0xe) 02:57:03 executing program 1: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x0, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x8) [ 2654.987276] FAULT_INJECTION: forcing a failure. [ 2654.987276] name failslab, interval 1, probability 0, space 0, times 0 [ 2654.987309] CPU: 0 PID: 8789 Comm: syz-executor.7 Not tainted 5.18.0-rc4-next-20220427 #1 [ 2654.987332] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2654.987347] Call Trace: [ 2654.987352] [ 2654.987360] dump_stack_lvl+0x8b/0xb3 [ 2654.987392] should_fail.cold+0x5/0xa 02:57:03 executing program 6: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x0, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) r7 = gettid() perf_event_open(0x0, r7, 0x1, 0xffffffffffffffff, 0x8) [ 2654.987417] ? kmem_cache_alloc_lru+0x2d3/0x7c0 [ 2654.987442] ? create_object.isra.0+0x3a/0xa20 [ 2654.987475] should_failslab+0x5/0x10 [ 2654.987504] kmem_cache_alloc+0x5b/0x480 [ 2654.987523] ? mark_held_locks+0x9e/0xe0 [ 2654.987567] create_object.isra.0+0x3a/0xa20 [ 2654.987595] ? kasan_unpoison+0x23/0x50 [ 2654.987628] kmem_cache_alloc_lru+0x2d3/0x7c0 [ 2654.987647] ? xas_alloc+0x35d/0x480 [ 2654.987684] xas_alloc+0x35d/0x480 [ 2654.987717] xas_create+0x35b/0x1030 02:57:03 executing program 2: syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000000000)={0x1f, 0x6a8, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}}, 0xe) [ 2654.987758] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 2654.987792] xas_store+0x90/0x1c40 [ 2654.987840] __xa_store+0x16d/0x2d0 [ 2654.987872] ? xa_delete_node+0x270/0x270 [ 2654.987909] ? rwlock_bug.part.0+0x90/0x90 [ 2654.987953] xa_store+0x31/0x50 [ 2654.987983] __io_uring_add_tctx_node+0x1d2/0x390 [ 2654.988012] ? io_eventfd_put+0x50/0x50 [ 2654.988051] io_uring_setup.cold+0x21c1/0x271c [ 2654.988091] ? io_sqe_files_register+0x230/0x230 [ 2654.988146] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2654.988188] do_syscall_64+0x3b/0x90 [ 2654.988212] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2654.988241] RIP: 0033:0x7f1ab7761b19 [ 2654.988257] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2654.988277] RSP: 002b:00007f1ab4cd7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 2654.988298] RAX: ffffffffffffffda RBX: 00007f1ab7874f60 RCX: 00007f1ab7761b19 [ 2654.988312] RDX: 0000000020ffd000 RSI: 0000000020000340 RDI: 0000000000005c62 [ 2654.988325] RBP: 0000000020000340 R08: 00000000200003c0 R09: 00000000200003c0 [ 2654.988338] R10: 0000000020000200 R11: 0000000000000202 R12: 00000000200003c0 [ 2654.988351] R13: 0000000020ffd000 R14: 0000000020000200 R15: 0000000020ffc000 [ 2654.988389] [ 2671.309738] kmemleak: 20 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 02:57:29 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000000500), &(0x7f0000000540)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x5c62, &(0x7f0000000340)={0x0, 0xb702, 0x10, 0x0, 0x3cd}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000200), &(0x7f00000003c0)) (fail_nth: 71) openat(r0, &(0x7f0000000140)='./file1\x00', 0x404000, 0x180) 02:57:29 executing program 6: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x0, 0x0, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) r7 = gettid() perf_event_open(0x0, r7, 0x1, 0xffffffffffffffff, 0x8) 02:57:29 executing program 4: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, &(0x7f0000000000)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) connect$bt_l2cap(r1, &(0x7f00000000c0)={0x1f, 0x9, @none, 0x33e}, 0xe) bind$bt_l2cap(r1, &(0x7f0000000080)={0x1f, 0x400, @none, 0x2, 0x1}, 0xe) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @fixed}, 0xe) 02:57:29 executing program 3: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) bind$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0xfffa, @any, 0x3, 0x2}, 0xe) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @fixed, 0x0, 0x2}, 0xe) socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r1, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) r3 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r3, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(r2, r3) ioctl$sock_TIOCOUTQ(r1, 0x5411, &(0x7f0000000240)) r4 = openat2(0xffffffffffffffff, &(0x7f0000000180)='./file0\x00', &(0x7f0000000200)={0x80002, 0x11, 0x4}, 0x18) dup2(r3, r4) pwrite64(r1, &(0x7f0000000080)="ecce507132c72a1cfb37e10b5bf00cf35d48bed8bc635bcc91d31b00d94793ddacc1ad294c3d61d6a667b159e91c7f1d973aa07fd704ab0146651666c6e1f09a9cce0705b9a00a86ecebbf5e1472e3636281e89b1f189d3d70f8aa8b590e866addd5d3bbaf6393feceafc35015f5509854e471146a57d4fef9a33d97c732f97d34b8374146f0fb447710961f6883dc60ebff7fcf34b4afdc16e868a6d7e30c5a9984f8adc7665676aa3e5fd0f2792018a5a2b34397da711baa8aa32ec1a147f9f9585accfb88af7f38a29a4127edad54316391c9e1317990c602f3fc716c46a46508e90b1f53a7a0182fd81c0eeec812d5", 0xf1, 0xfc) 02:57:29 executing program 0: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x0, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x8) 02:57:29 executing program 2: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) connect$bt_l2cap(r0, 0x0, 0x0) 02:57:29 executing program 1: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x0, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x8) 02:57:29 executing program 5: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/schedstat\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_open_dev$vcsa(0x0, 0xdda, 0x0) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x0, &(0x7f00000001c0)=0x6, 0x4) r2 = dup2(0xffffffffffffffff, 0xffffffffffffffff) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0) lstat(&(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)) syz_genetlink_get_family_id$nl80211(&(0x7f0000000340), r1) sendmsg$NL80211_CMD_TDLS_OPER(r2, &(0x7f0000000240)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000200)={&(0x7f0000000400)=ANY=[@ANYRESHEX, @ANYRESHEX, @ANYBLOB="100027bd7000fddbdf255109000008000300", @ANYRES32=0x0, @ANYBLOB="0ca9fbe4f4e2012abb009900010000004200000005008a00010019b59036243800000a000600ffffffffffff000003bb861b92d8d49fdb54710fa7d8cbfa7e0d39818666fdd37552267d9402ab731280d21e99653573ef7b0667c500e612758cc50e1eaeed4ea54e9833cfd340ddd651c3be17f119b60a305aca40d697bf2e271e3e4cd451f7c583d0475579c471496ae6278318a3ec380db9d5b1b1a1000d785ac3188164589044ad6ad69c5794d6a59a1ccf4ca84039ad9d3620d99b0cb2e9a22c52b350eccc0c5ae7d870a2bda1ac89b6c235dd9db9c9c4c58d7b42c9887c86237287eff25af62a3882dbbbce70fc5d1bbdc281fb67965425c79267257a"], 0x44}, 0x1, 0x0, 0x0, 0x240001c1}, 0x8001) write$binfmt_aout(r3, &(0x7f0000000c40)=ANY=[], 0x820) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) sendfile(r3, r4, 0x0, 0x7fffffff) getsockopt$inet_mreqn(r1, 0x0, 0x20, &(0x7f0000000380)={@multicast1, @multicast1}, &(0x7f00000003c0)=0xc) ioctl$HIDIOCGPHYS(r3, 0x80404812, &(0x7f0000000000)) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) gettid() [ 2681.365351] FAULT_INJECTION: forcing a failure. [ 2681.365351] name failslab, interval 1, probability 0, space 0, times 0 [ 2681.365384] CPU: 1 PID: 8824 Comm: syz-executor.7 Not tainted 5.18.0-rc4-next-20220427 #1 [ 2681.365408] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2681.365422] Call Trace: [ 2681.365427] [ 2681.365434] dump_stack_lvl+0x8b/0xb3 [ 2681.365468] should_fail.cold+0x5/0xa [ 2681.365495] should_failslab+0x5/0x10 [ 2681.365531] kmem_cache_alloc_lru+0x60/0x7c0 [ 2681.365552] ? xas_alloc+0x35d/0x480 [ 2681.365589] xas_alloc+0x35d/0x480 [ 2681.365622] xas_create+0x35b/0x1030 02:57:30 executing program 2: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) connect$bt_l2cap(r0, 0x0, 0x0) [ 2681.365663] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 2681.365699] xas_store+0x90/0x1c40 [ 2681.365746] __xa_store+0x16d/0x2d0 [ 2681.365779] ? xa_delete_node+0x270/0x270 [ 2681.365815] ? rwlock_bug.part.0+0x90/0x90 [ 2681.365859] xa_store+0x31/0x50 [ 2681.365889] __io_uring_add_tctx_node+0x1d2/0x390 [ 2681.365918] ? io_eventfd_put+0x50/0x50 [ 2681.365957] io_uring_setup.cold+0x21c1/0x271c [ 2681.365997] ? io_sqe_files_register+0x230/0x230 [ 2681.366051] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2681.366092] do_syscall_64+0x3b/0x90 [ 2681.366117] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2681.366146] RIP: 0033:0x7f1ab7761b19 [ 2681.366161] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2681.366181] RSP: 002b:00007f1ab4cd7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 2681.366202] RAX: ffffffffffffffda RBX: 00007f1ab7874f60 RCX: 00007f1ab7761b19 [ 2681.366216] RDX: 0000000020ffd000 RSI: 0000000020000340 RDI: 0000000000005c62 [ 2681.366229] RBP: 0000000020000340 R08: 00000000200003c0 R09: 00000000200003c0 [ 2681.366242] R10: 0000000020000200 R11: 0000000000000202 R12: 00000000200003c0 02:57:30 executing program 3: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @fixed, 0x0, 0x2}, 0xe) connect$bt_l2cap(r0, &(0x7f00000000c0)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0xad, 0x1}, 0xe) setsockopt$inet6_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000080), 0x4) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0) write$binfmt_aout(r1, &(0x7f0000000c40)=ANY=[], 0x820) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x7fffffff) getsockopt$bt_l2cap_L2CAP_OPTIONS(r2, 0x6, 0x1, &(0x7f0000000100), &(0x7f0000000140)=0xc) setsockopt$inet6_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000000), 0x4) [ 2681.366254] R13: 0000000020ffd000 R14: 0000000020000200 R15: 0000000020ffc000 [ 2681.366292] 02:57:30 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000000500), &(0x7f0000000540)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x5c62, &(0x7f0000000340)={0x0, 0xb702, 0x10, 0x0, 0x3cd}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000200), &(0x7f00000003c0)) (fail_nth: 72) openat(r0, &(0x7f0000000140)='./file1\x00', 0x404000, 0x180) 02:57:30 executing program 1: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x0, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x8) 02:57:30 executing program 5: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) r2 = syz_open_dev$vcsa(0x0, 0xdda, 0x0) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x0, &(0x7f00000001c0)=0x6, 0x4) r3 = dup2(0xffffffffffffffff, 0xffffffffffffffff) r4 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) lstat(&(0x7f0000000280)='./file0\x00', &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0}) lchown(&(0x7f0000000140)='./file0\x00', r5, 0xee00) recvmmsg$unix(r2, &(0x7f0000002200)=[{{&(0x7f0000000480)=@abs, 0x6e, &(0x7f0000000580)=[{&(0x7f0000000500)=""/112, 0x70}], 0x1, &(0x7f00000005c0)=[@cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0x0}}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0xe0}}, {{&(0x7f00000006c0)=@abs, 0x6e, &(0x7f0000001b40)=[{&(0x7f0000000740)=""/192, 0xc0}, {&(0x7f0000000800)=""/73, 0x49}, {&(0x7f0000000880)=""/155, 0x9b}, {&(0x7f0000000940)=""/238, 0xee}, {&(0x7f0000000a40)=""/4096, 0x1000}, {&(0x7f0000001a40)=""/223, 0xdf}], 0x6}}, {{&(0x7f0000001bc0), 0x6e, &(0x7f00000020c0)=[{&(0x7f0000001c40)=""/26, 0x1a}, {&(0x7f0000001c80)=""/119, 0x77}, {&(0x7f0000001d00)=""/142, 0x8e}, {&(0x7f0000001dc0)=""/126, 0x7e}, {&(0x7f0000001e40)=""/194, 0xc2}, {&(0x7f0000001f40)=""/2, 0x2}, {&(0x7f0000001f80)=""/212, 0xd4}, {&(0x7f0000002080)=""/59, 0x3b}], 0x8, &(0x7f0000002580)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000014000000000000000100000001000000", @ANYRES32, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c001100000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0094b2003ca01d1f198e22bbc0d861450202ec7fa463a59725b463b4064ce15aa019e249e66e5b9055893c724680a9ee03cc862c11b08a0fe0392c82e8eaddf68b867957289425bd270a1fdaa7b34fd1c584676bd42d1c0d2037d641392f22562bbfd648765a704b54a5c955e761a06445c67fa08b187a8764896f15fb8abfe9100c1acbf55e6cb6c6f86f9e8db27ff11e6365422283538e6900262eac6ae1ff6907e1ea8f8152932a0d70b2d2b2cee7"], 0x98}}], 0x3, 0x2, &(0x7f00000022c0)) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) r8 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r8, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(r7, r8) r9 = dup2(r0, r1) sendmsg$unix(0xffffffffffffffff, &(0x7f0000002380)={&(0x7f0000000080)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000000000)=[{&(0x7f0000000100)="f9ec5b0b73566fe361610a1fb2b8e03731878ac2dea8f440fd8bbbb95ba655686d816eaf538123ff540c47e81e233042d25f312ac8e3d3797f2c1b95ae3b593331f82f0e6980ab2f1aaf37cc70663ebd546f443b9f9ee63fc04caa8968ecc989", 0x60}, {&(0x7f0000000200)="88c5d477d75023ad5882505c9bc459bc33b8e45d1dd3c138f051abe094f7e5b0f278342f6e1e7cf8a8cfd18a0fb93ddb8ee4ed8f9b809b0f9abafddeada95c1302e05bc478dbbbe189a55d2f9d81e7f345d68ab8ac6c1ed243e61f3075307d1959cc23f51db35a9c1b55e60e40b64b8c3c709208ec305e6a338f82b60ff405066d1e0239eeb3e5cba5af6a1ca497f14486e5bc9798faf1ebde9ace05bcfd0ce05ff8ff9499f01b39493c2a563e1773ebe015a7fb310d3441c95f91d3237ffec419a587a4991ed2744d8378740ea7fede1a7e", 0xd2}, {&(0x7f0000000300)="9065a7c6f4795600186b3f2cc8cac015c294b8875f8c7de6abd26b19ab9d71ba460e765e773dd4099b813354955eebfe73cc0ca661f70f0ca5dfbefbd4d801a188244a3f841d1bed55df5c7d69ef0c788839135d3bdcc1d3549c79a5923295ad8cd5253f4a75e070511db3f3f9bb30f79b89421b7ca7f2c7bb09b481e5b6fa856431d5616f852e5b7215ff49203e74add46e84d848fa6ae439055a32da0b96705f704418481846f2", 0xa8}, {&(0x7f00000003c0)="3ac49ecc9673733c557223590aa27cb98395d9e0b1c528aeda3d1e6b28a62b873dc32f0061961c502bd426cea21222cf1973bee191dee7354f64d810d65d7e55ba64aae9907c93262b3347d267e7b8f334ef018feeaf149a64022ee66787b1e36e2b41e5e176782afca96897634bc696eb95b1e086aa9a4c7eee77ed77d306dede6f1a80d31c512d281657740690254411fd8a9fe9892f85674db7607d8d138f127d", 0xa2}], 0x4, &(0x7f0000002440)=ANY=[@ANYBLOB="24000000000000000100000001000000", @ANYRES32, @ANYRES32=r4, @ANYRES32, @ANYRES32=r4, @ANYRES32, @ANYBLOB="000000001c000000000000000100000002000020", @ANYRES32, @ANYRES32=r5, @ANYRES32=r6, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32=r7, @ANYRES32=r9, @ANYRES32=r3, @ANYBLOB="00000000e89ef6bad05731515ddb6e0d7c55f3068d169c343c2a470b253f0e05ea748d70040d93923a9b5ae61a0be74acc1cef4e90a62fc7ab9b5da0903cfa8eb675ee35bea45f6e06935bb3090b1ffb9540e2f78bcb1cc2931ce1ba6742794bf785fe217afdc316543630859a6f84afe05d7e09349857cc9fefe233bb596b245473611e1a5845e6176769e1bb5d4f5cc8d2d4bacb01123e898cc3a5e910"], 0x68, 0x40000}, 0x48000) gettid() 02:57:30 executing program 0: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x0, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x8) 02:57:30 executing program 6: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x0, 0x0, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) r7 = gettid() perf_event_open(0x0, r7, 0x1, 0xffffffffffffffff, 0x8) 02:57:30 executing program 2: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) connect$bt_l2cap(r0, 0x0, 0x0) [ 2681.606278] FAULT_INJECTION: forcing a failure. [ 2681.606278] name failslab, interval 1, probability 0, space 0, times 0 [ 2681.606316] CPU: 0 PID: 8836 Comm: syz-executor.7 Not tainted 5.18.0-rc4-next-20220427 #1 [ 2681.606344] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2681.606359] Call Trace: [ 2681.606364] [ 2681.606372] dump_stack_lvl+0x8b/0xb3 [ 2681.606406] should_fail.cold+0x5/0xa [ 2681.606426] ? kmem_cache_alloc_lru+0x2d3/0x7c0 [ 2681.606451] ? create_object.isra.0+0x3a/0xa20 [ 2681.606487] should_failslab+0x5/0x10 [ 2681.606522] kmem_cache_alloc+0x5b/0x480 [ 2681.606546] ? mark_held_locks+0x9e/0xe0 [ 2681.606592] create_object.isra.0+0x3a/0xa20 [ 2681.606621] ? kasan_unpoison+0x23/0x50 [ 2681.606656] kmem_cache_alloc_lru+0x2d3/0x7c0 [ 2681.606676] ? xas_alloc+0x35d/0x480 [ 2681.606714] xas_alloc+0x35d/0x480 [ 2681.606755] xas_create+0x35b/0x1030 [ 2681.606801] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 2681.606839] xas_store+0x90/0x1c40 [ 2681.606888] __xa_store+0x16d/0x2d0 [ 2681.606921] ? xa_delete_node+0x270/0x270 [ 2681.606959] ? rwlock_bug.part.0+0x90/0x90 [ 2681.607010] xa_store+0x31/0x50 [ 2681.607044] __io_uring_add_tctx_node+0x1d2/0x390 [ 2681.607077] ? io_eventfd_put+0x50/0x50 [ 2681.607119] io_uring_setup.cold+0x21c1/0x271c [ 2681.607166] ? io_sqe_files_register+0x230/0x230 [ 2681.607228] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2681.607279] do_syscall_64+0x3b/0x90 [ 2681.607306] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2681.607342] RIP: 0033:0x7f1ab7761b19 [ 2681.607360] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2681.607384] RSP: 002b:00007f1ab4cd7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 2681.607406] RAX: ffffffffffffffda RBX: 00007f1ab7874f60 RCX: 00007f1ab7761b19 [ 2681.607423] RDX: 0000000020ffd000 RSI: 0000000020000340 RDI: 0000000000005c62 02:57:30 executing program 5: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_open_dev$vcsa(0x0, 0xdda, 0x0) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, 0x0) openat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x200000, 0x64) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x0, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r2, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(r1, r2) fremovexattr(r1, &(0x7f0000000080)=@known='system.advise\x00') gettid() [ 2681.607446] RBP: 0000000020000340 R08: 00000000200003c0 R09: 00000000200003c0 [ 2681.607463] R10: 0000000020000200 R11: 0000000000000202 R12: 00000000200003c0 [ 2681.607479] R13: 0000000020ffd000 R14: 0000000020000200 R15: 0000000020ffc000 02:57:30 executing program 3: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @fixed, 0x0, 0x2}, 0xe) r1 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000000), 0x84000, 0x0) sync_file_range(0xffffffffffffffff, 0xfe, 0x2, 0x4) io_uring_register$IORING_REGISTER_FILES(r1, 0x2, &(0x7f0000000080)=[r0], 0x1) [ 2681.607528] [ 2696.756017] kmemleak: 4 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 02:57:54 executing program 1: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) bind$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0xfffa, @any, 0x3, 0x2}, 0xe) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @fixed, 0x0, 0x2}, 0xe) socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r1, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) r3 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r3, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(r2, r3) ioctl$sock_TIOCOUTQ(r1, 0x5411, &(0x7f0000000240)) r4 = openat2(0xffffffffffffffff, &(0x7f0000000180)='./file0\x00', &(0x7f0000000200)={0x80002, 0x11, 0x4}, 0x18) dup2(r3, r4) pwrite64(r1, &(0x7f0000000080)="ecce507132c72a1cfb37e10b5bf00cf35d48bed8bc635bcc91d31b00d94793ddacc1ad294c3d61d6a667b159e91c7f1d973aa07fd704ab0146651666c6e1f09a9cce0705b9a00a86ecebbf5e1472e3636281e89b1f189d3d70f8aa8b590e866addd5d3bbaf6393feceafc35015f5509854e471146a57d4fef9a33d97c732f97d34b8374146f0fb447710961f6883dc60ebff7fcf34b4afdc16e868a6d7e30c5a9984f8adc7665676aa3e5fd0f2792018a5a2b34397da711baa8aa32ec1a147f9f9585accfb88af7f38a29a4127edad54316391c9e1317990c602f3fc716c46a46508e90b1f53a7a0182fd81c0eeec812d5", 0xf1, 0xfc) 02:57:54 executing program 6: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x0, 0x0, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) r7 = gettid() perf_event_open(0x0, r7, 0x1, 0xffffffffffffffff, 0x8) 02:57:54 executing program 2: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}}, 0xe) 02:57:54 executing program 0: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x0, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x8) 02:57:54 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000000500), &(0x7f0000000540)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x5c62, &(0x7f0000000340)={0x0, 0xb702, 0x10, 0x0, 0x3cd}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000200), &(0x7f00000003c0)) (fail_nth: 73) openat(r0, &(0x7f0000000140)='./file1\x00', 0x404000, 0x180) 02:57:54 executing program 3: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) getsockopt$bt_l2cap_L2CAP_CONNINFO(r0, 0x6, 0x2, &(0x7f0000000000), &(0x7f0000000080)=0x6) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @fixed, 0x0, 0x2}, 0xe) 02:57:54 executing program 5: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_open_dev$vcsa(0x0, 0xdda, 0x0) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x200000, 0x0) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x0, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) gettid() 02:57:54 executing program 4: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @fixed}, 0xe) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0) write$binfmt_aout(r1, &(0x7f0000000c40)=ANY=[], 0x820) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x7fffffff) bind$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x8, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4, 0x1}, 0xe) [ 2706.156283] FAULT_INJECTION: forcing a failure. [ 2706.156283] name failslab, interval 1, probability 0, space 0, times 0 [ 2706.156317] CPU: 0 PID: 8873 Comm: syz-executor.7 Not tainted 5.18.0-rc4-next-20220427 #1 [ 2706.156340] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2706.156354] Call Trace: [ 2706.156359] [ 2706.156367] dump_stack_lvl+0x8b/0xb3 [ 2706.156403] should_fail.cold+0x5/0xa [ 2706.156430] should_failslab+0x5/0x10 [ 2706.156460] kmem_cache_alloc_lru+0x60/0x7c0 [ 2706.156480] ? xas_alloc+0x35d/0x480 [ 2706.156516] xas_alloc+0x35d/0x480 [ 2706.156549] xas_create+0x35b/0x1030 [ 2706.156590] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 2706.156626] xas_store+0x90/0x1c40 [ 2706.156673] __xa_store+0x16d/0x2d0 [ 2706.156706] ? xa_delete_node+0x270/0x270 [ 2706.156742] ? rwlock_bug.part.0+0x90/0x90 [ 2706.156786] xa_store+0x31/0x50 02:57:54 executing program 3: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @fixed, 0x0, 0x2}, 0xe) r1 = accept$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @initdev}, &(0x7f0000000080)=0x1c) ioctl$int_in(r1, 0x5421, &(0x7f00000000c0)=0x4) [ 2706.156816] __io_uring_add_tctx_node+0x1d2/0x390 02:57:54 executing program 1: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x0, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x8) [ 2706.156844] ? io_eventfd_put+0x50/0x50 [ 2706.156884] io_uring_setup.cold+0x21c1/0x271c [ 2706.156924] ? io_sqe_files_register+0x230/0x230 [ 2706.156977] ? syscall_enter_from_user_mode+0x1d/0x50 02:57:54 executing program 2: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}}, 0xe) [ 2706.157018] do_syscall_64+0x3b/0x90 [ 2706.157042] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2706.157071] RIP: 0033:0x7f1ab7761b19 [ 2706.157087] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2706.157107] RSP: 002b:00007f1ab4cd7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 2706.157128] RAX: ffffffffffffffda RBX: 00007f1ab7874f60 RCX: 00007f1ab7761b19 [ 2706.157142] RDX: 0000000020ffd000 RSI: 0000000020000340 RDI: 0000000000005c62 [ 2706.157154] RBP: 0000000020000340 R08: 00000000200003c0 R09: 00000000200003c0 02:57:54 executing program 0: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x0, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x8) 02:57:54 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000000500), &(0x7f0000000540)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x5c62, &(0x7f0000000340)={0x0, 0xb702, 0x10, 0x0, 0x3cd}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000200), &(0x7f00000003c0)) (fail_nth: 74) openat(r0, &(0x7f0000000140)='./file1\x00', 0x404000, 0x180) [ 2706.157167] R10: 0000000020000200 R11: 0000000000000202 R12: 00000000200003c0 [ 2706.157179] R13: 0000000020ffd000 R14: 0000000020000200 R15: 0000000020ffc000 [ 2706.157217] 02:57:54 executing program 5: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) r1 = socket$unix(0x1, 0x5, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x200000, &(0x7f00000000c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@mmap}, {@noextend}, {@mmap}, {@nodevmap}, {@access_client}, {@cache_none}], [{@smackfsdef={'smackfsdef', 0x3d, '{$['}}, {@dont_hash}, {@permit_directio}, {@measure}, {@subj_role={'subj_role', 0x3d, '#%'}}, {@smackfsdef={'smackfsdef', 0x3d, '/proc/keys\x00'}}, {@uid_gt={'uid>', 0xee00}}, {@uid_eq={'uid', 0x3d, 0xee00}}]}}) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_open_dev$vcsa(0x0, 0xdda, 0x0) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x0, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) gettid() 02:57:54 executing program 6: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x0, 0x8a, 0x0, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) r7 = gettid() perf_event_open(0x0, r7, 0x1, 0xffffffffffffffff, 0x8) [ 2706.359268] FAULT_INJECTION: forcing a failure. [ 2706.359268] name failslab, interval 1, probability 0, space 0, times 0 [ 2706.359301] CPU: 0 PID: 8889 Comm: syz-executor.7 Not tainted 5.18.0-rc4-next-20220427 #1 [ 2706.359324] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2706.359337] Call Trace: [ 2706.359343] [ 2706.359350] dump_stack_lvl+0x8b/0xb3 [ 2706.359382] should_fail.cold+0x5/0xa [ 2706.359405] ? kmem_cache_alloc_lru+0x2d3/0x7c0 [ 2706.359429] ? create_object.isra.0+0x3a/0xa20 [ 2706.359461] should_failslab+0x5/0x10 [ 2706.359490] kmem_cache_alloc+0x5b/0x480 [ 2706.359508] ? mark_held_locks+0x9e/0xe0 [ 2706.359542] create_object.isra.0+0x3a/0xa20 [ 2706.359570] ? kasan_unpoison+0x23/0x50 [ 2706.359603] kmem_cache_alloc_lru+0x2d3/0x7c0 [ 2706.359622] ? xas_alloc+0x35d/0x480 [ 2706.359659] xas_alloc+0x35d/0x480 [ 2706.359691] xas_create+0x35b/0x1030 [ 2706.359733] ? lockdep_hardirqs_on_prepare+0x400/0x400 02:57:55 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0) write$binfmt_aout(r0, &(0x7f0000000c40)=ANY=[], 0x820) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x7fffffff) sendmsg$AUDIT_TRIM(r1, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x10, 0x3f6, 0x20, 0x70bd29, 0x25dfdbff, "", ["", "", ""]}, 0x10}, 0x1, 0x0, 0x0, 0x20000800}, 0x0) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) connect$bt_l2cap(r2, &(0x7f0000000040)={0x1f, 0x1, @fixed, 0x0, 0x2}, 0xe) [ 2706.359767] xas_store+0x90/0x1c40 [ 2706.359814] __xa_store+0x16d/0x2d0 [ 2706.359847] ? xa_delete_node+0x270/0x270 [ 2706.359883] ? rwlock_bug.part.0+0x90/0x90 [ 2706.359927] xa_store+0x31/0x50 [ 2706.359958] __io_uring_add_tctx_node+0x1d2/0x390 [ 2706.359986] ? io_eventfd_put+0x50/0x50 02:57:55 executing program 2: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}}, 0xe) [ 2706.360025] io_uring_setup.cold+0x21c1/0x271c [ 2706.360065] ? io_sqe_files_register+0x230/0x230 [ 2706.360119] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2706.360160] do_syscall_64+0x3b/0x90 [ 2706.360184] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2706.360213] RIP: 0033:0x7f1ab7761b19 [ 2706.360228] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2706.360248] RSP: 002b:00007f1ab4cd7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 2706.360281] RAX: ffffffffffffffda RBX: 00007f1ab7874f60 RCX: 00007f1ab7761b19 [ 2706.360295] RDX: 0000000020ffd000 RSI: 0000000020000340 RDI: 0000000000005c62 [ 2706.360308] RBP: 0000000020000340 R08: 00000000200003c0 R09: 00000000200003c0 [ 2706.360320] R10: 0000000020000200 R11: 0000000000000202 R12: 00000000200003c0 [ 2706.360333] R13: 0000000020ffd000 R14: 0000000020000200 R15: 0000000020ffc000 [ 2706.360371] 02:57:55 executing program 1: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @fixed, 0x0, 0x2}, 0xe) r1 = accept$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @initdev}, &(0x7f0000000080)=0x1c) ioctl$int_in(r1, 0x5421, &(0x7f00000000c0)=0x4) [ 2719.180387] kmemleak: 4 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 02:58:15 executing program 0: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x0, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x8) 