tag#0 unaligned transfer
[  312.046587] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  312.047321] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  312.048004] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  312.048688] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  312.049319] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  312.050018] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  312.050699] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  312.051375] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  312.052075] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  312.052803] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  312.053436] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  312.054148] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  312.054827] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  312.055536] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  312.056182] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  312.056863] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  312.057528] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  312.058235] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  312.058967] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  312.059653] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  312.060303] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  312.061003] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  312.061668] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  312.062258] FAULT_INJECTION: forcing a failure.
[  312.062258] name failslab, interval 1, probability 0, space 0, times 0
[  312.062332] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  312.064718] CPU: 1 PID: 4758 Comm: syz-executor.6 Not tainted 5.17.0-rc8-next-20220318 #1
[  312.065230] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  312.066788] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  312.066807] Call Trace:
[  312.066814]  <TASK>
[  312.067526] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  312.069651]  dump_stack_lvl+0x8b/0xb3
[  312.070034] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  312.070399]  should_fail.cold+0x5/0xa
[  312.071088] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  312.071725]  ? create_user_ns+0x1ac/0xe90
[  312.072399] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  312.073060]  should_failslab+0x5/0x10
[  312.073729] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  312.074446]  kmem_cache_alloc+0x5b/0x480
[  312.075129] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  312.075790]  create_user_ns+0x1ac/0xe90
[  312.076466] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  312.077157]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  312.077814] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  312.078497]  ? prepare_creds+0x519/0x6f0
[  312.079242] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  312.080185]  copy_creds+0x545/0xb20
[  312.080851] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  312.081567]  copy_process+0xe3f/0x6d10
[  312.082224] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  312.082891]  ? __cleanup_sighand+0xb0/0xb0
[  312.083541] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  312.084217]  ? lock_is_held_type+0xd7/0x130
[  312.084874] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  312.085610]  ? find_held_lock+0x2c/0x110
[  312.086270] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  312.087046]  ? kernel_clone+0xc4/0xa60
[  312.087717] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  312.088418]  kernel_clone+0xe7/0xa60
[  312.089071] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  312.089747]  ? create_io_thread+0xf0/0xf0
[  312.090466] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  312.091063]  ? find_held_lock+0x2c/0x110
[  312.091731] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  312.092456]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  312.093119] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  312.093833]  ? bit_wait_io_timeout+0x160/0x160
[  312.094514] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  312.095383]  __do_sys_clone+0xc8/0x110
[  312.096035] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  312.096828]  ? __do_sys_vfork+0xd0/0xd0
[  312.097512] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  312.098171]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  312.098819] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  312.099506]  ? vfs_write+0x428/0xad0
[  312.100157] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  312.101179]  ? syscall_enter_from_user_mode+0x1d/0x50
[  312.101862] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  312.102471]  do_syscall_64+0x3b/0x90
[  312.103113] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  312.104048]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  312.104706] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  312.105341] RIP: 0033:0x7fa70862cb19
[  312.105989] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  312.106913] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  312.107596] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  312.108223] RSP: 002b:00007fa705ba2188 EFLAGS: 00000246
[  312.108891] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  312.112466]  ORIG_RAX: 0000000000000038
[  312.112477] RAX: ffffffffffffffda RBX: 00007fa70873ff60 RCX: 00007fa70862cb19
[  312.113136] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  312.114095] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  312.114112] RBP: 00007fa705ba21d0 R08: 0000000000000000 R09: 0000000000000000
[  312.114797] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  312.115468] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  312.115484] R13: 00007ffd6adb49ef R14: 00007fa705ba2300 R15: 0000000000022000
[  312.116386] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  312.117318]  </TASK>
[  312.118156] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  312.122948] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  312.123561] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  312.162036] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s
[  312.163141] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] 
[  312.163858] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present
[  312.164528] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 02 00
12:39:09 executing program 2:
clone3(&(0x7f0000000640)={0x123363500, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
r0 = openat$sr(0xffffffffffffff9c, &(0x7f00000001c0), 0x105802, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000004, 0x2811, r0, 0x0)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='uid_map\x00')
preadv(r1, &(0x7f0000000300)=[{&(0x7f0000000200)=""/66, 0x42}], 0x1, 0x1, 0x0)
openat$incfs(r1, &(0x7f0000000000)='.pending_reads\x00', 0x1, 0x2)

12:39:09 executing program 5:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000be000000000000be252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000000040)="22df1d0000000000000d00080005e20008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000011e00))
mkdirat(r0, &(0x7f0000000300)='./file0\x00', 0x8)

12:39:09 executing program 0:
rmdir(&(0x7f0000000000)='./file0\x00')
r0 = syz_mount_image$nfs(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0xd7, 0x2, &(0x7f0000001380)=[{0x0}, {&(0x7f00000012c0)="d150f10b1f877a4c496d6687c2e3b01f89b282979140bba4631af63aff4b1e008012a9053d1fc4c722661014b5360d6d369bc958e205992997dfaa57602724ca2ce975471e70df706eac83e4712ada73b7739921cc78b159f757d9254cecef5197d02900ad42f46aa14ae9cf61e6a38ac168d9d7bcd8fb31f481913a8cd8a5a4540ad202cb833bcd20cf67da12921780e5203761877c9e7b2955bdd2719c2e193612593b336fa66122b86e8d33dbe880cefd56b5", 0xb4, 0x100000001}], 0x0, &(0x7f0000001400)={[{'$-'}], [{@pcr={'pcr', 0x3d, 0x32}}, {@obj_type={'obj_type', 0x3d, '!,*!+)+[:]'}}, {@subj_user}]})
mkdirat(r0, &(0x7f0000001480)='./file0\x00', 0x100)
stat(0x0, 0x0)
mkdirat(r0, &(0x7f0000001580)='./file0\x00', 0x20)
r1 = signalfd(r0, &(0x7f00000015c0), 0x8)
fsconfig$FSCONFIG_SET_PATH_EMPTY(r1, 0x4, &(0x7f0000001600)='$-', &(0x7f0000001640)='./file0\x00', r0)

12:39:09 executing program 4:
r0 = creat(&(0x7f0000001a00)='./file0\x00', 0x0)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='uid_map\x00')
preadv(r1, &(0x7f0000000300)=[{&(0x7f0000000200)=""/66, 0x42}], 0x1, 0x1, 0x0)
bind$unix(r1, &(0x7f0000000080)=@file={0x0, './file0\x00'}, 0x6e)
setxattr$security_capability(&(0x7f0000001b80)='./file0\x00', &(0x7f0000000280), &(0x7f00000002c0)=@v3={0x3000000, [{0xfffffffe, 0x5c5}, {0x7, 0x3f}], 0xffffffffffffffff}, 0x18, 0x0)
creat(&(0x7f0000000100)='./file0\x00', 0x8)
r2 = accept4(0xffffffffffffffff, &(0x7f0000001540)=@pptp, &(0x7f00000015c0)=0x80, 0x800)
sendmsg$nl_xfrm(r2, &(0x7f00000001c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000180)={&(0x7f0000001600)=ANY=[@ANYBLOB="9f0100001c00200028bd7000fddbdf256c08000c000000000028001a0000000000000000000000000000000000ac1efd010000000000000000000000000a000c0850001100fc0100000000000000000000000000010a010100000000000000000000000000ff020000000000000000000000000001000000000000000000000000000000002b030000ff34000002000a0008001d0001000000e8001100ac1e01010000000000000000000000007f000001000000000000000000000000e0000001000000000000000000000000ac1e00010000000000000000000000002b000000063500000a000a007f000003000000000000000000000000fc010000000000000000000000000000ac1414bb000000000000000000000000fe880000000000000000000000000101320100000135000002000a00ac1414aa000000000000000000000000fe880000000000000000000000000101fc020000000000000000000000000000ac1414aa000000000004000000000000ff0000000235000002000a00050019006c00000030001700050000002dbd70002dbd700026bd700025bd700005000000000000b000000000010000003ffeffff590000000800180001ffffff000000"], 0x1c4}, 0x1, 0x0, 0x0, 0x840}, 0x20000000)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='uid_map\x00')
preadv(r3, &(0x7f0000000300)=[{&(0x7f0000000200)=""/66, 0x42}], 0x1, 0x1, 0x0)
pread64(r3, &(0x7f0000000540)=""/4096, 0x1000, 0x39)
pwritev(r0, &(0x7f0000000040)=[{&(0x7f0000000000)="c5", 0x1}], 0x1, 0x0, 0x0)

[  327.685217] FAULT_INJECTION: forcing a failure.
[  327.685217] name failslab, interval 1, probability 0, space 0, times 0
[  327.686540] CPU: 0 PID: 4775 Comm: syz-executor.1 Not tainted 5.17.0-rc8-next-20220318 #1
[  327.687414] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  327.688594] Call Trace:
[  327.688861]  <TASK>
[  327.689095]  dump_stack_lvl+0x8b/0xb3
[  327.689511]  should_fail.cold+0x5/0xa
[  327.689917]  ? security_prepare_creds+0x10a/0x180
[  327.690430]  should_failslab+0x5/0x10
[  327.690835]  __kmalloc+0x72/0x440
[  327.691209]  security_prepare_creds+0x10a/0x180
[  327.691701]  prepare_creds+0x505/0x6f0
[  327.692120]  copy_creds+0x76/0xb20
[  327.692507]  copy_process+0xe3f/0x6d10
[  327.692928]  ? __cleanup_sighand+0xb0/0xb0
[  327.693380]  ? lock_is_held_type+0xd7/0x130
[  327.693839]  ? find_held_lock+0x2c/0x110
[  327.694290]  ? kernel_clone+0xc4/0xa60
[  327.694704]  kernel_clone+0xe7/0xa60
[  327.695117]  ? create_io_thread+0xf0/0xf0
[  327.695557]  ? find_held_lock+0x2c/0x110
[  327.695980]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  327.696489]  ? bit_wait_io_timeout+0x160/0x160
[  327.696969]  __do_sys_clone+0xc8/0x110
[  327.697374]  ? __do_sys_vfork+0xd0/0xd0
[  327.697792]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  327.698389]  ? vfs_write+0x428/0xad0
[  327.698795]  ? syscall_enter_from_user_mode+0x1d/0x50
[  327.699349]  do_syscall_64+0x3b/0x90
[  327.699740]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  327.700276] RIP: 0033:0x7f71bf82bb19
[  327.700669] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  327.702600] RSP: 002b:00007f71bcda1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  327.703416] RAX: ffffffffffffffda RBX: 00007f71bf93ef60 RCX: 00007f71bf82bb19
[  327.704155] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  327.704915] RBP: 00007f71bcda11d0 R08: 0000000000000000 R09: 0000000000000000
[  327.705652] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  327.706402] R13: 00007ffdc313072f R14: 00007f71bcda1300 R15: 0000000000022000
[  327.707166]  </TASK>
[  327.709901] loop5: detected capacity change from 0 to 240
12:39:09 executing program 6:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 9)

12:39:09 executing program 7:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000380))
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @empty}, 0x1c)
socket$inet(0x2, 0x80006, 0xfff)
pipe(&(0x7f0000000180)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
getsockopt$bt_hci(r2, 0x0, 0x1, &(0x7f0000000640)=""/77, &(0x7f00000001c0)=0x4d)
io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x2}}, './file0\x00'})
epoll_create(0x1)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='uid_map\x00')
preadv(r3, &(0x7f0000000300)=[{&(0x7f0000000200)=""/66, 0x42}], 0x1, 0x1, 0x0)
setsockopt$inet6_udp_int(r3, 0x11, 0x1, &(0x7f00000006c0)=0xfffffffc, 0x4)
io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:39:09 executing program 3:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000380))
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @empty}, 0x1c)
socket$inet(0x2, 0x80006, 0xfff)
pipe(&(0x7f0000000180)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
getsockopt$bt_hci(r2, 0x0, 0x1, &(0x7f0000000640)=""/77, &(0x7f00000001c0)=0x4d)
io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x2}}, './file0\x00'})
epoll_create(0x1)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='uid_map\x00')
preadv(r3, &(0x7f0000000300)=[{&(0x7f0000000200)=""/66, 0x42}], 0x1, 0x1, 0x0)
setsockopt$inet6_udp_int(r3, 0x11, 0x1, &(0x7f00000006c0)=0xfffffffc, 0x4)
io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:39:09 executing program 1:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 6)

[  327.728086] sr 1:0:0:0: [sr0] tag#0 FAILED Result: hostbyte=DID_OK driverbyte=DRIVER_OK cmd_age=0s
[  327.729101] sr 1:0:0:0: [sr0] tag#0 Sense Key : Not Ready [current] 
[  327.729928] sr 1:0:0:0: [sr0] tag#0 Add. Sense: Medium not present
[  327.730618] sr 1:0:0:0: [sr0] tag#0 CDB: Read(10) 28 00 00 00 00 00 00 00 40 00
[  327.731403] blk_print_req_error: 668 callbacks suppressed
[  327.731411] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 16 prio class 0
[  327.733265] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.733892] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  327.734754] buffer_io_error: 686 callbacks suppressed
[  327.734761] Buffer I/O error on dev sr0, logical block 0, async page read
[  327.737350] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.737977] I/O error, dev sr0, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  327.738912] Buffer I/O error on dev sr0, logical block 1, async page read
[  327.739934] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.740531] I/O error, dev sr0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  327.741577] Buffer I/O error on dev sr0, logical block 2, async page read
[  327.743066] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.743670] I/O error, dev sr0, sector 3 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  327.744592] Buffer I/O error on dev sr0, logical block 3, async page read
[  327.745473] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.745937] FAULT_INJECTION: forcing a failure.
[  327.745937] name failslab, interval 1, probability 0, space 0, times 0
[  327.746019] I/O error, dev sr0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  327.748715] CPU: 1 PID: 4783 Comm: syz-executor.6 Not tainted 5.17.0-rc8-next-20220318 #1
[  327.748746] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  327.749605] Buffer I/O error on dev sr0, logical block 4, async page read
[  327.751435] Call Trace:
[  327.751445]  <TASK>
[  327.751455]  dump_stack_lvl+0x8b/0xb3
[  327.752725] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.754141]  should_fail.cold+0x5/0xa
[  327.754182]  ? create_object.isra.0+0x3a/0xa20
[  327.754474] I/O error, dev sr0, sector 5 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  327.754956]  should_failslab+0x5/0x10
[  327.755355] Buffer I/O error on dev sr0, logical block 5, async page read
[  327.756504]  kmem_cache_alloc+0x5b/0x480
[  327.756989] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.757900]  ? obj_cgroup_charge+0x247/0x740
[  327.758772] I/O error, dev sr0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  327.759594]  create_object.isra.0+0x3a/0xa20
[  327.760299] Buffer I/O error on dev sr0, logical block 6, async page read
[  327.761183]  ? kasan_unpoison+0x23/0x50
[  327.761831] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.762699]  kmem_cache_alloc+0x239/0x480
[  327.763594] I/O error, dev sr0, sector 7 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  327.764564]  create_user_ns+0x1ac/0xe90
[  327.765280] Buffer I/O error on dev sr0, logical block 7, async page read
[  327.766154]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  327.767075] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.767627]  ? prepare_creds+0x519/0x6f0
[  327.768513] I/O error, dev sr0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  327.769356]  copy_creds+0x545/0xb20
[  327.770079] Buffer I/O error on dev sr0, logical block 0, async page read
[  327.771294]  copy_process+0xe3f/0x6d10
[  327.771940] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.772773]  ? __cleanup_sighand+0xb0/0xb0
[  327.773635] Buffer I/O error on dev sr0, logical block 1, async page read
[  327.774414]  ? lock_is_held_type+0xd7/0x130
[  327.775204] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.775956]  ? find_held_lock+0x2c/0x110
[  327.776627] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.777445]  ? kernel_clone+0xc4/0xa60
[  327.778267] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.779108]  kernel_clone+0xe7/0xa60
[  327.779791] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.780562]  ? create_io_thread+0xf0/0xf0
[  327.781229] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.781951]  ? find_held_lock+0x2c/0x110
[  327.782629] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.783344]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  327.784057] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.784782]  ? bit_wait_io_timeout+0x160/0x160
[  327.785467] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.786220]  __do_sys_clone+0xc8/0x110
[  327.786875] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.787825]  ? __do_sys_vfork+0xd0/0xd0
[  327.788509] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.789381]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  327.790038] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.790760]  ? vfs_write+0x428/0xad0
[  327.791465] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.792219]  ? syscall_enter_from_user_mode+0x1d/0x50
[  327.792865] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.793958]  do_syscall_64+0x3b/0x90
[  327.794624] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.795335]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  327.796039] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.796981] RIP: 0033:0x7fa70862cb19
[  327.797004] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  327.797657] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.798337] RSP: 002b:00007fa705ba2188 EFLAGS: 00000246
[  327.799014] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.799993]  ORIG_RAX: 0000000000000038
[  327.800006] RAX: ffffffffffffffda RBX: 00007fa70873ff60 RCX: 00007fa70862cb19
[  327.800672] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.801352] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  327.803360] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.804351] RBP: 00007fa705ba21d0 R08: 0000000000000000 R09: 0000000000000000
[  327.804369] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  327.805033] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.806038] R13: 00007ffd6adb49ef R14: 00007fa705ba2300 R15: 0000000000022000
[  327.806083]  </TASK>
[  327.806586] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.814629] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.815810] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.818215] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.819661] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.821067] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.822533] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.823946] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.825343] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.826747] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.828252] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.829668] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
12:39:10 executing program 1:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 7)

[  327.831158] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.832701] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.834113] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.835836] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.837266] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.838816] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.840310] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.841709] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.843122] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.844599] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.844609] FAULT_INJECTION: forcing a failure.
[  327.844609] name failslab, interval 1, probability 0, space 0, times 0
[  327.845956] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.847079] CPU: 0 PID: 4787 Comm: syz-executor.1 Not tainted 5.17.0-rc8-next-20220318 #1
[  327.848367] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.849035] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  327.849054] Call Trace:
[  327.849061]  <TASK>
[  327.850379] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.851454]  dump_stack_lvl+0x8b/0xb3
[  327.851493]  should_fail.cold+0x5/0xa
[  327.852213] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.852290]  ? create_object.isra.0+0x3a/0xa20
[  327.853748] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.853801]  should_failslab+0x5/0x10
[  327.854824] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.855200]  kmem_cache_alloc+0x5b/0x480
[  327.856380] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.856727]  ? obj_cgroup_charge+0x247/0x740
[  327.856749]  create_object.isra.0+0x3a/0xa20
[  327.857814] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.858138]  ? kasan_unpoison+0x23/0x50
[  327.859245] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.859626]  __kmalloc+0x25b/0x440
[  327.859647]  security_prepare_creds+0x10a/0x180
[  327.860817] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.861095]  prepare_creds+0x505/0x6f0
[  327.862501] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.862671]  copy_creds+0x76/0xb20
[  327.864045] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.864227]  copy_process+0xe3f/0x6d10
[  327.865571] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.865807]  ? __cleanup_sighand+0xb0/0xb0
[  327.866845] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.867225]  ? lock_is_held_type+0xd7/0x130
[  327.868242] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.868554]  ? find_held_lock+0x2c/0x110
[  327.868574]  ? kernel_clone+0xc4/0xa60
[  327.871056] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.871438]  kernel_clone+0xe7/0xa60
[  327.871462]  ? create_io_thread+0xf0/0xf0
[  327.873488] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.874019]  ? find_held_lock+0x2c/0x110
[  327.874040]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  327.875078] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.875330]  ? bit_wait_io_timeout+0x160/0x160
[  327.876696] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.876921]  __do_sys_clone+0xc8/0x110
[  327.878659] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.879032]  ? __do_sys_vfork+0xd0/0xd0
[  327.880509] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.880587]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  327.881961] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.882157]  ? vfs_write+0x428/0xad0
[  327.883633] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.883895]  ? syscall_enter_from_user_mode+0x1d/0x50
[  327.886544]  do_syscall_64+0x3b/0x90
[  327.886963]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  327.887543] RIP: 0033:0x7f71bf82bb19
[  327.887934] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  327.888674] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.889895] RSP: 002b:00007f71bcda1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  327.889911] RAX: ffffffffffffffda RBX: 00007f71bf93ef60 RCX: 00007f71bf82bb19
[  327.889920] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  327.889929] RBP: 00007f71bcda11d0 R08: 0000000000000000 R09: 0000000000000000
[  327.891326] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.891906] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  327.891916] R13: 00007ffdc313072f R14: 00007f71bcda1300 R15: 0000000000022000
[  327.891938]  </TASK>
[  327.893731] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.896215] loop0: detected capacity change from 0 to 264192
[  327.898135] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.903156] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.904715] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.906256] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.908291] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.913733] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.916245] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.917828] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.919715] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.921274] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.922921] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.924745] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.926101] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.927678] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.928376] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.929051] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.929738] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.930507] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.931203] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.931903] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.932588] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.933322] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.933990] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.934673] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.935345] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.936061] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.936734] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.937403] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.938087] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.938826] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.939546] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.940224] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.940930] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.941634] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.942276] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.942961] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.943667] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.944399] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.945070] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.945772] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.946421] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.947091] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.947792] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.948481] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.949114] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.949875] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.950558] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.951266] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.951953] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.952647] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.953284] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.953972] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.954654] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.955383] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.956081] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.956807] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.957545] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.958227] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.958938] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.959619] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.960305] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.961060] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.961768] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.962484] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.963157] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.963841] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.964573] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.965253] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.965943] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.966711] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.967409] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.968094] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.968280] nfs: Unknown parameter '$-'
[  327.968778] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.970266] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.970940] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.971620] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.972256] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.972971] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.973648] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.974327] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.975001] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.975694] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.976364] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.977052] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.977730] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.978477] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.979134] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.979833] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.980510] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.981191] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.981861] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.982559] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.983239] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.984000] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.984722] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.985750] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.986416] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.987130] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.987987] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.988743] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.989413] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.990207] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.990915] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.991636] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.992293] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.992990] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.993684] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
12:39:10 executing program 5:
mkdirat(0xffffffffffffffff, &(0x7f0000000300)='./file0\x00', 0x8)

[  327.995786] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.996473] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.997196] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.997888] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  327.998813] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.000678] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.001998] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.003342] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.004702] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.006118] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.007809] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.009145] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.010847] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.013389] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.014742] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.016026] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.017305] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.018628] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.022414] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.023991] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.026109] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.027481] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.028795] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.030142] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.031557] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.032824] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.034262] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.035687] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.036999] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.038512] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.039813] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.041121] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.042374] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.043718] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.045236] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.046628] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
12:39:10 executing program 3:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000be000000000000be252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000000040)="22df1d0000000000000d00080005e20008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000011e00))
mkdirat(r0, &(0x7f0000000300)='./file0\x00', 0x8)

[  328.047921] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.049205] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
12:39:10 executing program 7:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r3, &(0x7f00000000c0)={0xa, 0x0, 0x0, @empty}, 0x1c)
socket$inet(0x2, 0x80006, 0xfff)
pipe(&(0x7f0000000180)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
getsockopt$bt_hci(r4, 0x0, 0x1, &(0x7f0000000640)=""/77, &(0x7f00000001c0)=0x4d)
io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x2}}, './file0\x00'})
r5 = epoll_create(0x1)
r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='uid_map\x00')
preadv(r6, &(0x7f0000000300)=[{&(0x7f0000000200)=""/66, 0x42}], 0x1, 0x1, 0x0)
setsockopt$inet6_udp_int(r6, 0x11, 0x1, &(0x7f00000006c0)=0xfffffffc, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x2, 0x4000, @fd=r5, 0x7f, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

[  328.050589] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.053651] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.054963] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.056270] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.057676] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.058985] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.060282] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.061731] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.066495] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.067867] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.069917] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.071320] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.072800] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.074118] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.075543] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.076915] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.078268] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.079676] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.080993] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.082420] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.086157] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.087598] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.088941] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.090252] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.091653] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.093004] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.094276] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
12:39:10 executing program 1:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 8)

[  328.112832] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.119007] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.120860] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.123230] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.124810] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.126221] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.127630] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.129033] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.131907] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.136725] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.138225] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.139853] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.141431] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.143709] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.145077] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.146650] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
12:39:10 executing program 6:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 10)

[  328.148209] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.149958] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.151395] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.152844] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.154276] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.155747] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.157179] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.158634] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.160160] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.161627] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.161714] loop3: detected capacity change from 0 to 240
[  328.163067] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.165662] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.167103] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.168630] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.170028] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.171430] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.172987] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.174523] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.175983] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.177396] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.178816] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.180258] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.181721] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.183125] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.184687] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.185997] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.188684] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.190112] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.191626] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.193018] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.194505] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.195924] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.197316] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.198736] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.200241] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.201671] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.203097] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.204574] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.206004] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.207418] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.208862] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.210263] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.211756] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.213208] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.214666] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.216128] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.219960] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.221361] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.222765] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.224176] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.225576] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.226824] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.228085] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.229294] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.230568] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.231863] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.233103] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.234352] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.235921] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.237207] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.238642] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.239930] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.241204] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
12:39:10 executing program 0:
rmdir(&(0x7f0000000000)='./file0\x00')
r0 = syz_mount_image$nfs(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0xd7, 0x2, &(0x7f0000001380)=[{0x0}, {&(0x7f00000012c0)="d150f10b1f877a4c496d6687c2e3b01f89b282979140bba4631af63aff4b1e008012a9053d1fc4c722661014b5360d6d369bc958e205992997dfaa57602724ca2ce975471e70df706eac83e4712ada73b7739921cc78b159f757d9254cecef5197d02900ad42f46aa14ae9cf61e6a38ac168d9d7bcd8fb31f481913a8cd8a5a4540ad202cb833bcd20cf67da12921780e5203761877c9e7b2955bdd2719c2e193612593b336fa66122b86e8d33dbe880cefd56b5", 0xb4, 0x100000001}], 0x0, &(0x7f0000001400)={[{'$-'}], [{@pcr={'pcr', 0x3d, 0x32}}, {@obj_type={'obj_type', 0x3d, '!,*!+)+[:]'}}, {@subj_user}]})
mkdirat(r0, &(0x7f0000001480)='./file0\x00', 0x100)
stat(0x0, 0x0)
mkdirat(r0, &(0x7f0000001580)='./file0\x00', 0x20)
signalfd(r0, &(0x7f00000015c0), 0x8)

[  328.244664] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.245924] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.247244] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.248588] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.250039] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.251321] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.254423] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.255852] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.257148] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.258542] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.259861] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.261257] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.262622] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.263888] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.265162] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.266486] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.267782] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.269068] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.270379] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.271759] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.273068] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.274378] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.275728] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.277027] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.278347] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.279680] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.280986] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.282353] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.283681] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
12:39:10 executing program 5:
mkdirat(0xffffffffffffffff, &(0x7f0000000300)='./file0\x00', 0x8)

[  328.284963] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.286773] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.291602] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.292896] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.294580] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.296084] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.297930] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.299226] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.300686] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.301951] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.303371] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.304647] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.305956] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.307255] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.308658] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.309914] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.311225] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.312570] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.313838] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.315123] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.316381] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.317664] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.320756] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.322287] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.323586] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.324862] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.326108] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.327369] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.328851] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.330119] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.331559] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.332843] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.334100] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.335399] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.336661] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.337947] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.339365] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.340752] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.342237] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.352859] FAULT_INJECTION: forcing a failure.
[  328.352859] name failslab, interval 1, probability 0, space 0, times 0
[  328.355107] CPU: 0 PID: 4801 Comm: syz-executor.6 Not tainted 5.17.0-rc8-next-20220318 #1
[  328.356725] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  328.358948] Call Trace:
[  328.359451]  <TASK>
[  328.359889]  dump_stack_lvl+0x8b/0xb3
[  328.360656]  should_fail.cold+0x5/0xa
[  328.361020] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.361417]  should_failslab+0x5/0x10
[  328.362884] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.363348]  __kmalloc_track_caller+0x79/0x430
[  328.364932] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.365358]  ? setup_userns_sysctls+0x4d/0x180
[  328.366721] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.367393]  kmemdup+0x23/0x50
[  328.368742] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.369136]  setup_userns_sysctls+0x4d/0x180
[  328.370558] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.371133]  create_user_ns+0x95a/0xe90
[  328.372509] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.373031]  copy_creds+0x545/0xb20
[  328.374560] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.374845]  copy_process+0xe3f/0x6d10
[  328.376200] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.376741]  ? __cleanup_sighand+0xb0/0xb0
[  328.378068] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.378680]  ? lock_is_held_type+0xd7/0x130
[  328.380106] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.380673]  ? find_held_lock+0x2c/0x110
[  328.380706]  ? kernel_clone+0xc4/0xa60
[  328.382035] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.382607]  kernel_clone+0xe7/0xa60
[  328.383680] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.384489]  ? create_io_thread+0xf0/0xf0
[  328.384522]  ? find_held_lock+0x2c/0x110
[  328.385576] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.386343]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  328.387494] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.388032]  ? bit_wait_io_timeout+0x160/0x160
[  328.389519] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.390132]  __do_sys_clone+0xc8/0x110
[  328.391527] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.392149]  ? __do_sys_vfork+0xd0/0xd0
[  328.393503] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.394013]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  328.395378] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.395895]  ? vfs_write+0x428/0xad0
[  328.395946]  ? syscall_enter_from_user_mode+0x1d/0x50
[  328.397240] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.398093]  do_syscall_64+0x3b/0x90
[  328.399504] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.399962]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  328.401277] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.402060] RIP: 0033:0x7fa70862cb19
[  328.402079] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  328.403092] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.403888] RSP: 002b:00007fa705ba2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  328.403917] RAX: ffffffffffffffda RBX: 00007fa70873ff60 RCX: 00007fa70862cb19
[  328.405332] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.406015] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  328.406031] RBP: 00007fa705ba21d0 R08: 0000000000000000 R09: 0000000000000000
[  328.406046] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  328.407071] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.410406] R13: 00007ffd6adb49ef R14: 00007fa705ba2300 R15: 0000000000022000
[  328.410446]  </TASK>
[  328.424236] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.428881] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.430156] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.432432] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.433761] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.435173] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.436642] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.438105] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.439622] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.441144] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.442620] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.444026] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.445338] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.446641] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.447967] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.449909] FAULT_INJECTION: forcing a failure.
[  328.449909] name failslab, interval 1, probability 0, space 0, times 0
[  328.452199] CPU: 0 PID: 4802 Comm: syz-executor.1 Not tainted 5.17.0-rc8-next-20220318 #1
[  328.453823] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  328.456059] Call Trace:
[  328.456563]  <TASK>
[  328.457005]  dump_stack_lvl+0x8b/0xb3
[  328.457770]  should_fail.cold+0x5/0xa
[  328.458531]  ? create_user_ns+0x1ac/0xe90
[  328.459379]  should_failslab+0x5/0x10
[  328.460134]  kmem_cache_alloc+0x5b/0x480
[  328.460945]  create_user_ns+0x1ac/0xe90
[  328.461742]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  328.462833]  ? prepare_creds+0x519/0x6f0
[  328.463662]  copy_creds+0x545/0xb20
[  328.464403]  copy_process+0xe3f/0x6d10
[  328.465211]  ? __cleanup_sighand+0xb0/0xb0
[  328.466069]  ? lock_is_held_type+0xd7/0x130
[  328.466929]  ? find_held_lock+0x2c/0x110
[  328.467733]  ? kernel_clone+0xc4/0xa60
[  328.468518]  kernel_clone+0xe7/0xa60
[  328.469264]  ? create_io_thread+0xf0/0xf0
[  328.470094]  ? find_held_lock+0x2c/0x110
[  328.470919]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  328.471904]  ? bit_wait_io_timeout+0x160/0x160
[  328.472814]  __do_sys_clone+0xc8/0x110
[  328.473596]  ? __do_sys_vfork+0xd0/0xd0
[  328.474393]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  328.475493]  ? vfs_write+0x428/0xad0
[  328.476247]  ? syscall_enter_from_user_mode+0x1d/0x50
[  328.477277]  do_syscall_64+0x3b/0x90
[  328.478021]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  328.479065] RIP: 0033:0x7f71bf82bb19
[  328.479801] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  328.483443] RSP: 002b:00007f71bcda1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  328.483989] loop0: detected capacity change from 0 to 264192
[  328.484941] RAX: ffffffffffffffda RBX: 00007f71bf93ef60 RCX: 00007f71bf82bb19
[  328.484958] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  328.484971] RBP: 00007f71bcda11d0 R08: 0000000000000000 R09: 0000000000000000
[  328.484987] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  328.487652] nfs: Unknown parameter '$-'
[  328.489006] R13: 00007ffdc313072f R14: 00007f71bcda1300 R15: 0000000000022000
[  328.489045]  </TASK>
[  328.494786] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.496080] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.497512] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.498869] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.500171] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.501517] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.510091] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.520803] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.522215] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.523670] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.525533] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.529240] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.530609] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.531994] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.535306] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.536673] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.538025] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[  328.539464] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
12:39:10 executing program 2:
openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x26e1, 0x0)
stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, <r0=>0x0})
setresuid(0x0, r0, 0x0)
newfstatat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x400)
syslog(0x0, 0x0, 0x0)