02:58:15 executing program 5: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_open_dev$vcsa(0x0, 0xdda, 0x0) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x0, &(0x7f00000001c0)=0x6, 0x4) r3 = dup3(r1, 0xffffffffffffffff, 0x0) ioctl$LOOP_CTL_REMOVE(r3, 0x4c81, r2) dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) preadv(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x3b7, 0x8) gettid() 02:58:15 executing program 6: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x0, 0x8a, 0x0, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) r7 = gettid() perf_event_open(0x0, r7, 0x1, 0xffffffffffffffff, 0x8) 02:58:15 executing program 2: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x6a8, @fixed}, 0xe) 02:58:15 executing program 3: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) bind$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x5, @none, 0x4, 0x2}, 0xe) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @fixed, 0x0, 0x2}, 0xe) 02:58:15 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0) write$binfmt_aout(r0, &(0x7f0000000c40)=ANY=[], 0x820) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x7fffffff) sendmsg$AUDIT_TRIM(r1, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x10, 0x3f6, 0x20, 0x70bd29, 0x25dfdbff, "", ["", "", ""]}, 0x10}, 0x1, 0x0, 0x0, 0x20000800}, 0x0) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) connect$bt_l2cap(r2, &(0x7f0000000040)={0x1f, 0x1, @fixed, 0x0, 0x2}, 0xe) 02:58:15 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0) r1 = syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000180)='./file1/file0\x00', 0x0, 0x3, &(0x7f00000002c0)=[{&(0x7f00000001c0)="f8a5e56d67a3290aca", 0x9, 0x5}, {&(0x7f0000000200)="f114c2d084cda7b6a737668d7677fb438fa935248b866f0734d54f5c3ec10cefbcd7e4fd2fcb5bbbf3205d4bdab40fc922", 0x31, 0x101}, {&(0x7f0000000240)="93df156a41b083c652be20a5c67e2b60fa34b93db6eed6f5b4fcaa89a6a27a82c508ad4e27757ea4a06b82aa51ac3e5dc3bab42922ae765624138c585e8bf2f94f4922b69f4786a65d", 0x49, 0x2}], 0x4008, &(0x7f0000000340)={[{@shortname_lower}, {@utf8}, {@uni_xlate}, {@iocharset={'iocharset', 0x3d, 'cp861'}}], [{@pcr={'pcr', 0x3d, 0x24}}]}) openat(r1, &(0x7f00000003c0)='./file1\x00', 0x8400, 0x168) write$binfmt_aout(r0, &(0x7f0000000c40)=ANY=[], 0x820) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r3 = clone3(&(0x7f0000000280)={0x133323100, &(0x7f00000000c0)=0xffffffffffffffff, 0x0, 0x0, {0x26}, 0x0, 0x0, 0x0, 0x0}, 0x58) r5 = fork() clone3(&(0x7f00000003c0)={0x0, &(0x7f0000000100), &(0x7f0000000140), &(0x7f0000000180), {0x34}, &(0x7f00000001c0)=""/14, 0xe, &(0x7f0000000300)=""/134, &(0x7f0000000200)=[r3, r5], 0x2, {r4}}, 0x58) sendmsg$netlink(r2, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000840)=[{&(0x7f0000000400)={0x430, 0x18, 0x200, 0x70bd29, 0x25dfdbfc, "", [@generic="87f824404f985a9f653e479b65577e859d5852246d9de06192a063c5209a0e3a29f2070557d2f55246c0a6d749dbecfdf16fce4c5113e85f8c931b9af345c2e8fd9d5e52c7b875c558d8a33844cdc27e09f357b9b1b0f5d410aded08336ff2c07ee4849fde5f8478e79dbe6688e7b111a6e403ca809c0a1a8f8241395db3e51bb04192a8d058d19c696c504c4598cbe42a7639994a83ed59b451fc209a49e37cf983c7f6283845c54dea7621de9492c13eba0314bbfc4637ef7e508a5031b6c7523ef687e0f632c5cbf8613a1788f97fcd8984f0d33d13b8e91347d7aab2fc6a232870e8d2af5285", @nested={0x228, 0x28, 0x0, 0x1, [@generic="3f583d1c54602559c555e855587d02024d18509a664827c7db929c1f8be62ce984b178d48f9b3a4533c6bcc23e9efddece2e6642c6cefa438cd0eb9d43b1e194253749e6b722cb8d4e8ef112538b67e6ca8fe1bc1e84171a8ba1271b11453b5e6a42848f5ac287a4fef338ee20c9e4a76683d3b9eeb3d59d97ae3fb8869f934ec54f6126d636074284e4b347ac455f22b9b95691bf163a0be7dbd835aa235d90ba1d4ffd7107ec16a1f883f58f9ede9f5c48", @typed={0x4, 0x2d}, @typed={0x62, 0x1a, 0x0, 0x0, @binary="06b90807ff54d826fc9b2afd5428cb8ceda61abdc9d303d76debbd9ffbc83dc0d8bf28d3e584920720d876360fde7f964c6806f49284b11f4d9001513d400b20c56678b617f0f9ed209989a719b28a282f4734f2a011c71f42e5600d16a7"}, @typed={0x8, 0x50, 0x0, 0x0, @pid}, @generic="0ee6ccf3b15172cf9dbe2fbd25367aa3f4dd96a3d5232d6b08665b4982584e14a74cc65907b410a209697cae029c23f5980922095572bd8b781b08150363344c8e179bbe32bd79e278a699a69745b46c97dddf8b60d1b1381b14ab74cca1b61d5332d4ff2d9dc0324882b058729314554aab245b6fbb02fe82f698500c3d96e9bf5b48dcca9e4cc1184abb18c6c128c5402f5003b0dd5804ebbdd3879b5ff2b67fdc635b070de73c2f39c28d22a4a041d93b0ae593", @typed={0x8, 0x95, 0x0, 0x0, @pid=r3}, @generic="e4948743afd6eb6c3ddaa544dfa56a37e1f436042f604f9f4ad73cab450891d756af4ed4a8b101209a16b61cb8ec07acfb73c5167a895819521b9f22f9735ade88c659e97a"]}, @typed={0x8, 0x69, 0x0, 0x0, @uid=0xee01}, @nested={0x108, 0x8e, 0x0, 0x1, [@generic="993c1d0f4e7eea377eca764194b56957349de4e50c51b7ca452f3140adb52185cd56389374db1c670644a80f4432b58ef7e47b62b7920d3f13019e4c1407549f9462e4706338c0e1df383c9e20c175c40e7ed0735a2af49940a04d0f209775267dee488c21f0eb75c54e649a535afb4dfa63abc89824c38935e20477769c6e5731749633dd8127c50c71c755bb8d2b339298116441f88a45b7591176509a02e41f6fde256aab27e068", @generic="4b5824ce4ebee5fafb0a69f62600c9e3c43e674d126dd54079f493ab5b805ec4b5757925874e5a94414e1405f2bcbec87cf114cd3d6a0b7524249b8f4643de02f8895dece78e5eb600c642cbfb2490bee8b9cc4b0780b9672873b9"]}]}, 0x430}], 0x1, 0x0, 0x0, 0x20000002}, 0x80) sendfile(r0, r2, 0x0, 0x7fffffff) sendmsg$IPSET_CMD_HEADER(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="300000000c86000100090002c73300003000000000050001000700"/48], 0x30}, 0x1, 0x0, 0x0, 0x44800}, 0x80) connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000000040)={0x1f, 0x1, @fixed}, 0xe) 02:58:15 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000000500), &(0x7f0000000540)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x5c62, &(0x7f0000000340)={0x0, 0xb702, 0x10, 0x0, 0x3cd}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000200), &(0x7f00000003c0)) (fail_nth: 75) openat(r0, &(0x7f0000000140)='./file1\x00', 0x404000, 0x180) 02:58:15 executing program 2: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x0, 0x8a, 0x0, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) r7 = gettid() perf_event_open(0x0, r7, 0x1, 0xffffffffffffffff, 0x8) 02:58:15 executing program 3: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x4, @none, 0x0, 0x2}, 0xe) [ 2726.625747] FAULT_INJECTION: forcing a failure. [ 2726.625747] name failslab, interval 1, probability 0, space 0, times 0 [ 2726.625784] CPU: 0 PID: 8923 Comm: syz-executor.7 Not tainted 5.18.0-rc4-next-20220427 #1 [ 2726.625809] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2726.625824] Call Trace: [ 2726.625830] [ 2726.625838] dump_stack_lvl+0x8b/0xb3 [ 2726.625871] should_fail.cold+0x5/0xa [ 2726.625900] should_failslab+0x5/0x10 [ 2726.625932] kmem_cache_alloc_lru+0x60/0x7c0 [ 2726.625953] ? xas_alloc+0x35d/0x480 [ 2726.625993] xas_alloc+0x35d/0x480 02:58:15 executing program 1: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x0, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x8) [ 2726.626028] xas_create+0x35b/0x1030 [ 2726.626073] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 2726.626112] xas_store+0x90/0x1c40 [ 2726.626164] __xa_store+0x16d/0x2d0 [ 2726.626199] ? xa_delete_node+0x270/0x270 [ 2726.626239] ? rwlock_bug.part.0+0x90/0x90 02:58:15 executing program 0: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x0, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x8) [ 2726.626286] xa_store+0x31/0x50 [ 2726.626320] __io_uring_add_tctx_node+0x1d2/0x390 [ 2726.626350] ? io_eventfd_put+0x50/0x50 [ 2726.626394] io_uring_setup.cold+0x21c1/0x271c [ 2726.626437] ? io_sqe_files_register+0x230/0x230 [ 2726.626504] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2726.626554] do_syscall_64+0x3b/0x90 02:58:15 executing program 3: connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000000040)={0x1f, 0x1, @fixed, 0x0, 0x2}, 0xe) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0) write$binfmt_aout(r0, &(0x7f0000000c40)=ANY=[], 0x820) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x7fffffff) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(r0, 0xc0189374, &(0x7f0000000000)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x1}}, './file0\x00'}) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) r4 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r4, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(r3, r4) sendmmsg(r3, &(0x7f0000000480)=[{{&(0x7f0000000080)=@pptp={0x18, 0x2, {0x1, @initdev={0xac, 0x1e, 0x1, 0x0}}}, 0x80, &(0x7f0000000240), 0x0, &(0x7f00000004c0)=[{0x108, 0x113, 0x1, "861acfba63e1643f2ab5fd62610567a30fd7c8b6c430696d831929b084207126f97603f7e23ee3d3240129aa505a9c8cc8add5d671c8db15e5c20636b721dad58d319e764e185b3094db54d8db7ab2aac82896a36b87c984d2a4643e50492f8c7ba2c0eac85ba285f684f26bc3123beb777041a0ea96b74c47c12f17aa269aaeca3b606344f82813414fa66708e390670f9de1b9af78e4147df3f0118b84715e881bea11e8fb3e6ec3bca9bb9fe07a35e969b7bba487d402ff2565f28cb0d852fbcffc9193cf4357e15fa21e712492c5beed9956c162e1b0f92f0ffd41ca1ee452b666a25e32143d31bc2eae114299e034"}, {0xd0, 0x36, 0x4, "7c15a197755ac57abb7efe37f16c7d70b77fbf99fa0befd4429c774da43775a00113b64ed169bbb54d94f89d03624b6e4cd3ba971c395e1a1ffa408d68e3926f0b0897b5dc2336a4d77e20a551ca69b5d19fe0ab64d877ef28634708904731a22d1ac548cf8b8934624f7d1f763d605dce2b71fdc2e541fed1697a9db5a1c57ac3e6388ef78f69a1bb0834c1269b3576a80c56b51ea5abd2835aa8fed068cb1cc9557783ed015eec0df97a37972de381eba07cd60b40516943c7930f31b7d6"}, {0x20, 0x105, 0x62, "e4a10bbee6b42441789852edb4296d8f"}, {0xa0, 0x118, 0x5, "69f9016dde541784cd724bc927e05283e1dbcb9fe0bdd68f15bb60e919d814cfe09373422ddb96a22959cd38e5cb6b3ed5c916b15e3ae0fc8fb2849786180816a9d6a2b32c6e1c75aeb8741b9da75895e7613240cc511454133c4bc76dc71736737f49208dbafa5af31ed399570adae74e3ca3ec59e75598746a2d6edd82fcec9d1015fe76af2853d47f"}], 0x298}}], 0x1, 0x54) flock(r2, 0xc) [ 2726.626580] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2726.626612] RIP: 0033:0x7f1ab7761b19 [ 2726.626629] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 02:58:15 executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_UNLABEL_C_STATICADD(r0, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x28, 0x0, 0x800, 0x70bd2b, 0x25dfdbfb, {}, [@NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @private0={0xfc, 0x0, '\x00', 0x1}}]}, 0x28}, 0x1, 0x0, 0x0, 0x48120}, 0x40000) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) ioctl$sock_SIOCGSKNS(r1, 0x894c, &(0x7f0000000000)=0x3) connect$bt_l2cap(r1, &(0x7f0000000040)={0x1f, 0x1, @fixed}, 0xe) r2 = openat2(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)={0x1140, 0x5, 0x15}, 0x18) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f0000000100)=[@timestamp, @window={0x3, 0x6, 0x81}, @timestamp], 0x3) [ 2726.626651] RSP: 002b:00007f1ab4cd7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 2726.626674] RAX: ffffffffffffffda RBX: 00007f1ab7874f60 RCX: 00007f1ab7761b19 02:58:15 executing program 5: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_open_dev$vcsa(0x0, 0xdda, 0x0) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, 0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000000)={'wlan1\x00'}) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x0, &(0x7f00000001c0)=0x6, 0x4) r2 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000080), 0x80001, 0x0) dup2(r2, 0xffffffffffffffff) socketpair(0x18, 0x800, 0x5, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$dupfd(r3, 0x406, 0xffffffffffffffff) gettid() [ 2726.626689] RDX: 0000000020ffd000 RSI: 0000000020000340 RDI: 0000000000005c62 [ 2726.626703] RBP: 0000000020000340 R08: 00000000200003c0 R09: 00000000200003c0 [ 2726.626717] R10: 0000000020000200 R11: 0000000000000202 R12: 00000000200003c0 [ 2726.626730] R13: 0000000020ffd000 R14: 0000000020000200 R15: 0000000020ffc000 [ 2726.626772] 02:58:15 executing program 2: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, 0x0, 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x8) 02:58:15 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000000500), &(0x7f0000000540)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x5c62, &(0x7f0000000340)={0x0, 0xb702, 0x10, 0x0, 0x3cd}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000200), &(0x7f00000003c0)) (fail_nth: 76) openat(r0, &(0x7f0000000140)='./file1\x00', 0x404000, 0x180) 02:58:15 executing program 6: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x0, 0x8a, 0x0, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) r7 = gettid() perf_event_open(0x0, r7, 0x1, 0xffffffffffffffff, 0x8) 02:58:15 executing program 3: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) r1 = syz_open_procfs$namespace(0x0, &(0x7f00000000c0)='ns/cgroup\x00') read(r1, &(0x7f0000000100)=""/4096, 0x1000) r2 = creat(&(0x7f0000000000)='./file0\x00', 0x1e3) setsockopt$bt_l2cap_L2CAP_OPTIONS(r2, 0x6, 0x1, &(0x7f0000000080)={0xffff, 0xff, 0x5, 0x9, 0xc0, 0x8, 0x1}, 0xc) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @fixed, 0x0, 0x2}, 0xe) [ 2726.827482] FAULT_INJECTION: forcing a failure. [ 2726.827482] name failslab, interval 1, probability 0, space 0, times 0 [ 2726.827637] CPU: 1 PID: 8945 Comm: syz-executor.7 Not tainted 5.18.0-rc4-next-20220427 #1 [ 2726.827651] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2726.827659] Call Trace: [ 2726.827663] [ 2726.827667] dump_stack_lvl+0x8b/0xb3 [ 2726.827688] should_fail.cold+0x5/0xa [ 2726.827699] ? kmem_cache_alloc_lru+0x2d3/0x7c0 [ 2726.827714] ? create_object.isra.0+0x3a/0xa20 [ 2726.827733] should_failslab+0x5/0x10 [ 2726.827748] kmem_cache_alloc+0x5b/0x480 [ 2726.827758] ? mark_held_locks+0x9e/0xe0 [ 2726.827778] create_object.isra.0+0x3a/0xa20 [ 2726.827794] ? kasan_unpoison+0x23/0x50 [ 2726.827813] kmem_cache_alloc_lru+0x2d3/0x7c0 [ 2726.827823] ? xas_alloc+0x35d/0x480 [ 2726.827843] xas_alloc+0x35d/0x480 [ 2726.827862] xas_create+0x35b/0x1030 [ 2726.827885] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 2726.827903] xas_store+0x90/0x1c40 [ 2726.827929] __xa_store+0x16d/0x2d0 [ 2726.827950] ? xa_delete_node+0x270/0x270 [ 2726.827970] ? rwlock_bug.part.0+0x90/0x90 [ 2726.827994] xa_store+0x31/0x50 [ 2726.828011] __io_uring_add_tctx_node+0x1d2/0x390 [ 2726.828028] ? io_eventfd_put+0x50/0x50 [ 2726.828049] io_uring_setup.cold+0x21c1/0x271c [ 2726.828071] ? io_sqe_files_register+0x230/0x230 [ 2726.828100] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2726.828123] do_syscall_64+0x3b/0x90 [ 2726.828137] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2726.828154] RIP: 0033:0x7f1ab7761b19 [ 2726.828164] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2726.828175] RSP: 002b:00007f1ab4cd7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 2726.828188] RAX: ffffffffffffffda RBX: 00007f1ab7874f60 RCX: 00007f1ab7761b19 [ 2726.828196] RDX: 0000000020ffd000 RSI: 0000000020000340 RDI: 0000000000005c62 [ 2726.828203] RBP: 0000000020000340 R08: 00000000200003c0 R09: 00000000200003c0 [ 2726.828210] R10: 0000000020000200 R11: 0000000000000202 R12: 00000000200003c0 [ 2726.828217] R13: 0000000020ffd000 R14: 0000000020000200 R15: 0000000020ffc000 [ 2726.828239] 02:58:15 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000000500), &(0x7f0000000540)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x5c62, &(0x7f0000000340)={0x0, 0xb702, 0x10, 0x0, 0x3cd}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000200), &(0x7f00000003c0)) (fail_nth: 77) openat(r0, &(0x7f0000000140)='./file1\x00', 0x404000, 0x180) 02:58:15 executing program 0: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x0, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x8) [ 2726.963847] FAULT_INJECTION: forcing a failure. [ 2726.963847] name failslab, interval 1, probability 0, space 0, times 0 [ 2726.963869] CPU: 1 PID: 8958 Comm: syz-executor.7 Not tainted 5.18.0-rc4-next-20220427 #1 [ 2726.963881] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2726.963890] Call Trace: [ 2726.963893] [ 2726.963898] dump_stack_lvl+0x8b/0xb3 [ 2726.963919] should_fail.cold+0x5/0xa [ 2726.963931] ? vm_area_dup+0x7f/0x220 [ 2726.963949] should_failslab+0x5/0x10 [ 2726.963966] kmem_cache_alloc+0x5b/0x480 [ 2726.963982] vm_area_dup+0x7f/0x220 [ 2726.964005] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 2726.964021] ? mark_lock.part.0+0xef/0x2f60 [ 2726.964046] ? lock_is_held_type+0xd7/0x130 [ 2726.964063] ? find_held_lock+0x2c/0x110 [ 2726.964076] ? vm_area_alloc+0xf0/0xf0 [ 2726.964093] ? lock_release+0x3b2/0x750 [ 2726.964106] ? avc_has_perm_noaudit+0x1c8/0x390 [ 2726.964120] ? lock_downgrade+0x6d0/0x6d0 [ 2726.964133] ? find_held_lock+0x2c/0x110 [ 2726.964151] ? __sanitizer_cov_trace_cmp2+0x22/0x80 [ 2726.964172] ? mark_lock.part.0+0xef/0x2f60 [ 2726.964188] ? avc_has_perm_noaudit+0x1ef/0x390 [ 2726.964202] __split_vma+0xa2/0x540 [ 2726.964218] do_mas_align_munmap.constprop.0+0x263/0xfa0 [ 2726.964238] ? __split_vma+0x540/0x540 [ 2726.964256] ? mas_walk+0x48a/0x670 [ 2726.964275] ? mas_find+0x203/0xdd0 [ 2726.964295] ? inode_has_perm+0x171/0x1d0 [ 2726.964308] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 2726.964327] do_mas_munmap+0x1ed/0x2c0 [ 2726.964342] mmap_region+0x21c/0x1a70 [ 2726.964360] ? lock_release+0x750/0x750 [ 2726.964375] ? do_munmap+0x100/0x100 [ 2726.964391] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2726.964409] ? security_mmap_addr+0x79/0xa0 [ 2726.964425] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2726.964443] ? get_unmapped_area+0x2f0/0x3d0 [ 2726.964465] do_mmap+0x824/0xf40 [ 2726.964482] vm_mmap_pgoff+0x1b5/0x280 [ 2726.964509] ? randomize_stack_top+0x100/0x100 [ 2726.964527] ? __fget_files+0x287/0x470 [ 2726.964554] ksys_mmap_pgoff+0x3cc/0x4f0 [ 2726.964581] do_syscall_64+0x3b/0x90 [ 2726.964594] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2726.964610] RIP: 0033:0x7f1ab7761b62 [ 2726.964618] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 2726.964629] RSP: 002b:00007f1ab4cd70f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 2726.964641] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f1ab7761b62 [ 2726.964649] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffc000 [ 2726.964656] RBP: 0000000020ffc000 R08: 0000000000000006 R09: 0000000000000000 [ 2726.964662] R10: 0000000000008011 R11: 0000000000000206 R12: 00000000200003c0 [ 2726.964669] R13: 0000000020ffd000 R14: 0000000020000200 R15: 0000000020ffc000 [ 2726.964690] [ 2742.245312] kmemleak: 12 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 02:58:38 executing program 6: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x0, 0x8a, 0x9, 0x0, 0x0, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) r7 = gettid() perf_event_open(0x0, r7, 0x1, 0xffffffffffffffff, 0x8) 02:58:38 executing program 1: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(0xffffffffffffffff, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x8) 02:58:38 executing program 4: setxattr$trusted_overlay_opaque(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000000)={{{@in6=@private1, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@loopback}, 0x0, @in6=@remote}}, &(0x7f0000000100)=0xe8) bind$packet(0xffffffffffffffff, &(0x7f0000000140)={0x11, 0x1c, r0, 0x1, 0x9e, 0x6, @broadcast}, 0x14) 02:58:38 executing program 0: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x0, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x8) 02:58:38 executing program 2: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x0, 0x8a, 0x0, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) r7 = gettid() perf_event_open(0x0, r7, 0x1, 0xffffffffffffffff, 0x8) 02:58:38 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000000500), &(0x7f0000000540)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x5c62, &(0x7f0000000340)={0x0, 0xb702, 0x10, 0x0, 0x3cd}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000200), &(0x7f00000003c0)) (fail_nth: 78) openat(r0, &(0x7f0000000140)='./file1\x00', 0x404000, 0x180) 02:58:38 executing program 5: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = syz_open_dev$vcsa(0x0, 0xddc, 0x268202) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x0, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, 0xffffffffffffffff) r2 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000000)={0x0, 0x0}, &(0x7f0000000080)=0xc) r4 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, 0xffffffffffffffff, &(0x7f0000000140)={0x2010}) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000440)={0x0, 0x0, 0x0}, &(0x7f0000000480)=0xc) setgroups(0x1, &(0x7f0000001880)=[r5]) fchown(r4, 0x0, r5) fchown(r2, r3, r5) r6 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$IP_SET_OP_GET_BYNAME(r6, 0x1, 0x53, &(0x7f00000000c0)={0x6, 0x7, 'syz2\x00'}, &(0x7f0000000100)=0x28) gettid() 02:58:38 executing program 3: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @fixed, 0x0, 0x2}, 0xe) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000000000)={0x1f, 0x7, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x4, 0x1}, 0xe) r2 = socket$inet6(0xa, 0x3, 0x1) ioctl$BTRFS_IOC_RM_DEV_V2(r1, 0x5000943a, &(0x7f0000000100)={{r2}, 0x0, 0x12, @inherit={0x78, &(0x7f0000000080)=ANY=[@ANYBLOB="990200000000000006000000000000000700000000000000070000000000000018000000000000000001000000000000c0ffffffffffffff07000000000087ec2a752d59606da7d1aa2b00000100000000000000e093de1600000000f032000000000000090000000000000000000000000000002c0f0000"]}, @name="290e91ec34380c2aaee87b5c48b900acacc39eeaeb95907e258ff6feb6947efa0dc25aadc16062ff4e39509f711a2042d8564326f3debbcb7f6940f5f4487f6dca2fe08fe7f66bf9ff5170142a1920228fb7a3e090105cfa03491013f551ca8d3ff81796a3b568bcfb57e454213912f62df130512a3425bf98b3abe53a0adeb1d3d77ae5a2d5e753b8b2cec9a90677a4326786c33447bca0f772bb3b1edd1be5399f17c9db89284e597811375428251b4a2f42d89d8f53388d19b4b2ba92d832f03ba90b2a808082694a6bbc6663c676ef7e1ae6db343efcad8fbccf37236ea6091d37a85ae898f48a17ebf705ad6c5432dc2c8e4d32628d4d400e405a520a85dc2ac2892519f8af870c3f49b26ce1d43c7cec7c7a7ac1263dd483a5ad7d92fd4c2671e24ffb75a4491d2c482b5ba446c8aa25c00cfeed6a986641c6e3bf0824af85fbffa134ee560fd9db28f19bddd6c5231fcc905df5640db529d00ccc1b423f58bdf688d0e43b9b5bec6e8be24ff3ee5376826fdea45757180e6d013a3167fe68277eb79d1ba0498a8dccc03fb037dd2a1e58c050184c238ea5966fb081be9a570cbd759485b3ee8e006b6ca2feda096d7f393561e7188cea9a17d00176b8c357dd80d3f16fdd54d1b33380845b914f629af24f8d76bad47e65811f479698e8996d6642a314bd12c9550f0d73f7045bbb0f904fa9fbdf28676ab631875cc79a74ab5ccddf364a83adfb118063251271524ef7a70fbd571717de1c7574187f236222cba51731a94c1c7e19316c3d41f61ef53af30454aadd64cb8f67e7cfb200e342dd66533ce1db3e58badd31fa5c06e98530f173073416d5e98ee9b0b806e5560f53049c87a44c891271890d78c705dd42a88b194f0aca925aa20209dd5db6490038e3d1def391a8b87f87217d0abe418f1a5c72689b0a898081143fac7a66bdba054f2c49189e94a3d0af90d310753d389dced18e89fcfea1f5bd37303ed3200423ee9e1de370703ebc51e2f8a4a9f4a908b5f9b00791ffb6ee3d5e352e68c9473cc837e02f6ca3470f8897ebc8006e5da2aeff440b2fce0474ed285830a37384eb1977f755583a9fbfdf56a3a6f6dd4c48ec2018c3633760b6a35895164e1a5e7878289227a183d3457f3bea07fd3e49fdffe313de3808ecb63da012465f2dc650238bf9dec1c85cd03dd33c028e2d728f10c9e08a21ea7eb30de8b6d786c972aa49e9228f41561e9bfbca84f583d2d389cec5c3c479cf2ec0ee1c0bc5ee77c091a401bd9927f7da86fda64fa508db090d37d03b7659d26f9b3e90462c8fb941304f4bc97874e6b1711cf216729e85894a63449057cec764b09ccbd212683234c16eb30d2ae4e86c2cd80d2a1e914aa3730293f575fb7ede40f6824af60cd07260a6d09af9921ecc762dee9513598721088de08304be1239b7bf095586200d2cd23633b23299303a7117eb03619e23acba4c0190833ff3516fc1560e66fed45d20395cfe6c94176ae13bffeae478e80dae06efe266a50704f38c16d4d2a06aa58ca114a126a88e18f92935a46d026ebe16f91f6a21462c7f8d57999ad7763a8a406f461363381cfbfe1633fa2829d4c11aba07413aa61f7294101349a857a69e78a1ff6f0fe1f8e95f2c2c5d01e3e4b2b396f8ab9bfdf386416ecd5950894ab9706073b217b4b28d4dcd39ed4d1614e933a35680e04d5e749b22d5f9fcc8aed98ee6eae9dce0e038eebd1592d8f0abdbbfdabdbdd8bc3f8b6f36b56be16792828644e086861eb3fd6662748c08389bebcfd30e6ca48313a0e1b6d969fbd1138c7134d7f9229962e3e947931acbc458aafba4c5bcaf313a26f7a94729d782a3469b586ae400f47eafa352b9fab85aa8dd131aea63906c4b06a83f702d53aebf25d5e5e71e4f09ed168c8b78ded441fd0c538be51fd1f4ad020522816647e08759d88ef074c35be5eb5ee3fa4091b4c3837661870a779b99d39f57ac494843884d39424c2ee3bd7a64f2d0fa1a47e6a1a49e5cb5dea718cdae26003e73bc2faa34d53e8fd76c6359c3c315aacfe87dfcdac93940fed30133659b358310731688be331dc6e6c1366cf96f66a7ca7ccf9b38a754aaaf62ac0fa1270bc9db814fb03d7fc19857e5cf97c58816865b73bc719fb9578057df598d4f3cf6a9a01cc17acb3a1a9d86e08a3485bdd3cd4c07815b5defb5c42ec7e9fe1380b41aa582fef81918aeb1efa1989e67fe05d466bb212516492f4ee0df7ed2bea6269db00689cc0883e3b4e4f6af39c23397d58487dad0c8b3b669ebdd6243a5d696e0fefee26dd043873d18b8012e1f1af125e2046a8d42a6d91e74b4b6ad55adb5f2613e6612e4bdd35ff49e8f057a0e9e4291c1315136532825b3d3eac26df108a4cdbbb18b2d45b2fddc863630c7d75ba4ac752bedc02ef5a9b11d99e3e71b5db0824523073c49104da436f0fc317bce30ab3a48d7a2783a5e008ce1a8000a83b04f22236d14d9a7c3ba905b966ecd5468cabe650263d3786c3355d956d9335670d6e4be75e1002d0a970c91e6db1c76e4f6b730abad6f919b7dd43effd0a792ccc914b55be944da9fa10fa822ecd09647f2962ed9b7f4d66c89ace1230e9eb470b5ce4da3ac5b29b6d4fe937c38211ab3a6e8a1759cdc924f5967094f1a780d00d1559a6741fd8aaf8b8540452cec69b0acc2578c68740844ec4af32726c8611afc64a7b1299a10be1f69326651a766afabbce64425fea736f061ea95aeba7fcc953f8157261b3a4775bdc1004ff969e7790eb9bedeb92ad1ced0343936e959c1ec8dfd85c54f1e6a6d0d028442ca169d423609a67d9dd11bc43fcfc49b89271778efc29511e5c56841be06469bd0049df736c3c70b708f856bd25e09bc6f0cc725fa6999d7a26350d997af9c1aeede255854e0983f1a402bdd993ff78110a086570d3fefdeca36785db440386e374e5c4999b0ed023dee89024e1e494af79a71c842466b59798d2e525943a6ab25250fe4713fed5d04db81962e8ce3b92fcabbcf67636db0b67a1930e39c8e0ced45590853b0f757f7c2b976748353c6e1070f33aaba71a51726f8e584e85a252c9dc7d61d8abefa58e9f09d9d3bf10d774517b63588efc809b38b2d9f9aacc9458f0453700f490add842624d70066d6e5d968e65b7b890165f7438acfff5353270f3bc6561a3f2b9f6d931e24ba5731f7bd77dca848ed6351fdc5ba544549d33acbb8d8a940f9e8390b783c2c807437a375d158a9c2f10cbe6e6b0ca10326e11813b83d50e72ac7cd4c146d727a96b7779e606b7b5b1de25068e562cd9571734f414cc1a0e5e268182936043e5d4142f1e79d7e6c06c5c7a900a8195de58d169e60642f2d44aa3ed1e6c0832baf1cda0295fcf4a2e721ed8a0e738d281467002f13c172001310dd4252f8ee6fe36c359eba0f6ebeae9a3c319664c81e966f245c28faa5618472657c84b0a4c7a8f7f9da9c529524c13619240fbeef311a7412282aebff58aa24cc5b580df336eeb424d6466159eed75047948c0fab651d2d524096852a3de8e4fe0aa9e48d7df7261cb4420ba06e0844da3b5d8cfc518a0cff98a76933c3ed6eec0a87ed27a4eaf403520661f85a00671423808035fd2dd06da08beedf1168a1aa378f3d3c40da390f3adaff463ad5ad79e637b92170f7bd61ce15e0977422d9bab36b2c25319231fa9a67b93b8436f6c72d806af50b84f811478fdfd442341236572f6c7b7866a2fc2265855f98c71c4da121c05833c8c90ab827ee50d53a263c2eb6eb0ccd1f9678a0b66bcfb2eff1db13baafac2ea851a383fb03a91fabb1d72aba98b2e667e067becdf03deccdddecf2abd709e76d531c1eea80c4d5111e3af5a5a5ec7b15d3a3dde3f95363c65adb477489f18fc4fba26a304eb50ae62f47094d03842eb8e40f5a4fca30e5ae8efc24038f6876d81d52b97c18292b2d029dc32cfb2a3843988344af5d9ebcb3b577a096b58cc150b33993575ad107a30b449949a458366303b64708714a5b9b6a07a27b190d3c942e601e76a1566179004de77a56dddcc829b41e45f289e062852ab77925816a7b656bc55340637b7d1f2fd3a5bc977680bb9c8619e888963340d0a5c23c0d7e9e48ba10dba2d647c28fe999b68f32d3c98041a919936aabf21d76a41318b9a23e92e6b9ec770bb5945709044abeed096fea438b217a70b0e4735bd8d3d4f698737e7fc723fd1e81970bafd2b32e03b9044856b11bdf23abf6ffa9496933cd01e31502b79e56f96673a39c2e3f63f8d4fcfa995c7a9e0c63a42260de6d16221b9ddc403754f52cb458140b81d5a756106dd1f7ef0c113ceb614626ac811b2d45ac55c0ad30afb548e18011d0ad89eb7a76758980f5b048a958eaa0d0a9f40a7663b6444ccd33ae32409974b18608970462b1e2a22a160f5ea5543caa7477a867e8c8c25b8779b6764f4f8fb2a4a1c96b5e7fb872274c9a64e29242b053dab9c446ed5c2775f8f9f137de7860e2ff7ce8b7ae82951021ddabf43c762152d8002a902a4e578ab1088c84add1e2d138494cd3382d4d7327fc42ab5c848a6f3fca72028132d26af5bca4c21bca8a454e4d5c3a6fa1e44d8296e59ee4add1920c61cb830f017d9f6bb45dd2332e5f357500ec975cb5b9226e09e8584eb757ddeb92a025a07e956023bdb8157c4d1b7720fc89fc059b0e2891e2f9924407b658de8fc46489f0e26fd0e74e0a9c3ccc516e9642195033a4a783127ba3bdc7865a9e19b07518e0b9cfaaba2fd8a0f4edd42d22c25b72109417fd185dc13cbe7841ef7e6f21b56b5fba54423c61421768a69fb0ebff6c0c72b92636692cc6ef26673162191e98130fcdf9533e6f262c8b55ac111cc8fc356598bf54955b3f80f37aef3b111618ccf836668257ac4223f1782fb5c8544549934913926a11ae644b0752a3c5b13ffe818ed6a37a61db2f2a4706b64a2e9e084bbbf38cf0e593c08dc652cdeba5f5807c8724c95974887d6460c5df2b4cc5b81a110a17a77b48d74277ef173f7f7d15a1302e239e4062530116cbf5018b692b9f0fd1d3a22c705520f06db870087bcdbe0c461379044116bae55c98930cba3b0bc1927cde4db3e5a5ff1e6f7a571c07d2fba0ea861f40eb06e9527215ab0f755a58db0e5f51397f6103f648c09f9caa658943b27171ccbd931f98ffec4119a47771f740a38387ef9983d3e45d41c0193d216e6f17ea3d979db052acd98fa81908bf16a2ac290ff7d5805f2374d20c49029947f2942fd0f007fc11f49dc3f9baf70f46c528abe9ed976820979d9016a0d10dff8ae1b9a16009ecd0be024469b225cd283b860da38b830401cafc388bc67d44b5e4c4ce5df4a28c433b8599278a909e64cfbe95ebaacf3c61ef6f559a1c43cc19969b544c2aa87bc13bea77accb89c92d70cffbc4ecc241e03df783be3c9695cc7696bdf6fb9a6f3ecaf2e0a9601a40a22bb25eb213a8c646281ba30d38db7776f04e117c131b1a000b07d60dd52a40048942d5d697c9f27bf398b529a5d67e169423db9e55f681008044c53aaad2f76c3c44b578831672af5c647531fb144858454a40c05340071a15fead7464c0c034ea13d5b1c3f13bc90322f26f62e8b37a457b4d1dfdcb02a2217ee7e3a06000b2a4b4d1ed4831f67b8015522e59754c5183266bc3519337190c970a9d885af74369b7a7a9c7c83a4feadc"}) [ 