12:39:10 executing program 4:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x39a}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000fee000/0x12000)=nil, 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'rose0\x00'})
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'bridge_slave_1\x00'})
ioctl$TUNSETOWNER(r0, 0x400454cc, 0xee00)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='uid_map\x00')
preadv(r2, &(0x7f0000000300)=[{&(0x7f0000000200)=""/66, 0x42}], 0x1, 0x1, 0x0)
r3 = openat(r2, &(0x7f0000000140)='./file0\x00', 0x101000, 0x90)
setsockopt$inet_tcp_TCP_ULP(r3, 0x6, 0x1f, &(0x7f0000000180), 0x4)
ioctl$TUNATTACHFILTER(r2, 0x401054d5, &(0x7f0000000100)={0x4, &(0x7f00000000c0)=[{0x355, 0x6, 0x92, 0xfffffde5}, {0x7ff, 0x3, 0x1, 0x4}, {0x4, 0x2}, {0x1f, 0x2, 0x8, 0x2}]})
dup3(r1, r0, 0x0)

12:39:10 executing program 5:
mkdirat(0xffffffffffffffff, &(0x7f0000000300)='./file0\x00', 0x8)

12:39:10 executing program 3:
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/sockstat\x00')
mknodat$loop(r0, &(0x7f0000000000)='./file0\x00', 0x4, 0x0)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='uid_map\x00')
preadv(r1, &(0x7f0000000300)=[{&(0x7f0000000200)=""/66, 0x42}], 0x1, 0x1, 0x0)
openat(r1, &(0x7f0000000080)='./file0\x00', 0x800, 0x125)

12:39:10 executing program 7:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r3, &(0x7f00000000c0)={0xa, 0x0, 0x0, @empty}, 0x1c)
socket$inet(0x2, 0x80006, 0xfff)
pipe(&(0x7f0000000180)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
getsockopt$bt_hci(r4, 0x0, 0x1, &(0x7f0000000640)=""/77, &(0x7f00000001c0)=0x4d)
io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x2}}, './file0\x00'})
r5 = epoll_create(0x1)
r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='uid_map\x00')
preadv(r6, &(0x7f0000000300)=[{&(0x7f0000000200)=""/66, 0x42}], 0x1, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x2, 0x4000, @fd=r5, 0x7f, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:39:10 executing program 6:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 11)

[  328.763907] FAULT_INJECTION: forcing a failure.
[  328.763907] name failslab, interval 1, probability 0, space 0, times 0
[  328.766351] CPU: 0 PID: 4820 Comm: syz-executor.6 Not tainted 5.17.0-rc8-next-20220318 #1
[  328.768010] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  328.770240] Call Trace:
[  328.770747]  <TASK>
[  328.771224]  dump_stack_lvl+0x8b/0xb3
[  328.772031]  should_fail.cold+0x5/0xa
[  328.772808]  ? create_object.isra.0+0x3a/0xa20
[  328.773735]  should_failslab+0x5/0x10
[  328.774498]  kmem_cache_alloc+0x5b/0x480
[  328.775322]  create_object.isra.0+0x3a/0xa20
[  328.776212]  ? kasan_unpoison+0x23/0x50
[  328.777027]  __kmalloc_track_caller+0x25e/0x430
[  328.777967]  ? setup_userns_sysctls+0x4d/0x180
[  328.778883]  kmemdup+0x23/0x50
[  328.779554]  setup_userns_sysctls+0x4d/0x180
[  328.780439]  create_user_ns+0x95a/0xe90
[  328.781256]  copy_creds+0x545/0xb20
[  328.782008]  copy_process+0xe3f/0x6d10
[  328.782789]  ? __lock_acquire+0x164e/0x6120
[  328.783692]  ? __cleanup_sighand+0xb0/0xb0
[  328.784553]  ? lock_is_held_type+0xd7/0x130
[  328.785416]  ? find_held_lock+0x2c/0x110
[  328.786248]  ? kernel_clone+0xc4/0xa60
[  328.787034]  kernel_clone+0xe7/0xa60
[  328.787802]  ? create_io_thread+0xf0/0xf0
[  328.788628]  ? finish_task_switch.isra.0+0x226/0x870
[  328.789656]  ? lockdep_hardirqs_on+0x79/0x100
[  328.790539]  ? finish_task_switch.isra.0+0x226/0x870
[  328.791589]  __do_sys_clone+0xc8/0x110
[  328.792361]  ? __do_sys_vfork+0xd0/0xd0
[  328.793184]  ? syscall_enter_from_user_mode+0x1d/0x50
[  328.794199]  do_syscall_64+0x3b/0x90
[  328.794959]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  328.796003] RIP: 0033:0x7fa70862cb19
[  328.796745] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  328.800414] RSP: 002b:00007fa705ba2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  328.801921] RAX: ffffffffffffffda RBX: 00007fa70873ff60 RCX: 00007fa70862cb19
[  328.803343] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  328.804751] RBP: 00007fa705ba21d0 R08: 0000000000000000 R09: 0000000000000000
[  328.806163] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  328.807591] R13: 00007ffd6adb49ef R14: 00007fa705ba2300 R15: 0000000000022000
[  328.809028]  </TASK>
[  342.440613] FAULT_INJECTION: forcing a failure.
[  342.440613] name failslab, interval 1, probability 0, space 0, times 0
[  342.442942] CPU: 1 PID: 4833 Comm: syz-executor.6 Not tainted 5.17.0-rc8-next-20220318 #1
[  342.444607] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  342.446884] Call Trace:
[  342.447407]  <TASK>
[  342.447861]  dump_stack_lvl+0x8b/0xb3
[  342.448656]  should_fail.cold+0x5/0xa
[  342.449429]  ? create_object.isra.0+0x3a/0xa20
[  342.450361]  should_failslab+0x5/0x10
[  342.451257]  kmem_cache_alloc+0x5b/0x480
[  342.452215]  create_object.isra.0+0x3a/0xa20
[  342.453249]  ? kasan_unpoison+0x23/0x50
[  342.454197]  __kmalloc_track_caller+0x25e/0x430
[  342.455321]  ? setup_userns_sysctls+0x4d/0x180
[  342.456397]  kmemdup+0x23/0x50
[  342.457158]  setup_userns_sysctls+0x4d/0x180
[  342.458191]  create_user_ns+0x95a/0xe90
[  342.459154]  copy_creds+0x545/0xb20
[  342.460031]  copy_process+0xe3f/0x6d10
[  342.460997]  ? __cleanup_sighand+0xb0/0xb0
[  342.462009]  ? lock_is_held_type+0xd7/0x130
[  342.463030]  ? find_held_lock+0x2c/0x110
[  342.464009]  ? kernel_clone+0xc4/0xa60
[  342.464941]  kernel_clone+0xe7/0xa60
[  342.465825]  ? create_io_thread+0xf0/0xf0
[  342.466794]  ? find_held_lock+0x2c/0x110
[  342.467751]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  342.468908]  ? bit_wait_io_timeout+0x160/0x160
12:39:24 executing program 0:
rmdir(&(0x7f0000000000)='./file0\x00')
r0 = syz_mount_image$nfs(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0xd7, 0x2, &(0x7f0000001380)=[{0x0}, {&(0x7f00000012c0)="d150f10b1f877a4c496d6687c2e3b01f89b282979140bba4631af63aff4b1e008012a9053d1fc4c722661014b5360d6d369bc958e205992997dfaa57602724ca2ce975471e70df706eac83e4712ada73b7739921cc78b159f757d9254cecef5197d02900ad42f46aa14ae9cf61e6a38ac168d9d7bcd8fb31f481913a8cd8a5a4540ad202cb833bcd20cf67da12921780e5203761877c9e7b2955bdd2719c2e193612593b336fa66122b86e8d33dbe880cefd56b5", 0xb4, 0x100000001}], 0x0, &(0x7f0000001400)={[{'$-'}], [{@pcr={'pcr', 0x3d, 0x32}}, {@obj_type={'obj_type', 0x3d, '!,*!+)+[:]'}}, {@subj_user}]})
mkdirat(r0, &(0x7f0000001480)='./file0\x00', 0x100)
stat(0x0, 0x0)
mkdirat(r0, &(0x7f0000001580)='./file0\x00', 0x20)

[  342.469980]  __do_sys_clone+0xc8/0x110
12:39:24 executing program 6:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 12)

12:39:24 executing program 4:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x39a}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000fee000/0x12000)=nil, 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'rose0\x00'})
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'bridge_slave_1\x00'})
ioctl$TUNSETOWNER(r0, 0x400454cc, 0xee00)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='uid_map\x00')
preadv(r2, &(0x7f0000000300)=[{&(0x7f0000000200)=""/66, 0x42}], 0x1, 0x1, 0x0)
r3 = openat(r2, &(0x7f0000000140)='./file0\x00', 0x101000, 0x90)
setsockopt$inet_tcp_TCP_ULP(r3, 0x6, 0x1f, &(0x7f0000000180), 0x4)
ioctl$TUNATTACHFILTER(r2, 0x401054d5, &(0x7f0000000100)={0x4, &(0x7f00000000c0)=[{0x355, 0x6, 0x92, 0xfffffde5}, {0x7ff, 0x3, 0x1, 0x4}, {0x4, 0x2}, {0x1f, 0x2, 0x8, 0x2}]})
dup3(r1, r0, 0x0)

12:39:24 executing program 7:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r3, &(0x7f00000000c0)={0xa, 0x0, 0x0, @empty}, 0x1c)
socket$inet(0x2, 0x80006, 0xfff)
pipe(&(0x7f0000000180)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
getsockopt$bt_hci(r4, 0x0, 0x1, &(0x7f0000000640)=""/77, &(0x7f00000001c0)=0x4d)
io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x2}}, './file0\x00'})
r5 = epoll_create(0x1)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='uid_map\x00')
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x2, 0x4000, @fd=r5, 0x7f, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:39:24 executing program 5:
r0 = syz_mount_image$iso9660(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000be000000000000be252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000000040)="22df1d0000000000000d00080005e20008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000011e00))
mkdirat(r0, &(0x7f0000000300)='./file0\x00', 0x8)

12:39:24 executing program 1:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 9)

12:39:24 executing program 2:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r3, &(0x7f00000000c0)={0xa, 0x0, 0x0, @empty}, 0x1c)
socket$inet(0x2, 0x80006, 0xfff)
pipe(&(0x7f0000000180)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
getsockopt$bt_hci(r4, 0x0, 0x1, &(0x7f0000000640)=""/77, &(0x7f00000001c0)=0x4d)
io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x2}}, './file0\x00'})
r5 = epoll_create(0x1)
r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='uid_map\x00')
preadv(r6, &(0x7f0000000300)=[{&(0x7f0000000200)=""/66, 0x42}], 0x1, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x2, 0x4000, @fd=r5, 0x7f, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:39:24 executing program 3:
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/sockstat\x00')
mknodat$loop(r0, &(0x7f0000000000)='./file0\x00', 0x4, 0x0)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='uid_map\x00')
preadv(r1, &(0x7f0000000300)=[{&(0x7f0000000200)=""/66, 0x42}], 0x1, 0x1, 0x0)
openat(r1, &(0x7f0000000080)='./file0\x00', 0x800, 0x125)

[  342.471235]  ? __do_sys_vfork+0xd0/0xd0
12:39:24 executing program 2:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r3, &(0x7f00000000c0)={0xa, 0x0, 0x0, @empty}, 0x1c)
socket$inet(0x2, 0x80006, 0xfff)
pipe(&(0x7f0000000180)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
getsockopt$bt_hci(r4, 0x0, 0x1, &(0x7f0000000640)=""/77, &(0x7f00000001c0)=0x4d)
io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x2}}, './file0\x00'})
r5 = epoll_create(0x1)
r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='uid_map\x00')
preadv(r6, &(0x7f0000000300)=[{&(0x7f0000000200)=""/66, 0x42}], 0x1, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x2, 0x4000, @fd=r5, 0x7f, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

[  342.472312]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  342.473618]  ? vfs_write+0x428/0xad0
[  342.474514]  ? syscall_enter_from_user_mode+0x1d/0x50
[  342.475736]  do_syscall_64+0x3b/0x90
[  342.476616]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  342.477824] RIP: 0033:0x7fa70862cb19
[  342.478679] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  342.482900] RSP: 002b:00007fa705ba2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  342.484652] RAX: ffffffffffffffda RBX: 00007fa70873ff60 RCX: 00007fa70862cb19
[  342.486283] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  342.487918] RBP: 00007fa705ba21d0 R08: 0000000000000000 R09: 0000000000000000
[  342.489548] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  342.491188] R13: 00007ffd6adb49ef R14: 00007fa705ba2300 R15: 0000000000022000
[  342.492849]  </TASK>
[  342.495319] loop0: detected capacity change from 0 to 264192
[  342.495931] FAULT_INJECTION: forcing a failure.
[  342.495931] name failslab, interval 1, probability 0, space 0, times 0
[  342.497354] nfs: Unknown parameter '$-'
[  342.498519] CPU: 1 PID: 4838 Comm: syz-executor.1 Not tainted 5.17.0-rc8-next-20220318 #1
[  342.498549] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  342.503431] Call Trace:
[  342.504016]  <TASK>
[  342.504524]  dump_stack_lvl+0x8b/0xb3
[  342.505403]  should_fail.cold+0x5/0xa
[  342.506280]  ? create_object.isra.0+0x3a/0xa20
[  342.507355]  should_failslab+0x5/0x10
[  342.508224]  kmem_cache_alloc+0x5b/0x480
[  342.509153]  ? obj_cgroup_charge+0x247/0x740
[  342.510171]  create_object.isra.0+0x3a/0xa20
[  342.511199]  ? kasan_unpoison+0x23/0x50
[  342.512119]  kmem_cache_alloc+0x239/0x480
[  342.513066]  create_user_ns+0x1ac/0xe90
[  342.513970]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  342.515220]  ? prepare_creds+0x519/0x6f0
[  342.516150]  copy_creds+0x545/0xb20
[  342.516995]  copy_process+0xe3f/0x6d10
[  342.517914]  ? __cleanup_sighand+0xb0/0xb0
[  342.518882]  ? lock_is_held_type+0xd7/0x130
[  342.519859]  ? find_held_lock+0x2c/0x110
[  342.520783]  ? kernel_clone+0xc4/0xa60
[  342.521675]  kernel_clone+0xe7/0xa60
[  342.522530]  ? create_io_thread+0xf0/0xf0
[  342.523488]  ? find_held_lock+0x2c/0x110
[  342.524416]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  342.525536]  ? bit_wait_io_timeout+0x160/0x160
[  342.526567]  __do_sys_clone+0xc8/0x110
[  342.527456]  ? __do_sys_vfork+0xd0/0xd0
[  342.528353]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  342.529580]  ? vfs_write+0x428/0xad0
[  342.530440]  ? syscall_enter_from_user_mode+0x1d/0x50
[  342.531616]  do_syscall_64+0x3b/0x90
[  342.532456]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  342.533615] RIP: 0033:0x7f71bf82bb19
[  342.534438] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  342.538516] RSP: 002b:00007f71bcda1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  342.540239] RAX: ffffffffffffffda RBX: 00007f71bf93ef60 RCX: 00007f71bf82bb19
[  342.541814] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  342.543398] RBP: 00007f71bcda11d0 R08: 0000000000000000 R09: 0000000000000000
[  342.544963] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  342.546541] R13: 00007ffdc313072f R14: 00007f71bcda1300 R15: 0000000000022000
[  342.548141]  </TASK>
[  342.573598] loop5: detected capacity change from 0 to 240
12:39:37 executing program 6:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 13)

12:39:37 executing program 2:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r3, &(0x7f00000000c0)={0xa, 0x0, 0x0, @empty}, 0x1c)
socket$inet(0x2, 0x80006, 0xfff)
pipe(&(0x7f0000000180)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
getsockopt$bt_hci(r4, 0x0, 0x1, &(0x7f0000000640)=""/77, &(0x7f00000001c0)=0x4d)
io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x2}}, './file0\x00'})
r5 = epoll_create(0x1)
r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='uid_map\x00')
preadv(r6, &(0x7f0000000300)=[{&(0x7f0000000200)=""/66, 0x42}], 0x1, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x2, 0x4000, @fd=r5, 0x7f, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:39:37 executing program 4:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff000000000000000007"], 0x1c}], 0x1}, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0)
sendmsg$IPVS_CMD_DEL_SERVICE(r0, &(0x7f0000001200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000001180)={&(0x7f0000001340)=ANY=[@ANYBLOB="f954b225", @ANYRES16=0x0, @ANYBLOB="01002dbd7000fddbdf2503000000140002800800030000000000080004002400000008000500ffffffff"], 0x30}, 0x1, 0x0, 0x0, 0x24008805}, 0x20000000)
preadv(r1, &(0x7f00000011c0)=[{&(0x7f0000000180)=""/4096, 0x1000}], 0x1, 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r2, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0)
r3 = fork()
r4 = pidfd_open(r3, 0x0)
process_madvise(r4, 0x0, 0x0, 0x14, 0x0)
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='uid_map\x00')
preadv(r5, &(0x7f0000000300)=[{&(0x7f0000000200)=""/66, 0x42}], 0x1, 0x1, 0x0)
read(r5, &(0x7f0000001240)=""/196, 0xc4)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
ioctl$SNDRV_TIMER_IOCTL_STOP(0xffffffffffffffff, 0x54a1)
connect$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x1c)
read(r0, &(0x7f00000001c0)=""/133, 0x85)

12:39:37 executing program 1:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 10)

12:39:37 executing program 0:
rmdir(&(0x7f0000000000)='./file0\x00')
r0 = syz_mount_image$nfs(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0xd7, 0x2, &(0x7f0000001380)=[{0x0}, {&(0x7f00000012c0)="d150f10b1f877a4c496d6687c2e3b01f89b282979140bba4631af63aff4b1e008012a9053d1fc4c722661014b5360d6d369bc958e205992997dfaa57602724ca2ce975471e70df706eac83e4712ada73b7739921cc78b159f757d9254cecef5197d02900ad42f46aa14ae9cf61e6a38ac168d9d7bcd8fb31f481913a8cd8a5a4540ad202cb833bcd20cf67da12921780e5203761877c9e7b2955bdd2719c2e193612593b336fa66122b86e8d33dbe880cefd56b5", 0xb4, 0x100000001}], 0x0, &(0x7f0000001400)={[{'$-'}], [{@pcr={'pcr', 0x3d, 0x32}}, {@obj_type={'obj_type', 0x3d, '!,*!+)+[:]'}}, {@subj_user}]})
mkdirat(r0, &(0x7f0000001480)='./file0\x00', 0x100)
stat(0x0, 0x0)

12:39:37 executing program 3:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x39a}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000fee000/0x12000)=nil, 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'rose0\x00'})
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'bridge_slave_1\x00'})
ioctl$TUNSETOWNER(r0, 0x400454cc, 0xee00)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='uid_map\x00')
preadv(r2, &(0x7f0000000300)=[{&(0x7f0000000200)=""/66, 0x42}], 0x1, 0x1, 0x0)
r3 = openat(r2, &(0x7f0000000140)='./file0\x00', 0x101000, 0x90)
setsockopt$inet_tcp_TCP_ULP(r3, 0x6, 0x1f, &(0x7f0000000180), 0x4)
ioctl$TUNATTACHFILTER(r2, 0x401054d5, &(0x7f0000000100)={0x4, &(0x7f00000000c0)=[{0x355, 0x6, 0x92, 0xfffffde5}, {0x7ff, 0x3, 0x1, 0x4}, {0x4, 0x2}, {0x1f, 0x2, 0x8, 0x2}]})
dup3(r1, r0, 0x0)

12:39:37 executing program 5:
r0 = syz_mount_image$iso9660(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000be000000000000be252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000000040)="22df1d0000000000000d00080005e20008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000011e00))
mkdirat(r0, &(0x7f0000000300)='./file0\x00', 0x8)

12:39:37 executing program 7:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r3, &(0x7f00000000c0)={0xa, 0x0, 0x0, @empty}, 0x1c)
socket$inet(0x2, 0x80006, 0xfff)
pipe(&(0x7f0000000180)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
getsockopt$bt_hci(r4, 0x0, 0x1, &(0x7f0000000640)=""/77, &(0x7f00000001c0)=0x4d)
io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x2}}, './file0\x00'})
r5 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x2, 0x4000, @fd=r5, 0x7f, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

[  355.086123] FAULT_INJECTION: forcing a failure.
[  355.086123] name failslab, interval 1, probability 0, space 0, times 0
[  355.087373] CPU: 1 PID: 4864 Comm: syz-executor.6 Not tainted 5.17.0-rc8-next-20220318 #1
[  355.088241] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  355.089413] Call Trace:
[  355.089679]  <TASK>
[  355.089912]  dump_stack_lvl+0x8b/0xb3
[  355.090322]  should_fail.cold+0x5/0xa
[  355.090722]  ? create_object.isra.0+0x3a/0xa20
[  355.091223]  should_failslab+0x5/0x10
[  355.091639]  kmem_cache_alloc+0x5b/0x480
[  355.092069]  create_object.isra.0+0x3a/0xa20
[  355.092529]  ? kasan_unpoison+0x23/0x50
[  355.092960]  __kmalloc+0x25b/0x440
[  355.093339]  __register_sysctl_table+0x112/0x1090
[  355.093851]  ? proc_sys_evict_inode+0x180/0x180
[  355.094356]  ? trace_kmalloc+0x29/0xd0
[  355.094761]  ? __kmalloc_track_caller+0x213/0x430
[  355.095260]  ? setup_userns_sysctls+0x4d/0x180
[  355.095749]  ? memcpy+0x39/0x60
[  355.096106]  setup_userns_sysctls+0xc2/0x180
[  355.096571]  create_user_ns+0x95a/0xe90
[  355.096996]  copy_creds+0x545/0xb20
[  355.097393]  copy_process+0xe3f/0x6d10
[  355.097822]  ? __cleanup_sighand+0xb0/0xb0
[  355.098272]  ? lock_is_held_type+0xd7/0x130
[  355.098732]  ? find_held_lock+0x2c/0x110
[  355.099162]  ? kernel_clone+0xc4/0xa60
[  355.099595]  kernel_clone+0xe7/0xa60
[  355.099987]  ? create_io_thread+0xf0/0xf0
[  355.100423]  ? find_held_lock+0x2c/0x110
[  355.100858]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  355.101374]  ? bit_wait_io_timeout+0x160/0x160
[  355.101863]  __do_sys_clone+0xc8/0x110
[  355.102273]  ? __do_sys_vfork+0xd0/0xd0
[  355.102698]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  355.103275]  ? vfs_write+0x428/0xad0
[  355.103691]  ? syscall_enter_from_user_mode+0x1d/0x50
[  355.104260]  do_syscall_64+0x3b/0x90
[  355.104653]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  355.105199] RIP: 0033:0x7fa70862cb19
[  355.105580] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  355.107521] RSP: 002b:00007fa705ba2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  355.108304] RAX: ffffffffffffffda RBX: 00007fa70873ff60 RCX: 00007fa70862cb19
[  355.109050] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  355.109792] RBP: 00007fa705ba21d0 R08: 0000000000000000 R09: 0000000000000000
[  355.110537] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  355.111273] R13: 00007ffd6adb49ef R14: 00007fa705ba2300 R15: 0000000000022000
[  355.112037]  </TASK>
[  355.119910] FAULT_INJECTION: forcing a failure.
[  355.119910] name failslab, interval 1, probability 0, space 0, times 0
[  355.121120] CPU: 1 PID: 4869 Comm: syz-executor.1 Not tainted 5.17.0-rc8-next-20220318 #1
[  355.121973] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  355.123245] Call Trace:
[  355.123530]  <TASK>
[  355.123772]  dump_stack_lvl+0x8b/0xb3
[  355.124203]  should_fail.cold+0x5/0xa
[  355.124635]  should_failslab+0x5/0x10
[  355.125049]  __kmalloc_track_caller+0x79/0x430
[  355.125686]  ? setup_userns_sysctls+0x4d/0x180
[  355.126193]  kmemdup+0x23/0x50
[  355.126542]  setup_userns_sysctls+0x4d/0x180
[  355.127033]  create_user_ns+0x95a/0xe90
[  355.127465]  copy_creds+0x545/0xb20
[  355.127881]  copy_process+0xe3f/0x6d10
[  355.128328]  ? __cleanup_sighand+0xb0/0xb0
[  355.128783]  ? lock_is_held_type+0xd7/0x130
[  355.129266]  ? find_held_lock+0x2c/0x110
[  355.129689]  ? kernel_clone+0xc4/0xa60
[  355.130126]  kernel_clone+0xe7/0xa60
[  355.130555]  ? create_io_thread+0xf0/0xf0
[  355.130994]  ? find_held_lock+0x2c/0x110
[  355.131461]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  355.131993]  ? bit_wait_io_timeout+0x160/0x160
[  355.132505]  __do_sys_clone+0xc8/0x110
[  355.132917]  ? __do_sys_vfork+0xd0/0xd0
[  355.133361]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  355.133937]  ? vfs_write+0x428/0xad0
[  355.134360]  ? syscall_enter_from_user_mode+0x1d/0x50
[  355.134905]  do_syscall_64+0x3b/0x90
[  355.135320]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  355.135869] RIP: 0033:0x7f71bf82bb19
[  355.136286] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  355.138210] RSP: 002b:00007f71bcda1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  355.139066] RAX: ffffffffffffffda RBX: 00007f71bf93ef60 RCX: 00007f71bf82bb19
[  355.139827] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  355.140577] RBP: 00007f71bcda11d0 R08: 0000000000000000 R09: 0000000000000000
[  355.141324] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  355.142068] R13: 00007ffdc313072f R14: 00007f71bcda1300 R15: 0000000000022000
[  355.142825]  </TASK>
[  355.146688] loop0: detected capacity change from 0 to 264192
[  355.154328] nfs: Unknown parameter '$-'
[  355.154872] loop5: detected capacity change from 0 to 240
12:39:37 executing program 0:
rmdir(&(0x7f0000000000)='./file0\x00')
r0 = syz_mount_image$nfs(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0xd7, 0x2, &(0x7f0000001380)=[{0x0}, {&(0x7f00000012c0)="d150f10b1f877a4c496d6687c2e3b01f89b282979140bba4631af63aff4b1e008012a9053d1fc4c722661014b5360d6d369bc958e205992997dfaa57602724ca2ce975471e70df706eac83e4712ada73b7739921cc78b159f757d9254cecef5197d02900ad42f46aa14ae9cf61e6a38ac168d9d7bcd8fb31f481913a8cd8a5a4540ad202cb833bcd20cf67da12921780e5203761877c9e7b2955bdd2719c2e193612593b336fa66122b86e8d33dbe880cefd56b5", 0xb4, 0x100000001}], 0x0, &(0x7f0000001400)={[{'$-'}], [{@pcr={'pcr', 0x3d, 0x32}}, {@obj_type={'obj_type', 0x3d, '!,*!+)+[:]'}}, {@subj_user}]})
mkdirat(r0, &(0x7f0000001480)='./file0\x00', 0x100)