2750.059465] FAULT_INJECTION: forcing a failure. [ 2750.059465] name failslab, interval 1, probability 0, space 0, times 0 [ 2750.059729] CPU: 1 PID: 8975 Comm: syz-executor.7 Not tainted 5.18.0-rc4-next-20220427 #1 [ 2750.059750] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2750.059763] Call Trace: [ 2750.059767] [ 2750.059774] dump_stack_lvl+0x8b/0xb3 [ 2750.059803] should_fail.cold+0x5/0xa [ 2750.059823] ? create_object.isra.0+0x3a/0xa20 [ 2750.059853] should_failslab+0x5/0x10 [ 2750.059878] kmem_cache_alloc+0x5b/0x480 [ 2750.059903] create_object.isra.0+0x3a/0xa20 [ 2750.059928] ? kasan_unpoison+0x23/0x50 [ 2750.059957] kmem_cache_alloc+0x239/0x480 [ 2750.059981] vm_area_dup+0x7f/0x220 [ 2750.060020] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 2750.060044] ? mark_lock.part.0+0xef/0x2f60 [ 2750.060067] ? __lock_acquire+0x164e/0x6120 [ 2750.060105] ? lock_is_held_type+0xd7/0x130 [ 2750.060131] ? find_held_lock+0x2c/0x110 [ 2750.060154] ? vm_area_alloc+0xf0/0xf0 [ 2750.060180] ? lock_release+0x3b2/0x750 [ 2750.060203] ? avc_has_perm_noaudit+0x1c8/0x390 [ 2750.060223] ? lock_downgrade+0x6d0/0x6d0 [ 2750.060255] ? __sanitizer_cov_trace_cmp2+0x22/0x80 [ 2750.060293] ? mark_lock.part.0+0xef/0x2f60 [ 2750.060317] ? avc_has_perm_noaudit+0x1ef/0x390 [ 2750.060339] __split_vma+0xa2/0x540 [ 2750.060364] do_mas_align_munmap.constprop.0+0x263/0xfa0 [ 2750.060398] ? __split_vma+0x540/0x540 [ 2750.060426] ? mas_walk+0x48a/0x670 [ 2750.060458] ? mas_find+0x203/0xdd0 [ 2750.060489] ? inode_has_perm+0x171/0x1d0 [ 2750.060510] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 2750.060541] do_mas_munmap+0x1ed/0x2c0 [ 2750.060564] mmap_region+0x21c/0x1a70 [ 2750.060594] ? lock_release+0x750/0x750 [ 2750.060618] ? do_munmap+0x100/0x100 [ 2750.060644] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2750.060672] ? security_mmap_addr+0x79/0xa0 02:58:38 executing program 4: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/zoneinfo\x00', 0x0, 0x0) fcntl$F_SET_FILE_RW_HINT(r1, 0x40e, &(0x7f00000000c0)=0x1) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @fixed}, 0xe) ioctl$sock_SIOCGIFVLAN_GET_VLAN_EGRESS_PRIORITY_CMD(r0, 0x8982, &(0x7f0000000000)) 02:58:38 executing program 3: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) r3 = socket$nl_audit(0x10, 0x3, 0x9) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000340)={'sit0\x00', 0x0}) sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)=ANY=[@ANYBLOB='\b\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01000000000000000000060000000c00018008000100", @ANYRES32=r4, @ANYBLOB], 0x20}}, 0x0) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000780)={'syztnl0\x00', &(0x7f00000009c0)={'syztnl1\x00', r4, 0x4, 0x79, 0x8, 0x8, 0x1, @empty, @local, 0x8000, 0x7, 0x5, 0x4}}) setsockopt$SO_TIMESTAMP(r1, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) sendmsg$GTP_CMD_DELPDP(0xffffffffffffffff, &(0x7f0000000800)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000007c0)={&(0x7f0000000840)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000425bd7000ffdbdf25010000b517a8890008006e6653b1e0ae0449772900ec3dbb6fe6f77d58d60fc93cf77e625ce3754c1f10a10cb42ddb580aa5cf2a2422597837140c36910508dcf13f63b5ba73e383f3ecaedc067200"/104], 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0xc000) r5 = dup2(r0, r1) fstatfs(r1, &(0x7f0000000080)=""/205) r6 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) recvmsg$unix(r5, &(0x7f0000000700)={&(0x7f0000000200), 0x6e, &(0x7f0000000680)=[{&(0x7f0000000280)=""/191, 0xbf}, {&(0x7f0000000340)=""/182, 0xb6}, {&(0x7f0000000400)=""/60, 0x3c}, {&(0x7f0000000440)=""/197, 0xc5}, {&(0x7f0000000540)=""/155, 0x9b}, {&(0x7f0000000600)=""/114, 0x72}], 0x6}, 0x40002000) r7 = getpgrp(0x0) r8 = accept(r0, &(0x7f00000008c0)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000000)=0x80) ioctl$sock_inet6_SIOCSIFADDR(r8, 0x8916, &(0x7f0000000940)={@local, 0x1c}) r9 = open_tree(r5, &(0x7f0000000980)='./file0\x00', 0x89900) kcmp$KCMP_EPOLL_TFD(r7, 0xffffffffffffffff, 0x7, r6, &(0x7f0000000180)={r9, 0xffffffffffffffff, 0x80}) connect$bt_l2cap(r6, &(0x7f0000000040)={0x1f, 0x1, @fixed, 0x0, 0x2}, 0xe) [ 2750.060698] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2750.060727] ? get_unmapped_area+0x2f0/0x3d0 [ 2750.060762] do_mmap+0x824/0xf40 [ 2750.060790] vm_mmap_pgoff+0x1b5/0x280 [ 2750.060827] ? randomize_stack_top+0x100/0x100 [ 2750.060857] ? __fget_files+0x287/0x470 [ 2750.060922] ksys_mmap_pgoff+0x3cc/0x4f0 [ 2750.060947] do_syscall_64+0x3b/0x90 [ 2750.060968] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2750.060993] RIP: 0033:0x7f1ab7761b62 [ 2750.061007] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 2750.061024] RSP: 002b:00007f1ab4cd70f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 2750.061043] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f1ab7761b62 [ 2750.061055] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffc000 [ 2750.061066] RBP: 0000000020ffc000 R08: 0000000000000006 R09: 0000000000000000 [ 2750.061077] R10: 0000000000008011 R11: 0000000000000206 R12: 00000000200003c0 [ 2750.061087] R13: 0000000020ffd000 R14: 0000000020000200 R15: 0000000020ffc000 [ 2750.061121] [ 2765.631043] kmemleak: 28 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 02:59:03 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000000500), &(0x7f0000000540)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x5c62, &(0x7f0000000340)={0x0, 0xb702, 0x10, 0x0, 0x3cd}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000200), &(0x7f00000003c0)) (fail_nth: 79) openat(r0, &(0x7f0000000140)='./file1\x00', 0x404000, 0x180) 02:59:03 executing program 4: syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0) write$binfmt_aout(r0, &(0x7f0000000c40)=ANY=[], 0x820) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x7fffffff) connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x1, @none, 0x40, 0x2}, 0xe) 02:59:03 executing program 3: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @any, 0x0, 0x2}, 0xe) 02:59:03 executing program 1: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(0xffffffffffffffff, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x8) 02:59:03 executing program 5: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sysvipc/sem\x00', 0x0, 0x0) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_open_dev$vcsa(0x0, 0xdda, 0x0) r1 = clone3(&(0x7f0000000280)={0x133323100, &(0x7f00000000c0)=0xffffffffffffffff, 0x0, 0x0, {0x26}, 0x0, 0x0, 0x0, 0x0}, 0x58) r3 = fork() clone3(&(0x7f00000003c0)={0x0, &(0x7f0000000100), &(0x7f0000000140), &(0x7f0000000180), {0x34}, &(0x7f00000001c0)=""/14, 0xe, &(0x7f0000000300)=""/134, &(0x7f0000000200)=[r1, r3], 0x2, {r2}}, 0x58) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0) write$binfmt_aout(r4, &(0x7f0000000c40)=ANY=[], 0x820) r5 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) sendfile(r4, r5, 0x0, 0x7fffffff) perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x3, 0x55, 0x4, 0x3f, 0x0, 0x6, 0x140, 0x6, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1b33a1e5, 0x1, @perf_bp={&(0x7f0000000040), 0x1}, 0x1000, 0x3f, 0x5, 0x7, 0xc2b, 0x3, 0x1000, 0x0, 0xffffffe1, 0x0, 0x1}, r3, 0xa, r4, 0x0) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x0, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) gettid() 02:59:03 executing program 6: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x0, 0x8a, 0x9, 0x0, 0x0, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) r7 = gettid() perf_event_open(0x0, r7, 0x1, 0xffffffffffffffff, 0x8) 02:59:03 executing program 2: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(0x0, 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x8) 02:59:03 executing program 0: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x8) [ 2774.751734] FAULT_INJECTION: forcing a failure. [ 2774.751734] name failslab, interval 1, probability 0, space 0, times 0 [ 2774.751755] CPU: 0 PID: 9012 Comm: syz-executor.7 Not tainted 5.18.0-rc4-next-20220427 #1 [ 2774.751768] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2774.751775] Call Trace: [ 2774.751779] [ 2774.751783] dump_stack_lvl+0x8b/0xb3 [ 2774.751803] should_fail.cold+0x5/0xa 02:59:03 executing program 3: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @fixed, 0x0, 0x2}, 0xe) setsockopt$inet6_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000080)=0xffffffffffffffff, 0x4) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1a}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) r3 = dup(0xffffffffffffffff) r4 = openat2(r3, &(0x7f0000000080)='./file0\x00', &(0x7f0000000140)={0x8900, 0x40, 0x5}, 0x18) preadv(r4, &(0x7f0000001500)=[{&(0x7f0000000240)=""/62, 0x3e}, {&(0x7f0000000340)=""/4096, 0x1000}, {&(0x7f0000000200)=""/42, 0x2a}, {&(0x7f0000001440)=""/100, 0x64}, {&(0x7f00000013c0)=""/86, 0x56}], 0x5, 0x1, 0x5) mmap$perf(&(0x7f0000ff5000/0xb000)=nil, 0xb000, 0x2000000, 0x80010, 0xffffffffffffffff, 0x6) process_vm_readv(0x0, &(0x7f00000000c0)=[{0x0}, {&(0x7f0000000100)=""/57, 0x39}], 0x2, &(0x7f0000000300)=[{&(0x7f0000012940)=""/102400, 0x19000}], 0x1, 0x0) r5 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000001c0), 0x28201, 0x0) r6 = ioctl$LOOP_CTL_GET_FREE(r5, 0x4c82) ioctl$LOOP_CTL_REMOVE(r5, 0x4c81, r6) r7 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0) ioctl$CDROMSTOP(r7, 0x80081280) connect$inet6(r7, &(0x7f0000000000)={0xa, 0x4e21, 0x2, @private0}, 0x1c) open_by_handle_at(0xffffffffffffffff, &(0x7f0000000000)=@ocfs2_parent={0x18, 0x2, {{0x40, 0xa5b00000, 0xfffff25a}, {0x1ff, 0x6, 0x225}}}, 0x141000) [ 2774.751813] ? lock_release+0x3b2/0x750 [ 2774.751830] ? anon_vma_clone+0xd3/0x560 [ 2774.751847] should_failslab+0x5/0x10 [ 2774.751864] kmem_cache_alloc+0x5b/0x480 [ 2774.751880] anon_vma_clone+0xd3/0x560 [ 2774.751905] __split_vma+0x16d/0x540 [ 2774.751920] do_mas_align_munmap.constprop.0+0x263/0xfa0 [ 2774.751943] ? __split_vma+0x540/0x540 [ 2774.751961] ? mas_walk+0x48a/0x670 [ 2774.751981] ? mas_find+0x203/0xdd0 [ 2774.752000] ? inode_has_perm+0x171/0x1d0 [ 2774.752014] ? lockdep_hardirqs_on_prepare+0x400/0x400 02:59:03 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000000500), &(0x7f0000000540)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x5c62, &(0x7f0000000340)={0x0, 0xb702, 0x10, 0x0, 0x3cd}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000200), &(0x7f00000003c0)) (fail_nth: 80) openat(r0, &(0x7f0000000140)='./file1\x00', 0x404000, 0x180) [ 2774.752033] do_mas_munmap+0x1ed/0x2c0 [ 2774.752048] mmap_region+0x21c/0x1a70 [ 2774.752066] ? lock_release+0x750/0x750 [ 2774.752082] ? do_munmap+0x100/0x100 [ 2774.752097] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2774.752117] ? security_mmap_addr+0x79/0xa0 02:59:03 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000000500), &(0x7f0000000540)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x5c62, &(0x7f0000000340)={0x0, 0xb702, 0x10, 0x0, 0x3cd}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000200), &(0x7f00000003c0)) (fail_nth: 81) openat(r0, &(0x7f0000000140)='./file1\x00', 0x404000, 0x180) [ 2774.752133] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2774.752151] ? get_unmapped_area+0x2f0/0x3d0 [ 2774.752172] do_mmap+0x824/0xf40 [ 2774.752190] vm_mmap_pgoff+0x1b5/0x280 [ 2774.752213] ? randomize_stack_top+0x100/0x100 [ 2774.752232] ? __fget_files+0x287/0x470 [ 2774.752259] ksys_mmap_pgoff+0x3cc/0x4f0 [ 2774.752274] do_syscall_64+0x3b/0x90 [ 2774.752288] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2774.752304] RIP: 0033:0x7f1ab7761b62 [ 2774.752313] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 2774.752324] RSP: 002b:00007f1ab4cd70f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 2774.752336] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f1ab7761b62 02:59:03 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000000500), &(0x7f0000000540)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x5c62, &(0x7f0000000340)={0x0, 0xb702, 0x10, 0x0, 0x3cd}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000200), &(0x7f00000003c0)) (fail_nth: 82) openat(r0, &(0x7f0000000140)='./file1\x00', 0x404000, 0x180) [ 2774.752344] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffc000 [ 2774.752350] RBP: 0000000020ffc000 R08: 0000000000000006 R09: 0000000000000000 [ 2774.752357] R10: 0000000000008011 R11: 0000000000000206 R12: 00000000200003c0 [ 2774.752364] R13: 0000000020ffd000 R14: 0000000020000200 R15: 0000000020ffc000 [ 2774.752384] [ 2774.814981] FAULT_INJECTION: forcing a failure. [ 2774.814981] name failslab, interval 1, probability 0, space 0, times 0 02:59:03 executing program 4: syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0) write$binfmt_aout(r0, &(0x7f0000000c40)=ANY=[], 0x820) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x7fffffff) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @fixed}, 0xe) [ 2774.815000] CPU: 0 PID: 9023 Comm: syz-executor.7 Not tainted 5.18.0-rc4-next-20220427 #1 02:59:03 executing program 1: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(0x0, 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x8) [ 2774.815013] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2774.815021] Call Trace: [ 2774.815025] [ 2774.815029] dump_stack_lvl+0x8b/0xb3 [ 2774.815050] should_fail.cold+0x5/0xa [ 2774.815062] ? create_object.isra.0+0x3a/0xa20 [ 2774.815085] should_failslab+0x5/0x10 [ 2774.815101] kmem_cache_alloc+0x5b/0x480 [ 2774.815118] create_object.isra.0+0x3a/0xa20 [ 2774.815133] ? kasan_unpoison+0x23/0x50 02:59:03 executing program 2: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(0x0, 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x8) 02:59:03 executing program 0: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x8) [ 2774.815152] kmem_cache_alloc+0x239/0x480 [ 2774.815167] anon_vma_clone+0xd3/0x560 [ 2774.815190] __split_vma+0x16d/0x540 [ 2774.815200] ? do_mas_align_munmap.constprop.0+0xa5/0xfa0 [ 2774.815216] do_mas_align_munmap.constprop.0+0x263/0xfa0 [ 2774.815237] ? __split_vma+0x540/0x540 [ 2774.815255] ? mas_walk+0x48a/0x670 [ 2774.815275] ? mas_find+0x203/0xdd0 [ 2774.815294] ? inode_has_perm+0x171/0x1d0 [ 2774.815309] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 2774.815330] do_mas_munmap+0x1ed/0x2c0 [ 2774.815345] mmap_region+0x21c/0x1a70 [ 2774.815362] ? lockdep_hardirqs_on+0x79/0x100 [ 2774.815380] ? do_munmap+0x100/0x100 [ 2774.815399] ? __sanitizer_cov_trace_switch+0x5e/0xf0 [ 2774.815423] do_mmap+0x824/0xf40 [ 2774.815441] vm_mmap_pgoff+0x1b5/0x280 [ 2774.815464] ? randomize_stack_top+0x100/0x100 [ 2774.815483] ? __fget_files+0x287/0x470 [ 2774.815509] ksys_mmap_pgoff+0x3cc/0x4f0 [ 2774.815525] do_syscall_64+0x3b/0x90 [ 2774.815538] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2774.815554] RIP: 0033:0x7f1ab7761b62 02:59:03 executing program 6: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x0, 0x8a, 0x9, 0x0, 0x0, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) r7 = gettid() perf_event_open(0x0, r7, 0x1, 0xffffffffffffffff, 0x8) [ 2774.815563] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 2774.815573] RSP: 002b:00007f1ab4cd70f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 2774.815585] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f1ab7761b62 [ 2774.815593] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffc000 [ 2774.815600] RBP: 0000000020ffc000 R08: 0000000000000006 R09: 0000000000000000 [ 2774.815606] R10: 0000000000008011 R11: 0000000000000206 R12: 00000000200003c0 [ 2774.815613] R13: 0000000020ffd000 R14: 0000000020000200 R15: 0000000020ffc000 [ 2774.815634] [ 2774.864132] FAULT_INJECTION: forcing a failure. [ 2774.864132] name failslab, interval 1, probability 0, space 0, times 0 [ 2774.864151] CPU: 0 PID: 9029 Comm: syz-executor.7 Not tainted 5.18.0-rc4-next-20220427 #1 [ 2774.864164] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2774.864172] Call Trace: [ 2774.864175] [ 2774.864179] dump_stack_lvl+0x8b/0xb3 [ 2774.864199] should_fail.cold+0x5/0xa [ 2774.864211] ? mas_alloc_nodes+0x36e/0x6a0 [ 2774.864229] should_failslab+0x5/0x10 [ 2774.864246] kmem_cache_alloc+0x5b/0x480 [ 2774.864262] mas_alloc_nodes+0x36e/0x6a0 [ 2774.864281] ? find_vma+0x108/0x1a0 [ 2774.864304] mas_preallocate+0xff/0x270 [ 2774.864323] __vma_adjust+0x1f6/0x18a0 [ 2774.864348] ? vma_expand+0xda0/0xda0 [ 2774.864357] ? up_write+0x148/0x460 [ 2774.864375] ? anon_vma_clone+0x3ae/0x560 [ 2774.864398] __split_vma+0x2a1/0x540 [ 2774.864413] do_mas_align_munmap.constprop.0+0x263/0xfa0 [ 2774.864434] ? __split_vma+0x540/0x540 [ 2774.864451] ? mas_walk+0x48a/0x670 [ 2774.864470] ? mas_find+0x203/0xdd0 [ 2774.864489] ? inode_has_perm+0x171/0x1d0 [ 2774.864503] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 2774.864522] do_mas_munmap+0x1ed/0x2c0 [ 2774.864537] mmap_region+0x21c/0x1a70 [ 2774.864555] ? lock_release+0x750/0x750 [ 2774.864570] ? do_munmap+0x100/0x100 [ 2774.864586] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2774.864605] ? security_mmap_addr+0x79/0xa0 [ 2774.864621] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2774.864639] ? get_unmapped_area+0x2f0/0x3d0 [ 2774.864661] do_mmap+0x824/0xf40 [ 2774.864678] vm_mmap_pgoff+0x1b5/0x280 [ 2774.864701] ? randomize_stack_top+0x100/0x100 [ 2774.864720] ? __fget_files+0x287/0x470 [ 2774.864747] ksys_mmap_pgoff+0x3cc/0x4f0 [ 2774.864762] do_syscall_64+0x3b/0x90 [ 2774.864776] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2774.864792] RIP: 0033:0x7f1ab7761b62 [ 2774.864801] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 2774.864813] RSP: 002b:00007f1ab4cd70f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 2774.864824] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f1ab7761b62 [ 2774.864832] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffc000 [ 2774.864838] RBP: 0000000020ffc000 R08: 0000000000000006 R09: 0000000000000000 [ 2774.864845] R10: 0000000000008011 R11: 0000000000000206 R12: 00000000200003c0 [ 2774.864852] R13: 0000000020ffd000 R14: 0000000020000200 R15: 0000000020ffc000 [ 2774.864873] [ 2774.984417] FAULT_INJECTION: forcing a failure. [ 2774.984417] name failslab, interval 1, probability 0, space 0, times 0 [ 2774.984437] CPU: 0 PID: 9037 Comm: syz-executor.7 Not tainted 5.18.0-rc4-next-20220427 #1 [ 2774.984450] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2774.984458] Call Trace: [ 2774.984461] [ 2774.984465] dump_stack_lvl+0x8b/0xb3 [ 2774.984489] should_fail.cold+0x5/0xa [ 2774.984501] ? create_object.isra.0+0x3a/0xa20 [ 2774.984521] should_failslab+0x5/0x10 [ 2774.984537] kmem_cache_alloc+0x5b/0x480 [ 2774.984554] create_object.isra.0+0x3a/0xa20 [ 2774.984569] ? kasan_unpoison+0x23/0x50 [ 2774.984588] kmem_cache_alloc+0x239/0x480 [ 2774.984603] anon_vma_clone+0xd3/0x560 [ 2774.984626] __split_vma+0x16d/0x540 [ 2774.984641] do_mas_align_munmap.constprop.0+0x263/0xfa0 [ 2774.984662] ? __split_vma+0x540/0x540 [ 2774.984680] ? mas_walk+0x48a/0x670 [ 2774.984700] ? mas_find+0x203/0xdd0 [ 2774.984719] ? inode_has_perm+0x171/0x1d0 [ 2774.984734] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 2774.984754] do_mas_munmap+0x1ed/0x2c0 [ 2774.984769] mmap_region+0x21c/0x1a70 [ 2774.984787] ? lock_release+0x750/0x750 [ 2774.984803] ? do_munmap+0x100/0x100 [ 2774.984818] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2774.984838] ? security_mmap_addr+0x79/0xa0 [ 2774.984855] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2774.984872] ? get_unmapped_area+0x2f0/0x3d0 [ 2774.984894] do_mmap+0x824/0xf40 [ 2774.984912] vm_mmap_pgoff+0x1b5/0x280 [ 2774.984935] ? randomize_stack_top+0x100/0x100 [ 2774.984954] ? __fget_files+0x287/0x470 [ 2774.984981] ksys_mmap_pgoff+0x3cc/0x4f0 [ 2774.984996] do_syscall_64+0x3b/0x90 [ 2774.985011] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2774.985027] RIP: 0033:0x7f1ab7761b62 [ 2774.985036] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 2774.985047] RSP: 002b:00007f1ab4cd70f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 2774.985059] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f1ab7761b62 [ 2774.985067] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffc000 [ 2774.985074] RBP: 0000000020ffc000 R08: 0000000000000006 R09: 0000000000000000 [ 2774.985080] R10: 0000000000008011 R11: 0000000000000206 R12: 00000000200003c0 [ 2774.985087] R13: 0000000020ffd000 R14: 0000000020000200 R15: 0000000020ffc000 [ 2774.985108] [ 2790.884237] kmemleak: 4 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 02:59:27 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000000500), &(0x7f0000000540)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x5c62, &(0x7f0000000340)={0x0, 0xb702, 0x10, 0x0, 0x3cd}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000200), &(0x7f00000003c0)) (fail_nth: 83) openat(r0, &(0x7f0000000140)='./file1\x00', 0x404000, 0x180) [ 2799.134152] FAULT_INJECTION: forcing a failure. [ 2799.134152] name failslab, interval 1, probability 0, space 0, times 0 [ 2799.134184] CPU: 1 PID: 9056 Comm: syz-executor.7 Not tainted 5.18.0-rc4-next-20220427 #1 [ 2799.134208] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2799.134222] Call Trace: [ 2799.134227] [ 2799.134235] dump_stack_lvl+0x8b/0xb3 [ 2799.134267] should_fail.cold+0x5/0xa [ 2799.134294] should_failslab+0x5/0x10 [ 2799.134324] kmem_cache_alloc_bulk+0x47/0x780 [ 2799.134343] ? rcu_read_lock_sched_held+0x3a/0x70 [ 2799.134373] ? kmem_cache_alloc+0x332/0x480 [ 2799.134401] mas_alloc_nodes+0x2a6/0x6a0 [ 2799.134443] mas_preallocate+0xff/0x270 [ 2799.134485] __vma_adjust+0x1f6/0x18a0 [ 2799.134536] ? vma_expand+0xda0/0xda0 [ 2799.134553] ? up_write+0x148/0x460 [ 2799.134583] ? anon_vma_clone+0x3ae/0x560 [ 2799.134625] __split_vma+0x2a1/0x540 [ 2799.134653] do_mas_align_munmap.constprop.0+0x263/0xfa0 [ 2799.134692] ? __split_vma+0x540/0x540 [ 2799.134724] ? mas_walk+0x48a/0x670 [ 2799.134758] ? mas_find+0x203/0xdd0 [ 2799.134794] ? inode_has_perm+0x171/0x1d0 [ 2799.134819] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 2799.134855] do_mas_munmap+0x1ed/0x2c0 [ 2799.134882] mmap_region+0x21c/0x1a70 [ 2799.134916] ? lock_release+0x750/0x750 [ 2799.134944] ? do_munmap+0x100/0x100 [ 2799.134974] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2799.135008] ? security_mmap_addr+0x79/0xa0 [ 2799.135038] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2799.135071] ? get_unmapped_area+0x2f0/0x3d0 [ 2799.135111] do_mmap+0x824/0xf40 [ 2799.135145] vm_mmap_pgoff+0x1b5/0x280 [ 2799.135186] ? randomize_stack_top+0x100/0x100 [ 2799.135221] ? __fget_files+0x287/0x470 [ 2799.135270] ksys_mmap_pgoff+0x3cc/0x4f0 [ 2799.135298] do_syscall_64+0x3b/0x90 [ 2799.135323] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2799.135352] RIP: 0033:0x7f1ab7761b62 [ 2799.135367] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 2799.135387] RSP: 002b:00007f1ab4cd70f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 2799.135408] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f1ab7761b62 [ 2799.135422] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffc000 [ 2799.135435] RBP: 0000000020ffc000 R08: 0000000000000006 R09: 0000000000000000 02:59:27 executing program 1: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x8) 02:59:27 executing program 5: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_open_dev$vcsa(0x0, 0xdda, 0x0) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x0, &(0x7f00000001c0)=0x6, 0x4) sendmsg$sock(r0, &(0x7f0000000240)={&(0x7f0000000080)=@ethernet={0x6, @local}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000100)="f10a323b1e15ab7cdab2854a5a64f67cf143741bbcc8568358fa4982332fbaca7b062e2a37affc30948b6c86f19bdde0e288c9601bf9d54eb0d287fef4923a1012026847bb085b8011d84c86c24bb90965976b072c73304c3892e516e9c66851f5e6ffd7daaacefda0e0db48eca0e573288b19d540690ae0cf077970ab878274b288935a31198c472f", 0x89}], 0x1, &(0x7f0000000200)=[@timestamping={{0x14, 0x1, 0x25, 0x5}}], 0x18}, 0x24004855) dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) gettid() 02:59:27 executing program 2: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000001300)=0x1, 0x3) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) 02:59:27 executing program 3: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0) write$binfmt_aout(r1, &(0x7f0000000c40)=ANY=[], 0x820) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x7fffffff) getsockopt$bt_l2cap_L2CAP_OPTIONS(r1, 0x6, 0x1, &(0x7f0000000000), &(0x7f0000000080)=0xc) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @fixed, 0x0, 0x2}, 0xe) 02:59:27 executing program 0: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x8) 02:59:27 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) fcntl$getownex(r0, 0x10, &(0x7f0000000000)) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) connect$bt_l2cap(r1, &(0x7f0000000040)={0x1f, 0x1, @fixed}, 0xe) 02:59:27 executing program 6: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x0, 0x8a, 0x9, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) r7 = gettid() perf_event_open(0x0, r7, 0x1, 0xffffffffffffffff, 0x8) [ 2799.135447] R10: 0000000000008011 R11: 0000000000000206 R12: 00000000200003c0 [ 2799.135459] R13: 0000000020ffd000 R14: 0000000020000200 R15: 0000000020ffc000 [ 2799.135498] 02:59:27 executing program 0: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x8) 02:59:27 executing program 2: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x8) 02:59:27 executing program 5: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_open_dev$vcsa(0x0, 0xdda, 0x0) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x0, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, 0xffffffffffffffff) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0) write$binfmt_aout(r1, &(0x7f0000000c40)=ANY=[], 0x820) r2 = openat(0xffffffffffffffff, &(0x7f0000000100)='./file1\x00', 0x400242, 0x151) sendfile(r1, r2, 0x0, 0x7fffffff) setsockopt$IP_VS_SO_SET_STARTDAEMON(r2, 0x0, 0x48b, &(0x7f0000000000)={0x0, 'vlan0\x00', 0x3}, 0x18) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) gettid() 02:59:27 executing program 3: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) setsockopt$bt_l2cap_L2CAP_OPTIONS(r0, 0x6, 0x1, &(0x7f0000000280)={0x82, 0x8000, 0x0, 0x20, 0x0, 0x8}, 0xc) bind$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0xfffd, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x101}, 0xe) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0) write$binfmt_aout(r1, &(0x7f0000000c40)=ANY=[], 0x820) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x7fffffff) bind$bt_l2cap(r1, &(0x7f0000000180)={0x1f, 0x5, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x2, 0x2}, 0xe) bind$bt_l2cap(r1, &(0x7f0000000140)={0x1f, 0x5, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x0, 0x1}, 0xe) setsockopt$sock_timeval(r0, 0x1, 0x43, &(0x7f0000000080)={0x77359400}, 0x10) r3 = syz_open_dev$mouse(&(0x7f00000001c0), 0x2, 0x10001) getsockopt$bt_l2cap_L2CAP_OPTIONS(r3, 0x6, 0x1, &(0x7f0000000200), &(0x7f0000000240)=0xc) bind$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x2, @any, 0x9, 0x1}, 0xe) r4 = syz_open_dev$evdev(&(0x7f0000000100), 0x6eae, 0x50002) r5 = pidfd_getfd(0xffffffffffffffff, r4, 0x0) bind$bt_l2cap(r5, &(0x7f00000000c0)={0x1f, 0x4, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x800}, 0xe) 02:59:27 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000000500), &(0x7f0000000540)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x5c62, &(0x7f0000000340)={0x0, 0xb702, 0x10, 0x0, 0x3cd}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000200), &(0x7f00000003c0)) (fail_nth: 84) openat(r0, &(0x7f0000000140)='./file1\x00', 0x404000, 0x180) [ 2799.286083] FAULT_INJECTION: forcing a failure. [ 2799.286083] name failslab, interval 1, probability 0, space 0, times 0 [ 2799.286104] CPU: 0 PID: 9082 Comm: syz-executor.7 Not tainted 5.18.0-rc4-next-20220427 #1 [ 2799.286117] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2799.286125] Call Trace: [ 2799.286129] [ 2799.286133] dump_stack_lvl+0x8b/0xb3 [ 2799.286154] should_fail.cold+0x5/0xa [ 2799.286166] ? create_object.isra.0+0x3a/0xa20 [ 2799.286188] should_failslab+0x5/0x10 [ 2799.286205] kmem_cache_alloc+0x5b/0x480 [ 2799.286221] create_object.isra.0+0x3a/0xa20 [ 2799.286236] ? kasan_unpoison+0x23/0x50 [ 2799.286254] kmem_cache_alloc_bulk+0x3fa/0x780 [ 2799.286271] mas_alloc_nodes+0x2a6/0x6a0 [ 2799.286295] mas_preallocate+0xff/0x270 [ 2799.286314] __vma_adjust+0x1f6/0x18a0 [ 2799.286340] ? vma_expand+0xda0/0xda0 [ 2799.286349] ? up_write+0x148/0x460 [ 2799.286366] ? anon_vma_clone+0x3ae/0x560 [ 2799.286389] __split_vma+0x2a1/0x540 [ 2799.286404] do_mas_align_munmap.constprop.0+0x263/0xfa0 [ 2799.286424] ? __split_vma+0x540/0x540 [ 2799.286442] ? mas_walk+0x48a/0x670 [ 2799.286461] ? mas_find+0x203/0xdd0 [ 2799.286480] ? lockdep_hardirqs_on+0x79/0x100 [ 2799.286497] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 2799.286517] do_mas_munmap+0x1ed/0x2c0 [ 2799.286531] mmap_region+0x21c/0x1a70 [ 2799.286547] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 02:59:27 executing program 1: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x8) [ 2799.286566] ? lockdep_hardirqs_on+0x79/0x100 [ 2799.286582] ? do_munmap+0x100/0x100 [ 2799.286600] ? do_mmap+0xbb2/0xf40 [ 2799.286616] do_mmap+0x824/0xf40 [ 2799.286634] vm_mmap_pgoff+0x1b5/0x280 [ 2799.286656] ? randomize_stack_top+0x100/0x100 [ 2799.286675] ? __fget_files+0x287/0x470 [ 2799.286701] ksys_mmap_pgoff+0x3cc/0x4f0 [ 2799.286716] do_syscall_64+0x3b/0x90 [ 2799.286729] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2799.286745] RIP: 0033:0x7f1ab7761b62 [ 2799.286753] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 2799.286765] RSP: 002b:00007f1ab4cd70f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 2799.286776] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f1ab7761b62 02:59:28 executing program 0: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x8) [ 2799.286784] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffc000 [ 2799.286791] RBP: 0000000020ffc000 R08: 0000000000000006 R09: 0000000000000000 [ 2799.286797] R10: 0000000000008011 R11: 0000000000000206 R12: 00000000200003c0 02:59:28 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000000500), &(0x7f0000000540)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x5c62, &(0x7f0000000340)={0x0, 0xb702, 0x10, 0x0, 0x3cd}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000200), &(0x7f00000003c0)) (fail_nth: 85) openat(r0, &(0x7f0000000140)='./file1\x00', 0x404000, 0x180) [ 2799.286804] R13: 0000000020ffd000 R14: 0000000020000200 R15: 0000000020ffc000 [ 2799.286825] 02:59:28 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffffff, &(0x7f0000000080)='./file1\x00', 0x80c00, 0x0) syz_io_uring_setup(0x1978, &(0x7f0000000400)={0x0, 0x9819, 0x4, 0x1, 0xe8}, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000000500), &(0x7f0000000540)) syz_io_uring_setup(0x74aa, &(0x7f0000000000)={0x0, 0x1196, 0x0, 0x0, 0x175}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x1000)=nil, 0x0, &(0x7f00000000c0)=0x0) r2 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x5c62, &(0x7f0000000340)={0x0, 0xb702, 0x10, 0x0, 0x3cd}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000200), &(0x7f00000003c0)) r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r2, 0x9, 0x0, 0x0) openat(r0, &(0x7f0000000140)='./file1\x00', 0x404000, 0x180) syz_io_uring_submit(0x0, r1, &(0x7f0000000300)=@IORING_OP_CONNECT={0x10, 0x2, 0x0, 0xffffffffffffffff, 0x80, &(0x7f0000000280)=@llc={0x1a, 0x3, 0x0, 0x3, 0x0, 0x80, @broadcast}, 0x0, 0x0, 0x0, {0x0, r3}}, 0x1) [ 2799.412883] FAULT_INJECTION: forcing a failure. [ 2799.412883] name failslab, interval 1, probability 0, space 0, times 0 [ 2799.412903] CPU: 0 PID: 9092 Comm: syz-executor.7 Not tainted 5.18.0-rc4-next-20220427 #1 [ 2799.412916] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2799.412924] Call Trace: [ 2799.412928] [ 2799.412932] dump_stack_lvl+0x8b/0xb3 [ 2799.412953] should_fail.cold+0x5/0xa [ 2799.412965] ? create_object.isra.0+0x3a/0xa20 [ 2799.412984] should_failslab+0x5/0x10 [ 2799.413000] kmem_cache_alloc+0x5b/0x480 [ 2799.413011] ? mark_held_locks+0x9e/0xe0 [ 2799.413031] create_object.isra.0+0x3a/0xa20 [ 2799.413046] ? kasan_unpoison+0x23/0x50 02:59:28 executing program 6: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x0, 0x8a, 0x9, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) r7 = gettid() perf_event_open(0x0, r7, 0x1, 0xffffffffffffffff, 0x8) [ 2799.413064] kmem_cache_alloc_bulk+0x3fa/0x780 [ 2799.413075] ? kmem_cache_alloc+0x332/0x480 [ 2799.413090] mas_alloc_nodes+0x2a6/0x6a0 [ 2799.413113] mas_preallocate+0xff/0x270 [ 2799.413133] __vma_adjust+0x1f6/0x18a0 [ 2799.413158] ? vma_expand+0xda0/0xda0 [ 2799.413167] ? up_write+0x148/0x460 [ 2799.413183] ? anon_vma_clone+0x3ae/0x560 [ 2799.413206] __split_vma+0x2a1/0x540 [ 2799.413221] do_mas_align_munmap.constprop.0+0x263/0xfa0 [ 2799.413241] ? __split_vma+0x540/0x540 [ 2799.413259] ? mas_walk+0x48a/0x670 [ 2799.413277] ? mas_find+0x203/0xdd0 [ 2799.413296] ? inode_has_perm+0x171/0x1d0 [ 2799.413311] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 2799.413330] do_mas_munmap+0x1ed/0x2c0 [ 2799.413345] mmap_region+0x21c/0x1a70 [ 2799.413363] ? lock_release+0x750/0x750 [ 2799.413378] ? do_munmap+0x100/0x100 [ 2799.413394] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2799.413413] ? security_mmap_addr+0x79/0xa0 [ 2799.413430] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2799.413452] ? get_unmapped_area+0x2f0/0x3d0 [ 2799.413473] do_mmap+0x824/0xf40 [ 2799.413492] vm_mmap_pgoff+0x1b5/0x280 [ 2799.413514] ? randomize_stack_top+0x100/0x100 [ 2799.413533] ? __fget_files+0x287/0x470 [ 2799.413560] ksys_mmap_pgoff+0x3cc/0x4f0 [ 2799.413575] do_syscall_64+0x3b/0x90 [ 2799.413589] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2799.413623] RIP: 0033:0x7f1ab7761b62 [ 2799.413632] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 2799.413643] RSP: 002b:00007f1ab4cd70f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 2799.413655] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f1ab7761b62 [ 2799.413662] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffc000 [ 2799.413669] RBP: 0000000020ffc000 R08: 0000000000000006 R09: 0000000000000000 [ 2799.413675] R10: 0000000000008011 R11: 0000000000000206 R12: 00000000200003c0 [ 2799.413682] R13: 0000000020ffd000 R14: 0000000020000200 R15: 0000000020ffc000 [ 2799.413703] [ 2814.669212] kmemleak: 4 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 02:59:53 executing program 5: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_open_dev$vcsa(0x0, 0xdda, 0x0) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x0, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, 0xffffffffffffffff) r2 = socket$nl_sock_diag(0x10, 0x3, 0x4) pwritev(r2, &(0x7f0000000080)=[{&(0x7f0000000000)="51b5df5013a54d266dbaefbed1a973e9a3f1911795dadc2449d58c5b9ad5c838a1b881449ac9", 0x26}], 0x1, 0x6, 0x9) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendmsg$IPSET_CMD_FLUSH(r1, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x44, 0x4, 0x6, 0x101, 0x0, 0x0, {0x0, 0x0, 0x3}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x44}, 0x1, 0x0, 0x0, 0x41}, 0x8000) gettid() fsetxattr$security_capability(0xffffffffffffffff, &(0x7f0000000240), &(0x7f0000000280)=@v1={0x1000000, [{0x100, 0x3de9}]}, 0xc, 0x0) 02:59:53 executing program 3: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) syz_emit_ethernet(0x28a, &(0x7f0000000400)=ANY=[@ANYBLOB="0180c2000002bbbbbbbbbbbb81004a0086dd6044a08602502100ff020000000000000000000000000001f80200000000000000000000000000012b0e04a4c848b600ff010000000000000000000000000001fc02000000000000000000000000000020010000000000000000000000000002fe8000000000000000000000000000aafe800000000000000000000000000011fc010000000000000000000000000000fc0100000000000000000000000000003c03000000000000c91000000000000000000000ffff000000000001000001003203000000000000000100070a16e9518c2588b84e35ea0107000000000000000c06040301187016000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffac1e738f02c55ed3c9010167000000000000000502000701000000ff12040900500000fc020000000000000000000000000000ff010000000000000000000000000001fe8000000000000000000000000000bbfe8000000000000000000000000000aaff020000000000000000000000000001fe880000000000000000000000000001fc000000000000000000000000000000fe80000000000000000000000000001dfe8000000000000000000000000000bb4e224e2104f190780cc76f5305f5d38d03f68161ac9685b3dc03393c6785d7ca0e8b6c335908c889831e2fe03ef932f292b30f44041692d254a927f5d63e9c17ce2ad24872716b3303458b0fcd3c6a0c8f568db538d2784bb4272f9dc1d8bd1d33e0c2c548b4fe497592e077d1da3de3b816f632726191c30488fcdca29869d6029e36cd93df98c630f4f98a58fe5234deb284458f7b55a40606936f12c933d8cac48b48045caef106b18df2a385fbdeabae9ffd00921a77e7db60d325b5cd8b264d12ae7d9bef68befbc55532ee71c521982fb8ed8e1c19f47893360bbbe8e8724caf1e5bf7afda4ac2895a12b4eab37df63f88ca1c3876a278221bef71aae2012da2f26cedc21b0990d3"], 0x0) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @fixed, 0x0, 0x2}, 0xe) 02:59:53 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000000500), &(0x7f0000000540)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x5c62, &(0x7f0000000340)={0x0, 0xb702, 0x10, 0x0, 0x3cd}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000200), &(0x7f00000003c0)) (fail_nth: 86) openat(r0, &(0x7f0000000140)='./file1\x00', 0x404000, 0x180) 02:59:53 executing program 4: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @fixed}, 0xe) bind$bt_l2cap(0xffffffffffffffff, &(0x7f0000000000)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0xff59, 0x2}, 0xe) getsockopt$sock_timeval(r0, 0x1, 0x43, &(0x7f0000000080), &(0x7f00000000c0)=0x10) 02:59:53 executing program 0: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x8) 02:59:53 executing program 1: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x8) 02:59:53 executing program 2: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000001300)=0x1, 0x3) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) 02:59:53 executing program 6: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x0, 0x8a, 0x9, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) r7 = gettid() perf_event_open(0x0, r7, 0x1, 0xffffffffffffffff, 0x8) [ 2825.197960] FAULT_INJECTION: forcing a failure. [ 2825.197960] name failslab, interval 1, probability 0, space 0, times 0 [ 2825.198002] CPU: 1 PID: 9120 Comm: syz-executor.7 Not tainted 5.18.0-rc4-next-20220427 #1 [ 2825.198026] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2825.198040] Call Trace: [ 2825.198045] [ 2825.198054] dump_stack_lvl+0x8b/0xb3 [ 2825.198085] should_fail.cold+0x5/0xa [ 2825.198108] ? create_object.isra.0+0x3a/0xa20 [ 2825.198142] should_failslab+0x5/0x10 [ 2825.198171] kmem_cache_alloc+0x5b/0x480 02:59:53 executing program 5: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_open_dev$vcsa(0x0, 0xdda, 0x0) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x0, &(0x7f00000001c0)=0x6, 0x4) r1 = pidfd_open(0x0, 0x0) dup2(0xffffffffffffffff, r1) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) gettid() r2 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x90040, 0x0) pidfd_send_signal(r2, 0xb, &(0x7f0000000080)={0x10001, 0x6, 0x9}, 0x0) [ 2825.198190] ? mark_held_locks+0x9e/0xe0 [ 2825.198224] create_object.isra.0+0x3a/0xa20 [ 2825.198253] ? kasan_unpoison+0x23/0x50 [ 2825.198287] kmem_cache_alloc_bulk+0x3fa/0x780 [ 2825.198308] ? kmem_cache_alloc+0x332/0x480 [ 2825.198336] mas_alloc_nodes+0x2a6/0x6a0 [ 2825.198378] mas_preallocate+0xff/0x270 02:59:53 executing program 6: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x0, 0x8a, 0x9, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) r7 = gettid() perf_event_open(0x0, r7, 0x1, 0xffffffffffffffff, 0x8) [ 2825.198414] __vma_adjust+0x1f6/0x18a0 [ 2825.198467] ? vma_expand+0xda0/0xda0 [ 2825.198484] ? up_write+0x148/0x460 [ 2825.198513] ? anon_vma_clone+0x3ae/0x560 02:59:53 executing program 3: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @fixed, 0x0, 0x2}, 0xe) ioctl$AUTOFS_IOC_READY(r0, 0x9360, 0x81) [ 2825.198555] __split_vma+0x2a1/0x540 [ 2825.198584] do_mas_align_munmap.constprop.0+0x263/0xfa0 [ 2825.198623] ? __split_vma+0x540/0x540 [ 2825.198656] ? mas_walk+0x48a/0x670 [ 2825.198691] ? mas_find+0x203/0xdd0 [ 2825.198727] ? inode_has_perm+0x171/0x1d0 [ 2825.198752] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 2825.198788] do_mas_munmap+0x1ed/0x2c0 [ 2825.198816] mmap_region+0x21c/0x1a70 [ 2825.198850] ? lock_release+0x750/0x750 [ 2825.198879] ? do_munmap+0x100/0x100 [ 2825.198908] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2825.198943] ? security_mmap_addr+0x79/0xa0 [ 2825.198973] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2825.199006] ? get_unmapped_area+0x2f0/0x3d0 [ 2825.199047] do_mmap+0x824/0xf40 [ 2825.199081] vm_mmap_pgoff+0x1b5/0x280 [ 2825.199122] ? randomize_stack_top+0x100/0x100 [ 2825.199157] ? __fget_files+0x287/0x470 [ 2825.199206] ksys_mmap_pgoff+0x3cc/0x4f0 [ 2825.199235] do_syscall_64+0x3b/0x90 [ 2825.199260] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2825.199290] RIP: 0033:0x7f1ab7761b62 [ 2825.199306] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 02:59:53 executing program 2: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000001300)=0x1, 0x3) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) [ 2825.199325] RSP: 002b:00007f1ab4cd70f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 2825.199347] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f1ab7761b62 [ 2825.199361] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffc000 [ 2825.199373] RBP: 0000000020ffc000 R08: 0000000000000006 R09: 0000000000000000 [ 2825.199386] R10: 0000000000008011 R11: 0000000000000206 R12: 00000000200003c0 [ 2825.199398] R13: 0000000020ffd000 R14: 0000000020000200 R15: 0000000020ffc000 [ 2825.199438] 02:59:54 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000000500), &(0x7f0000000540)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x5c62, &(0x7f0000000340)={0x0, 0xb702, 0x10, 0x0, 0x3cd}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000200), &(0x7f00000003c0)) (fail_nth: 87) openat(r0, &(0x7f0000000140)='./file1\x00', 0x404000, 0x180) 02:59:54 executing program 0: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x8) 02:59:54 executing program 1: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x8) 02:59:54 executing program 3: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) r3 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r3, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(r2, r3) r4 = socket$inet6_udplite(0xa, 0x2, 0x88) r5 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r5, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(r4, r5) dup2(r3, r4) setsockopt$SO_TIMESTAMP(r1, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(r0, r1) ioctl$sock_SIOCSIFVLAN_GET_VLAN_INGRESS_PRIORITY_CMD(r0, 0x8983, &(0x7f0000000000)) r6 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) connect$bt_l2cap(r6, &(0x7f0000000040)={0x1f, 0x1, @fixed, 0x0, 0x2}, 0xe) [ 2825.453309] FAULT_INJECTION: forcing a failure. [ 2825.453309] name failslab, interval 1, probability 0, space 0, times 0 [ 2825.453344] CPU: 0 PID: 9139 Comm: syz-executor.7 Not tainted 5.18.0-rc4-next-20220427 #1 [ 2825.453368] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2825.453382] Call Trace: [ 2825.453387] [ 2825.453395] dump_stack_lvl+0x8b/0xb3 [ 2825.453428] should_fail.cold+0x5/0xa [ 2825.453454] ? create_object.isra.0+0x3a/0xa20 [ 2825.453489] should_failslab+0x5/0x10 [ 2825.453518] kmem_cache_alloc+0x5b/0x480 [ 2825.453537] ? mark_held_locks+0x9e/0xe0 [ 2825.453572] create_object.isra.0+0x3a/0xa20 [ 2825.453600] ? kasan_unpoison+0x23/0x50 [ 2825.453634] kmem_cache_alloc_bulk+0x3fa/0x780 [ 2825.453666] mas_alloc_nodes+0x2a6/0x6a0 [ 2825.453707] mas_preallocate+0xff/0x270 [ 2825.453743] __vma_adjust+0x1f6/0x18a0 [ 2825.453774] ? __kasan_check_write+0x4/0x10 [ 2825.453815] ? vma_expand+0xda0/0xda0 [ 2825.453832] ? up_write+0x148/0x460 [ 2825.453861] ? anon_vma_clone+0x3ae/0x560 [ 2825.453903] __split_vma+0x2a1/0x540 [ 2825.453931] do_mas_align_munmap.constprop.0+0x263/0xfa0 [ 2825.453994] ? __split_vma+0x540/0x540 [ 2825.454027] ? mas_walk+0x48a/0x670 [ 2825.454061] ? mas_find+0x203/0xdd0 [ 2825.454097] ? inode_has_perm+0x171/0x1d0 [ 2825.454123] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 2825.454159] do_mas_munmap+0x1ed/0x2c0 [ 2825.454186] mmap_region+0x21c/0x1a70 [ 2825.454220] ? lock_release+0x750/0x750 [ 2825.454248] ? do_munmap+0x100/0x100 [ 2825.454277] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2825.454312] ? security_mmap_addr+0x79/0xa0 [ 2825.454342] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2825.454375] ? get_unmapped_area+0x2f0/0x3d0 [ 2825.454415] do_mmap+0x824/0xf40 [ 2825.454448] vm_mmap_pgoff+0x1b5/0x280 [ 2825.454490] ? randomize_stack_top+0x100/0x100 [ 2825.454524] ? __fget_files+0x287/0x470 [ 2825.454573] ksys_mmap_pgoff+0x3cc/0x4f0 [ 2825.454601] do_syscall_64+0x3b/0x90 [ 2825.454626] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2825.454656] RIP: 0033:0x7f1ab7761b62 [ 2825.454672] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 2825.454692] RSP: 002b:00007f1ab4cd70f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 2825.454713] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f1ab7761b62 [ 2825.454726] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffc000 [ 2825.454739] RBP: 0000000020ffc000 R08: 0000000000000006 R09: 0000000000000000 [ 2825.454751] R10: 0000000000008011 R11: 0000000000000206 R12: 00000000200003c0 [ 2825.454764] R13: 0000000020ffd000 R14: 0000000020000200 R15: 0000000020ffc000 [ 2825.454802] [ 2840.195080] kmemleak: 12 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 03:00:16 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000000500), &(0x7f0000000540)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x5c62, &(0x7f0000000340)={0x0, 0xb702, 0x10, 0x0, 0x3cd}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000200), &(0x7f00000003c0)) (fail_nth: 88) openat(r0, &(0x7f0000000140)='./file1\x00', 0x404000, 0x180) 03:00:16 executing program 5: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_open_dev$vcsa(0x0, 0xdda, 0x0) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, 0x0) setxattr$trusted_overlay_origin(&(0x7f0000000440)='./file0\x00', &(0x7f0000000480), &(0x7f00000004c0), 0x2, 0x3) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x0, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) sendfile(0xffffffffffffffff, r2, 0x0, 0x7fffffff) accept$unix(r2, &(0x7f0000000500), &(0x7f0000000580)=0x6e) r3 = gettid() r4 = clone3(&(0x7f0000000280)={0x133323100, &(0x7f00000000c0)=0xffffffffffffffff, 0x0, 0x0, {0x26}, 0x0, 0x0, 0x0, 0x0}, 0x58) r6 = fork() clone3(&(0x7f00000003c0)={0x0, &(0x7f0000000100), &(0x7f0000000140), &(0x7f0000000180), {0x34}, &(0x7f00000001c0)=""/14, 0xe, &(0x7f0000000300)=""/134, &(0x7f0000000200)=[r4, r6], 0x2, {r5}}, 0x58) r7 = openat2(r1, &(0x7f0000000300)='./file0\x00', &(0x7f0000000340)={0x200000, 0x50, 0xa}, 0x18) clone3(&(0x7f0000000380)={0x0, &(0x7f0000000000), &(0x7f0000000080), &(0x7f00000000c0), {0x28}, &(0x7f0000000200)=""/241, 0xf1, &(0x7f0000000100)=""/65, &(0x7f0000000180)=[r6, r3, r3, r3], 0x4, {r7}}, 0x58) 03:00:16 executing program 6: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x0, 0x8a, 0x9, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) r7 = gettid() perf_event_open(0x0, r7, 0x1, 0xffffffffffffffff, 0x8) 03:00:16 executing program 0: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x8) 03:00:16 executing program 2: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000001300)=0x1, 0x3) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) 03:00:16 executing program 1: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x8) 03:00:16 executing program 3: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) bind$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x8001, @any, 0x200, 0x1}, 0xe) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @fixed, 0x0, 0x2}, 0xe) 03:00:16 executing program 4: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000180)={{0x1, 0x1, 0x18, r0, {0x1ff}}, './file0\x00'}) getsockopt$bt_l2cap_L2CAP_LM(r1, 0x6, 0x3, &(0x7f0000000200), &(0x7f0000000240)=0x4) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @fixed}, 0xe) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) r3 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r3, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) r4 = dup2(r2, r3) bind$bt_l2cap(r4, &(0x7f0000000000)={0x1f, 0x4, @none, 0xf7, 0x2}, 0xe) ioctl$FS_IOC_GETFSLABEL(r2, 0x81009431, &(0x7f0000000080)) [ 2847.706352] FAULT_INJECTION: forcing a failure. [ 2847.706352] name failslab, interval 1, probability 0, space 0, times 0 [ 2847.706386] CPU: 1 PID: 9156 Comm: syz-executor.7 Not tainted 5.18.0-rc4-next-20220427 #1 [ 2847.706411] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2847.706426] Call Trace: [ 2847.706432] [ 2847.706440] dump_stack_lvl+0x8b/0xb3 [ 2847.706482] should_fail.cold+0x5/0xa [ 2847.706506] ? create_object.isra.0+0x3a/0xa20 [ 2847.706543] should_failslab+0x5/0x10 [ 2847.706574] kmem_cache_alloc+0x5b/0x480 [ 2847.706594] ? mark_held_locks+0x9e/0xe0 [ 2847.706631] create_object.isra.0+0x3a/0xa20 [ 2847.706661] ? kasan_unpoison+0x23/0x50 [ 2847.706697] kmem_cache_alloc_bulk+0x3fa/0x780 [ 2847.706732] mas_alloc_nodes+0x2a6/0x6a0 [ 2847.706776] mas_preallocate+0xff/0x270 [ 2847.706815] __vma_adjust+0x1f6/0x18a0 [ 2847.706866] ? vma_expand+0xda0/0xda0 [ 2847.706884] ? up_write+0x148/0x460 [ 2847.706916] ? anon_vma_clone+0x3ae/0x560 [ 2847.706960] __split_vma+0x2a1/0x540 [ 2847.706990] do_mas_align_munmap.constprop.0+0x263/0xfa0 [ 2847.707032] ? __split_vma+0x540/0x540 [ 2847.707067] ? mas_walk+0x48a/0x670 [ 2847.707104] ? mas_find+0x203/0xdd0 [ 2847.707142] ? inode_has_perm+0x171/0x1d0 [ 2847.707169] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 2847.707208] do_mas_munmap+0x1ed/0x2c0 [ 2847.707237] mmap_region+0x21c/0x1a70 [ 2847.707274] ? lock_release+0x750/0x750 [ 2847.707304] ? do_munmap+0x100/0x100 [ 2847.707336] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2847.707372] ? security_mmap_addr+0x79/0xa0 [ 2847.707404] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2847.707439] ? get_unmapped_area+0x2f0/0x3d0 [ 2847.707483] do_mmap+0x824/0xf40 [ 2847.707518] vm_mmap_pgoff+0x1b5/0x280 [ 2847.707563] ? randomize_stack_top+0x100/0x100 [ 2847.707600] ? __fget_files+0x287/0x470 [ 2847.707652] ksys_mmap_pgoff+0x3cc/0x4f0 [ 2847.707682] do_syscall_64+0x3b/0x90 [ 2847.707710] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2847.707741] RIP: 0033:0x7f1ab7761b62 [ 2847.707757] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 2847.707778] RSP: 002b:00007f1ab4cd70f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 2847.707801] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f1ab7761b62 [ 2847.707816] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffc000 03:00:16 executing program 3: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0xfff7, @none, 0x1000, 0x1}, 0xe) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @fixed, 0x0, 0x2}, 0xe) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) r3 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r3, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(r2, r3) io_cancel(0x0, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x5, 0x80, r3, &(0x7f00000000c0)="c54bfa79ac58a9b29ba2466c09207a048384601d4873ecfbce78af43ddf3bfb9ead71b6416f75ff2ebc06432212bc1ad9d17ea", 0x33, 0x4, 0x0, 0x2, r1}, &(0x7f0000000180)) write$binfmt_aout(r1, &(0x7f0000000c40)=ANY=[], 0x820) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) sendfile(r1, r4, 0x0, 0x7fffffff) bind$bt_l2cap(r1, &(0x7f0000000080)={0x1f, 0x8, @none, 0x1, 0x1}, 0xe) [ 2847.707829] RBP: 0000000020ffc000 R08: 0000000000000006 R09: 0000000000000000 [ 2847.707842] R10: 0000000000008011 R11: 0000000000000206 R12: 00000000200003c0 [ 2847.707855] R13: 0000000020ffd000 R14: 0000000020000200 R15: 0000000020ffc000 [ 2847.707897] 03:00:16 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffffff, &(0x7f0000000080)='./file1\x00', 0x80c00, 0x0) syz_io_uring_setup(0x1978, &(0x7f0000000400)={0x0, 0x9819, 0x4, 0x1, 0xe8}, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000000500), &(0x7f0000000540)) syz_io_uring_setup(0x74aa, &(0x7f0000000000)={0x0, 0x1196, 0x0, 0x0, 0x175}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffe000/0x1000)=nil, 0x0, &(0x7f00000000c0)=0x0) r2 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x5c62, &(0x7f0000000340)={0x0, 0xb702, 0x10, 0x0, 0x3cd}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000200), &(0x7f00000003c0)) r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r2, 0x9, 0x0, 0x0) openat(r0, &(0x7f0000000140)='./file1\x00', 0x404000, 0x180) syz_io_uring_submit(0x0, r1, &(0x7f0000000300)=@IORING_OP_CONNECT={0x10, 0x2, 0x0, 0xffffffffffffffff, 0x80, &(0x7f0000000280)=@llc={0x1a, 0x3, 0x0, 0x3, 0x0, 0x80, @broadcast}, 0x0, 0x0, 0x0, {0x0, r3}}, 0x1) 03:00:16 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000000500), &(0x7f0000000540)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x5c62, &(0x7f0000000340)={0x0, 0xb702, 0x10, 0x0, 0x3cd}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000200), &(0x7f00000003c0)) (fail_nth: 89) openat(r0, &(0x7f0000000140)='./file1\x00', 0x404000, 0x180) 03:00:16 executing program 6: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x0, 0x8a, 0x9, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) r7 = gettid() perf_event_open(0x0, r7, 0x1, 0xffffffffffffffff, 0x8) 03:00:16 executing program 1: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x8) 03:00:16 executing program 