12:39:37 executing program 7:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r3, &(0x7f00000000c0)={0xa, 0x0, 0x0, @empty}, 0x1c)
socket$inet(0x2, 0x80006, 0xfff)
pipe(&(0x7f0000000180)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
getsockopt$bt_hci(r4, 0x0, 0x1, &(0x7f0000000640)=""/77, &(0x7f00000001c0)=0x4d)
io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x2}}, './file0\x00'})
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x2, 0x4000, @fd, 0x7f, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:39:37 executing program 1:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 11)

12:39:37 executing program 6:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 14)

[  355.288218] FAULT_INJECTION: forcing a failure.
[  355.288218] name failslab, interval 1, probability 0, space 0, times 0
12:39:37 executing program 5:
r0 = syz_mount_image$iso9660(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000be000000000000be252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000000040)="22df1d0000000000000d00080005e20008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000011e00))
mkdirat(r0, &(0x7f0000000300)='./file0\x00', 0x8)

[  355.290489] CPU: 0 PID: 4884 Comm: syz-executor.1 Not tainted 5.17.0-rc8-next-20220318 #1
[  355.292205] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  355.294416] Call Trace:
[  355.294918]  <TASK>
[  355.295382]  dump_stack_lvl+0x8b/0xb3
[  355.296148]  should_fail.cold+0x5/0xa
[  355.296905]  ? create_object.isra.0+0x3a/0xa20
[  355.297820]  should_failslab+0x5/0x10
[  355.298571]  kmem_cache_alloc+0x5b/0x480
[  355.299419]  create_object.isra.0+0x3a/0xa20
[  355.300302]  ? kasan_unpoison+0x23/0x50
[  355.301120]  __kmalloc_track_caller+0x25e/0x430
[  355.302048]  ? setup_userns_sysctls+0x4d/0x180
[  355.302965]  kmemdup+0x23/0x50
[  355.303614]  setup_userns_sysctls+0x4d/0x180
[  355.304490]  create_user_ns+0x95a/0xe90
[  355.305299]  copy_creds+0x545/0xb20
[  355.306042]  copy_process+0xe3f/0x6d10
[  355.306856]  ? __cleanup_sighand+0xb0/0xb0
[  355.307743]  ? lock_is_held_type+0xd7/0x130
[  355.308600]  ? find_held_lock+0x2c/0x110
[  355.309414]  ? kernel_clone+0xc4/0xa60
[  355.310199]  kernel_clone+0xe7/0xa60
[  355.310956]  ? create_io_thread+0xf0/0xf0
[  355.311794]  ? find_held_lock+0x2c/0x110
[  355.312611]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  355.313595]  ? bit_wait_io_timeout+0x160/0x160
[  355.314514]  __do_sys_clone+0xc8/0x110
[  355.315312]  ? __do_sys_vfork+0xd0/0xd0
[  355.316109]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  355.317202]  ? vfs_write+0x428/0xad0
[  355.317966]  ? syscall_enter_from_user_mode+0x1d/0x50
[  355.318994]  do_syscall_64+0x3b/0x90
[  355.319783]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  355.320825] RIP: 0033:0x7f71bf82bb19
[  355.321549] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  355.325189] RSP: 002b:00007f71bcda1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  355.326674] RAX: ffffffffffffffda RBX: 00007f71bf93ef60 RCX: 00007f71bf82bb19
[  355.328095] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  355.329499] RBP: 00007f71bcda11d0 R08: 0000000000000000 R09: 0000000000000000
[  355.330904] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  355.331243] FAULT_INJECTION: forcing a failure.
[  355.331243] name failslab, interval 1, probability 0, space 0, times 0
[  355.332320] R13: 00007ffdc313072f R14: 00007f71bcda1300 R15: 0000000000022000
[  355.332361]  </TASK>
[  355.335394] CPU: 1 PID: 4887 Comm: syz-executor.6 Not tainted 5.17.0-rc8-next-20220318 #1
[  355.336340] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  355.337534] Call Trace:
[  355.337803]  <TASK>
[  355.338035]  dump_stack_lvl+0x8b/0xb3
[  355.338455]  should_fail.cold+0x5/0xa
[  355.338859]  ? __register_sysctl_table+0x9e2/0x1090
[  355.339408]  should_failslab+0x5/0x10
[  355.339808]  __kmalloc+0x72/0x440
[  355.340179]  __register_sysctl_table+0x9e2/0x1090
[  355.340695]  ? proc_sys_evict_inode+0x180/0x180
[  355.341182]  ? trace_kmalloc+0x29/0xd0
[  355.341593]  ? __kmalloc_track_caller+0x213/0x430
[  355.342115]  ? setup_userns_sysctls+0x4d/0x180
[  355.342629]  ? memcpy+0x39/0x60
[  355.343000]  setup_userns_sysctls+0xc2/0x180
[  355.343502]  create_user_ns+0x95a/0xe90
[  355.343953]  copy_creds+0x545/0xb20
[  355.344374]  copy_process+0xe3f/0x6d10
[  355.344827]  ? __cleanup_sighand+0xb0/0xb0
[  355.345300]  ? lock_is_held_type+0xd7/0x130
[  355.345779]  ? find_held_lock+0x2c/0x110
[  355.346237]  ? kernel_clone+0xc4/0xa60
[  355.346674]  kernel_clone+0xe7/0xa60
[  355.347098]  ? create_io_thread+0xf0/0xf0
[  355.347577]  ? find_held_lock+0x2c/0x110
[  355.348025]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  355.348575]  ? bit_wait_io_timeout+0x160/0x160
[  355.349092]  __do_sys_clone+0xc8/0x110
[  355.349526]  ? __do_sys_vfork+0xd0/0xd0
[  355.349971]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  355.350574]  ? vfs_write+0x428/0xad0
[  355.350998]  ? syscall_enter_from_user_mode+0x1d/0x50
[  355.351588]  do_syscall_64+0x3b/0x90
[  355.352004]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  355.352576] RIP: 0033:0x7fa70862cb19
[  355.352985] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  355.354987] RSP: 002b:00007fa705ba2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  355.355826] RAX: ffffffffffffffda RBX: 00007fa70873ff60 RCX: 00007fa70862cb19
[  355.356610] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  355.357392] RBP: 00007fa705ba21d0 R08: 0000000000000000 R09: 0000000000000000
[  355.358182] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  355.358954] R13: 00007ffd6adb49ef R14: 00007fa705ba2300 R15: 0000000000022000
[  355.359755]  </TASK>
[  355.360400] sysctl could not get directory: /user -12
[  355.361654] CPU: 1 PID: 4887 Comm: syz-executor.6 Not tainted 5.17.0-rc8-next-20220318 #1
[  355.362556] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  355.363807] Call Trace:
[  355.364089]  <TASK>
[  355.364336]  dump_stack_lvl+0x8b/0xb3
[  355.364759]  __register_sysctl_table+0xde7/0x1090
[  355.365293]  ? proc_sys_evict_inode+0x180/0x180
[  355.365807]  ? trace_kmalloc+0x29/0xd0
[  355.366237]  ? __kmalloc_track_caller+0x213/0x430
[  355.366763]  ? setup_userns_sysctls+0x4d/0x180
[  355.367266]  ? memcpy+0x39/0x60
[  355.367654]  setup_userns_sysctls+0xc2/0x180
[  355.368154]  create_user_ns+0x95a/0xe90
[  355.368602]  copy_creds+0x545/0xb20
[  355.369011]  copy_process+0xe3f/0x6d10
[  355.369463]  ? __cleanup_sighand+0xb0/0xb0
[  355.369933]  ? lock_is_held_type+0xd7/0x130
[  355.370402]  ? find_held_lock+0x2c/0x110
[  355.370854]  ? kernel_clone+0xc4/0xa60
[  355.371282]  kernel_clone+0xe7/0xa60
[  355.371702]  ? create_io_thread+0xf0/0xf0
[  355.372161]  ? find_held_lock+0x2c/0x110
[  355.372617]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  355.373158]  ? bit_wait_io_timeout+0x160/0x160
[  355.373671]  __do_sys_clone+0xc8/0x110
[  355.374106]  ? __do_sys_vfork+0xd0/0xd0
[  355.374550]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  355.375151]  ? vfs_write+0x428/0xad0
[  355.375590]  ? syscall_enter_from_user_mode+0x1d/0x50
[  355.376155]  do_syscall_64+0x3b/0x90
[  355.376570]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  355.377145] RIP: 0033:0x7fa70862cb19
[  355.377548] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  355.379548] RSP: 002b:00007fa705ba2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  355.380382] RAX: ffffffffffffffda RBX: 00007fa70873ff60 RCX: 00007fa70862cb19
[  355.381156] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  355.381923] RBP: 00007fa705ba21d0 R08: 0000000000000000 R09: 0000000000000000
[  355.382697] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  355.383474] R13: 00007ffd6adb49ef R14: 00007fa705ba2300 R15: 0000000000022000
[  355.384253]  </TASK>
[  355.391090] loop0: detected capacity change from 0 to 264192
12:39:37 executing program 2:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000380))
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @empty}, 0x1c)
socket$inet(0x2, 0x80006, 0xfff)
pipe(&(0x7f0000000180)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
getsockopt$bt_hci(r2, 0x0, 0x1, &(0x7f0000000640)=""/77, &(0x7f00000001c0)=0x4d)
io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x2}}, './file0\x00'})
epoll_create(0x1)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='uid_map\x00')
preadv(r3, &(0x7f0000000300)=[{&(0x7f0000000200)=""/66, 0x42}], 0x1, 0x1, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

[  355.408422] nfs: Unknown parameter '$-'
12:39:37 executing program 3:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x1010c2, 0x0)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/timer_list\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0x10000000b)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_SET_WDS_PEER(r0, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000180)={&(0x7f0000000240)={0x8c, 0x0, 0x400, 0x70bd25, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @random="7edebdbda41a"}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac=@device_b}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac=@device_b}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac=@broadcast}, @NL80211_ATTR_MAC={0xa, 0x6, @random="2c734ec52477"}]}, 0x8c}, 0x1, 0x0, 0x0, 0x4000}, 0x4000000)
pread64(r3, &(0x7f0000000580)=""/137, 0x89, 0x2)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000700)={'wlan1\x00'})
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r4=>0x0})
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='uid_map\x00')
preadv(r6, &(0x7f0000000300)=[{&(0x7f0000000200)=""/66, 0x42}], 0x1, 0x1, 0x0)
ioctl$F2FS_IOC_START_VOLATILE_WRITE(r6, 0xf503, 0x0)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000400), r3)
sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f0000000500)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x102001}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)={0x50, r7, 0x400, 0x70bd27, 0x25dfdbff, {{}, {@void, @val={0xc, 0x99, {0x6, 0x4e}}}}, [@NL80211_ATTR_HT_CAPABILITY={0x1e, 0x1f, {0x400, 0x1, 0x3, 0x0, {0xe69, 0x3, 0x0, 0x20, 0x0, 0x1, 0x1, 0x0, 0x1}, 0x1, 0x10000, 0x5}}, @NL80211_ATTR_PBSS={0x4}, @NL80211_ATTR_PREV_BSSID={0xa}]}, 0x50}, 0x1, 0x0, 0x0, 0x1840}, 0x80)
r8 = memfd_create(&(0x7f0000000340)='\x00', 0x1)
fcntl$getownex(r8, 0x10, &(0x7f0000000380))
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000001200)=ANY=[@ANYBLOB="a4000000", @ANYRES16=r5, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r4, @ANYBLOB="8600330080800000080211000001080211000000505050505050000000000000000000000000000000000000000601010101010101010004060000000000000606000025030000002a01003c04000000002d1a000000000000000000000000000000000000000000000000000072060303030303"], 0xa4}}, 0x0)
ioctl$F2FS_IOC_RELEASE_COMPRESS_BLOCKS(0xffffffffffffffff, 0x8008f512, &(0x7f0000000540))

12:39:37 executing program 7:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r3, &(0x7f00000000c0)={0xa, 0x0, 0x0, @empty}, 0x1c)
socket$inet(0x2, 0x80006, 0xfff)
pipe(&(0x7f0000000180)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
getsockopt$bt_hci(r4, 0x0, 0x1, &(0x7f0000000640)=""/77, &(0x7f00000001c0)=0x4d)
io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x2}}, './file0\x00'})
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x2, 0x4000, @fd, 0x7f, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:39:37 executing program 4:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff000000000000000007"], 0x1c}], 0x1}, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0)
sendmsg$IPVS_CMD_DEL_SERVICE(r0, &(0x7f0000001200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000001180)={&(0x7f0000001340)=ANY=[@ANYBLOB="f954b225", @ANYRES16=0x0, @ANYBLOB="01002dbd7000fddbdf2503000000140002800800030000000000080004002400000008000500ffffffff"], 0x30}, 0x1, 0x0, 0x0, 0x24008805}, 0x20000000)
preadv(r1, &(0x7f00000011c0)=[{&(0x7f0000000180)=""/4096, 0x1000}], 0x1, 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r2, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0)
r3 = fork()
r4 = pidfd_open(r3, 0x0)
process_madvise(r4, 0x0, 0x0, 0x14, 0x0)
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='uid_map\x00')
preadv(r5, &(0x7f0000000300)=[{&(0x7f0000000200)=""/66, 0x42}], 0x1, 0x1, 0x0)
read(r5, &(0x7f0000001240)=""/196, 0xc4)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
ioctl$SNDRV_TIMER_IOCTL_STOP(0xffffffffffffffff, 0x54a1)
connect$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x1c)
read(r0, &(0x7f00000001c0)=""/133, 0x85)

12:39:37 executing program 2:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000380))
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @empty}, 0x1c)
socket$inet(0x2, 0x80006, 0xfff)
pipe(&(0x7f0000000180)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
getsockopt$bt_hci(r2, 0x0, 0x1, &(0x7f0000000640)=""/77, &(0x7f00000001c0)=0x4d)
io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x2}}, './file0\x00'})
epoll_create(0x1)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='uid_map\x00')
preadv(r3, &(0x7f0000000300)=[{&(0x7f0000000200)=""/66, 0x42}], 0x1, 0x1, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

[  355.491725] loop5: detected capacity change from 0 to 240
12:39:37 executing program 0:
rmdir(&(0x7f0000000000)='./file0\x00')
syz_mount_image$nfs(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0xd7, 0x2, &(0x7f0000001380)=[{0x0}, {&(0x7f00000012c0)="d150f10b1f877a4c496d6687c2e3b01f89b282979140bba4631af63aff4b1e008012a9053d1fc4c722661014b5360d6d369bc958e205992997dfaa57602724ca2ce975471e70df706eac83e4712ada73b7739921cc78b159f757d9254cecef5197d02900ad42f46aa14ae9cf61e6a38ac168d9d7bcd8fb31f481913a8cd8a5a4540ad202cb833bcd20cf67da12921780e5203761877c9e7b2955bdd2719c2e193612593b336fa66122b86e8d33dbe880cefd56b5", 0xb4, 0x100000001}], 0x0, &(0x7f0000001400)={[{'$-'}], [{@pcr={'pcr', 0x3d, 0x32}}, {@obj_type={'obj_type', 0x3d, '!,*!+)+[:]'}}, {@subj_user}]})