0: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x8) [ 2847.989215] FAULT_INJECTION: forcing a failure. [ 2847.989215] name failslab, interval 1, probability 0, space 0, times 0 [ 2847.989250] CPU: 0 PID: 9185 Comm: syz-executor.7 Not tainted 5.18.0-rc4-next-20220427 #1 [ 2847.989274] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2847.989289] Call Trace: [ 2847.989295] [ 2847.989302] dump_stack_lvl+0x8b/0xb3 [ 2847.989335] should_fail.cold+0x5/0xa [ 2847.989357] ? create_object.isra.0+0x3a/0xa20 [ 2847.989391] should_failslab+0x5/0x10 [ 2847.989420] kmem_cache_alloc+0x5b/0x480 [ 2847.989439] ? mark_held_locks+0x9e/0xe0 [ 2847.989478] create_object.isra.0+0x3a/0xa20 [ 2847.989506] ? kasan_unpoison+0x23/0x50 [ 2847.989540] kmem_cache_alloc_bulk+0x3fa/0x780 [ 2847.989561] ? kmem_cache_alloc+0x332/0x480 [ 2847.989589] mas_alloc_nodes+0x2a6/0x6a0 [ 2847.989630] mas_preallocate+0xff/0x270 [ 2847.989666] __vma_adjust+0x1f6/0x18a0 [ 2847.989713] ? vma_expand+0xda0/0xda0 [ 2847.989730] ? up_write+0x148/0x460 [ 2847.989759] ? anon_vma_clone+0x3ae/0x560 [ 2847.989801] __split_vma+0x2a1/0x540 [ 2847.989828] do_mas_align_munmap.constprop.0+0x263/0xfa0 [ 2847.989867] ? __split_vma+0x540/0x540 [ 2847.989900] ? mas_walk+0x48a/0x670 [ 2847.989934] ? mas_find+0x203/0xdd0 [ 2847.989984] do_mas_munmap+0x1ed/0x2c0 [ 2847.990011] mmap_region+0x21c/0x1a70 [ 2847.990037] ? get_unmapped_area+0x2c5/0x3d0 [ 2847.990075] ? cap_mmap_addr+0x12/0x300 [ 2847.990097] ? do_munmap+0x100/0x100 [ 2847.990127] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2847.990161] ? security_mmap_addr+0x79/0xa0 [ 2847.990190] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2847.990223] ? get_unmapped_area+0x2f0/0x3d0 [ 2847.990263] do_mmap+0x824/0xf40 [ 2847.990305] vm_mmap_pgoff+0x1b5/0x280 [ 2847.990347] ? randomize_stack_top+0x100/0x100 [ 2847.990382] ? __fget_files+0x287/0x470 [ 2847.990430] ksys_mmap_pgoff+0x3cc/0x4f0 [ 2847.990458] do_syscall_64+0x3b/0x90 [ 2847.990483] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2847.990512] RIP: 0033:0x7f1ab7761b62 [ 2847.990529] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 2847.990548] RSP: 002b:00007f1ab4cd70f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 2847.990570] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f1ab7761b62 [ 2847.990584] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffc000 [ 2847.990596] RBP: 0000000020ffc000 R08: 0000000000000006 R09: 0000000000000000 [ 2847.990608] R10: 0000000000008011 R11: 0000000000000206 R12: 00000000200003c0 [ 2847.990621] R13: 0000000020ffd000 R14: 0000000020000200 R15: 0000000020ffc000 [ 2847.990659] [ 2861.755620] kmemleak: 4 new suspected memory leaks (see /sys/kernel/debug/kmemleak) [ 2869.178898] FAULT_INJECTION: forcing a failure. [ 2869.178898] name failslab, interval 1, probability 0, space 0, times 0 [ 2869.178918] CPU: 1 PID: 9199 Comm: syz-executor.7 Not tainted 5.18.0-rc4-next-20220427 #1 [ 2869.178931] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2869.178939] Call Trace: [ 2869.178942] [ 2869.178947] dump_stack_lvl+0x8b/0xb3 [ 2869.178967] should_fail.cold+0x5/0xa 03:00:37 executing program 4: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0) write$binfmt_aout(r1, &(0x7f0000000c40)=ANY=[], 0x820) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x7fffffff) bind$bt_l2cap(r1, &(0x7f0000000080)={0x1f, 0xffff, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0xe67b}, 0xe) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1258, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7, 0x1}, 0xe) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @fixed}, 0xe) 03:00:37 executing program 3: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @fixed, 0x0, 0x2}, 0xe) ioctl$FAT_IOCTL_GET_VOLUME_ID(r0, 0x80047213, &(0x7f0000000000)) 03:00:37 executing program 0: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x8) 03:00:37 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000000500), &(0x7f0000000540)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x5c62, &(0x7f0000000340)={0x0, 0xb702, 0x10, 0x0, 0x3cd}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000200), &(0x7f00000003c0)) (fail_nth: 90) openat(r0, &(0x7f0000000140)='./file1\x00', 0x404000, 0x180) 03:00:37 executing program 2: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) r7 = gettid() perf_event_open(0x0, r7, 0x1, 0xffffffffffffffff, 0x8) 03:00:37 executing program 5: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_open_dev$vcsa(0x0, 0xdda, 0x0) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x0, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, 0xffffffffffffffff) open_by_handle_at(r0, &(0x7f0000000000)=@reiserfs_6={0x18, 0x6, {0x5, 0x1ff, 0x7fffffff, 0x4, 0x5, 0x1}}, 0x14100) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) gettid() 03:00:37 executing program 1: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x8) 03:00:37 executing program 6: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x0, 0x8a, 0x9, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) r7 = gettid() perf_event_open(0x0, r7, 0x1, 0xffffffffffffffff, 0x8) [ 2869.178979] ? mas_alloc_nodes+0x36e/0x6a0 [ 2869.178997] should_failslab+0x5/0x10 [ 2869.179014] kmem_cache_alloc+0x5b/0x480 [ 2869.179030] mas_alloc_nodes+0x36e/0x6a0 [ 2869.179052] mas_node_count+0x101/0x130 [ 2869.179068] mas_root_expand.isra.0+0xe5/0xa60 [ 2869.179087] ? lock_is_held_type+0xd7/0x130 [ 2869.179107] mas_wr_store_entry.isra.0+0x33c/0x10f0 [ 2869.179125] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 03:00:37 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000000500), &(0x7f0000000540)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x5c62, &(0x7f0000000340)={0x0, 0xb702, 0x10, 0x0, 0x3cd}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000200), &(0x7f00000003c0)) (fail_nth: 91) openat(r0, &(0x7f0000000140)='./file1\x00', 0x404000, 0x180) [ 2869.179149] mas_store_gfp+0xca/0x1f0 [ 2869.179170] ? mtree_alloc_range+0xe80/0xe80 [ 2869.179203] do_mas_align_munmap.constprop.0+0x42b/0xfa0 [ 2869.179225] ? __split_vma+0x540/0x540 [ 2869.179242] ? mas_walk+0x48a/0x670 [ 2869.179261] ? mas_find+0x203/0xdd0 [ 2869.179280] ? inode_has_perm+0x171/0x1d0 [ 2869.179294] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 2869.179315] do_mas_munmap+0x1ed/0x2c0 [ 2869.179329] mmap_region+0x21c/0x1a70 [ 2869.179348] ? lock_release+0x750/0x750 [ 2869.179363] ? do_munmap+0x100/0x100 [ 2869.179378] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2869.179396] ? security_mmap_addr+0x79/0xa0 [ 2869.179413] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2869.179431] ? get_unmapped_area+0x2f0/0x3d0 [ 2869.179452] do_mmap+0x824/0xf40 [ 2869.179470] vm_mmap_pgoff+0x1b5/0x280 [ 2869.179492] ? randomize_stack_top+0x100/0x100 [ 2869.179511] ? __fget_files+0x287/0x470 [ 2869.179538] ksys_mmap_pgoff+0x3cc/0x4f0 [ 2869.179553] do_syscall_64+0x3b/0x90 [ 2869.179566] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2869.179582] RIP: 0033:0x7f1ab7761b62 [ 2869.179591] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 2869.179604] RSP: 002b:00007f1ab4cd70f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 2869.179615] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f1ab7761b62 [ 2869.179623] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffc000 03:00:37 executing program 3: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @fixed, 0x0, 0x2}, 0xe) r1 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file1\x00', 0x4042, 0x0) write$binfmt_aout(r1, &(0x7f0000000c40)=ANY=[], 0x820) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x7fffffff) setsockopt$bt_l2cap_L2CAP_OPTIONS(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000200)={0x80, 0x3, 0x3f, 0x8, 0x1, 0x6, 0x672}, 0xc) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0) accept$inet6(r3, 0x0, &(0x7f00000000c0)) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0) write$binfmt_aout(r4, &(0x7f0000000c40)=ANY=[], 0x820) r5 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) sendfile(r4, r5, 0x0, 0x7fffffff) setsockopt$inet6_tcp_TCP_REPAIR(r4, 0x6, 0x13, &(0x7f0000000140)=0xffffffffffffffff, 0x4) write$binfmt_aout(r3, &(0x7f0000000c40)=ANY=[], 0x820) r6 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x6) sendfile(r3, r6, 0x0, 0x7fffffff) connect$bt_l2cap(r3, &(0x7f0000000000)={0x1f, 0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x40, 0x1}, 0xe) r7 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x40d01, 0x0) io_uring_register$IORING_REGISTER_FILES_UPDATE(r7, 0x6, &(0x7f00000001c0)={0x60a, 0x0, &(0x7f0000000180)=[r3]}, 0x1) [ 2869.179630] RBP: 0000000020ffc000 R08: 0000000000000006 R09: 0000000000000000 [ 2869.179637] R10: 0000000000008011 R11: 0000000000000206 R12: 00000000200003c0 [ 2869.179644] R13: 0000000020ffd000 R14: 0000000020000200 R15: 0000000020ffc000 [ 2869.179665] 03:00:37 executing program 1: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x8) 03:00:37 executing program 5: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/keys\x00', 0x0, 0x0) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_open_dev$vcsa(0x0, 0xdda, 0x0) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0) write$binfmt_aout(r1, &(0x7f00000002c0)=ANY=[@ANYRESOCT, @ANYBLOB="089d02de42e1545e83aa29c856b7fee497895b5f647cab1432b093d27327da10a6c6f25dbf97859d7b106058d39ed4c58afb9816d3b4a18af4013d4a52fc53a4e305a15c4c0ba6d8b11dc85955c0be3eb9cb3ec82ba67d1f27f093ee635459d01d8d1c0db807b982b464877c507540a7f388a17a6202a6aaebd6e1d329e08dc15e94afb838cb6d", @ANYBLOB="346a0a68b82109f50a897e66f045316ef9413d32f4c98efda5e7f28507273217bacffda3e585ae0000a6df06d51f9819bfbb4808c8db99631697080908f570f29e8907334f73cac8a3b000"/88, @ANYRESDEC, @ANYRES64, @ANYRESDEC=0x0], 0x820) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r3 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r3, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r3) ioctl$BTRFS_IOC_SUBVOL_SETFLAGS(0xffffffffffffffff, 0x4008941a, &(0x7f0000000080)) sendfile(r1, r2, 0x0, 0x7fffffff) setsockopt$netlink_NETLINK_RX_RING(r2, 0x10e, 0x6, &(0x7f0000000000)={0x1, 0x2, 0x5, 0x5}, 0x10) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x0, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) gettid() [ 2869.311986] FAULT_INJECTION: forcing a failure. [ 2869.311986] name failslab, interval 1, probability 0, space 0, times 0 [ 2869.312009] CPU: 1 PID: 9220 Comm: syz-executor.7 Not tainted 5.18.0-rc4-next-20220427 #1 [ 2869.312022] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2869.312031] Call Trace: [ 2869.312034] [ 2869.312038] dump_stack_lvl+0x8b/0xb3 [ 2869.312059] should_fail.cold+0x5/0xa [ 2869.312069] ? kasan_quarantine_put+0x87/0x1e0 [ 2869.312087] ? create_object.isra.0+0x3a/0xa20 [ 2869.312105] should_failslab+0x5/0x10 [ 2869.312121] kmem_cache_alloc+0x5b/0x480 [ 2869.312137] create_object.isra.0+0x3a/0xa20 [ 2869.312152] ? kasan_unpoison+0x23/0x50 [ 2869.312170] kmem_cache_alloc+0x239/0x480 [ 2869.312186] mas_alloc_nodes+0x36e/0x6a0 [ 2869.312209] mas_node_count+0x101/0x130 [ 2869.312225] mas_root_expand.isra.0+0xe5/0xa60 [ 2869.312243] ? lock_is_held_type+0xd7/0x130 [ 2869.312264] mas_wr_store_entry.isra.0+0x33c/0x10f0 [ 2869.312282] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 2869.312306] mas_store_gfp+0xca/0x1f0 [ 2869.312323] ? mtree_alloc_range+0xe80/0xe80 [ 2869.312357] do_mas_align_munmap.constprop.0+0x42b/0xfa0 [ 2869.312378] ? __split_vma+0x540/0x540 [ 2869.312396] ? mas_walk+0x48a/0x670 [ 2869.312414] ? mas_find+0x203/0xdd0 [ 2869.312434] ? inode_has_perm+0x171/0x1d0 03:00:38 executing program 6: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x0, 0x8a, 0x9, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) r7 = gettid() perf_event_open(0x0, r7, 0x1, 0xffffffffffffffff, 0x8) [ 2869.312452] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 2869.312472] do_mas_munmap+0x1ed/0x2c0 [ 2869.312487] mmap_region+0x21c/0x1a70 [ 2869.312506] ? lock_release+0x750/0x750 [ 2869.312521] ? do_munmap+0x100/0x100 [ 2869.312536] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2869.312554] ? security_mmap_addr+0x79/0xa0 [ 2869.312571] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2869.312589] ? get_unmapped_area+0x2f0/0x3d0 [ 2869.312610] do_mmap+0x824/0xf40 [ 2869.312628] vm_mmap_pgoff+0x1b5/0x280 [ 2869.312652] ? randomize_stack_top+0x100/0x100 [ 2869.312670] ? __fget_files+0x287/0x470 [ 2869.312697] ksys_mmap_pgoff+0x3cc/0x4f0 [ 2869.312712] do_syscall_64+0x3b/0x90 [ 2869.312726] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2869.312742] RIP: 0033:0x7f1ab7761b62 03:00:38 executing program 2: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) r7 = gettid() perf_event_open(0x0, r7, 0x1, 0xffffffffffffffff, 0x8) [ 2869.312751] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 2869.312763] RSP: 002b:00007f1ab4cd70f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 2869.312775] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f1ab7761b62 [ 2869.312783] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffc000 [ 2869.312791] RBP: 0000000020ffc000 R08: 0000000000000006 R09: 0000000000000000 [ 2869.312799] R10: 0000000000008011 R11: 0000000000000206 R12: 00000000200003c0 [ 2869.312806] R13: 0000000020ffd000 R14: 0000000020000200 R15: 0000000020ffc000 [ 2869.312830] [ 2884.348212] kmemleak: 4 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 03:01:00 executing program 1: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x6a8, @fixed}, 0xe) (fail_nth: 1) 03:01:00 executing program 0: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x8) 03:01:00 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000000500), &(0x7f0000000540)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x5c62, &(0x7f0000000340)={0x0, 0xb702, 0x10, 0x0, 0x3cd}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000200), &(0x7f00000003c0)) (fail_nth: 92) openat(r0, &(0x7f0000000140)='./file1\x00', 0x404000, 0x180) 03:01:00 executing program 5: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = syz_open_dev$vcsa(0x0, 0xdda, 0x0) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x0, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, 0xffffffffffffffff) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) r3 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r3, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(r2, r3) openat$cgroup_pressure(r1, &(0x7f0000000000)='cpu.pressure\x00', 0x2, 0x0) fcntl$dupfd(r3, 0x406, r2) gettid() 03:01:00 executing program 6: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x0, 0x8a, 0x9, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) r7 = gettid() perf_event_open(0x0, r7, 0x1, 0xffffffffffffffff, 0x8) 03:01:00 executing program 2: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) r7 = gettid() perf_event_open(0x0, r7, 0x1, 0xffffffffffffffff, 0x8) 03:01:00 executing program 3: syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0) write$binfmt_aout(r0, &(0x7f0000000c40)=ANY=[], 0x820) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x7fffffff) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000080), &(0x7f00000000c0)=0xc) r2 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000140), 0x20000, 0x0) sendmsg$NL80211_CMD_TDLS_MGMT(r2, &(0x7f0000000240)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x24, 0x0, 0x200, 0x70bd28, 0x25dfdbfe, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_TDLS_DIALOG_TOKEN={0x5, 0x89, 0x81}]}, 0x24}, 0x1, 0x0, 0x0, 0x805}, 0x4000) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0xfffd}, 0xe) 03:01:00 executing program 4: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @fixed}, 0xe) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r2, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(r1, r2) pwrite64(r2, &(0x7f0000000080)="dda396704c1cbba1520bb6e0511c9e4667551ae6ec81f74ca3ab8406712d7e18806afcfd86c0494137c13d8d22c0cc7b92fd12a2e964032c87a3669f5a3b7734e10214a2da8c23443b94990e9ae6d5f16e01fce350147bff72f7be4d0c26616f1741a98174e8739d1b31277d9ec5c85b6d722d7c2276bba2e6e30586ffc0f461dbde30ba48a750a8b8f5", 0x8a, 0x0) [ 2891.525371] FAULT_INJECTION: forcing a failure. [ 2891.525371] name fail_usercopy, interval 1, probability 0, space 0, times 0 03:01:00 executing program 1: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x6a8, @fixed}, 0xe) (fail_nth: 2) [ 2891.525393] CPU: 0 PID: 9241 Comm: syz-executor.1 Not tainted 5.18.0-rc4-next-20220427 #1 [ 2891.525406] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2891.525419] Call Trace: [ 2891.525422] [ 2891.525427] dump_stack_lvl+0x8b/0xb3 [ 2891.525448] should_fail.cold+0x5/0xa [ 2891.525463] _copy_from_user+0x2a/0x170 [ 2891.525479] move_addr_to_kernel.part.0+0x31/0x110 [ 2891.525498] __sys_connect+0xda/0x190 [ 2891.525512] ? __sys_connect_file+0x190/0x190 [ 2891.525526] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2891.525547] ? vfs_write+0x422/0xac0 [ 2891.525563] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80 [ 2891.525581] ? fput+0x2a/0x50 [ 2891.525604] __x64_sys_connect+0x6f/0xb0 03:01:00 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000000500), &(0x7f0000000540)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x5c62, &(0x7f0000000340)={0x0, 0xb702, 0x10, 0x0, 0x3cd}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000200), &(0x7f00000003c0)) (fail_nth: 93) openat(r0, &(0x7f0000000140)='./file1\x00', 0x404000, 0x180) [ 2891.525616] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2891.525635] do_syscall_64+0x3b/0x90 [ 2891.525648] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2891.525664] RIP: 0033:0x7f0a88679b19 [ 2891.525673] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2891.525685] RSP: 002b:00007f0a85bef188 EFLAGS: 00000246 ORIG_RAX: 000000000000002a 03:01:00 executing program 2: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) (fail_nth: 1) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, 0x0) ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) [ 2891.525697] RAX: ffffffffffffffda RBX: 00007f0a8878cf60 RCX: 00007f0a88679b19 [ 2891.525705] RDX: 000000000000000e RSI: 0000000020000000 RDI: 0000000000000004 03:01:00 executing program 5: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) getsockopt$bt_BT_CHANNEL_POLICY(0xffffffffffffffff, 0x112, 0xa, &(0x7f0000000000)=0x8ef, &(0x7f0000000080)=0x4) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_open_dev$vcsa(0x0, 0xdda, 0x0) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r2, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(r1, r2) r3 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$SO_TIMESTAMP(r3, 0x1, 0x3f, &(0x7f00000001c0)=0xfffffffd, 0xfffffdc9) dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) gettid() [ 2891.525712] RBP: 00007f0a85bef1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2891.525719] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2891.525726] R13: 00007fff7f31023f R14: 00007f0a85bef300 R15: 0000000000022000 [ 2891.525746] [ 2891.563849] FAULT_INJECTION: forcing a failure. [ 2891.563849] name failslab, interval 1, probability 0, space 0, times 0 03:01:00 executing program 1: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x6a8, @fixed}, 0xe) [ 2891.563868] CPU: 0 PID: 9244 Comm: syz-executor.7 Not tainted 5.18.0-rc4-next-20220427 #1 [ 2891.563881] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2891.563890] Call Trace: [ 2891.563893] [ 2891.563897] dump_stack_lvl+0x8b/0xb3 [ 2891.563917] should_fail.cold+0x5/0xa [ 2891.563929] ? vm_area_alloc+0x1c/0xf0 [ 2891.563948] should_failslab+0x5/0x10 03:01:00 executing program 6: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x0, 0x8a, 0x9, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) r7 = gettid() perf_event_open(0x0, r7, 0x1, 0xffffffffffffffff, 0x8) 03:01:00 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000000500), &(0x7f0000000540)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x5c62, &(0x7f0000000340)={0x0, 0xb702, 0x10, 0x0, 0x3cd}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000200), &(0x7f00000003c0)) (fail_nth: 94) openat(r0, &(0x7f0000000140)='./file1\x00', 0x404000, 0x180) [ 2891.563965] kmem_cache_alloc+0x5b/0x480 [ 2891.563982] vm_area_alloc+0x1c/0xf0 03:01:00 executing program 5: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = syz_open_dev$vcsa(0x0, 0xdda, 0x0) ioctl$SG_GET_RESERVED_SIZE(0xffffffffffffffff, 0x2272, &(0x7f0000000000)) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) ioctl$SCSI_IOCTL_GET_PCI(r1, 0x5387, &(0x7f0000000080)) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, 0x0) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) r3 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r3, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(r2, r3) ioctl$EXT4_IOC_CLEAR_ES_CACHE(r3, 0x6628) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x0, &(0x7f00000001c0)=0x6, 0x4) r4 = socket$inet(0x2, 0x5, 0x0) signalfd4(r4, &(0x7f00000000c0)={[0x3ff]}, 0x8, 0x800) dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) gettid() [ 2891.563999] mmap_region+0x44b/0x1a70 [ 2891.564017] ? lockdep_hardirqs_on+0x79/0x100 [ 2891.564035] ? do_munmap+0x100/0x100 [ 2891.564055] ? __sanitizer_cov_trace_switch+0x5e/0xf0 [ 2891.564078] do_mmap+0x824/0xf40 [ 2891.564096] vm_mmap_pgoff+0x1b5/0x280 [ 2891.564119] ? randomize_stack_top+0x100/0x100 [ 2891.564138] ? __fget_files+0x287/0x470 [ 2891.564166] ksys_mmap_pgoff+0x3cc/0x4f0 [ 2891.564181] do_syscall_64+0x3b/0x90 [ 2891.564194] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2891.564210] RIP: 0033:0x7f1ab7761b62 [ 2891.564219] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 2891.564230] RSP: 002b:00007f1ab4cd70f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 03:01:00 executing program 0: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x8) 03:01:00 executing program 3: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0) write$binfmt_aout(r1, &(0x7f0000000c40)=ANY=[], 0x820) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) r4 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(r2, 0xc0189374, &(0x7f00000000c0)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r3, @ANYBLOB="03c88b19d80000e72e2f660000000000"]) openat(r5, &(0x7f0000000140)='./file1\x00', 0x40000, 0xc7) setsockopt$SO_TIMESTAMP(r4, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(r3, r4) r6 = epoll_create1(0x80000) sendfile(r6, r6, 0x0, 0xfffffffffffffffe) r7 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000000), 0x90440, 0x0) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r1, 0xc018937d, &(0x7f0000000080)={{0x1, 0x1, 0x18, r7, {0x101}}, './file0\x00'}) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @fixed, 0x0, 0x2}, 0xe) [ 2891.564241] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f1ab7761b62 [ 2891.564248] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffc000 [ 2891.564256] RBP: 0000000020ffc000 R08: 0000000000000006 R09: 0000000000000000 03:01:00 executing program 2: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) (fail_nth: 2) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, 0x0) ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) [ 2891.564262] R10: 0000000000008011 R11: 0000000000000206 R12: 00000000200003c0 [ 2891.564269] R13: 0000000020ffd000 R14: 0000000020000200 R15: 0000000020ffc000 [ 2891.564290] [ 2891.615778] FAULT_INJECTION: forcing a failure. [ 2891.615778] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2891.615795] CPU: 0 PID: 9256 Comm: syz-executor.1 Not tainted 5.18.0-rc4-next-20220427 #1 [ 2891.615808] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2891.615815] Call Trace: [ 2891.615818] [ 2891.615823] dump_stack_lvl+0x8b/0xb3 [ 2891.615842] should_fail.cold+0x5/0xa [ 2891.615859] _copy_to_user+0x2a/0x140 [ 2891.615874] simple_read_from_buffer+0xcc/0x160 [ 2891.615892] proc_fail_nth_read+0x194/0x220 [ 2891.615913] ? proc_exe_link+0x1d0/0x1d0 [ 2891.615931] ? security_file_permission+0xb1/0xd0 [ 2891.615955] ? proc_exe_link+0x1d0/0x1d0 [ 2891.615973] vfs_read+0x1ea/0x5d0 [ 2891.615992] ksys_read+0x127/0x250 [ 2891.616006] ? __ia32_sys_pwrite64+0x220/0x220 [ 2891.616022] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2891.616046] do_syscall_64+0x3b/0x90 [ 2891.616059] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2891.616074] RIP: 0033:0x7f0a8862c69c [ 2891.616083] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48 [ 2891.616094] RSP: 002b:00007f0a85bef170 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 2891.616106] RAX: ffffffffffffffda RBX: ffffffffffffffff RCX: 00007f0a8862c69c [ 2891.616114] RDX: 000000000000000f RSI: 00007f0a85bef1e0 RDI: 0000000000000003 [ 2891.616121] RBP: 00007f0a85bef1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2891.616128] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2891.616134] R13: 00007fff7f31023f R14: 00007f0a85bef300 R15: 0000000000022000 [ 2891.616156] [ 2891.679044] FAULT_INJECTION: forcing a failure. [ 2891.679044] name failslab, interval 1, probability 0, space 0, times 0 [ 2891.679065] CPU: 0 PID: 9261 Comm: syz-executor.7 Not tainted 5.18.0-rc4-next-20220427 #1 [ 2891.679078] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2891.679086] Call Trace: [ 2891.679090] [ 2891.679094] dump_stack_lvl+0x8b/0xb3 [ 2891.679114] should_fail.cold+0x5/0xa [ 2891.679127] ? create_object.isra.0+0x3a/0xa20 [ 2891.679148] should_failslab+0x5/0x10 [ 2891.679165] kmem_cache_alloc+0x5b/0x480 [ 2891.679182] create_object.isra.0+0x3a/0xa20 [ 2891.679198] ? kasan_unpoison+0x23/0x50 [ 2891.679217] kmem_cache_alloc+0x239/0x480 [ 2891.679232] vm_area_alloc+0x1c/0xf0 [ 2891.679250] mmap_region+0x44b/0x1a70 [ 2891.679270] ? lock_release+0x750/0x750 [ 2891.679287] ? do_munmap+0x100/0x100 [ 2891.679303] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2891.679322] ? security_mmap_addr+0x79/0xa0 [ 2891.679340] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2891.679358] ? get_unmapped_area+0x2f0/0x3d0 [ 2891.679381] do_mmap+0x824/0xf40 [ 2891.679399] vm_mmap_pgoff+0x1b5/0x280 [ 2891.679421] ? randomize_stack_top+0x100/0x100 [ 2891.679443] ? __fget_files+0x287/0x470 [ 2891.679470] ksys_mmap_pgoff+0x3cc/0x4f0 [ 2891.679486] do_syscall_64+0x3b/0x90 [ 2891.679500] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2891.679516] RIP: 0033:0x7f1ab7761b62 [ 2891.679525] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 2891.679537] RSP: 002b:00007f1ab4cd70f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 2891.679548] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f1ab7761b62 [ 2891.679560] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffc000 [ 2891.679567] RBP: 0000000020ffc000 R08: 0000000000000006 R09: 0000000000000000 [ 2891.679574] R10: 0000000000008011 R11: 0000000000000206 R12: 00000000200003c0 [ 2891.679582] R13: 0000000020ffd000 R14: 0000000020000200 R15: 0000000020ffc000 [ 2891.679603] [ 2891.755251] FAULT_INJECTION: forcing a failure. [ 2891.755251] name failslab, interval 1, probability 0, space 0, times 0 [ 2891.755271] CPU: 0 PID: 9267 Comm: syz-executor.2 Not tainted 5.18.0-rc4-next-20220427 #1 [ 2891.755284] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2891.755292] Call Trace: [ 2891.755295] [ 2891.755300] dump_stack_lvl+0x8b/0xb3 [ 2891.755318] should_fail.cold+0x5/0xa [ 2891.755331] ? getname_flags.part.0+0x50/0x4f0 [ 2891.755350] should_failslab+0x5/0x10 [ 2891.755367] kmem_cache_alloc+0x5b/0x480 [ 2891.755383] getname_flags.part.0+0x50/0x4f0 [ 2891.755403] getname+0x8e/0xd0 [ 2891.755419] do_sys_openat2+0xf5/0x4c0 [ 2891.755437] ? build_open_flags+0x6f0/0x6f0 [ 2891.755450] ? lock_is_held_type+0xd7/0x130 [ 2891.755474] __x64_sys_openat+0x13f/0x1f0 [ 2891.755486] ? __ia32_compat_sys_open+0x1c0/0x1c0 [ 2891.755502] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2891.755524] do_syscall_64+0x3b/0x90 [ 2891.755537] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2891.755553] RIP: 0033:0x7f5cae066b19 [ 2891.755562] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2891.755573] RSP: 002b:00007f5cab5dc188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 2891.755585] RAX: ffffffffffffffda RBX: 00007f5cae179f60 RCX: 00007f5cae066b19 [ 2891.755593] RDX: 0000000000000000 RSI: 0000000020000040 RDI: ffffffffffffff9c [ 2891.755601] RBP: 00007f5cab5dc1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2891.755608] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2891.755614] R13: 00007ffd634c8cef R14: 00007f5cab5dc300 R15: 0000000000022000 [ 2891.755634] [ 2891.780023] FAULT_INJECTION: forcing a failure. [ 2891.780023] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2891.780042] CPU: 0 PID: 9268 Comm: syz-executor.7 Not tainted 5.18.0-rc4-next-20220427 #1 [ 2891.780055] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2891.780063] Call Trace: [ 2891.780066] [ 2891.780071] dump_stack_lvl+0x8b/0xb3 [ 2891.780090] should_fail.cold+0x5/0xa [ 2891.780105] prepare_alloc_pages+0x17b/0x500 [ 2891.780126] ? lock_downgrade+0x6d0/0x6d0 [ 2891.780141] ? find_next_iomem_res+0x2e1/0x430 [ 2891.780165] __alloc_pages+0x131/0x4e0 [ 2891.780180] ? __alloc_pages_slowpath.constprop.0+0x1f10/0x1f10 [ 2891.780196] ? do_raw_read_unlock+0x3b/0x70 [ 2891.780212] ? _raw_read_unlock+0x24/0x40 [ 2891.780229] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2891.780249] ? pagerange_is_ram_callback+0xf3/0x130 [ 2891.780265] ? __sanitizer_cov_trace_cmp8+0x1d/0x70 [ 2891.780287] alloc_pages+0x1a0/0x2f0 [ 2891.780306] pte_alloc_one+0x16/0x1f0 [ 2891.780323] __pte_alloc+0x69/0x200 [ 2891.780339] ? pmd_install+0x260/0x260 [ 2891.780356] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2891.780374] ? pat_pagerange_is_ram+0xa8/0x140 [ 2891.780389] remap_pfn_range_notrack+0x99b/0xf50 [ 2891.780411] ? lookup_memtype+0x5b/0x1f0 [ 2891.780432] ? apply_to_existing_page_range+0x40/0x40 [ 2891.780452] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2891.780474] remap_pfn_range+0xc6/0x140 [ 2891.780491] ? remap_pfn_range_notrack+0xf50/0xf50 [ 2891.780506] ? lock_is_held_type+0xd7/0x130 [ 2891.780531] io_uring_mmap+0x3da/0x3ee [ 2891.780550] mmap_region+0x6c2/0x1a70 [ 2891.780571] ? do_munmap+0x100/0x100 [ 2891.780587] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2891.780605] ? security_mmap_addr+0x79/0xa0 [ 2891.780623] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2891.780641] ? get_unmapped_area+0x2f0/0x3d0 [ 2891.780663] do_mmap+0x824/0xf40 [ 2891.780681] vm_mmap_pgoff+0x1b5/0x280 [ 2891.780704] ? randomize_stack_top+0x100/0x100 [ 2891.780723] ? __fget_files+0x287/0x470 [ 2891.780750] ksys_mmap_pgoff+0x3cc/0x4f0 [ 2891.780765] do_syscall_64+0x3b/0x90 [ 2891.780779] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2891.780794] RIP: 0033:0x7f1ab7761b62 [ 2891.780803] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 2891.780814] RSP: 002b:00007f1ab4cd70f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 2891.780826] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f1ab7761b62 [ 2891.780833] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffc000 [ 2891.780841] RBP: 0000000020ffc000 R08: 0000000000000006 R09: 0000000000000000 [ 2891.780848] R10: 0000000000008011 R11: 0000000000000206 R12: 00000000200003c0 [ 2891.780855] R13: 0000000020ffd000 R14: 0000000020000200 R15: 0000000020ffc000 [ 2891.780876] [ 2891.864943] FAULT_INJECTION: forcing a failure. [ 2891.864943] name failslab, interval 1, probability 0, space 0, times 0 [ 2891.864962] CPU: 0 PID: 9280 Comm: syz-executor.2 Not tainted 5.18.0-rc4-next-20220427 #1 [ 2891.864975] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2891.864984] Call Trace: [ 2891.864987] [ 2891.864992] dump_stack_lvl+0x8b/0xb3 [ 2891.865010] should_fail.cold+0x5/0xa [ 2891.865023] ? create_object.isra.0+0x3a/0xa20 [ 2891.865044] should_failslab+0x5/0x10 [ 2891.865061] kmem_cache_alloc+0x5b/0x480 [ 2891.865077] create_object.isra.0+0x3a/0xa20 [ 2891.865092] ? kasan_unpoison+0x23/0x50 [ 2891.865111] kmem_cache_alloc+0x239/0x480 [ 2891.865126] getname_flags.part.0+0x50/0x4f0 [ 2891.865148] getname+0x8e/0xd0 [ 2891.865163] do_sys_openat2+0xf5/0x4c0 [ 2891.865176] ? build_open_flags+0x6f0/0x6f0 [ 2891.865189] ? lock_is_held_type+0xd7/0x130 [ 2891.865213] __x64_sys_openat+0x13f/0x1f0 [ 2891.865225] ? __ia32_compat_sys_open+0x1c0/0x1c0 [ 2891.865242] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2891.865263] do_syscall_64+0x3b/0x90 [ 2891.865276] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2891.865297] RIP: 0033:0x7f5cae066b19 [ 2891.865305] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2891.865317] RSP: 002b:00007f5cab5dc188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 2891.865329] RAX: ffffffffffffffda RBX: 00007f5cae179f60 RCX: 00007f5cae066b19 [ 2891.865337] RDX: 0000000000000000 RSI: 0000000020000040 RDI: ffffffffffffff9c [ 2891.865344] RBP: 00007f5cab5dc1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2891.865351] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2891.865358] R13: 00007ffd634c8cef R14: 00007f5cab5dc300 R15: 0000000000022000 [ 2891.865378] [ 2908.868481] kmemleak: 20 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 03:01:24 executing program 1: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x6a8, @fixed}, 0xe) 03:01:24 executing program 4: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80800) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000240)) r3 = open(&(0x7f00000000c0)='./file0\x00', 0x680000, 0x1) ioctl$LOOP_CHANGE_FD(r2, 0x4c06, r2) sendmsg$IPSET_CMD_DEL(r3, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x78, 0xa, 0x6, 0x301, 0x0, 0x0, {0x5, 0x0, 0x7}, [@IPSET_ATTR_ADT={0x2c, 0x8, 0x0, 0x1, [{0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_CIDR={0x5, 0x3, 0x3}}, {0x10, 0x7, 0x0, 0x1, @IPSET_ATTR_PACKETS={0xc, 0x19, 0x1, 0x0, 0x3ff}}, {0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_CADT_FLAGS={0x8, 0x8, 0x1, 0x0, 0x91}}]}, @IPSET_ATTR_DATA={0x38, 0x7, 0x0, 0x1, [@IPSET_ATTR_MARK={0x8, 0xa, 0x1, 0x0, 0x6}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @rand_addr=0x64010101}}, @IPSET_ATTR_IP={0x18, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV6={0x14, 0x2, 0x1, 0x0, @loopback}}, @IPSET_ATTR_CIDR2={0x5, 0x15, 0x7f}]}]}, 0x78}, 0x1, 0x0, 0x0, 0x44001}, 0x40884) setsockopt$SO_TIMESTAMP(r2, 0x1, 0x23, &(0x7f0000000080)=0x9, 0x4) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @fixed}, 0xe) 03:01:24 executing program 5: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) r2 = syz_open_dev$vcsa(0x0, 0xdda, 0x0) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, 0x0) syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) r5 = epoll_create1(0x0) syz_io_uring_submit(r3, r4, &(0x7f00000001c0)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd=r5, 0x0, 0x0, 0x0, 0x4453b12db9d9fce9}, 0x0) r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2000000, 0x10, r2, 0x10000000) r7 = io_uring_register$IORING_REGISTER_PERSONALITY(r2, 0x9, 0x0, 0x0) syz_io_uring_submit(r3, r6, &(0x7f0000000000)=@IORING_OP_SEND={0x1a, 0x4, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000080)="04bcaa4e40c2f1413ad497a26b5fc900bb9ad825cd8d172ee9d313019395e5884d2150d009f76d71a5fa4ee2e9fc69002e8cb6dcbf9b24f6a7b2736edfb819e5d8711ba22300270d9cc97bd2bf6a8606f6ead1ad33d8b418115c", 0x5a, 0x4000001, 0x1, {0x0, r7}}, 0x2) io_uring_enter(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0, 0x0) io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x0, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, 0xffffffffffffffff) ioctl$F2FS_IOC_RESIZE_FS(r1, 0x4008f510, &(0x7f0000000180)=0xfffffffffffffffc) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) gettid() 03:01:24 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000000500), &(0x7f0000000540)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x5c62, &(0x7f0000000340)={0x0, 0xb702, 0x10, 0x0, 0x3cd}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000200), &(0x7f00000003c0)) (fail_nth: 95) openat(r0, &(0x7f0000000140)='./file1\x00', 0x404000, 0x180) 03:01:24 executing program 0: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x8) 03:01:24 executing program 2: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) (fail_nth: 3) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, 0x0) ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) 03:01:24 executing program 3: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @fixed, 0x0, 0x2}, 0xe) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) 03:01:24 executing program 6: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x0, 0x8a, 0x9, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) r7 = gettid() perf_event_open(0x0, r7, 0x1, 0xffffffffffffffff, 0x8) [ 2916.051315] FAULT_INJECTION: forcing a failure. [ 2916.051315] name failslab, interval 1, probability 0, space 0, times 0 [ 2916.051353] CPU: 0 PID: 9297 Comm: syz-executor.7 Not tainted 5.18.0-rc4-next-20220427 #1 [ 2916.051377] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2916.051392] Call Trace: [ 2916.051398] [ 2916.051406] dump_stack_lvl+0x8b/0xb3 [ 2916.051445] should_fail.cold+0x5/0xa [ 2916.051469] ? ptlock_alloc+0x1d/0x70 [ 2916.051503] should_failslab+0x5/0x10 [ 2916.051532] kmem_cache_alloc+0x5b/0x480 [ 2916.051562] ptlock_alloc+0x1d/0x70 [ 2916.051594] pte_alloc_one+0x68/0x1f0 [ 2916.051627] __pte_alloc+0x69/0x200 [ 2916.051655] ? pmd_install+0x260/0x260 [ 2916.051702] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2916.051741] ? pat_pagerange_is_ram+0xa8/0x140 [ 2916.051769] remap_pfn_range_notrack+0x99b/0xf50 [ 2916.051811] ? lookup_memtype+0x5b/0x1f0 [ 2916.051850] ? apply_to_existing_page_range+0x40/0x40 [ 2916.051887] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2916.051929] remap_pfn_range+0xc6/0x140 [ 2916.051960] ? remap_pfn_range_notrack+0xf50/0xf50 [ 2916.051988] ? lock_is_held_type+0xd7/0x130 [ 2916.052034] io_uring_mmap+0x3da/0x3ee 03:01:24 executing program 1: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x6a8, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x2}}, 0xe) 03:01:24 executing program 0: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x8) [ 2916.052070] mmap_region+0x6c2/0x1a70 [ 2916.052109] ? do_munmap+0x100/0x100 [ 2916.052140] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2916.052172] ? security_mmap_addr+0x79/0xa0 [ 2916.052204] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2916.052237] ? get_unmapped_area+0x2f0/0x3d0 03:01:24 executing program 5: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/slabinfo\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0) write$binfmt_aout(r1, &(0x7f0000000c40)=ANY=[], 0x820) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$AUTOFS_IOC_CATATONIC(r0, 0x9362, 0x0) sendfile(r1, r2, 0x0, 0x7fffffff) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0) write$binfmt_aout(r3, &(0x7f0000000c40)=ANY=[], 0x820) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) sendfile(r3, r4, 0x0, 0x7fffffff) openat(r4, 0x0, 0x0, 0x0) syz_open_dev$vcsa(0x0, 0xdda, 0x0) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x0, &(0x7f00000001c0)=0x6, 0x4) dup2(r2, 0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) gettid() [ 2916.052278] do_mmap+0x824/0xf40 [ 2916.052311] vm_mmap_pgoff+0x1b5/0x280 [ 2916.052354] ? randomize_stack_top+0x100/0x100 [ 2916.052388] ? __fget_files+0x287/0x470 03:01:24 executing program 2: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) (fail_nth: 4) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, 0x0) ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) [ 2916.052438] ksys_mmap_pgoff+0x3cc/0x4f0 [ 2916.052467] do_syscall_64+0x3b/0x90 [ 2916.052491] entry_SYSCALL_64_after_hwframe+0x44/0xae 03:01:24 executing program 3: syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) getsockopt$bt_l2cap_L2CAP_LM(0xffffffffffffffff, 0x6, 0x3, &(0x7f0000000140), &(0x7f0000000180)=0x4) connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000000040)={0x1f, 0x1, @none, 0x0, 0x2}, 0xe) r0 = accept4$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast1}, &(0x7f0000000080)=0x1c, 0x80800) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r2, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) r5 = socket$nl_audit(0x10, 0x3, 0x9) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000340)={'sit0\x00', 0x0}) sendmsg$ETHTOOL_MSG_RINGS_SET(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)=ANY=[@ANYBLOB="4eedd744", @ANYRES16=r4, @ANYBLOB="01000000000000000000060000000c00018008000100", @ANYRES32=r6, @ANYBLOB], 0x20}}, 0x0) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f00000000c0)={@loopback, @private1, @mcast2, 0x159b06fc, 0xd0c, 0x1, 0x400, 0x5, 0x40000002, r6}) dup2(r1, r2) r7 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r7, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r7) ioctl$BTRFS_IOC_SCRUB(0xffffffffffffffff, 0xc400941b, &(0x7f0000000380)={0x0, 0x80000001, 0x647, 0x1}) dup(r1) write(r0, &(0x7f00000000c0), 0x0) [ 2916.052521] RIP: 0033:0x7f1ab7761b62 [ 2916.052537] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 2916.052558] RSP: 002b:00007f1ab4cd70f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 2916.052579] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f1ab7761b62 [ 2916.052594] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffc000 [ 2916.052607] RBP: 0000000020ffc000 R08: 0000000000000006 R09: 0000000000000000 [ 2916.052619] R10: 0000000000008011 R11: 0000000000000206 R12: 00000000200003c0 [ 2916.052633] R13: 0000000020ffd000 R14: 0000000020000200 R15: 0000000020ffc000 03:01:24 executing program 1: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x6a8, @fixed}, 0xe) 03:01:24 executing program 6: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x0, 0x8a, 0x9, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) r7 = gettid() perf_event_open(0x0, r7, 0x1, 0xffffffffffffffff, 0x8) [ 2916.052681] [ 2916.071747] FAULT_INJECTION: forcing a failure. [ 2916.071747] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2916.071790] CPU: 1 PID: 9308 Comm: syz-executor.2 Not tainted 5.18.0-rc4-next-20220427 #1 [ 2916.071810] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 03:01:24 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000000500), &(0x7f0000000540)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x5c62, &(0x7f0000000340)={0x0, 0xb702, 0x10, 0x0, 0x3cd}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000200), &(0x7f00000003c0)) (fail_nth: 96) openat(r0, &(0x7f0000000140)='./file1\x00', 0x404000, 0x180) [ 2916.071819] Call Trace: [ 2916.071823] [ 2916.071828] dump_stack_lvl+0x8b/0xb3 [ 2916.071849] should_fail.cold+0x5/0xa [ 2916.071863] strncpy_from_user+0x34/0x3d0 [ 2916.071885] getname_flags.part.0+0x95/0x4f0 [ 2916.071908] getname+0x8e/0xd0 [ 2916.071923] do_sys_openat2+0xf5/0x4c0 [ 2916.071937] ? build_open_flags+0x6f0/0x6f0 [ 2916.071950] ? lock_is_held_type+0xd7/0x130 [ 2916.071978] __x64_sys_openat+0x13f/0x1f0 [ 2916.071992] ? __ia32_compat_sys_open+0x1c0/0x1c0 [ 2916.072008] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2916.072030] do_syscall_64+0x3b/0x90 [ 2916.072043] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2916.072059] RIP: 0033:0x7f5cae066b19 [ 2916.072068] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2916.072080] RSP: 002b:00007f5cab5dc188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 2916.072092] RAX: ffffffffffffffda RBX: 00007f5cae179f60 RCX: 00007f5cae066b19 [ 2916.072100] RDX: 0000000000000000 RSI: 0000000020000040 RDI: ffffffffffffff9c [ 2916.072107] RBP: 00007f5cab5dc1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2916.072114] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2916.072121] R13: 00007ffd634c8cef R14: 00007f5cab5dc300 R15: 0000000000022000 [ 2916.072141] [ 2916.240349] FAULT_INJECTION: forcing a failure. [ 2916.240349] name failslab, interval 1, probability 0, space 0, times 0 [ 2916.240383] CPU: 0 PID: 9322 Comm: syz-executor.2 Not tainted 5.18.0-rc4-next-20220427 #1 [ 2916.240408] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2916.240428] Call Trace: [ 2916.240434] [ 2916.240441] dump_stack_lvl+0x8b/0xb3 [ 2916.240479] should_fail.cold+0x5/0xa [ 2916.240502] ? __alloc_file+0x21/0x230 [ 2916.240533] should_failslab+0x5/0x10 [ 2916.240562] kmem_cache_alloc+0x5b/0x480 [ 2916.240591] __alloc_file+0x21/0x230 [ 2916.240620] alloc_empty_file+0x6d/0x170 [ 2916.240651] path_openat+0xe1/0x2870 [ 2916.240717] ? path_lookupat+0x850/0x850 [ 2916.240746] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 2916.240787] ? lock_is_held_type+0xd7/0x130 [ 2916.240825] do_filp_open+0x1aa/0x400 [ 2916.240856] ? may_open_dev+0xf0/0xf0 [ 2916.240887] ? lock_release+0x3b2/0x750 [ 2916.240913] ? alloc_fd+0x2f0/0x670 [ 2916.240947] ? lock_downgrade+0x6d0/0x6d0 [ 2916.240978] ? rwlock_bug.part.0+0x90/0x90 [ 2916.241010] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2916.241044] ? _find_next_bit+0x1e5/0x260 [ 2916.241082] ? _raw_spin_unlock+0x24/0x40 [ 2916.241107] ? alloc_fd+0x2f0/0x670 [ 2916.241154] do_sys_openat2+0x16d/0x4c0 [ 2916.241179] ? build_open_flags+0x6f0/0x6f0 [ 2916.241203] ? lock_is_held_type+0xd7/0x130 [ 2916.241247] __x64_sys_openat+0x13f/0x1f0 [ 2916.241271] ? __ia32_compat_sys_open+0x1c0/0x1c0 [ 2916.241304] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2916.241344] do_syscall_64+0x3b/0x90 [ 2916.241368] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2916.241397] RIP: 0033:0x7f5cae066b19 [ 2916.241414] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2916.241435] RSP: 002b:00007f5cab5dc188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 2916.241456] RAX: ffffffffffffffda RBX: 00007f5cae179f60 RCX: 00007f5cae066b19 [ 2916.241471] RDX: 0000000000000000 RSI: 0000000020000040 RDI: ffffffffffffff9c [ 2916.241485] RBP: 00007f5cab5dc1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2916.241498] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2916.241510] R13: 00007ffd634c8cef R14: 00007f5cab5dc300 R15: 0000000000022000 [ 2916.241548] [ 2916.280731] FAULT_INJECTION: forcing a failure. [ 2916.280731] name failslab, interval 1, probability 0, space 0, times 0 [ 2916.280753] CPU: 1 PID: 9327 Comm: syz-executor.7 Not tainted 5.18.0-rc4-next-20220427 #1 [ 2916.280766] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2916.280775] Call Trace: [ 2916.280779] [ 2916.280784] dump_stack_lvl+0x8b/0xb3 [ 2916.280805] should_fail.cold+0x5/0xa [ 2916.280818] ? create_object.isra.0+0x3a/0xa20 [ 2916.280838] should_failslab+0x5/0x10 [ 2916.280855] kmem_cache_alloc+0x5b/0x480 [ 2916.280872] create_object.isra.0+0x3a/0xa20 [ 2916.280888] ? kasan_unpoison+0x23/0x50 [ 2916.280906] kmem_cache_alloc+0x239/0x480 [ 2916.280921] ptlock_alloc+0x1d/0x70 [ 2916.280938] pte_alloc_one+0x68/0x1f0 [ 2916.280957] __pte_alloc+0x69/0x200 [ 2916.280972] ? pmd_install+0x260/0x260 [ 2916.280989] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2916.281008] ? pat_pagerange_is_ram+0xa8/0x140 [ 2916.281023] remap_pfn_range_notrack+0x99b/0xf50 [ 2916.281044] ? lookup_memtype+0x5b/0x1f0 [ 2916.281065] ? apply_to_existing_page_range+0x40/0x40 [ 2916.281085] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2916.281108] remap_pfn_range+0xc6/0x140 [ 2916.281125] ? remap_pfn_range_notrack+0xf50/0xf50 [ 2916.281140] ? lock_is_held_type+0xd7/0x130 [ 2916.281165] io_uring_mmap+0x3da/0x3ee [ 2916.281183] mmap_region+0x6c2/0x1a70 [ 2916.281204] ? do_munmap+0x100/0x100 [ 2916.281220] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2916.281238] ? security_mmap_addr+0x79/0xa0 [ 2916.281256] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2916.281274] ? get_unmapped_area+0x2f0/0x3d0 [ 2916.281296] do_mmap+0x824/0xf40 [ 2916.281314] vm_mmap_pgoff+0x1b5/0x280 [ 2916.281337] ? randomize_stack_top+0x100/0x100 [ 2916.281356] ? __fget_files+0x287/0x470 [ 2916.281386] ksys_mmap_pgoff+0x3cc/0x4f0 [ 2916.281401] do_syscall_64+0x3b/0x90 [ 2916.281415] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2916.281431] RIP: 0033:0x7f1ab7761b62 [ 2916.281441] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 2916.281452] RSP: 002b:00007f1ab4cd70f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 2916.281464] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f1ab7761b62 [ 2916.281472] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffc000 [ 2916.281480] RBP: 0000000020ffc000 R08: 0000000000000006 R09: 0000000000000000 [ 2916.281486] R10: 0000000000008011 R11: 0000000000000206 R12: 00000000200003c0 [ 2916.281493] R13: 0000000020ffd000 R14: 0000000020000200 R15: 0000000020ffc000 [ 2916.281514] [ 2929.446701] kmemleak: 4 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 03:01:45 executing program 5: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) openat(0xffffffffffffff9c, 0x0, 0x0, 0x130) syz_open_dev$vcsa(0x0, 0xdda, 0x0) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) r1 = socket$inet6_icmp(0xa, 0x2, 0x3a) preadv(r1, &(0x7f0000001480)=[{&(0x7f0000000200)=""/4096, 0x1000}, {&(0x7f0000000080)=""/191, 0xbf}, {&(0x7f0000000000)=""/60, 0x3c}, {&(0x7f0000001200)=""/255, 0xff}, {&(0x7f0000001300)=""/208, 0xd0}, {&(0x7f0000000140)=""/51, 0x33}, {&(0x7f0000000180)=""/24, 0x18}, {&(0x7f0000001400)=""/75, 0x4b}], 0x8, 0x7, 0x0) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x0, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) gettid() 03:01:45 executing program 0: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x8) 03:01:45 executing program 4: connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000000040)={0x1f, 0x1, @fixed}, 0xe) readahead(0xffffffffffffffff, 0x50d0, 0x4) 03:01:45 executing program 6: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x0, 0x8a, 0x9, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) r7 = gettid() perf_event_open(0x0, r7, 0x1, 0xffffffffffffffff, 0x8) 03:01:45 executing program 2: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) (fail_nth: 5) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, 0x0) ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) 03:01:45 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000000500), &(0x7f0000000540)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x5c62, &(0x7f0000000340)={0x0, 0xb702, 0x10, 0x0, 0x3cd}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000200), &(0x7f00000003c0)) (fail_nth: 97) openat(r0, &(0x7f0000000140)='./file1\x00', 0x404000, 0x180) 03:01:45 executing program 3: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0) write$binfmt_aout(r1, &(0x7f0000000c40)=ANY=[], 0x820) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x22180, 0x0) sendfile(r1, r2, 0x0, 0x7fffffff) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0xe}, 0x8}, 0xe) openat(0xffffffffffffffff, &(0x7f0000000080)='./file1\x00', 0x1, 0x14d) 03:01:45 executing program 1: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x6a8, @fixed, 0x2}, 0xe) [ 2936.692655] FAULT_INJECTION: forcing a failure. [ 2936.692655] name failslab, interval 1, probability 0, space 0, times 0 [ 2936.692692] CPU: 0 PID: 9340 Comm: syz-executor.2 Not tainted 5.18.0-rc4-next-20220427 #1 [ 2936.692717] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2936.692733] Call Trace: [ 2936.692739] [ 2936.692747] dump_stack_lvl+0x8b/0xb3 [ 2936.692781] should_fail.cold+0x5/0xa [ 2936.692805] ? create_object.isra.0+0x3a/0xa20 [ 2936.692845] should_failslab+0x5/0x10 [ 2936.692875] kmem_cache_alloc+0x5b/0x480 [ 2936.692906] create_object.isra.0+0x3a/0xa20 [ 2936.692936] ? kasan_unpoison+0x23/0x50 [ 2936.692972] kmem_cache_alloc+0x239/0x480 [ 2936.693001] __alloc_file+0x21/0x230 [ 2936.693032] alloc_empty_file+0x6d/0x170 [ 2936.693065] path_openat+0xe1/0x2870 [ 2936.693113] ? path_lookupat+0x850/0x850 [ 2936.693144] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 2936.693187] ? lock_is_held_type+0xd7/0x130 [ 2936.693228] do_filp_open+0x1aa/0x400 [ 2936.693260] ? may_open_dev+0xf0/0xf0 [ 2936.693294] ? lock_release+0x3b2/0x750 [ 2936.693322] ? alloc_fd+0x2f0/0x670 [ 2936.693358] ? lock_downgrade+0x6d0/0x6d0 [ 2936.693392] ? rwlock_bug.part.0+0x90/0x90 [ 2936.693430] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2936.693467] ? _find_next_bit+0x1e5/0x260 03:01:45 executing program 5: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) r1 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) r2 = syz_open_dev$vcsa(0x0, 0xdda, 0x0) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x0, &(0x7f00000001c0)=0x6, 0x4) r3 = dup2(0xffffffffffffffff, 0xffffffffffffffff) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0) write$binfmt_aout(r4, &(0x7f0000000c40)=ANY=[], 0x820) r5 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) sendfile(r4, r5, 0x0, 0x7fffffff) r6 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0) write$binfmt_aout(r6, &(0x7f0000000c40)=ANY=[], 0x820) r7 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) sendfile(r6, r7, 0x0, 0x7fffffff) io_submit(0x0, 0x4, &(0x7f00000004c0)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x7, 0x3ff, r3, &(0x7f0000000080)="c86ba7ce1b9c6a1e948a18446f271ca7083a2f1cfc26256959f50149ee5ef9c205c55511f754540596825125311532282a99476419d29ce195c8fcc7bf18a8ea08bad8eefc4ac6f05ac12bd362638353483c720c94847e0f36626a202a0e5a611e0becf79cfb3ac4b2cbf28fc702f390ed6198a8da0db2905a614ed59cc67e78426b2e4a04250722008b0f2f2608ee114d2871877017", 0x96, 0x8, 0x0, 0x3, r2}, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2, 0x7, 0xffffffffffffffff, &(0x7f0000000200)="4ac0c8365fdd5e127c1f583809496e7cdab1eee4ec9e7d5763648d8baa1f2fa27ed50b806f158e94f7385c5c8254397f452f59bdfe4dce3251225b1ab034eb9e2236cc43f1820039039bf427d88076ad579927bd2597644a233362c9cf8a7b438726c80a5dbd1008f86ce3447fc3463e9beb4f4f05841d7aea2d87b51575ebc08bac95c0e8b49e6432100eedb05060b97c35d56940f1b4", 0x97, 0x3, 0x0, 0x3, r5}, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x7, 0x1ff, r0, &(0x7f00000002c0)="c9a2ba5fe14601052cc19ab463eacabac871db9ed867b9fdabde38b164aecf99e2d9a16168801b1597e37db2d9814ae12dcdd267afd70529c44fd36a9e1fd3219e9e6f320c3b8f74bad4753f208f679a8bfed9b6f787ad688af0106469bf9163d1a85b1b2698240ce40dbac6f5c397d877b07781f673a413b12ecb22d34f2246e6311662794b018ebb4b653f63414d88d0dd64c4437b809ee6b45470191498b2ad18bf5f3b148a95b338cda7d14dc92d0519fca124760a37d66a8537cc6f7881d25c62a20e91afe2a0", 0xc9, 0x5, 0x0, 0x3, r1}, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x8, 0x9, r1, &(0x7f0000000400)="2b0056d57c6207560b13106bb1aae986033075114e3f4ecb2c33b70fda387b5e5e8907e809244f8e3eca006d4a0f6104286ac35ff4ce0dd3eded84524c1737ae566419db425e50a80fc72f71b92d84ae42caaae3d554d9dff3d297bd16aed1cbc9d53f198eab97497be09f4a1cb73432cece019ad1b06aeb74a7", 0x7a, 0x8, 0x0, 0x0, r6}]) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) gettid() [ 2936.693507] ? _raw_spin_unlock+0x24/0x40 [ 2936.693534] ? alloc_fd+0x2f0/0x670 03:01:45 executing program 6: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x0, 0x8a, 0x9, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) r7 = gettid() perf_event_open(0x0, r7, 0x1, 0xffffffffffffffff, 0x8) [ 2936.693584] do_sys_openat2+0x16d/0x4c0 [ 2936.693611] ? build_open_flags+0x6f0/0x6f0 [ 2936.693636] ? lock_is_held_type+0xd7/0x130 [ 2936.693681] __x64_sys_openat+0x13f/0x1f0 03:01:45 executing program 3: ioctl$sock_SIOCGIFVLAN_DEL_VLAN_CMD(0xffffffffffffffff, 0x8982, &(0x7f0000000180)={0x1, 'ipvlan1\x00', {}, 0x1000}) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) bind$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x6, @any, 