12:39:37 executing program 2:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000380))
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @empty}, 0x1c)
socket$inet(0x2, 0x80006, 0xfff)
pipe(&(0x7f0000000180)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
getsockopt$bt_hci(r2, 0x0, 0x1, &(0x7f0000000640)=""/77, &(0x7f00000001c0)=0x4d)
io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x2}}, './file0\x00'})
epoll_create(0x1)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='uid_map\x00')
preadv(r3, &(0x7f0000000300)=[{&(0x7f0000000200)=""/66, 0x42}], 0x1, 0x1, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:39:37 executing program 6:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 15)

[  355.650258] FAULT_INJECTION: forcing a failure.
[  355.650258] name failslab, interval 1, probability 0, space 0, times 0
[  355.652566] CPU: 0 PID: 4912 Comm: syz-executor.6 Not tainted 5.17.0-rc8-next-20220318 #1
[  355.654194] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  355.656413] Call Trace:
[  355.656920]  <TASK>
[  355.657358]  dump_stack_lvl+0x8b/0xb3
[  355.658128]  should_fail.cold+0x5/0xa
[  355.658883]  ? create_object.isra.0+0x3a/0xa20
[  355.659819]  should_failslab+0x5/0x10
[  355.660570]  kmem_cache_alloc+0x5b/0x480
[  355.661383]  create_object.isra.0+0x3a/0xa20
[  355.662260]  ? kasan_unpoison+0x23/0x50
[  355.663060]  __kmalloc+0x25b/0x440
[  355.663781]  __register_sysctl_table+0x9e2/0x1090
[  355.664754]  ? proc_sys_evict_inode+0x180/0x180
[  355.665680]  ? trace_kmalloc+0x29/0xd0
[  355.666448]  ? __kmalloc_track_caller+0x213/0x430
[  355.667408]  ? setup_userns_sysctls+0x4d/0x180
[  355.668314]  ? memcpy+0x39/0x60
[  355.668982]  setup_userns_sysctls+0xc2/0x180
[  355.669854]  create_user_ns+0x95a/0xe90
[  355.670658]  copy_creds+0x545/0xb20
[  355.671413]  copy_process+0xe3f/0x6d10
[  355.672219]  ? __cleanup_sighand+0xb0/0xb0
[  355.673070]  ? lock_is_held_type+0xd7/0x130
[  355.673921]  ? find_held_lock+0x2c/0x110
[  355.674721]  ? kernel_clone+0xc4/0xa60
[  355.675514]  kernel_clone+0xe7/0xa60
[  355.676265]  ? create_io_thread+0xf0/0xf0
[  355.677094]  ? find_held_lock+0x2c/0x110
[  355.677903]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  355.678886]  ? bit_wait_io_timeout+0x160/0x160
[  355.679817]  __do_sys_clone+0xc8/0x110
[  355.680599]  ? __do_sys_vfork+0xd0/0xd0
[  355.681393]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  355.682483]  ? vfs_write+0x428/0xad0
[  355.683241]  ? syscall_enter_from_user_mode+0x1d/0x50
[  355.684274]  do_syscall_64+0x3b/0x90
[  355.685020]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  355.686052] RIP: 0033:0x7fa70862cb19
[  355.686784] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  355.690412] RSP: 002b:00007fa705ba2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  355.691924] RAX: ffffffffffffffda RBX: 00007fa70873ff60 RCX: 00007fa70862cb19
[  355.693331] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  355.694735] RBP: 00007fa705ba21d0 R08: 0000000000000000 R09: 0000000000000000
[  355.696147] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  355.697552] R13: 00007ffd6adb49ef R14: 00007fa705ba2300 R15: 0000000000022000
[  355.698977]  </TASK>
[  355.710082] loop0: detected capacity change from 0 to 264192
[  355.714116] nfs: Unknown parameter '$-'
[  370.455048] loop5: detected capacity change from 0 to 240
[  370.456752] loop0: detected capacity change from 0 to 264192
[  370.458122] nfs: Unknown parameter '$-'
[  370.468598] FAULT_INJECTION: forcing a failure.
[  370.468598] name failslab, interval 1, probability 0, space 0, times 0
[  370.469733] CPU: 0 PID: 4930 Comm: syz-executor.6 Not tainted 5.17.0-rc8-next-20220318 #1
[  370.470534] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  370.471647] Call Trace:
[  370.471896]  <TASK>
[  370.472115]  dump_stack_lvl+0x8b/0xb3
[  370.472504]  should_fail.cold+0x5/0xa
[  370.472880]  ? alloc_ucounts+0x1c5/0x660
[  370.473280]  should_failslab+0x5/0x10
[  370.473657]  kmem_cache_alloc_trace+0x55/0x3c0
[  370.474114]  alloc_ucounts+0x1c5/0x660
[  370.474497]  ? get_ucounts+0x60/0x60
[  370.474861]  ? key_put+0x9/0x30
[  370.475188]  ? create_user_ns+0x13b/0xe90
[  370.475616]  copy_creds+0x629/0xb20
[  370.475988]  copy_process+0xe3f/0x6d10
[  370.476390]  ? __cleanup_sighand+0xb0/0xb0
[  370.476811]  ? lock_is_held_type+0xd7/0x130
[  370.477235]  ? find_held_lock+0x2c/0x110
[  370.477641]  ? kernel_clone+0xc4/0xa60
[  370.478027]  kernel_clone+0xe7/0xa60
[  370.478407]  ? create_io_thread+0xf0/0xf0
[  370.478836]  ? find_held_lock+0x2c/0x110
[  370.479264]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  370.479786]  ? bit_wait_io_timeout+0x160/0x160
[  370.480263]  __do_sys_clone+0xc8/0x110
[  370.480664]  ? __do_sys_vfork+0xd0/0xd0
[  370.481076]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  370.481845]  ? vfs_write+0x428/0xad0
12:39:52 executing program 6:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 16)

12:39:52 executing program 7:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r3, &(0x7f00000000c0)={0xa, 0x0, 0x0, @empty}, 0x1c)
socket$inet(0x2, 0x80006, 0xfff)
pipe(&(0x7f0000000180)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
getsockopt$bt_hci(r4, 0x0, 0x1, &(0x7f0000000640)=""/77, &(0x7f00000001c0)=0x4d)
io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x2}}, './file0\x00'})
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x2, 0x4000, @fd, 0x7f, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:39:52 executing program 0:
syz_mount_image$nfs(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0xd7, 0x2, &(0x7f0000001380)=[{0x0}, {&(0x7f00000012c0)="d150f10b1f877a4c496d6687c2e3b01f89b282979140bba4631af63aff4b1e008012a9053d1fc4c722661014b5360d6d369bc958e205992997dfaa57602724ca2ce975471e70df706eac83e4712ada73b7739921cc78b159f757d9254cecef5197d02900ad42f46aa14ae9cf61e6a38ac168d9d7bcd8fb31f481913a8cd8a5a4540ad202cb833bcd20cf67da12921780e5203761877c9e7b2955bdd2719c2e193612593b336fa66122b86e8d33dbe880cefd56b5", 0xb4, 0x100000001}], 0x0, &(0x7f0000001400)={[{'$-'}], [{@pcr={'pcr', 0x3d, 0x32}}, {@obj_type={'obj_type', 0x3d, '!,*!+)+[:]'}}, {@subj_user}]})

12:39:52 executing program 3:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x1010c2, 0x0)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/timer_list\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0x10000000b)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_SET_WDS_PEER(r0, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000180)={&(0x7f0000000240)={0x8c, 0x0, 0x400, 0x70bd25, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @random="7edebdbda41a"}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac=@device_b}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac=@device_b}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac=@broadcast}, @NL80211_ATTR_MAC={0xa, 0x6, @random="2c734ec52477"}]}, 0x8c}, 0x1, 0x0, 0x0, 0x4000}, 0x4000000)
pread64(r3, &(0x7f0000000580)=""/137, 0x89, 0x2)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000700)={'wlan1\x00'})
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r4=>0x0})
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='uid_map\x00')
preadv(r6, &(0x7f0000000300)=[{&(0x7f0000000200)=""/66, 0x42}], 0x1, 0x1, 0x0)
ioctl$F2FS_IOC_START_VOLATILE_WRITE(r6, 0xf503, 0x0)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000400), r3)
sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f0000000500)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x102001}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)={0x50, r7, 0x400, 0x70bd27, 0x25dfdbff, {{}, {@void, @val={0xc, 0x99, {0x6, 0x4e}}}}, [@NL80211_ATTR_HT_CAPABILITY={0x1e, 0x1f, {0x400, 0x1, 0x3, 0x0, {0xe69, 0x3, 0x0, 0x20, 0x0, 0x1, 0x1, 0x0, 0x1}, 0x1, 0x10000, 0x5}}, @NL80211_ATTR_PBSS={0x4}, @NL80211_ATTR_PREV_BSSID={0xa}]}, 0x50}, 0x1, 0x0, 0x0, 0x1840}, 0x80)
r8 = memfd_create(&(0x7f0000000340)='\x00', 0x1)
fcntl$getownex(r8, 0x10, &(0x7f0000000380))
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000001200)=ANY=[@ANYBLOB="a4000000", @ANYRES16=r5, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r4, @ANYBLOB="8600330080800000080211000001080211000000505050505050000000000000000000000000000000000000000601010101010101010004060000000000000606000025030000002a01003c04000000002d1a000000000000000000000000000000000000000000000000000072060303030303"], 0xa4}}, 0x0)
ioctl$F2FS_IOC_RELEASE_COMPRESS_BLOCKS(0xffffffffffffffff, 0x8008f512, &(0x7f0000000540))

12:39:52 executing program 5:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), 0x0, 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000be000000000000be252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000000040)="22df1d0000000000000d00080005e20008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000011e00))
mkdirat(r0, &(0x7f0000000300)='./file0\x00', 0x8)

12:39:52 executing program 1:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 12)

12:39:52 executing program 2:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r3, &(0x7f00000000c0)={0xa, 0x0, 0x0, @empty}, 0x1c)
socket$inet(0x2, 0x80006, 0xfff)
pipe(&(0x7f0000000180)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
getsockopt$bt_hci(r4, 0x0, 0x1, &(0x7f0000000640)=""/77, &(0x7f00000001c0)=0x4d)
io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x2}}, './file0\x00'})
r5 = epoll_create(0x1)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='uid_map\x00')
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x2, 0x4000, @fd=r5, 0x7f, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:39:52 executing program 4:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff000000000000000007"], 0x1c}], 0x1}, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0)
sendmsg$IPVS_CMD_DEL_SERVICE(r0, &(0x7f0000001200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000001180)={&(0x7f0000001340)=ANY=[@ANYBLOB="f954b225", @ANYRES16=0x0, @ANYBLOB="01002dbd7000fddbdf2503000000140002800800030000000000080004002400000008000500ffffffff"], 0x30}, 0x1, 0x0, 0x0, 0x24008805}, 0x20000000)
preadv(r1, &(0x7f00000011c0)=[{&(0x7f0000000180)=""/4096, 0x1000}], 0x1, 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r2, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0)
r3 = fork()
r4 = pidfd_open(r3, 0x0)
process_madvise(r4, 0x0, 0x0, 0x14, 0x0)
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='uid_map\x00')
preadv(r5, &(0x7f0000000300)=[{&(0x7f0000000200)=""/66, 0x42}], 0x1, 0x1, 0x0)
read(r5, &(0x7f0000001240)=""/196, 0xc4)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
ioctl$SNDRV_TIMER_IOCTL_STOP(0xffffffffffffffff, 0x54a1)
connect$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x1c)
read(r0, &(0x7f00000001c0)=""/133, 0x85)

[  370.482241]  ? syscall_enter_from_user_mode+0x1d/0x50
[  370.483054]  do_syscall_64+0x3b/0x90
[  370.483461]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  370.484015] RIP: 0033:0x7fa70862cb19
[  370.484400] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  370.486258] RSP: 002b:00007fa705ba2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  370.487030] RAX: ffffffffffffffda RBX: 00007fa70873ff60 RCX: 00007fa70862cb19
[  370.487767] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  370.488490] RBP: 00007fa705ba21d0 R08: 0000000000000000 R09: 0000000000000000
[  370.489213] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  370.489937] R13: 00007ffd6adb49ef R14: 00007fa705ba2300 R15: 0000000000022000
[  370.490665]  </TASK>
[  370.505018] FAULT_INJECTION: forcing a failure.
[  370.505018] name failslab, interval 1, probability 0, space 0, times 0
[  370.507502] CPU: 1 PID: 4934 Comm: syz-executor.1 Not tainted 5.17.0-rc8-next-20220318 #1
[  370.509219] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  370.511576] Call Trace:
[  370.512108]  <TASK>
[  370.512574]  dump_stack_lvl+0x8b/0xb3
[  370.513381]  should_fail.cold+0x5/0xa
[  370.514241]  ? __register_sysctl_table+0x112/0x1090
[  370.515566]  should_failslab+0x5/0x10
[  370.516558]  __kmalloc+0x72/0x440
[  370.517329]  ? lock_downgrade+0x6d0/0x6d0
[  370.518423]  __register_sysctl_table+0x112/0x1090
[  370.519509]  ? proc_sys_evict_inode+0x180/0x180
[  370.520747]  ? trace_kmalloc+0x29/0xd0
[  370.521613]  ? __kmalloc_track_caller+0x213/0x430
[  370.522812]  ? setup_userns_sysctls+0x4d/0x180
[  370.523789]  ? memcpy+0x39/0x60
[  370.524495]  setup_userns_sysctls+0xc2/0x180
[  370.525421]  create_user_ns+0x95a/0xe90
[  370.526270]  copy_creds+0x545/0xb20
[  370.527049]  copy_process+0xe3f/0x6d10
[  370.527916]  ? __cleanup_sighand+0xb0/0xb0
[  370.528815]  ? lock_is_held_type+0xd7/0x130
[  370.529716]  ? find_held_lock+0x2c/0x110
[  370.530568]  ? kernel_clone+0xc4/0xa60
[  370.531414]  kernel_clone+0xe7/0xa60
[  370.532229]  ? create_io_thread+0xf0/0xf0
[  370.533101]  ? find_held_lock+0x2c/0x110
[  370.533947]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  370.534977]  ? bit_wait_io_timeout+0x160/0x160
[  370.535946]  __do_sys_clone+0xc8/0x110
[  370.536767]  ? __do_sys_vfork+0xd0/0xd0
[  370.537598]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  370.538745]  ? vfs_write+0x428/0xad0
[  370.539552]  ? syscall_enter_from_user_mode+0x1d/0x50
[  370.540654]  do_syscall_64+0x3b/0x90
[  370.541444]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  370.542558] RIP: 0033:0x7f71bf82bb19
[  370.543329] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  370.547173] RSP: 002b:00007f71bcda1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  370.548759] RAX: ffffffffffffffda RBX: 00007f71bf93ef60 RCX: 00007f71bf82bb19
[  370.550236] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  370.551725] RBP: 00007f71bcda11d0 R08: 0000000000000000 R09: 0000000000000000
[  370.553199] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  370.554677] R13: 00007ffdc313072f R14: 00007f71bcda1300 R15: 0000000000022000
[  370.556185]  </TASK>
12:39:52 executing program 6:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 17)