0x20, 0x2}, 0xe) ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f00000001c0)) fgetxattr(0xffffffffffffffff, &(0x7f0000000080)=@known='trusted.overlay.metacopy\x00', &(0x7f00000000c0)=""/129, 0x81) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @fixed, 0x0, 0x2}, 0xe) [ 2936.693705] ? __ia32_compat_sys_open+0x1c0/0x1c0 [ 2936.693737] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2936.693780] do_syscall_64+0x3b/0x90 [ 2936.693805] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2936.693836] RIP: 0033:0x7f5cae066b19 [ 2936.693853] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 03:01:45 executing program 1: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x6a8, @fixed}, 0xe) [ 2936.693876] RSP: 002b:00007f5cab5dc188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 03:01:45 executing program 4: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x1, @fixed}, 0xe) [ 2936.693898] RAX: ffffffffffffffda RBX: 00007f5cae179f60 RCX: 00007f5cae066b19 [ 2936.693914] RDX: 0000000000000000 RSI: 0000000020000040 RDI: ffffffffffffff9c [ 2936.693928] RBP: 00007f5cab5dc1d0 R08: 0000000000000000 R09: 0000000000000000 03:01:45 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000000500), &(0x7f0000000540)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x5c62, &(0x7f0000000340)={0x0, 0xb702, 0x10, 0x0, 0x3cd}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000200), &(0x7f00000003c0)) (fail_nth: 98) openat(r0, &(0x7f0000000140)='./file1\x00', 0x404000, 0x180) [ 2936.693941] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2936.693954] R13: 00007ffd634c8cef R14: 00007f5cab5dc300 R15: 0000000000022000 [ 2936.693994] [ 2936.760147] FAULT_INJECTION: forcing a failure. [ 2936.760147] name fail_page_alloc, interval 1, probability 0, space 0, times 0 03:01:45 executing program 5: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) r1 = syz_open_dev$vcsa(0x0, 0xdda, 0x0) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) ioctl$INCFS_IOC_PERMIT_FILL(r1, 0x40046721, &(0x7f00000002c0)) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x0, &(0x7f00000001c0)=0x6, 0x4) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000700)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000680)={0x24, r3, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x9}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_GET_COALESCE(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, r3, 0x300, 0x70bd2a, 0x25dfdbfd, {{}, {@void, @void, @void}}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40}, 0x4004800) dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000700)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000680)={0x24, r5, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x9}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_GET_SCAN(r0, &(0x7f0000000280)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000240)={&(0x7f0000000180)={0x20, r5, 0x400, 0x70bd28, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0x1, 0x74}}}}, ["", "", "", "", ""]}, 0x20}}, 0x800) gettid() [ 2936.760169] CPU: 1 PID: 9350 Comm: syz-executor.7 Not tainted 5.18.0-rc4-next-20220427 #1 [ 2936.760182] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2936.760191] Call Trace: [ 2936.760195] [ 2936.760199] dump_stack_lvl+0x8b/0xb3 [ 2936.760220] should_fail.cold+0x5/0xa [ 2936.760235] prepare_alloc_pages+0x17b/0x500 [ 2936.760262] __alloc_pages+0x131/0x4e0 [ 2936.760276] ? __alloc_pages_slowpath.constprop.0+0x1f10/0x1f10 [ 2936.760290] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 2936.760307] ? lock_is_held_type+0xd7/0x130 [ 2936.760333] ? lock_is_held_type+0xd7/0x130 03:01:45 executing program 2: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) (fail_nth: 6) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, 0x0) ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) [ 2936.760352] alloc_pages+0x1a0/0x2f0 [ 2936.760371] pte_alloc_one+0x16/0x1f0 [ 2936.760390] __pte_alloc+0x69/0x200 [ 2936.760405] ? pmd_install+0x260/0x260 [ 2936.760427] ? do_raw_spin_unlock+0x4f/0x210 [ 2936.760445] remap_pfn_range_notrack+0x99b/0xf50 [ 2936.760478] ? apply_to_existing_page_range+0x40/0x40 [ 2936.760498] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2936.760522] remap_pfn_range+0xc6/0x140 [ 2936.760538] ? remap_pfn_range_notrack+0xf50/0xf50 [ 2936.760554] ? lock_is_held_type+0xd7/0x130 [ 2936.760577] io_uring_mmap+0x3da/0x3ee [ 2936.760596] mmap_region+0x6c2/0x1a70 [ 2936.760617] ? do_munmap+0x100/0x100 [ 2936.760633] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 03:01:45 executing program 3: syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) openat$vcsu(0xffffffffffffff9c, &(0x7f0000000000), 0x490001, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0) write$binfmt_aout(r0, &(0x7f0000000c40)=ANY=[], 0x820) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x7fffffff) connect$bt_l2cap(r1, &(0x7f0000000040)={0x1f, 0x1, @fixed, 0x4, 0x1}, 0xe) [ 2936.760651] ? security_mmap_addr+0x79/0xa0 [ 2936.760669] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2936.760687] ? get_unmapped_area+0x2f0/0x3d0 [ 2936.760709] do_mmap+0x824/0xf40 [ 2936.760727] vm_mmap_pgoff+0x1b5/0x280 [ 2936.760750] ? randomize_stack_top+0x100/0x100 [ 2936.760769] ? __fget_files+0x287/0x470 [ 2936.760796] ksys_mmap_pgoff+0x3cc/0x4f0 [ 2936.760811] do_syscall_64+0x3b/0x90 [ 2936.760824] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2936.760840] RIP: 0033:0x7f1ab7761b62 [ 2936.760850] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 2936.760861] RSP: 002b:00007f1ab4cd70f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 2936.760873] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f1ab7761b62 [ 2936.760881] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffc000 [ 2936.760888] RBP: 0000000020ffc000 R08: 0000000000000006 R09: 0000000000000000 [ 2936.760895] R10: 0000000000008011 R11: 0000000000000206 R12: 00000000200003c0 [ 2936.760902] R13: 0000000020ffd000 R14: 0000000020000200 R15: 0000000020ffc000 [ 2936.760923] [ 2936.907681] FAULT_INJECTION: forcing a failure. [ 2936.907681] name failslab, interval 1, probability 0, space 0, times 0 [ 2936.907704] CPU: 1 PID: 9364 Comm: syz-executor.7 Not tainted 5.18.0-rc4-next-20220427 #1 [ 2936.907718] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2936.907726] Call Trace: [ 2936.907729] [ 2936.907734] dump_stack_lvl+0x8b/0xb3 [ 2936.907756] should_fail.cold+0x5/0xa [ 2936.907769] ? ptlock_alloc+0x1d/0x70 [ 2936.907789] should_failslab+0x5/0x10 [ 2936.907806] kmem_cache_alloc+0x5b/0x480 [ 2936.907823] ptlock_alloc+0x1d/0x70 [ 2936.907840] pte_alloc_one+0x68/0x1f0 [ 2936.907859] __pte_alloc+0x69/0x200 [ 2936.907874] ? pmd_install+0x260/0x260 [ 2936.907892] ? do_raw_spin_unlock+0x4f/0x210 [ 2936.907912] remap_pfn_range_notrack+0x99b/0xf50 [ 2936.907944] ? apply_to_existing_page_range+0x40/0x40 [ 2936.907964] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2936.907989] remap_pfn_range+0xc6/0x140 [ 2936.908005] ? remap_pfn_range_notrack+0xf50/0xf50 [ 2936.908020] ? lock_is_held_type+0xd7/0x130 [ 2936.908045] io_uring_mmap+0x3da/0x3ee [ 2936.908064] mmap_region+0x6c2/0x1a70 [ 2936.908086] ? do_munmap+0x100/0x100 [ 2936.908102] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2936.908119] ? security_mmap_addr+0x79/0xa0 [ 2936.908141] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2936.908159] ? get_unmapped_area+0x2f0/0x3d0 [ 2936.908181] do_mmap+0x824/0xf40 [ 2936.908199] vm_mmap_pgoff+0x1b5/0x280 [ 2936.908222] ? randomize_stack_top+0x100/0x100 [ 2936.908241] ? __fget_files+0x287/0x470 [ 2936.908268] ksys_mmap_pgoff+0x3cc/0x4f0 [ 2936.908284] do_syscall_64+0x3b/0x90 [ 2936.908298] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2936.908314] RIP: 0033:0x7f1ab7761b62 [ 2936.908323] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 2936.908334] RSP: 002b:00007f1ab4cd70f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 2936.908346] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f1ab7761b62 [ 2936.908353] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffc000 [ 2936.908361] RBP: 0000000020ffc000 R08: 0000000000000006 R09: 0000000000000000 [ 2936.908367] R10: 0000000000008011 R11: 0000000000000206 R12: 00000000200003c0 [ 2936.908374] R13: 0000000020ffd000 R14: 0000000020000200 R15: 0000000020ffc000 [ 2936.908395] [ 2936.968304] FAULT_INJECTION: forcing a failure. [ 2936.968304] name failslab, interval 1, probability 0, space 0, times 0 [ 2936.968336] CPU: 0 PID: 9370 Comm: syz-executor.2 Not tainted 5.18.0-rc4-next-20220427 #1 [ 2936.968364] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2936.968379] Call Trace: [ 2936.968384] [ 2936.968392] dump_stack_lvl+0x8b/0xb3 [ 2936.968430] should_fail.cold+0x5/0xa [ 2936.968456] ? security_file_alloc+0x34/0x170 [ 2936.968488] should_failslab+0x5/0x10 [ 2936.968518] kmem_cache_alloc+0x5b/0x480 [ 2936.968546] security_file_alloc+0x34/0x170 [ 2936.968577] __alloc_file+0xb6/0x230 [ 2936.968607] alloc_empty_file+0x6d/0x170 [ 2936.968638] path_openat+0xe1/0x2870 [ 2936.968682] ? path_lookupat+0x850/0x850 [ 2936.968710] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 2936.968750] ? lock_is_held_type+0xd7/0x130 [ 2936.968789] do_filp_open+0x1aa/0x400 [ 2936.968818] ? may_open_dev+0xf0/0xf0 [ 2936.968850] ? lock_release+0x3b2/0x750 [ 2936.968876] ? alloc_fd+0x2f0/0x670 [ 2936.968908] ? lock_downgrade+0x6d0/0x6d0 [ 2936.968940] ? rwlock_bug.part.0+0x90/0x90 [ 2936.968971] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2936.969005] ? _find_next_bit+0x1e5/0x260 [ 2936.969043] ? _raw_spin_unlock+0x24/0x40 [ 2936.969067] ? alloc_fd+0x2f0/0x670 [ 2936.969114] do_sys_openat2+0x16d/0x4c0 [ 2936.969139] ? build_open_flags+0x6f0/0x6f0 [ 2936.969162] ? lock_is_held_type+0xd7/0x130 [ 2936.969205] __x64_sys_openat+0x13f/0x1f0 [ 2936.969227] ? __ia32_compat_sys_open+0x1c0/0x1c0 [ 2936.969257] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2936.969297] do_syscall_64+0x3b/0x90 [ 2936.969321] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2936.969349] RIP: 0033:0x7f5cae066b19 [ 2936.969365] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2936.969386] RSP: 002b:00007f5cab5dc188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 2936.969407] RAX: ffffffffffffffda RBX: 00007f5cae179f60 RCX: 00007f5cae066b19 [ 2936.969422] RDX: 0000000000000000 RSI: 0000000020000040 RDI: ffffffffffffff9c [ 2936.969435] RBP: 00007f5cab5dc1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2936.969448] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2936.969460] R13: 00007ffd634c8cef R14: 00007f5cab5dc300 R15: 0000000000022000 [ 2936.969497] [ 2950.567658] kmemleak: 4 new suspected memory leaks (see /sys/kernel/debug/kmemleak) 03:02:08 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000000500), &(0x7f0000000540)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x5c62, &(0x7f0000000340)={0x0, 0xb702, 0x10, 0x0, 0x3cd}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000200), &(0x7f00000003c0)) (fail_nth: 99) openat(r0, &(0x7f0000000140)='./file1\x00', 0x404000, 0x180) 03:02:08 executing program 6: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x0, 0x8a, 0x9, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) r7 = gettid() perf_event_open(0x0, r7, 0x1, 0xffffffffffffffff, 0x8) 03:02:08 executing program 0: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x8) 03:02:08 executing program 4: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @fixed}, 0xe) openat$hpet(0xffffffffffffff9c, &(0x7f0000000080), 0x200000, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000000)=0x5001, 0x4) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r2, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) r3 = dup2(r1, r2) r4 = syz_open_dev$vcsn(&(0x7f0000000240), 0x5, 0x301) ioctl$BTRFS_IOC_ADD_DEV(r2, 0x5000940a, &(0x7f0000000440)={{r4}, "465c9f7fa09884248c843d5555faf6a06af3635cb4e13573a266bd87d8f09688f93551a48cdb068af69ce664968f7b09026c62ce20a42835e5760162ad3a54899f757d2fd607f4acaecac2932c1852ebf3065292c0a01bad22131eebad6b0efb1db4e9cbc1f3a1e84b6bd63ac61e81d94d76a867b1d44968a05d5da90607237a77016a3c3808c0389431b8e9f8edd3f7b1e243cd44fc638b4f397503424fcfd5425b7d75479d906309cd3cdba1cf54ef21c157cc43ad12765e48a86a94187d0126490ef28a94837ab596f2a94304bfc817045585b68b73a5dd2f5886563ca3cbbf9544092adf2adc94d83089cdff9f98fd23c5fc82e411534e2723da29e4799dc2b1a24f5f619b58e330af766171ff2d1e84a6fb2045b0483ccdcf880c5338a1287af39681d0ceb22086c75aa397314153d116619f1f3d006e1874c6dfbd3e162ee41d3d33d3639673cad5b335f196dd557781708f7b544fbf9fa18e4957100064c7f098c0f6c82a7029025dca778993ca69fbc3535c7cda6322362737e1b87404f50ee2dec2c20e68689643cc0e197be1094d4174ffba5c87fcdc35d880ac195ee55c8b597415dcc315e25a6e7a16108ae855311679291748a3ad1985246d04eacf57a8d1be821d78cdd235d8493a92610a87a5b215d31d535b6b577ef0e7021b39b512f1cb017a610f0ba87864f25a2d3a9dd6470096dd898e41c51d78d958245ce1cdd11111907f8c00c1a9cd5abdb25023ef84a07cfd7d825d7bf516ed6d076c1f92dead2fa05711a7fbc3b717293513df7e67ecf6527a6d8b5081053d23c1f1739289d18c4f578664d32acc1b590b611f86eea863095df0a5b47935a1dd3af4f62209149fe0d3fcf5f7883ff87af4c823a479f5696b902eb1db4e61ff83c91b0e879f5ae673774987ccb6b2ebbae066c32f8706f7a88569ca437e2098b9f05e39244869ab69264990094e2a6ba01fb1771d2b742138efe20190c67d7633c473b41725b86274831fde743707fdbb7b9237097d1b26227bd676d83cfbc3b193cb47c0ad734d674f0c45634551e798e55f06fa0e555750b4d6124df7473934b6abb0e574d8639faac56ae2947168fa1a7c28257ae3876fd828f794d927ce8007c142ae83071b3293702ba17fb5de05725df1d51d51530cd0b097fd386782d7be7a1d095e91c88a2aaaf75950219d3a4787edf5779a25db777b618db7a469dd0baeb07ee78900473a0d6707257862bf61e0ef1667ba5cdbada384024ac1e120f5e85fa57448a88af1578854737fa35355df7dada7dd5b558ceb106789f5c9199ffda4f702ea9d6a735a1dff3514feed3072cfc99f9cb86a09c8d8d9605e2bd06710493813f49f9161f240cc075010409cc0370873a292c697b9461556ef7b01b1897515cc402a8e8a111942e75676a5bbe10dbbbf68cfd4642c421ee3f26a467e41eb5f6e24311b66973181c80d57c41c0bdcc65f9defab4358def006027652ca7225fae3fc01ff3caa5dcfdd14b92f8b8f66f5c357256f8dfec8a99166b8fa3e286fe3a11eccb41bdb5810622ac2b0115c516509f56e52186c7014d1297ac2962854be06882aa567773c0b5a12611c2d2f9d351f63867ec998885d1d13e56a2b8172cdc4975bb4ed549e48b962ea1734d467c6916b9b22f77da80a59b0a36544c871067f342db2dcf0bf3a33a54fd57abe84939f66f3fa5a180f9635d7f238e22694d8dd3f7c8c67fec0601958d91f998ab5c32e7d6030c012cd8e2d07d3da5caa48d7635a150a101f86fdc841aa5b6875b9fc1cc3e9b0f855559763800f6703f50555246bd1f61ef53590484f928af7f65f17d48f5c20fd6827f7fe3e411c37d122027ec11273cb21cc15f704bef1e5017ca2150a1f7cd6b28399caa1c64dfbd24f146810bf757cd3620dfb79ff9d5945227d38f86e818b2e2950579c5e785bc142c53d6d951917834e05863a24943ebf4dcfa28df802cd5e0b1632299368de70dd213c3a951aeff4390712fb1858c71d568f1f17a32b658452d6af3c39a99152dec5575af5c6cdeed6f82bf7ebeaec32bee8a0a40fa42e3d7d76df9d835a842a3d6b1ca0ad2d07c21f350e98975319d13dfb933a1b2a2feb000a22fa79cf08f82f2a0cd60751884866400dd05a29b9da57f0b4beb0a1f620860ff2925a49590d6cbce6b92d5c0a15558bac616d3fdad2bea5f2ddd5dabff6ce95ee7320f99b402e720b7421bd123d342f470f7fdddd6fd996a51188a92d1137230572066f7b5a1748e34099a98ef0f56af04146812f088d0e7c38e523a1bef146ff66bf7edf44a590a26914d518bcaff15eaf607b843887a1632d19d871f6735508fc8cee0763b931cca38d35ad2a2de92aeb581ef74466a07862aa2319b79ecb6ecbf557803600f8aeecccbf07bd94b50072ed4a06e3b7e8bac6ac0e323e03a822a5b9821340f1c471cb4a771c6b48d88940bab18921605ccfa31e76c5901f3c48f402c3d48b9f0292eeef087fce34ba6d0c11aea36fbec195a7f9ffcf3052c0f1b0359ff22be0d625e1718c92b55bbab54267d408dda00c22dab488741aab8a629e9a50666eab9ce46f693dd97f57e8eec893b98350035cef6ca4e1d0e0cb61371be9db8725463cf1bb1b98c9b30eff64afce6ee43457330bccf091ffe38858eaffa94a77345eb2794e2f0319d64e3a9691f1b6743f5c7920fe89113d40b4ae309fcc984ca73b066376a0e4fa3e0c6b59c6ee72ef8406cf3beb2063e830c4f88bf03953f04659ceb137d726f77bc49a446e694f9ca2b438f01c6e57ed300eec515fea480c48a8f4554fe0c491804389e2473af8416110935169ce17d528817a011da9982167439c9765be0d6aff983238614cc9e02b1bbf19361a548cd1a5e4f7a7b6a3008235161b8a6dc7eea5297db7dd9b22d1b014817b34869fc90f2c3a57389debff4549bdaccf07bc4b944fba22f9f2b321a46a3ed6ff999929d98a79e268979bb2b37b0f33f7be2d2a3721d9329144a3b5df16fbfaa15c11b84fc30191bef9287c51f13ded3928fba6546e34ba583f831d35da508f4f28eef9e76c3dadb68a8cf7a3b168ee42bc9c4e7270fbbeaf7ca908263de017eb20cef6316111de5f3569cd07cce910d495ae54dd9bb43ad172685b7e55d507965b79e4e9c2c40004ec4994423256a204f286149d226c9cb2da6e8194ea0c216f2851ba05d64b866f35425cfb92dc37df9f7b420311ac665a3ba0dc8707bbff4188d7c509ca07fe2db8ccffe123c9abe6f521112187a656e4f2bc86b76aefddc8999f05f14e4c23715fae63c274854cc5aca30a12e8b57a11e9270d60a21861cb45cd4c6ad198ae24bcc73fc1a6fd2dc50718675d94f786f4163a0a707410b72df68d5e7cf7138a683137ce96b53bdd6c2eeec613097844f99302061d5d1317a2c29d1552ded1d354a8a5f2c8d2bfc0f98d016d50cf5b0540700eddfb00a1d493238c7c1ad4a717a88b04cf4f622f9b3283e9810431c5c1acce1a9e243ad8b500669492dc3685b4e41ce99db931cf23369a744f33235855f1ba6188f0bc53542c162fc7c84c520b684b2715bc9a4d82c2532290c6702f1274e125c662cbcec7574387ac07fb9d9d9fad2ce73556b8f3d668805389a30e75677d556eb41914e6193de351200ed905412cfe052fabc03fbd8c2b20497b30935d69a10f7355c6ef1add81cb8c8ce9d224aa0b8e50fd397d1fd9b0cce49d09f9faee9df35b80c033471994ea0c418b9e3c9716bd3f87909b24f4e43387faaff0258a02e7e2173070640bf8fef34e61b1e1e493484fdb0ae21f5e0d31650c01cac607ca495c07a8be5993b6dbf7cab2c39ddb22c1580b339992c04ec49ef406395c4c41e3e54a5dd1f8443c384506c284bbd54b6b90612812defc0de80010f0def367391f770ac11f4c25935cbc71d10ee07eb2043a58aa9511c865a137c40b018811534d539db138a2904954f2d84e8f47deae2c934bdba35c06976547bc366f100709ab3d0b5e4f4e4f4d69154ea31262b01197a10abc19d8a05281748caa8be0b0ad92ef3bcd2f670f4730f69502a0c9a0c69da24f8da68e962084dd38f3430ec48793960bfc7b06f79eb997eb9b37b2c6ee7e16252ca629682bb571b2986f90f91ecd272f645935c3fad681d31e2050d4edc45c6764f61c07150ae6a8c9739a08f1f3ea673cd528ecab7702fdba26868e478cf059356ec672fb136fef50a6d9d7e6933669c2618f201ecabbb17e6f6a931ad7982127c9ffe70b5041bd4abb18bddb68c8a379cad47b1260c7d1e44587995a01f136cabbac4e92e42c1777117fef5bad05db2c3db99e458075dedbb48d8ce1a2b08338e4bc8c124e85b899fb5d627dd2676b01dc09f098739bcd701a8bf9a4c3dc0c2f94e9c39f818d6da395cdc3380153f45fe82f08681bcec69812d707c66a2c3cbe90828a9f0ea125a77781ee6628697017e4e9154228807ad592f13bacbce94effd3e4864a285da56102b40735a2982b0b46e40dba4bc44ab8d99c8ffe4d79e76f21e660e44352b2677c8af1e4611a22577ed49ed2a297d07bed1da69742f024e45cafd8b990150cf6b5142381a20db08d7c885b5d0855fb8e8d3ef095261bc705e6557453a6c56aa1a4f96c7afcefc9918bd5f8e6fe9ea36e2ba0ac052b43d3869829e1ac776cc89cab4d52e2b6099af5244e62298aaededb14eda1b1b4b83975bffe0762e3747c173700ce70c7ed0d543128f8c45754473c55d1a8cd0d34907ddfd817d999848cab6482c4191ccd9e2c7bb97d1f5bf25e7c84137fc87259fe8a70b195aa9fdfd9c820242b551a07de756120ccde91e6f0b5ef55301bf974441473eb817b89e4b7e9e59afae6e9c8489d4d2331f0607601b8c3b3c59fd7ac5444e4e7368e2ed86ed698894921ed894717d7312d90dad95452301c508f86b0a8c8e614f423b0da8a148ab2a4392d4eed9feb534d92507cb043a87c02a298c73956b6e5b310cebbee6a1e865cbebc567f203aaa504ad57ae38bf178e731d66453c0ad93eb02cda66816093492a0ef9280a8ae85d559af7427ee233994ded2103f08bb974a76997aff85b5ecd435e71d7b9a04df1cd21e94f2eb82cb1aa609e815d75418334906159f035512ad1196b1ad5b525aea77a06b69d233fddcc60b529859d8ca4c614b736a70fb736f2dcd4e863b430ef615207ebb8e55ad05ce059d3fc231ed321a634980eb1251d303836576211d6483f5165655d274df3ebec3f6f8dc8710c2b27ecd1a968687ebc7f2cb0b3c74ed4f515df57181aea04fb44e2a47d79961d03b310080cbd41f8278f8f7c88cb2fc561ca42bb01d06c55e61237b4dc083719e76eff6ddb3f8b0b1a43ac3d3803ac3a0ffd51973c707ad84aa37a4c5a1069a8e949d87e15f15e35c484cf9bcd2944c668d999d225533b0cbd4911477dc58873f656ebb6bdc0247bb36eb839dbc9017f452cc95088cc4a581fa50ae2262f07833c397893696e5ef451795d279a0ac4cfe31e7a983cba30218d85569374685330762e36907151f85e093d0a548bda83bf3d7102a4e7e5d9d2423e606c3453a4a71da899d96f38e231dccbb12f271ea2ab28a6fab86d5bdbb1fe13713e355fa353e1c7aa302b95439f95b8c6123749604301ea5dc4a9eaa064f5e21f0557ced0a98ee3137bd91a6d9f569bb2c9fa9f76640622222b57021053b7bed3d0b3b783477e0015b1596b700ab48296b199ae3b562feecf0afa166be4f88518e08b7677152ced843f00c5150cf72337ebc9cd2342a69"}) r5 = clone3(&(0x7f0000000280)={0x133323100, &(0x7f00000000c0)=0xffffffffffffffff, 0x0, 0x0, {0x26}, 0x0, 0x0, 0x0, 0x0}, 0x58) r7 = fork() clone3(&(0x7f00000003c0)={0x0, &(0x7f0000000100), &(0x7f0000000140), &(0x7f0000000180), {0x34}, &(0x7f00000001c0)=""/14, 0xe, &(0x7f0000000300)=""/134, &(0x7f0000000200)=[r5, r7], 0x2, {r6}}, 0x58) syz_open_procfs(r7, &(0x7f0000000100)='net/sockstat\x00') lseek(r3, 0xfffffffffffffff9, 0x2) 03:02:08 executing program 2: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) (fail_nth: 7) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, 0x0) ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) 03:02:08 executing program 3: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @none, 0x0, 0x2}, 0xe) 03:02:08 executing program 1: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x6a8, @fixed, 0x0, 0x2}, 0xe) 03:02:08 executing program 5: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/locks\x00', 0x0, 0x0) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = syz_open_dev$vcsa(0x0, 0x1000000000dda, 0x84081) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0) write$binfmt_aout(r2, &(0x7f0000000c40)=ANY=[], 0x820) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x389400, 0x5f) sendfile(r2, r3, 0x0, 0x7fffffff) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x5) write$binfmt_aout(r4, &(0x7f0000000c40)=ANY=[], 0x820) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) sendfile(r4, r1, 0x0, 0x7fffffff) ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$CDROM_NEXT_WRITABLE(r0, 0x5394, &(0x7f0000000040)) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x0, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, 0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) gettid() [ 2960.023284] FAULT_INJECTION: forcing a failure. [ 2960.023284] name failslab, interval 1, probability 0, space 0, times 0 [ 2960.023312] CPU: 0 PID: 9387 Comm: syz-executor.7 Not tainted 5.18.0-rc4-next-20220427 #1 [ 2960.023329] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2960.023340] Call Trace: [ 2960.023345] [ 2960.023351] dump_stack_lvl+0x8b/0xb3 [ 2960.023377] should_fail.cold+0x5/0xa [ 2960.023394] ? create_object.isra.0+0x3a/0xa20 [ 2960.023424] should_failslab+0x5/0x10 [ 2960.023445] kmem_cache_alloc+0x5b/0x480 [ 2960.023467] create_object.isra.0+0x3a/0xa20 [ 2960.023488] ? kasan_unpoison+0x23/0x50 [ 2960.023513] kmem_cache_alloc+0x239/0x480 [ 2960.023534] ptlock_alloc+0x1d/0x70 [ 2960.023557] pte_alloc_one+0x68/0x1f0 [ 2960.023582] __pte_alloc+0x69/0x200 [ 2960.023602] ? pmd_install+0x260/0x260 [ 2960.023626] ? do_raw_spin_unlock+0x4f/0x210 [ 2960.023652] remap_pfn_range_notrack+0x99b/0xf50 03:02:08 executing program 5: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_open_dev$vcsa(0x0, 0xdda, 0x0) pwritev(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x0, &(0x7f00000001c0)=0x6, 0x4) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r2, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) [ 2960.023697] ? apply_to_existing_page_range+0x40/0x40 r3 = syz_mount_image$nfs4(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', 0x3710, 0x5, &(0x7f0000002200)=[{&(0x7f00000000c0)="4fd72713e07062cbc185f20fe048c0d718dfc3ca71944e21991dd21a54399746a0690631787e48829d1a4913deb414f764801fdfad813bb4372df252db1bca623968f9d13c66b8890059", 0x4a, 0x7}, {&(0x7f0000000140)="c766daf36e6eba846388e504ef80e78d782fffaea9f5f733af9c8b41be28df418735", 0x22, 0x80000001}, {&(0x7f0000000200)="2e95f88213c29063502c7d4aff898edbd9df5c19d2dfec1bea71c071775a6a3a3a0c271083f5e1424e7d578161984414f247a4a8d217d8bc499836a00db795beb70fbddb714f670156a555361df5868453f184d65065387c875fd3b07c66b8bc010e411f1b9166489a0417294d4a7de46ef1cf6b8922001259dc8fc3f7c892665465ba5e92caf83e27e839f0438cf079e6b3947bafe73bbeba971df40239c3f5819b96316a92762664f28e39500fd293352dec45aa74967c7e6d2b439e3041740695131e18a976ade7c91cd34a366474aca4b2ed43138187bf14d726f07ad4845690e25b0d5f3eaff7925136610bc89df4432ac999c0b2c979633f6424c62248dd935a75d30b75d87e4f549024439a89e159b821e81d7140fa8f77d4e01bfa6dbbccb21eb7908b7a60a9bbc6c679191dfe39d95ab832fee47220f4c6fc6b4b10077fe85930cf1c4a47d69a77d10425ade4a2b4ae91200a3b3f53476bc913d373becc29b94c8998c6b38c79340a1296dfdadf5a1e0a68978e0f9e474917438fb1926e3103b569389a281d05c4c711edc43462e295b5134c1625b3c85b70f9d23ad3677315583198bdfdd22dcec92fbc5fe31cca87529adacea72f7c6fc5fe8a64e13ea8ee8276faec9a7690801d25f825a5a64fcde81e2bf652aeda880a849699c604ee02c56b2662f821e098abe38ab5cd1667fb3ad12ab04345b3eb5333261cd78b8acb32a0f12b47c1e5dc7e6dd901fcf28abef6f2ea2259ba038cbd179575a4abbbf28ae1efada7b219772ebf0970a346e8d5e61e6b7ee9cf643f294e5e1e0c7e2166d2e732ac8e6717287698f68dce305f29e065c320aa35d1bd8b080b5342dd25c87122835b68bc9e47f457efad521ae5fb9939a4823774fef18f754cd1eb02f0de13ecaae60b6720a8e15c5882f93716041b8e2582335fbd127b5cd0a5d4f13e54e41d14a2bb7be9e551f67d252c573ec47b91ad1f1dd182a93581ebbd6d253be518b9e275d3bf58c9ba43e3f856b1aa3111828954c829398749b08c4c8a5f05e297e15d52de8c9f1e14fbfd7c4d5b809ee90129e1f91516e2d26fd90b506448d28eb1f78ea2d27f04fb26c65c4ac3d1343fc91c70987304840dc0e1df961010a3686d9fd1eb758d4ec2228b42195799ff050b69aec27ed90af102435f0186a2f63524cd62103b05c54bf1ec53613748ba2784b1ab0fcecb3cee98e0d42028a63235563d416fffc5f6002692ecadfaff0de6e3627eeadf917e62eec5ab7a05399c8c24b3052bf23ac46aa8924a0ac55ca81111d11d07ff2d1c132c6d6002e19046d437d86d58ced78e17a109b54888a0cf74ef5854f603e6b2f825693cf255118b4d135861ac97058dbbcb60c59dc743464eb047f2131a08700d49f5766788b55f9b4a1cb271cdee01993775c0af6df4baf5e4f78306a7e80f17e736d0e4c071d8cf82be27b326e3df118ecebd281aeb9a6c68809fbd1e424403858ba89bf2b253ab3ab6b6e629f322a905e58685e6def9c19363f280c6fd98d359bb524708595e6a2b6d61d0a21785ed7cb710756981dcc75fd511a8c42659f8720ec4dfeb027a5a19b0f86cf5aa4aaac799ddc7abe79d251f7897fb738b830d969c379869ed89efd5910a310456bf3d6c5f68f163db20bbf7a39dd48f326313c9c69ec92b2c2e9043be5f841f27a4b50aba3b90610b71ac975883a2298b629722f44c926d5112f1f84ac011944ada0ae8d3bc56d751aac4f1958fd5aa899502089c4cc88ea65732f897525934c2e9cd65cceead7e8dd1edc1cc4f112ee06a5d69dc49b2edc1d8d70a87b3feef8c3905950d62282385ec6a7da1dcf935cf1960fc4c3be2630004544fde535e16e8fc88e67de15a4524c3d5358e7ee020b13dd2355170e68ac876db1fe6427f20e51294d1d608adc7a6435f940c6677e684e9f4c7870874be3b0f8ebfed77e327c9217fbfce5887b0204144768a486c7179b70a8ba62fedd74e4f0ac5f1640d89c14ea598d9b68e3268f294588453880b0e48c281cb60ef93591045895ab4d8da557d55001d28d611e653b341efcd2e505b153c95dfdb64379441c7e9d9c78267208c89290fa247917a38f5547735a0a213adc9cf934dc29074ddcf78f6c1820f6ff43d9553a7112536b76904169e518751d6163ac6ced03dc56109c62e251de8bdf80b671e25d252bd36c7305e7db7e5a2855f6fd1ffb83aaed2ffc2de4e74ffc38be4c1c2ea0326aa4eb49b41f16e6686f5467d5ce56a0fa4bf0ef2e7ff4cce214a7447f601dedb45be5ad3a2ece9672ffcf9caa2bac91ea076c51ebbbf8d5ac69678c284af226059a7780e5eab96256ccca60b68694b3904cc7bfa2c7172609322bcf0122c16cbd110e36eb8712b0a2294a761ea20bfe890d21d02ba54f69f90fbc57a9241c97070216f1a9a0279fe334ef063c4fc13d88b406d633a5cc2d89b06ddd672a6864bd4ba613f81d53b0eea2d222560a70b341a690d875ea939f7625119293884b19db12fd57315cb51b47382bd04341cd33e53c7fb27649abd792b06e1d0765630dcae71f96149d04fa84b541b00b3b1922365af2f12f1701201bfac6d322b28d609e472c49552b4f9fd94c693810e8a78aa7ddd474bed9a263150545b126c0a63f7e09180da41f82e2d387fb35190a8efa0b31dc8e187a1dc76a13591072dcade4e0a0bf367fbb4f55c742792c5fd67132364adf65661bcc17f21f4b224edc2ae6ffdda010a790d91239d66580e61f9b6de42ac2fc9b13792101db6667e6a98e8662bf0672a69313b7b8984c34c8207ff0480fee05d927d29421fb30dbebc4cac341ad0b7f7aca7cd3b8fa6928306607ed59bdf7f52a48e5ffc5d8fc6fcdcefd97326afc292dae7b4474024d2e48928180aadf7b82f27eea6a632c883db2c0a2db9910709eaf492eb198f689cc0acda8ec51d755bd328cc376f35d47e2aa2fa420d5b5b03a747921226af897c0080edb94ae7b3ebbb57d4c468f2d25be6281fb0af61e6e15dea3f227707678f21e13c472858e958af005fe1eb2544e6d27662fbacd77b4e275f3e867efb00a46306e5048c210acdd2b570b4b9e858e855af018dbe7119483748d023477567720f0957d2532f0bcce809c5dbb36e12ad4f0f40d4fc9c9c7fd2b69a9ec10d1780083933b689dcf00f22eaf68c0211014747fca56759acf90c3e0829a3950ec6bf76280786b10196cae4681f07615e4c96a5b01c2c4fe67e4d38c4cf99819105f0b11c9bd76a4644b27ce7d1864443059e65265398882c1d115231a1ecd9f4222c47d740e2b9faff6b4446b66a86206c3e0f663226627f7eb5dca863db219d58fadfd1ae2e5d7669e2625080897477c8b2b585318b6a79bd260186a88837ebb0d68f02fc5d04775d0d45f8a8b94d7de83805781219f69a524ba17f4f082c40404599830986605b078e3f977240462b6833d08bdcefe9ffe59f1f86ae6d487f7bdaf6e028ab0a9bb96536d26e01739cd07ade196d4eb3e5b0e60ee137f3143321633ef7fee1881a657e0774921040f79f1eadd21782c194cf580bd7e0530029a4c645af10c8cb06a24f6efbc9a8c58ac1eaac39d777838b02a043f1fa42a4c7b75bf89e67fa6efc1547fe6f56e0b637f7835a490501025bad6f1bad234d10c90652206c255819860c7aa4d05be30c8d02e1e8938374fd89b2f618eb14f2fa2cb2f0446fe508c141ffd1596a076038b16354d6cfab22550c38fcbd4904c8c9994aad3bdd9d3c396132ed4eef2c4fbb006e8b02992fb6ef0b804702d8e3c248b51aa9e4df06d7366cf625736eb7bf3d01be6be794c616e2bb5eaed5d1aa98efcfa769b3be4427d79deaa0f7f44a17601adb62031690d80df17d164f76f4e609da2bf25b1a6196a79d3d5fe76ec22319591af4daa1f2abb904688ddd45fa100b409c022593d7a3a3cb62a10e7b8b9a3b5912fa76463cce39e44fda983e1e111d2cfcd0f4030b2aa78f58ebaa09cdaeb0b675066a397263970b7ce8fd990e18edceb8ffbc8e008eddf36bd0591239255e11104e4fc5d37e0412934b83cd73f0f2d24c790af01935769353965f37f2755147c357a0609c34ee3f8f3795290488f23ea2157172a6166899bfb4e38ed0480ccf38afd38f7625685673851ef0db0644de2cb662427ce8b1ef77c48eb9426ae2b5f4291016056857b522d2ced74ad95c95fc9e3c96c2238d4c9ec1fe565b1f0fb8815deee54aaea194c4ec269f7d820210f06a64ff74944f6afec30ff82f4264f212316b6d335830f9e8dfde3676ee635a9eb478e3275306c092a8254f85403b74746d8d0283c1a3896b8228bce9d419b73309da9ff2466af24986ad074091aeeea7daea6151be10577666cce2fde1e2d21ab3fe691afb7efd89835c8faa4e0f8ced65d2d310c122ad4c76a83a66394f03d855fd5f8e9f85a76202464c75387ab3bcf9b2e2689dc0783497885a7a963d08a2bcf5075b0a3104868ea7ec09bbc0eac1fc5f7673a9711608da6207dbe0111321581bf9e78fac74d1175579d4e89446c0144ae6b77a7263e58fafa3ab3d9694a53899f51fc6aa56867c3dd538838ac0ead36de8b81730c6485b0a021f25b95a65bd3a8b218310d38113db53ef3882719bf30494b664a0cfb2019bf3ba78f87e9bf71071446ac4261e5c4d95f5b4ef22c586483efa0a0f656e687ad0e87510e3dd282bd1295a5e8e29627672d449eef41936206b77ff38e80999fca1ed496cd9e002f54bf7f85b4db65dd58e05163bfcc7f454f015d4ffe68b67c857a0b68fac8f12f9aa77b48c844e5af234d4a19261fd4e9c3a2ec784d581fa41645e92657684b1fcbd0c0f2c1863dfa155092a4db20e0df5686bf315adec8427b505f78978ea7e8b5f04509ddde762ed9b2c3af12162711eef78eca240c054e4c96ac6bae1c0ca05631b2d0ec6fa45c7a118fc845aec4698352a0d06398e1ca5415e2ac12cd55b4514fe21b1ef7b2ce9da4b2bf4f109394cb1b08ad98358a003b65a3317ae28fd35817d6753179341badd5d9d2deca8ac0d16da9c20e7f9ec33986e514aebc0021c0b618857ad266dbfd5eff72d9140cc0d7580caef227a5002f3f4d759df5f7d3694ffc66a36ab18912ce4513b7f0a4b6f29a328f2442c95934b7c6970d9b03fd87c441b94928eb0b64e98dc2a03191d147c6b1a3df8067617dc09ee59c56bd8ed8e8199bace5b2e0181f60c800d516e124e7c1c66a27f30c19e37ebfd67650c761064e9f09f314914d103148476debd529c2027fde9548f9d53d47c3ec97760d1ac8efe93044206a15a02e57a77da72ac6d01dca6425d83a0413855052616e24ef4405b118cc73509affc1f15832934d1b8be7037bac9dd33c5ba5c3f164a253334405dffab9aae1ad79fee7ad7c372e3edfbefcb39a743e4661bf431d22441a12cdd85f3a76337c26c1bf91234be2eead423914f9f08316fdefaa852934e7b572ff9919e713555a4f12c7648f4d26312ecf9a0961c38460b4ca4dcd0d7761bbdb494684f11a07a2b89006c8b365ff87dd387538103fa09809fc3a8bf082b45ee3ed7caa8675a7de9eb26f7e372fc8b43648db981c46758d0efca62e6610f46ba0a47d86a1dff54bec7b572e7c45cbafd8ce464d07b06faa0b48892c11388d867ca51adab4c4446c472f566de3c18139aff7413d314fe836a00ec685bfe28d630b97c2ef40a21ffd8a96c860714330c4bb9e75609fe10efea0ea68697ff02b593d6095c4d1f1cb7786000ac7ea1886814ab20e29dbf007f77859d59cf3aa2c8d6fe1b", 