12:39:52 executing program 0:
syz_mount_image$nfs(0x0, &(0x7f0000000080)='./file0\x00', 0xd7, 0x2, &(0x7f0000001380)=[{0x0}, {&(0x7f00000012c0)="d150f10b1f877a4c496d6687c2e3b01f89b282979140bba4631af63aff4b1e008012a9053d1fc4c722661014b5360d6d369bc958e205992997dfaa57602724ca2ce975471e70df706eac83e4712ada73b7739921cc78b159f757d9254cecef5197d02900ad42f46aa14ae9cf61e6a38ac168d9d7bcd8fb31f481913a8cd8a5a4540ad202cb833bcd20cf67da12921780e5203761877c9e7b2955bdd2719c2e193612593b336fa66122b86e8d33dbe880cefd56b5", 0xb4, 0x100000001}], 0x0, &(0x7f0000001400)={[{'$-'}], [{@pcr={'pcr', 0x3d, 0x32}}, {@obj_type={'obj_type', 0x3d, '!,*!+)+[:]'}}, {@subj_user}]})

[  370.609013] loop0: detected capacity change from 0 to 264192
[  370.622153] FAULT_INJECTION: forcing a failure.
[  370.622153] name failslab, interval 1, probability 0, space 0, times 0
[  370.624464] CPU: 1 PID: 4944 Comm: syz-executor.6 Not tainted 5.17.0-rc8-next-20220318 #1
[  370.626017] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  370.628190] Call Trace:
[  370.628681]  <TASK>
[  370.629102]  dump_stack_lvl+0x8b/0xb3
[  370.629844]  should_fail.cold+0x5/0xa
[  370.630575]  ? alloc_ucounts+0x1c5/0x660
[  370.631347]  should_failslab+0x5/0x10
[  370.632076]  kmem_cache_alloc_trace+0x55/0x3c0
[  370.632947]  alloc_ucounts+0x1c5/0x660
[  370.633684]  ? get_ucounts+0x60/0x60
[  370.634375]  ? key_put+0x9/0x30
[  370.634996]  ? create_user_ns+0x13b/0xe90
[  370.635821]  copy_creds+0x629/0xb20
[  370.636517]  copy_process+0xe3f/0x6d10
[  370.637286]  ? __cleanup_sighand+0xb0/0xb0
[  370.638191]  ? lock_is_held_type+0xd7/0x130
[  370.639027]  ? find_held_lock+0x2c/0x110
[  370.639806]  ? kernel_clone+0xc4/0xa60
[  370.640554]  kernel_clone+0xe7/0xa60
[  370.641270]  ? create_io_thread+0xf0/0xf0
[  370.642061]  ? find_held_lock+0x2c/0x110
[  370.642839]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  370.643797]  ? bit_wait_io_timeout+0x160/0x160
[  370.644671]  __do_sys_clone+0xc8/0x110
[  370.645418]  ? __do_sys_vfork+0xd0/0xd0
[  370.646179]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  370.647225]  ? vfs_write+0x428/0xad0
[  370.647959]  ? syscall_enter_from_user_mode+0x1d/0x50
[  370.648942]  do_syscall_64+0x3b/0x90
[  370.649654]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  370.650642] RIP: 0033:0x7fa70862cb19
[  370.651347] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  370.654846] RSP: 002b:00007fa705ba2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  370.656310] RAX: ffffffffffffffda RBX: 00007fa70873ff60 RCX: 00007fa70862cb19
[  370.657667] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  370.659025] RBP: 00007fa705ba21d0 R08: 0000000000000000 R09: 0000000000000000
[  370.660386] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  370.661743] R13: 00007ffd6adb49ef R14: 00007fa705ba2300 R15: 0000000000022000
[  370.663124]  </TASK>
12:39:52 executing program 7:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r3, &(0x7f00000000c0)={0xa, 0x0, 0x0, @empty}, 0x1c)
socket$inet(0x2, 0x80006, 0xfff)
pipe(&(0x7f0000000180)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
getsockopt$bt_hci(r4, 0x0, 0x1, &(0x7f0000000640)=""/77, &(0x7f00000001c0)=0x4d)
io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
r5 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x2, 0x4000, @fd=r5, 0x7f, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:39:52 executing program 1:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 13)

12:39:52 executing program 5:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), 0x0, 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000be000000000000be252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000000040)="22df1d0000000000000d00080005e20008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000011e00))
mkdirat(r0, &(0x7f0000000300)='./file0\x00', 0x8)

12:39:52 executing program 2:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r3, &(0x7f00000000c0)={0xa, 0x0, 0x0, @empty}, 0x1c)
socket$inet(0x2, 0x80006, 0xfff)
pipe(&(0x7f0000000180)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
getsockopt$bt_hci(r4, 0x0, 0x1, &(0x7f0000000640)=""/77, &(0x7f00000001c0)=0x4d)
io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x2}}, './file0\x00'})
r5 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x2, 0x4000, @fd=r5, 0x7f, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

[  370.712025] FAULT_INJECTION: forcing a failure.
[  370.712025] name failslab, interval 1, probability 0, space 0, times 0
12:39:52 executing program 6:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 18)

12:39:52 executing program 0:
syz_mount_image$nfs(0x0, &(0x7f0000000080)='./file0\x00', 0xd7, 0x2, &(0x7f0000001380)=[{0x0}, {&(0x7f00000012c0)="d150f10b1f877a4c496d6687c2e3b01f89b282979140bba4631af63aff4b1e008012a9053d1fc4c722661014b5360d6d369bc958e205992997dfaa57602724ca2ce975471e70df706eac83e4712ada73b7739921cc78b159f757d9254cecef5197d02900ad42f46aa14ae9cf61e6a38ac168d9d7bcd8fb31f481913a8cd8a5a4540ad202cb833bcd20cf67da12921780e5203761877c9e7b2955bdd2719c2e193612593b336fa66122b86e8d33dbe880cefd56b5", 0xb4, 0x100000001}], 0x0, &(0x7f0000001400)={[{'$-'}], [{@pcr={'pcr', 0x3d, 0x32}}, {@obj_type={'obj_type', 0x3d, '!,*!+)+[:]'}}, {@subj_user}]})

[  370.714884] CPU: 1 PID: 4949 Comm: syz-executor.1 Not tainted 5.17.0-rc8-next-20220318 #1
[  370.716532] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  370.718769] Call Trace:
[  370.719274]  <TASK>
[  370.719737]  dump_stack_lvl+0x8b/0xb3
[  370.720506]  should_fail.cold+0x5/0xa
[  370.721267]  ? create_object.isra.0+0x3a/0xa20
[  370.722182]  should_failslab+0x5/0x10
[  370.722937]  kmem_cache_alloc+0x5b/0x480
[  370.723756]  create_object.isra.0+0x3a/0xa20
[  370.724632]  ? kasan_unpoison+0x23/0x50
[  370.725432]  __kmalloc+0x25b/0x440
[  370.726144]  __register_sysctl_table+0x112/0x1090
[  370.727113]  ? proc_sys_evict_inode+0x180/0x180
[  370.728045]  ? trace_kmalloc+0x29/0xd0
[  370.728810]  ? __kmalloc_track_caller+0x213/0x430
[  370.729762]  ? setup_userns_sysctls+0x4d/0x180
[  370.730665]  ? memcpy+0x39/0x60
[  370.731341]  setup_userns_sysctls+0xc2/0x180
[  370.732230]  create_user_ns+0x95a/0xe90
[  370.733041]  copy_creds+0x545/0xb20
[  370.733779]  copy_process+0xe3f/0x6d10
[  370.734584]  ? __cleanup_sighand+0xb0/0xb0
[  370.735445]  ? lock_is_held_type+0xd7/0x130
[  370.736303]  ? find_held_lock+0x2c/0x110
[  370.737120]  ? kernel_clone+0xc4/0xa60
[  370.737905]  kernel_clone+0xe7/0xa60
[  370.738655]  ? create_io_thread+0xf0/0xf0
[  370.739482]  ? find_held_lock+0x2c/0x110
[  370.740300]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  370.741286]  ? bit_wait_io_timeout+0x160/0x160
12:39:53 executing program 3:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r3, &(0x7f00000000c0)={0xa, 0x0, 0x0, @empty}, 0x1c)
socket$inet(0x2, 0x80006, 0xfff)
pipe(&(0x7f0000000180)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
getsockopt$bt_hci(r4, 0x0, 0x1, &(0x7f0000000640)=""/77, &(0x7f00000001c0)=0x4d)
io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x2}}, './file0\x00'})
r5 = epoll_create(0x1)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='uid_map\x00')
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x2, 0x4000, @fd=r5, 0x7f, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

[  370.742198]  __do_sys_clone+0xc8/0x110
[  370.743114]  ? __do_sys_vfork+0xd0/0xd0
[  370.743916]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  370.745005]  ? vfs_write+0x428/0xad0
[  370.745776]  ? syscall_enter_from_user_mode+0x1d/0x50
[  370.746800]  do_syscall_64+0x3b/0x90
[  370.747555]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  370.748586] RIP: 0033:0x7f71bf82bb19
[  370.749324] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  370.752958] RSP: 002b:00007f71bcda1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  370.754475] RAX: ffffffffffffffda RBX: 00007f71bf93ef60 RCX: 00007f71bf82bb19
[  370.755890] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  370.757295] RBP: 00007f71bcda11d0 R08: 0000000000000000 R09: 0000000000000000
[  370.758693] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  370.760128] R13: 00007ffdc313072f R14: 00007f71bcda1300 R15: 0000000000022000
[  370.761577]  </TASK>
[  370.784205] loop5: detected capacity change from 0 to 240
[  370.787350] FAULT_INJECTION: forcing a failure.
[  370.787350] name failslab, interval 1, probability 0, space 0, times 0
[  370.788612] CPU: 0 PID: 4959 Comm: syz-executor.6 Not tainted 5.17.0-rc8-next-20220318 #1
[  370.789451] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  370.790605] Call Trace:
[  370.790862]  <TASK>
[  370.791093]  dump_stack_lvl+0x8b/0xb3
[  370.791514]  should_fail.cold+0x5/0xa
[  370.791914]  ? create_object.isra.0+0x3a/0xa20
[  370.792396]  should_failslab+0x5/0x10
[  370.792804]  kmem_cache_alloc+0x5b/0x480
[  370.793234]  create_object.isra.0+0x3a/0xa20
[  370.793695]  ? kasan_unpoison+0x23/0x50
[  370.794117]  kmem_cache_alloc_trace+0x22e/0x3c0
[  370.794603]  alloc_ucounts+0x1c5/0x660
[  370.795023]  ? get_ucounts+0x60/0x60
[  370.795413]  ? key_put+0x9/0x30
[  370.795789]  ? create_user_ns+0x13b/0xe90
[  370.796237]  copy_creds+0x629/0xb20
[  370.796638]  copy_process+0xe3f/0x6d10
[  370.797081]  ? __cleanup_sighand+0xb0/0xb0
[  370.797534]  ? lock_is_held_type+0xd7/0x130
[  370.798002]  ? find_held_lock+0x2c/0x110
[  370.798435]  ? kernel_clone+0xc4/0xa60
[  370.798863]  kernel_clone+0xe7/0xa60
[  370.799260]  ? create_io_thread+0xf0/0xf0
[  370.799735]  ? find_held_lock+0x2c/0x110
[  370.800159]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  370.800683]  ? bit_wait_io_timeout+0x160/0x160
[  370.801176]  __do_sys_clone+0xc8/0x110
[  370.801607]  ? __do_sys_vfork+0xd0/0xd0
[  370.802033]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  370.802631]  ? vfs_write+0x428/0xad0
[  370.803047]  ? syscall_enter_from_user_mode+0x1d/0x50
[  370.803619]  do_syscall_64+0x3b/0x90
[  370.804009]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  370.804567] RIP: 0033:0x7fa70862cb19
[  370.804949] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  370.806937] RSP: 002b:00007fa705ba2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  370.807729] RAX: ffffffffffffffda RBX: 00007fa70873ff60 RCX: 00007fa70862cb19
[  370.808441] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  370.809145] RBP: 00007fa705ba21d0 R08: 0000000000000000 R09: 0000000000000000
[  370.809855] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  370.810585] R13: 00007ffd6adb49ef R14: 00007fa705ba2300 R15: 0000000000022000
[  370.811329]  </TASK>
12:40:08 executing program 1:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 14)

12:40:08 executing program 6:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 19)

12:40:08 executing program 5:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), 0x0, 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000be000000000000be252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000000040)="22df1d0000000000000d00080005e20008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000011e00))
mkdirat(r0, &(0x7f0000000300)='./file0\x00', 0x8)

12:40:08 executing program 0:
syz_mount_image$nfs(0x0, &(0x7f0000000080)='./file0\x00', 0xd7, 0x2, &(0x7f0000001380)=[{0x0}, {&(0x7f00000012c0)="d150f10b1f877a4c496d6687c2e3b01f89b282979140bba4631af63aff4b1e008012a9053d1fc4c722661014b5360d6d369bc958e205992997dfaa57602724ca2ce975471e70df706eac83e4712ada73b7739921cc78b159f757d9254cecef5197d02900ad42f46aa14ae9cf61e6a38ac168d9d7bcd8fb31f481913a8cd8a5a4540ad202cb833bcd20cf67da12921780e5203761877c9e7b2955bdd2719c2e193612593b336fa66122b86e8d33dbe880cefd56b5", 0xb4, 0x100000001}], 0x0, &(0x7f0000001400)={[{'$-'}], [{@pcr={'pcr', 0x3d, 0x32}}, {@obj_type={'obj_type', 0x3d, '!,*!+)+[:]'}}, {@subj_user}]})

12:40:08 executing program 2:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r3, &(0x7f00000000c0)={0xa, 0x0, 0x0, @empty}, 0x1c)
socket$inet(0x2, 0x80006, 0xfff)
pipe(&(0x7f0000000180)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
getsockopt$bt_hci(r4, 0x0, 0x1, &(0x7f0000000640)=""/77, &(0x7f00000001c0)=0x4d)
io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x2}}, './file0\x00'})
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x2, 0x4000, @fd, 0x7f, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:40:08 executing program 3:
rmdir(&(0x7f0000000000)='./file0\x00')
r0 = syz_mount_image$nfs(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0xd7, 0x2, &(0x7f0000001380)=[{0x0}, {&(0x7f00000012c0)="d150f10b1f877a4c496d6687c2e3b01f89b282979140bba4631af63aff4b1e008012a9053d1fc4c722661014b5360d6d369bc958e205992997dfaa57602724ca2ce975471e70df706eac83e4712ada73b7739921cc78b159f757d9254cecef5197d02900ad42f46aa14ae9cf61e6a38ac168d9d7bcd8fb31f481913a8cd8a5a4540ad202cb833bcd20cf67da12921780e5203761877c9e7b2955bdd2719c2e193612593b336fa66122b86e8d33dbe880cefd56b5", 0xb4, 0x100000001}], 0x0, &(0x7f0000001400)={[{'$-'}], [{@pcr={'pcr', 0x3d, 0x32}}, {@obj_type={'obj_type', 0x3d, '!,*!+)+[:]'}}, {@subj_user}]})
mkdirat(r0, &(0x7f0000001480)='./file0\x00', 0x100)