0x1000, 0x3116}, {&(0x7f0000001200)="19bd77cb3ae3be81c409792197dc26e7900443e9f6d480caccf20bba0aef995bcc9b2c08b9d314f712380cfe25442570f208e58f544db72a5ef22469e9d2c8788384329751b44f49fed4129adb4b584b387c03de5bde00a870b9de7096f03900d439bb6f09c7ed22b75c71ddc280d742f03220432bf7f02cdcf984b44106e2f1ac7f6f5d33391c97b293a03b30254c9803343641a879f65f2cbd483890b396da309d55d3e48ea5b2c35b23cd604e2c491505a11b992fe12e430005600c6d75ad6d3b24acd6e3d1743ae39d10956aee6d20aa1cafa3d8f53a4725c1ee232bfc76bd5451b4fd0746a1afba0a4ddc3f76f6015915a3a9b3e7dfc5a1d97a6a18d1a9ac4f36d7dac24c13491fb01d5268c6650067b1b7274b7086b7cdb87640ac604f1c61bc025a2d8e4aa800b8c6174906e381ffcf6d65b97eafa62c10abed9f1be8e3d5f6e07e1f865f6d4258405d1ba4edba24b1101c445bb380c0402e93ed80177a23512770ab7e09d9df98d918e984887c2c69b400a73822775b4e9d540b75a9a6021f1ae3c1142873e845299111dd580d6a3403c6834abd11dd1ca1a7bc5cab918008bd95297cf168ac5c0be050bbc21f1fdb2c9e8df5002fac4649c543c028d5596a2fd41af3498614f0cfc3f3cf84f327456b854000d0c9f9ab52837d2e4a271e3601137354fb34e8d94981e43e854e251ea261a8548ae8732c00b3ba7b8e099b598ab67cc8e5632fa1c6e2c617fa80dc09b305cfcd6d1222c91da45a7cfa714c20980d30498176a2dc5ffcd8ac6205b037c65ea74dab022160b87396eb8e4c96abf05003787e2f1eb1ae05bcdabeb1b9d411e934e506ce533fbcdfac39beaa31f0ebf4dbc61fbcfae2d70bbad5101bbd0c47fbf0764afbe59aa2c8b2445024a9342387159f4b5b845a73e17a7c67b28b9273679bec721a98512efb598a61dd3f0185b816cc48912478f7ec00089428955f649c96d2ecaa461cf3fc1a5190fbda8fe4f48bb0ad5da08a09c99c86b05bf59c9626c547cf420bc831d6a5e47b04638579a5a1d8b3646a34dc78cf15327f5e60de7a0ad280b97c216afd18be6f22a3f80331075b17e50c418c4ee0049194abb7f2b998ab0be66890ae3457738435a589e097d6440751b0325f8792c89da48efbc471026b91a63890ff8af94f69b7566434cda449fc660c6e3df8e98cece7623955a337e23d2009981cc6d666860ee890afd435482e257e719224a6113a255be8183764627ded747023846b0af171d8c067758a3b1e4bb4acb1ecce96c650f4179adc06c545786b2f4713fd625f3ca86c1092edfa5ab573d8ae49a04644868f501eca13c94d09d2530ce46c1782b879bccf0f1a9faccc432035dc80a3cdbd648e908c2dad2809ab3edf153e462db37b0f80583bedbab888345943b4fef1e538674bfcef5ee991810bdb98d47ba6b3871cf508f7fb3b2d158802bab9dade8ffed0979126078bc32c5506d00f08d9eafeda8c0cace13220d63853a203dc67ab7b110e2198a70e01fd03b5dcb5ddefbcdb900f37c5fe9f7a808212e4c97e9d8ed6f8c6dd212f3270920c21f77477968840ecf0d26b1d466dc2cf7be2ddd1e663179b967fa1a35a50ef9b15eda1a0838646f4f64981e6d91fc9d46dfc31ce0fa1a99e1e0ec2353d3fab6d1f47d75ce25cfbe4679e5484f46329193403edbc141911ba554578f3c9adf42fb85a835ef175777a44fa90338548ebaa5ec6b97c3340c5c0b7c085659b9166e5e8e821d1c776f28716a52b7809ac631f205992a6f9b845ee761c44ad075209b630b3cd15dc31e7be1f61c937f00e0978f8dca069a33c12ebb88cdae4a6824a09851d0c49d5b81ee2c42242d4642c4e361fa357c064cf87940151537c243de8070ef9877fe1ca30f4b6b0f94b0c7835da7b85f2e85c4e1cba0b1a0a45b81c9bea7f2aa239a14087d929cd3838143eb11f5b02fc050b414032a5897d7703aefe7004d35562078bedf7326dc3a9f50b834e22a8b53f4511820a65f9b4128c11b0c85f664b9a856506de6bc358be9c4aade86509d4c444449650889f8192a4fdfc45e00b6a74cafca9c08f8b8da619471e87545e6cbd844d5e8fb2a85d0e20fab80f2ecad0abee0b002c3541fba4b04f3e18d2b77ee721bc8d8d631c6a71f075dbaa321ebcf1e3a124568164179e627b2bb800d0f9119b6b810688322b1640c261155d65f323211cf8e2fbd22b86b0e9a280e506c0d9073a47af6ff1d06add106a2e4b5eea8473dfde07ec3c3e0e34ac72424bc3f778651a317cf1a50fe2dd8d8411725001999be46a12c202154672cea59da5380481c8a0111e6b50d4c3fc4193b8f06a0ad5ef0a1ccd3e526aaf98dae6511307b0bc0d829cfc18cb15d1aaf30e392bd885a4fb20a292422af7548c0c93c3ad29e5e8295b5ecdbb8df28a2e2e57cfe0d9806a4d84318722f3bcc70066cd7728bedc50d8e298403f302fe8f609e33374f6feef43ca4154d8338e362ee9ce250b5f98df4d98a91f3af77739e35bbc5d60a91361441da0f52bb8a15fd51a8e10ae1fdad10bf45c7a9cf958e04b57abe313832feb8712e5c5011965b05e2c6cc0db17e22663e6dcb0a28038c71817ce8a6807d88850f9c15e549b6ad916402f8b87dd04e33cb9ce552431ea46613e63a3f618d8d3aa4dd850ddbaddfff1e6067ced13baa4d5aecf229f9de6bcc8bdd72bbab182da39e783d541ad2538f04b77b35b472a6fa4769f1d1e92cf8eed80e2f54b9a8791873e7752ac1116214adfcd8abe1dc1e1f218daadac4d70b07128f712ee4f628729b135889af4c507c8e04db2d1ddde8cab8eb6d710a06bc075fed7d14a7d20e3dcc5dacbad03d925f3795705db29354301c5d5a74d8d451b47deb22d8c57fa1d45547615e292b5148491442266346e57a6da6e2894ac4b455cd2606f1c1893a5cdb5b5eb06299f72276adeff417f40b338e5a2976e5e2786ab173c9b8aacc3d132641212f19e25e817562fa141e6effa44de87257abf0c5a4ef2eb61aa44cfe785610f4fba3bcf4cc28cf66374f029743f2b53618309d01ec253fc63e2e036dbc1cd90cbf5cb2397a56a3dbd327b8b89148196f2c7111802495b79c31146cb9e4f837e8b5a5da0043b60c32db84213edabb8ba68f8bbf4f4aecef040dbbfb75cc55d2b9cb0c293e37e16c59c4af2d12b273ad0a0d96fb8c2485c983e1ddcb2cd97c85bf52a7a50049b5c50ead9fa3a2d6679c1f296c2d5831801b283de60ce3163a35817d245e1d227daa25f57713f2478a32132a2d41de442db6125fbe79ebcdcd761911c51734bac2a49882df8696b8766f5f41b3511967b0b9e52f63f6f847d7a3a7bcbfd94556f793d47fb228c1069db834d0969d70944d4b48f4b55473317e4d3b2dd1b1fe275dd0399818515dadbe1dcab48131b1ba46d6f0ae6a3dbb18725f1557ae9ba2f4a2e13d87bc4079ac29e7d324c2d923cae74f5a5c40a03db83d5dfeb8d31ea2e4378e600a0152908571dd9a2bc44a402429e03b9459116bd3a84099822d5bbe6dab44bde5395648c0b957fca39967e5ba05542804ecccd0a13aa10114efea8a80dc00ff485474c574436e67988f9093e847d529b84618cc16cdecb6d04ade41f63e68c71a19f42c04a3e50046543f652fa1fed90afb9f969d5ae2bbb2768dbe5c4908e3302d9744a4a92ae72318812e94a83fb94054ddc45316231a3f8f55b0510d310797b2b83704a532188081118db3421a7c99ef540d164e0f166e0bf7e5b9a89f61bc4b9aded0e860d685e29617cb4d54d1fb1152ae28f90cce3d5e8864386826db089275613962abd60b3a16f654686ca9d843e9539ffd5b06fd17115a993dd15378cb30447b90afb5aab998c39212eda904570fdae6a666c94dd8c91678e390178a96f0656e98ee58ca1f3f37d39d7182dbf8a71255a9b6075955d2d23c6dd1374fbd956e18caa9dd8226601f1038783203a50e69bdac2c241d729fd449e48ab0ade984e387a2646c429f9a192ed5426673158fc081e75da01c7f8267469c0bb378380e520a4a64e052be02b24415dceab10b5a70b13a588d8ec828cad459a6ed48f407b43bef254c766cd797307c357efda495de713a26af4ceeae340b6d681fe3ade1ab9748613933afda4c037fcaef102637589c56f1729b9d2750da6fe5d7a181a81b2498585e819e77f014e24d463f0f9abd48dd1a5885d47f7dedf83cec5c0104fff158322b9d9a97a5a7e476d608cd3e71c2c8dbcd975ca7c011725c85b155a4ad88f4612b5a7f9a835d4fd43e81b84208e7bdbe360765b223eac4cb094f1c62533c4d8ceaca2289adc97bb83d77efeb4d9b76b952a090d954469ea88243664593db8b4647e857c2b40e2a202f09cf55589bc83be689ae4df7c47383279fc95e5079d9d4014974554c6caab400904508bf8cbb4b79d03d38838e5515154f35c0ceb42f91f10d2f6c0112b9736f3351c01e8218a6059754aecdc599334f88f1d0aa72564a7cf37c43dde5fa36730b83348f067a0423afc16e36851c52fb1cb77adc01c74e149b2ccbbbf91a19363c8f560b2147a287ede74ec8fd55f9e508f7369f627af59ae9976222b00874c6dbb00e2b4df06e90379570514e37462311a3ac1f5a23af51b02d64630d664447970403dda695c29e89e2d3d2eb842aecd107298b7b8383b9602e5c069c576ea35d28600240874489f1db8d22db9adf20f8b83466ee4b2c541c49647b773437bcd943312c3a42548420b17e3ba7ae41aac60a34b3f17a2105f5c8e6218535f65f1046dbb3fa3fe12d672c5681aa4dd1f3ce35b3117a2688cda0304c48cc068728ca5d9f7e7ad043af73ad03a5f5ad6a2148b84547b0e674e8a5216dcda3080fa65508b25281d00656ec85e38a79f1bdbeab09d54ec96b6a56d1a273b24c51f713f677383c165a54dcecb3e79015a007622a344381ea569428f4b57e8f3532c4f789aec5b7d9892a328987db6d9028185874cd5b9573af39a24001d183c119266659490c48765ba64afed77e4ec2e34de5c94f1f3865fef4542cf1d2f8c528ca59fc6bb4625895dc098def9c49fed943cab45228615a72b2e224898125075260d7fe3729f73fba18b3b0b40975edc3b9f9127df0ca20ab7daef3bb34cb7b7becc36318131c61afb0286ba7ecc0e6504f357b829a17f1872aab5fe0da200d627b49e3b9734e983389296e799492e77488da8f0fe17b09b1282c07365101d025cc73f09e10d10ffccd0e86e3292231263f9f7fb3593c3c65d15fdb31d250252e025e03b3b9620a14d53a940a36020751774649c735ec5ba85b61fc48b50a49990f3ac3fa52c5aa905c3b7d9383441878724de96a59380e23f62dbecd65b167c69b13ebb95c621f87c2e963ae3866901414331dc4250e0fc4703167ba937758ec197a752f4a40701886d24b7bbad05ebf0dd341330b26ed4e30c590e0124c5263a02f7ac28d6651c902ea77a4eadf5c5d85828b9a56842aef0bc8d1252706ec220b50fd164ba76ff349f781d78e104fa668bdca8c939e9fe5592046c7be892855039c6deb84da9f46011c86dd13b5baec83740218106199b4979562c2e50bc71f21521dc02c1bbd5e4548ed7561f8a011d0827e2542024b20f2c2d76d04ae6837854fe65b77536c1d93488c31c37c9e0721c083b6c5339882e2856ae04302089e8a3193e945b0cc9f57cf0f0ffebaa7b3ca47f3093213ac1f79015ceb61265c281ed7569bbceb18148ae2a39257dfb31575362dc10815cd79ee948bd76084b897381aaa45f03b685", 0x1000, 0x200}, {&(0x7f0000000180)="e43bec8a", 0x4, 0x9}], 0x994000, &(0x7f0000002280)={[{'/proc/keys\x00'}, {'/proc/keys\x00'}, {'/proc/keys\x00'}], [{@smackfsfloor={'smackfsfloor', 0x3d, '-'}}, {@measure}, {@subj_role={'subj_role', 0x3d, '\xb8.[^'}}, {@fsmagic={'fsmagic', 0x3d, 0x1}}]}) io_uring_register$IORING_REGISTER_FILES(r0, 0x2, &(0x7f0000002300)=[r1, r3], 0x2) dup2(r1, r2) dup2(r1, 0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) gettid() [ 2960.023724] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2960.023757] remap_pfn_range+0xc6/0x140 [ 2960.023779] ? remap_pfn_range_notrack+0xf50/0xf50 [ 2960.023800] ? lock_is_held_type+0xd7/0x130 [ 2960.023834] io_uring_mmap+0x3da/0x3ee [ 2960.023859] mmap_region+0x6c2/0x1a70 [ 2960.023887] ? do_munmap+0x100/0x100 [ 2960.023917] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2960.023942] ? security_mmap_addr+0x79/0xa0 [ 2960.023965] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2960.023989] ? get_unmapped_area+0x2f0/0x3d0 [ 2960.024019] do_mmap+0x824/0xf40 [ 2960.024044] vm_mmap_pgoff+0x1b5/0x280 [ 2960.024075] ? randomize_stack_top+0x100/0x100 [ 2960.024101] ? __fget_files+0x287/0x470 [ 2960.024137] ksys_mmap_pgoff+0x3cc/0x4f0 03:02:08 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000000500), &(0x7f0000000540)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x5c62, &(0x7f0000000340)={0x0, 0xb702, 0x10, 0x0, 0x3cd}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000200), &(0x7f00000003c0)) (fail_nth: 100) openat(r0, &(0x7f0000000140)='./file1\x00', 0x404000, 0x180) [ 2960.024158] do_syscall_64+0x3b/0x90 [ 2960.024176] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2960.024198] RIP: 0033:0x7f1ab7761b62 [ 2960.024210] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 2960.024226] RSP: 002b:00007f1ab4cd70f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 2960.024242] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f1ab7761b62 [ 2960.024253] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffc000 [ 2960.024262] RBP: 0000000020ffc000 R08: 0000000000000006 R09: 0000000000000000 [ 2960.024272] R10: 0000000000008011 R11: 0000000000000206 R12: 00000000200003c0 [ 2960.024281] R13: 0000000020ffd000 R14: 0000000020000200 R15: 0000000020ffc000 [ 2960.024310] [ 2960.047216] FAULT_INJECTION: forcing a failure. [ 2960.047216] name failslab, interval 1, probability 0, space 0, times 0 03:02:08 executing program 1: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x6a8, @fixed}, 0x7ffffffff000) 03:02:08 executing program 3: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @fixed, 0x0, 0x2}, 0xe) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r2, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(r1, r2) ioctl$BTRFS_IOC_SUBVOL_SETFLAGS(r1, 0x4008941a, &(0x7f0000000000)=0x2) [ 2960.047258] CPU: 0 PID: 9391 Comm: syz-executor.2 Not tainted 5.18.0-rc4-next-20220427 #1 [ 2960.047278] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2960.047288] Call Trace: [ 2960.047292] [ 2960.047297] dump_stack_lvl+0x8b/0xb3 [ 2960.047316] should_fail.cold+0x5/0xa [ 2960.047332] ? create_object.isra.0+0x3a/0xa20 [ 2960.047356] should_failslab+0x5/0x10 [ 2960.047376] kmem_cache_alloc+0x5b/0x480 [ 2960.047396] create_object.isra.0+0x3a/0xa20 [ 2960.047422] ? kasan_unpoison+0x23/0x50 [ 2960.047446] kmem_cache_alloc+0x239/0x480 [ 2960.047466] security_file_alloc+0x34/0x170 [ 2960.047489] __alloc_file+0xb6/0x230 [ 2960.047511] alloc_empty_file+0x6d/0x170 [ 2960.047533] path_openat+0xe1/0x2870 [ 2960.047566] ? path_lookupat+0x850/0x850 [ 2960.047587] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 2960.047614] ? lock_is_held_type+0xd7/0x130 [ 2960.047642] do_filp_open+0x1aa/0x400 [ 2960.047663] ? may_open_dev+0xf0/0xf0 [ 2960.047686] ? lock_release+0x3b2/0x750 [ 2960.047705] ? alloc_fd+0x2f0/0x670 [ 2960.047728] ? lock_downgrade+0x6d0/0x6d0 [ 2960.047751] ? rwlock_bug.part.0+0x90/0x90 [ 2960.047773] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2960.047797] ? _find_next_bit+0x1e5/0x260 [ 2960.047824] ? _raw_spin_unlock+0x24/0x40 [ 2960.047842] ? alloc_fd+0x2f0/0x670 [ 2960.047876] do_sys_openat2+0x16d/0x4c0 [ 2960.047894] ? build_open_flags+0x6f0/0x6f0 [ 2960.047919] ? lock_is_held_type+0xd7/0x130 [ 2960.047950] __x64_sys_openat+0x13f/0x1f0 [ 2960.047966] ? __ia32_compat_sys_open+0x1c0/0x1c0 [ 2960.047988] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2960.048016] do_syscall_64+0x3b/0x90 [ 2960.048034] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2960.048054] RIP: 0033:0x7f5cae066b19 [ 2960.048065] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2960.048079] RSP: 002b:00007f5cab5dc188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 2960.048095] RAX: ffffffffffffffda RBX: 00007f5cae179f60 RCX: 00007f5cae066b19 [ 2960.048105] RDX: 0000000000000000 RSI: 0000000020000040 RDI: ffffffffffffff9c [ 2960.048115] RBP: 00007f5cab5dc1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2960.048124] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 03:02:08 executing program 1: syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) [ 2960.048133] R13: 00007ffd634c8cef R14: 00007f5cab5dc300 R15: 0000000000022000 [ 2960.048159] 03:02:08 executing program 0: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x6, 0x8a, 0x9, 0x0, 0x4, 0x48000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) perf_event_open(0x0, 0x0, 0x1, 0xffffffffffffffff, 0x8) [ 2960.262235] FAULT_INJECTION: forcing a failure. [ 2960.262235] name failslab, interval 1, probability 0, space 0, times 0 [ 2960.262259] CPU: 1 PID: 9409 Comm: syz-executor.7 Not tainted 5.18.0-rc4-next-20220427 #1 03:02:08 executing program 3: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0xfc}, 0x2, 0x2}, 0xe) [ 2960.262273] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2960.262283] Call Trace: [ 2960.262286] [ 2960.262291] dump_stack_lvl+0x8b/0xb3 [ 2960.262313] should_fail.cold+0x5/0xa [ 2960.262327] ? mas_alloc_nodes+0x36e/0x6a0 [ 2960.262349] should_failslab+0x5/0x10 [ 2960.262367] kmem_cache_alloc+0x5b/0x480 [ 2960.262378] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2960.262404] mas_alloc_nodes+0x36e/0x6a0 [ 2960.262421] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2960.262447] mas_preallocate+0xff/0x270 [ 2960.262468] mmap_region+0x770/0x1a70 [ 2960.262491] ? do_munmap+0x100/0x100 [ 2960.262509] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70 [ 2960.262528] ? security_mmap_addr+0x79/0xa0 [ 2960.262546] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2960.262565] ? get_unmapped_area+0x2f0/0x3d0 [ 2960.262589] do_mmap+0x824/0xf40 [ 2960.262608] vm_mmap_pgoff+0x1b5/0x280 [ 2960.262633] ? randomize_stack_top+0x100/0x100 [ 2960.262658] ? is_file_shm_hugepages+0x9/0x40 [ 2960.262675] ksys_mmap_pgoff+0x3cc/0x4f0 [ 2960.262691] do_syscall_64+0x3b/0x90 [ 2960.262706] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2960.262724] RIP: 0033:0x7f1ab7761b62 [ 2960.262733] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 2960.262745] RSP: 002b:00007f1ab4cd70f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 2960.262758] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f1ab7761b62 [ 2960.262766] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffc000 [ 2960.262774] RBP: 0000000020ffc000 R08: 0000000000000006 R09: 0000000000000000 03:02:08 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0) openat(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_io_uring_setup(0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000000500), &(0x7f0000000540)) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x5c62, &(0x7f0000000340)={0x0, 0xb702, 0x10, 0x0, 0x3cd}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000200), &(0x7f00000003c0)) openat(r0, &(0x7f0000000140)='./file1\x00', 0x404000, 0x180) [ 2960.262781] R10: 0000000000008011 R11: 0000000000000206 R12: 00000000200003c0 [ 2960.262789] R13: 0000000020ffd000 R14: 0000000020000200 R15: 0000000020ffc000 [ 2960.262811] [ 2960.314621] BUG: Bad rss-counter state mm:000000002c52d911 type:MM_FILEPAGES val:8905 [ 2960.314652] BUG: Bad rss-counter state mm:000000002c52d911 type:MM_ANONPAGES val:108 03:02:09 executing program 2: perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) (fail_nth: 8) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) ioctl$FS_IOC_READ_VERITY_METADATA(0xffffffffffffffff, 0xc0286687, 0x0) ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) 03:02:09 executing program 6: r0 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x1d0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000180)=""/4090, 0xffa}], 0x1, 0x7, 0x3) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x4042, 0x0) r3 = syz_open_dev$vcsa(&(0x7f00000012c0), 0xdda, 0x8b4902) sendfile(r2, r3, &(0x7f0000001300)=0x1, 0x3) fallocate(r2, 0x0, 0x0, 0x87ffffc) r4 = open_tree(r1, &(0x7f00000000c0)='./file1\x00', 0x80100) perf_event_open(&(0x7f0000001180)={0x1, 0x80, 0x4, 0x0, 0x8a, 0x9, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x1, @perf_config_ext={0x4, 0x1ff}, 0x8, 0x5, 0x2, 0x5, 0x7, 0xa, 0x0, 0x0, 0x401, 0x0, 0x5}, 0x0, 0xfffffffffffffffc, r4, 0xa) pwritev(r2, &(0x7f0000000000)=[{&(0x7f0000001340)="e4eb8e5355feefc9b3c48a57cf1602a197c4b0087f7e5812368dc3bab70e0418263fc620b190aa02558bcfb0e65cb7786074964845b33e3618af6ae487cb258242e1e8731eec366954e0c20a64f07e48c6ac07bad962da930956df6296a8846d110eb88c963a7922c577c52910c2035650c587b0233e4b1a4e86e0d627503157465a0fdec7b8ea578d58fe1aef62a67c0e1da29f33f76a8155b5295a6107d5a297941f2ee583e4c54f37732a000d7b3aadd4221f5354c99a567bbd3e77537a27dee3ff99651060b7fab974128c1bbd214e372dcd", 0xd4}], 0x1, 0x8d, 0x7bf6) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000001440)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff7f0000000000002e2f66696c65f5060000000000003604faeef9e81ca3b6c95904c6000a640000000000000000000089a47cebf86ab056f6ace1500f0161fdcd3c5406b1c91fcf2fb3b18b37caa54e734d9c36299e3fcb146d3ee5b3949d4d1aebbf6c54afbde501aa25e3398ee40487ac620b665e2afd7d07df30cff3a561f6f84d3b9fb8b39333ad09248cb7f0cec306085e00e97d7d505646f4d6f85989e63ecec9d986e22132c1b956a45bda1a8394bbbe17406e43486657b3413e0d84a11496461f62ef617eb79c31e9bac041b838222647c6a752c83f668a7700207f02c200000000000000"]) ioctl$FS_IOC_READ_VERITY_METADATA(r5, 0xc0286687, &(0x7f0000001280)={0x2, 0x3189, 0x4b, &(0x7f0000001200)=""/75}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r6, 0x1, 0x3f, &(0x7f00000001c0)=0x6, 0x4) dup2(0xffffffffffffffff, r6) fcntl$dupfd(r4, 0x0, r6) r7 = gettid() perf_event_open(0x0, r7, 0x1, 0xffffffffffffffff, 0x8) 03:02:09 executing program 3: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) r1 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0xc, 0x810, 0xffffffffffffffff, 0x10000000) r2 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, r1, &(0x7f00000000c0)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x4, 0x2004, @fd_index=0x5, 0x1, 0x0, 0x0, 0x8, 0x1, {0x1, r2}}, 0x4) getsockopt$bt_l2cap_L2CAP_CONNINFO(r0, 0x6, 0x2, &(0x7f0000000000), &(0x7f0000000080)=0x6) 03:02:09 executing program 4: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) bind$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x3, @any, 0x800}, 0xe) connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x1, @fixed}, 0xe) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$SO_TIMESTAMP(r1, 0x1, 0x3f, &(0x7f00000001c0)=0x855e, 0x4) dup2(r1, r2) connect$inet6(r1, &(0x7f0000000080)={0xa, 0x4e23, 0x2059, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x20}, 0x1c) [ 2960.404264] FAULT_INJECTION: forcing a failure. [ 2960.404264] name failslab, interval 1, probability 0, space 0, times 0 [ 2960.404284] CPU: 1 PID: 9423 Comm: syz-executor.2 Not tainted 5.18.0-rc4-next-20220427 #1 [ 2960.404297] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 2960.404306] Call Trace: [ 2960.404309] [ 2960.404314] dump_stack_lvl+0x8b/0xb3 [ 2960.404335] should_fail.cold+0x5/0xa [ 2960.404347] ? lease_alloc+0x22/0x480 [ 2960.404362] should_failslab+0x5/0x10 [ 2960.404379] kmem_cache_alloc+0x5b/0x480 [ 2960.404395] lease_alloc+0x22/0x480 [ 2960.404411] __break_lease+0xbf/0x1600 [ 2960.404430] ? locks_remove_posix+0x530/0x530 [ 2960.404443] ? selinux_inode_create+0x30/0x30 [ 2960.404467] ? rwlock_bug.part.0+0x90/0x90 [ 2960.404486] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2960.404505] ? fsnotify_perm.part.0+0x221/0x610 [ 2960.404525] do_dentry_open+0x42d/0x10b0 [ 2960.404553] path_openat+0x1a11/0x2870 [ 2960.404578] ? path_lookupat+0x850/0x850 [ 2960.404594] ? lockdep_hardirqs_on_prepare+0x400/0x400 [ 2960.404615] ? lock_is_held_type+0xd7/0x130 [ 2960.404636] do_filp_open+0x1aa/0x400 [ 2960.404653] ? may_open_dev+0xf0/0xf0 [ 2960.404677] ? rwlock_bug.part.0+0x90/0x90 [ 2960.404694] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70 [ 2960.404712] ? _find_next_bit+0x1e5/0x260 [ 2960.404733] ? _raw_spin_unlock+0x24/0x40 [ 2960.404747] ? alloc_fd+0x2f0/0x670 [ 2960.404773] do_sys_openat2+0x16d/0x4c0 [ 2960.404786] ? build_open_flags+0x6f0/0x6f0 [ 2960.404799] ? lock_is_held_type+0xd7/0x130 [ 2960.404823] __x64_sys_openat+0x13f/0x1f0 [ 2960.404834] ? __ia32_compat_sys_open+0x1c0/0x1c0 [ 2960.404851] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2960.404873] do_syscall_64+0x3b/0x90 [ 2960.404886] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 2960.404902] RIP: 0033:0x7f5cae066b19 [ 2960.404911] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2960.404922] RSP: 002b:00007f5cab5dc188 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 2960.404935] RAX: ffffffffffffffda RBX: 00007f5cae179f60 RCX: 00007f5cae066b19 [ 2960.404942] RDX: 0000000000000000 RSI: 0000000020000040 RDI: ffffffffffffff9c [ 2960.404950] RBP: 00007f5cab5dc1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2960.404956] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2960.404963] R13: 00007ffd634c8cef R14: 00007f5cab5dc300 R15: 0000000000022000 [ 2960.404983] VM DIAGNOSIS: 03:02:09 Registers: info registers vcpu 0 RAX=0000000000000000 RBX=ffff88806ce2a700 RCX=ffffffff812972c2 RDX=00000000ffffffff RSI=0000000000000004 RDI=ffff88806ce2a700 RBP=1ffff1100d9c13b3 RSP=ffff88806ce09d88 R8 =0000000000000000 R9 =ffffffff86a5a74f R10=fffffbfff0d4b4e9 R11=0000000000000001 R12=ffff88806ce2a708 R13=ffff88806ce2a710 R14=dffffc0000000000 R15=0000000000000000 RIP=ffffffff81778514 RFL=00000086 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007ffc7cd48f78 CR3=0000000008804000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff4ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffffff YMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM04=0000000000000000 0000000000000000 0000000000000000 00000000000000ff YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 RAX=0000000000000000 RBX=dffffc0000000000 RCX=80000000411e3007 RDX=0000000000000000 RSI=ffff888009b0b580 RDI=0000000000000003 RBP=1ffff110088d8eba RSP=ffff8880446c75b8 R8 =0000000000000000 R9 =ffff888009b0b587 R10=ffffffff8167ae93 R11=0000000000000001 R12=ffff88800e40d4e0 R13=00007f05e1f64000 R14=80000000411e3007 R15=dffffc0000000000 RIP=ffffffff814445ac RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fa1b445cb40 CR3=000000001d404000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff4ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffffff YMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM04=0000000000000000 0000000000000000 0000000000000000 00000000000000ff YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000