12:40:08 executing program 4:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff000000000000000007"], 0x1c}], 0x1}, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0)
sendmsg$IPVS_CMD_DEL_SERVICE(r0, &(0x7f0000001200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000001180)={&(0x7f0000001340)=ANY=[@ANYBLOB="f954b225", @ANYRES16=0x0, @ANYBLOB="01002dbd7000fddbdf2503000000140002800800030000000000080004002400000008000500ffffffff"], 0x30}, 0x1, 0x0, 0x0, 0x24008805}, 0x20000000)
preadv(r1, &(0x7f00000011c0)=[{&(0x7f0000000180)=""/4096, 0x1000}], 0x1, 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r2, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0)
r3 = fork()
r4 = pidfd_open(r3, 0x0)
process_madvise(r4, 0x0, 0x0, 0x14, 0x0)
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='uid_map\x00')
preadv(r5, &(0x7f0000000300)=[{&(0x7f0000000200)=""/66, 0x42}], 0x1, 0x1, 0x0)
read(r5, &(0x7f0000001240)=""/196, 0xc4)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
ioctl$SNDRV_TIMER_IOCTL_STOP(0xffffffffffffffff, 0x54a1)
connect$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x1c)
read(r0, &(0x7f00000001c0)=""/133, 0x85)

[  385.972824] FAULT_INJECTION: forcing a failure.
[  385.972824] name failslab, interval 1, probability 0, space 0, times 0
[  385.975051] CPU: 1 PID: 4971 Comm: syz-executor.1 Not tainted 5.17.0-rc8-next-20220318 #1
[  385.976597] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  385.978676] Call Trace:
[  385.979145]  <TASK>
[  385.979553]  dump_stack_lvl+0x8b/0xb3
[  385.980280]  should_fail.cold+0x5/0xa
[  385.980985]  ? __register_sysctl_table+0x9e2/0x1090
[  385.981915]  should_failslab+0x5/0x10
[  385.982614]  __kmalloc+0x72/0x440
[  385.983262]  __register_sysctl_table+0x9e2/0x1090
[  385.984175]  ? proc_sys_evict_inode+0x180/0x180
[  385.985040]  ? trace_kmalloc+0x29/0xd0
12:40:08 executing program 7:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r3, &(0x7f00000000c0)={0xa, 0x0, 0x0, @empty}, 0x1c)
socket$inet(0x2, 0x80006, 0xfff)
pipe(&(0x7f0000000180)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
getsockopt$bt_hci(r4, 0x0, 0x1, &(0x7f0000000640)=""/77, &(0x7f00000001c0)=0x4d)
r5 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x2, 0x4000, @fd=r5, 0x7f, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

[  385.985752]  ? __kmalloc_track_caller+0x213/0x430
[  385.986815]  ? setup_userns_sysctls+0x4d/0x180
[  385.987668]  ? memcpy+0x39/0x60
[  385.988407]  setup_userns_sysctls+0xc2/0x180
[  385.989254]  create_user_ns+0x95a/0xe90
[  385.990091]  copy_creds+0x545/0xb20
[  385.990784]  copy_process+0xe3f/0x6d10
[  385.991539]  ? __cleanup_sighand+0xb0/0xb0
[  385.992358]  ? lock_is_held_type+0xd7/0x130
[  385.993151]  ? find_held_lock+0x2c/0x110
[  385.993903]  ? kernel_clone+0xc4/0xa60
[  385.994632]  kernel_clone+0xe7/0xa60
[  385.995327]  ? create_io_thread+0xf0/0xf0
[  385.996193]  ? find_held_lock+0x2c/0x110
[  385.996955]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  385.997874]  ? bit_wait_io_timeout+0x160/0x160
[  385.998808]  __do_sys_clone+0xc8/0x110
[  385.999634]  ? __do_sys_vfork+0xd0/0xd0
[  386.000450]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  386.001461]  ? vfs_write+0x428/0xad0
[  386.002163]  ? syscall_enter_from_user_mode+0x1d/0x50
[  386.003108]  do_syscall_64+0x3b/0x90
[  386.003845]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  386.004800] RIP: 0033:0x7f71bf82bb19
[  386.005522] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  386.009098] RSP: 002b:00007f71bcda1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  386.010566] RAX: ffffffffffffffda RBX: 00007f71bf93ef60 RCX: 00007f71bf82bb19
[  386.011966] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  386.013381] RBP: 00007f71bcda11d0 R08: 0000000000000000 R09: 0000000000000000
[  386.014717] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  386.016066] R13: 00007ffdc313072f R14: 00007f71bcda1300 R15: 0000000000022000
[  386.017554]  </TASK>
[  386.018255] sysctl could not get directory: /user -12
[  386.019266] CPU: 1 PID: 4971 Comm: syz-executor.1 Not tainted 5.17.0-rc8-next-20220318 #1
[  386.020791] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  386.022991] Call Trace:
[  386.023460]  <TASK>
[  386.023871]  dump_stack_lvl+0x8b/0xb3
[  386.024571]  __register_sysctl_table+0xde7/0x1090
[  386.025460]  ? proc_sys_evict_inode+0x180/0x180
[  386.026414]  ? trace_kmalloc+0x29/0xd0
[  386.027155]  ? __kmalloc_track_caller+0x213/0x430
[  386.028040]  ? setup_userns_sysctls+0x4d/0x180
[  386.028867]  ? memcpy+0x39/0x60
[  386.029573]  setup_userns_sysctls+0xc2/0x180
[  386.030438]  create_user_ns+0x95a/0xe90
[  386.031243]  copy_creds+0x545/0xb20
[  386.031977]  copy_process+0xe3f/0x6d10
[  386.032790]  ? __cleanup_sighand+0xb0/0xb0
[  386.033573]  ? lock_is_held_type+0xd7/0x130
[  386.034361]  ? find_held_lock+0x2c/0x110
[  386.035110]  ? kernel_clone+0xc4/0xa60
[  386.035849]  kernel_clone+0xe7/0xa60
[  386.036547]  ? create_io_thread+0xf0/0xf0
[  386.037417]  ? find_held_lock+0x2c/0x110
[  386.038159]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  386.039136]  ? bit_wait_io_timeout+0x160/0x160
[  386.039985]  __do_sys_clone+0xc8/0x110
[  386.040793]  ? __do_sys_vfork+0xd0/0xd0
[  386.041605]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  386.042689]  ? vfs_write+0x428/0xad0
[  386.043477]  ? syscall_enter_from_user_mode+0x1d/0x50
[  386.044544]  do_syscall_64+0x3b/0x90
[  386.045303]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  386.046249] RIP: 0033:0x7f71bf82bb19
[  386.046930] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  386.050655] RSP: 002b:00007f71bcda1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  386.052113] RAX: ffffffffffffffda RBX: 00007f71bf93ef60 RCX: 00007f71bf82bb19
[  386.053542] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  386.054911] RBP: 00007f71bcda11d0 R08: 0000000000000000 R09: 0000000000000000
[  386.056324] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  386.057755] R13: 00007ffdc313072f R14: 00007f71bcda1300 R15: 0000000000022000
[  386.059062]  </TASK>
[  386.072540] loop0: detected capacity change from 0 to 264192
[  386.074785] loop5: detected capacity change from 0 to 240
[  386.105637] FAULT_INJECTION: forcing a failure.
[  386.105637] name failslab, interval 1, probability 0, space 0, times 0
[  386.107609] CPU: 1 PID: 4983 Comm: syz-executor.6 Not tainted 5.17.0-rc8-next-20220318 #1
[  386.109073] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  386.111031] Call Trace:
[  386.111486]  <TASK>
[  386.111893]  dump_stack_lvl+0x8b/0xb3
[  386.112574]  should_fail.cold+0x5/0xa
[  386.113242]  ? create_object.isra.0+0x3a/0xa20
[  386.114052]  should_failslab+0x5/0x10
[  386.114719]  kmem_cache_alloc+0x5b/0x480
[  386.115434]  create_object.isra.0+0x3a/0xa20
[  386.116224]  ? kasan_unpoison+0x23/0x50
[  386.116934]  kmem_cache_alloc+0x239/0x480
[  386.117671]  dup_fd+0x89/0xca0
[  386.118229]  ? audit_filter_inodes+0x40/0x40
[  386.119006]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  386.119977]  ? security_task_alloc+0xe6/0x260
[  386.120783]  copy_process+0x1fd8/0x6d10
[  386.121510]  ? __cleanup_sighand+0xb0/0xb0
[  386.122262]  ? lock_is_held_type+0xd7/0x130
[  386.123009]  ? find_held_lock+0x2c/0x110
[  386.123731]  ? kernel_clone+0xc4/0xa60
[  386.124443]  kernel_clone+0xe7/0xa60
[  386.125111]  ? create_io_thread+0xf0/0xf0
[  386.125825]  ? find_held_lock+0x2c/0x110
[  386.126543]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  386.127402]  ? bit_wait_io_timeout+0x160/0x160
[  386.128200]  __do_sys_clone+0xc8/0x110
[  386.128872]  ? __do_sys_vfork+0xd0/0xd0
[  386.129561]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  386.130505]  ? vfs_write+0x428/0xad0
[  386.131162]  ? syscall_enter_from_user_mode+0x1d/0x50
[  386.132058]  do_syscall_64+0x3b/0x90
[  386.132706]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  386.133600] RIP: 0033:0x7fa70862cb19
[  386.134236] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  386.137401] RSP: 002b:00007fa705ba2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  386.138702] RAX: ffffffffffffffda RBX: 00007fa70873ff60 RCX: 00007fa70862cb19
[  386.139931] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  386.141151] RBP: 00007fa705ba21d0 R08: 0000000000000000 R09: 0000000000000000
[  386.142370] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  386.143584] R13: 00007ffd6adb49ef R14: 00007fa705ba2300 R15: 0000000000022000
[  386.144816]  </TASK>
[  386.155582] loop3: detected capacity change from 0 to 264192
12:40:08 executing program 1:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 15)

[  386.161597] nfs: Unknown parameter '$-'
12:40:08 executing program 7:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r3, &(0x7f00000000c0)={0xa, 0x0, 0x0, @empty}, 0x1c)
socket$inet(0x2, 0x80006, 0xfff)
pipe(&(0x7f0000000180))
r4 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x2, 0x4000, @fd=r4, 0x7f, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:40:08 executing program 2:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r3, &(0x7f00000000c0)={0xa, 0x0, 0x0, @empty}, 0x1c)
socket$inet(0x2, 0x80006, 0xfff)
pipe(&(0x7f0000000180)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
getsockopt$bt_hci(r4, 0x0, 0x1, &(0x7f0000000640)=""/77, &(0x7f00000001c0)=0x4d)
io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x2}}, './file0\x00'})
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x2, 0x4000, @fd, 0x7f, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:40:08 executing program 5:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000011e00))
mkdirat(r0, &(0x7f0000000300)='./file0\x00', 0x8)

12:40:08 executing program 0:
syz_mount_image$nfs(&(0x7f0000000040), 0x0, 0xd7, 0x2, &(0x7f0000001380)=[{0x0}, {&(0x7f00000012c0)="d150f10b1f877a4c496d6687c2e3b01f89b282979140bba4631af63aff4b1e008012a9053d1fc4c722661014b5360d6d369bc958e205992997dfaa57602724ca2ce975471e70df706eac83e4712ada73b7739921cc78b159f757d9254cecef5197d02900ad42f46aa14ae9cf61e6a38ac168d9d7bcd8fb31f481913a8cd8a5a4540ad202cb833bcd20cf67da12921780e5203761877c9e7b2955bdd2719c2e193612593b336fa66122b86e8d33dbe880cefd56b5", 0xb4, 0x100000001}], 0x0, &(0x7f0000001400)={[{'$-'}], [{@pcr={'pcr', 0x3d, 0x32}}, {@obj_type={'obj_type', 0x3d, '!,*!+)+[:]'}}, {@subj_user}]})

[  386.246361] FAULT_INJECTION: forcing a failure.
[  386.246361] name failslab, interval 1, probability 0, space 0, times 0
[  386.248778] CPU: 0 PID: 4989 Comm: syz-executor.1 Not tainted 5.17.0-rc8-next-20220318 #1
[  386.250411] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  386.252673] Call Trace:
[  386.253174]  <TASK>
[  386.253618]  dump_stack_lvl+0x8b/0xb3
[  386.254392]  should_fail.cold+0x5/0xa
[  386.255159]  ? create_object.isra.0+0x3a/0xa20
[  386.256087]  should_failslab+0x5/0x10
[  386.256840]  kmem_cache_alloc+0x5b/0x480
[  386.257650]  create_object.isra.0+0x3a/0xa20
[  386.258544]  ? kasan_unpoison+0x23/0x50
[  386.259342]  __kmalloc+0x25b/0x440
[  386.260060]  __register_sysctl_table+0x9e2/0x1090
[  386.261031]  ? proc_sys_evict_inode+0x180/0x180
[  386.261965]  ? trace_kmalloc+0x29/0xd0
[  386.262735]  ? __kmalloc_track_caller+0x213/0x430
[  386.263695]  ? setup_userns_sysctls+0x4d/0x180
[  386.264617]  ? memcpy+0x39/0x60
[  386.265283]  setup_userns_sysctls+0xc2/0x180
[  386.266155]  create_user_ns+0x95a/0xe90
[  386.266959]  copy_creds+0x545/0xb20
[  386.267696]  copy_process+0xe3f/0x6d10
[  386.268514]  ? __cleanup_sighand+0xb0/0xb0
[  386.269361]  ? lock_is_held_type+0xd7/0x130
[  386.270224]  ? find_held_lock+0x2c/0x110
[  386.271034]  ? kernel_clone+0xc4/0xa60
[  386.271833]  kernel_clone+0xe7/0xa60
[  386.272586]  ? create_io_thread+0xf0/0xf0
[  386.273413]  ? find_held_lock+0x2c/0x110
[  386.274224]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  386.275203]  ? bit_wait_io_timeout+0x160/0x160
[  386.276123]  __do_sys_clone+0xc8/0x110
[  386.276902]  ? __do_sys_vfork+0xd0/0xd0
[  386.277697]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  386.278788]  ? vfs_write+0x428/0xad0
[  386.279546]  ? syscall_enter_from_user_mode+0x1d/0x50
[  386.280604]  do_syscall_64+0x3b/0x90
[  386.281089] loop0: detected capacity change from 0 to 264192
[  386.281353]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  386.283273] RIP: 0033:0x7f71bf82bb19
[  386.284012] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  386.287647] RSP: 002b:00007f71bcda1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  386.289155] RAX: ffffffffffffffda RBX: 00007f71bf93ef60 RCX: 00007f71bf82bb19
[  386.290559] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  386.291975] RBP: 00007f71bcda11d0 R08: 0000000000000000 R09: 0000000000000000
[  386.293383] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  386.294785] R13: 00007ffdc313072f R14: 00007f71bcda1300 R15: 0000000000022000
[  386.296222]  </TASK>
12:40:08 executing program 3:
rmdir(&(0x7f0000000000)='./file0\x00')
r0 = syz_mount_image$nfs(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0xd7, 0x2, &(0x7f0000001380)=[{0x0}, {&(0x7f00000012c0)="d150f10b1f877a4c496d6687c2e3b01f89b282979140bba4631af63aff4b1e008012a9053d1fc4c722661014b5360d6d369bc958e205992997dfaa57602724ca2ce975471e70df706eac83e4712ada73b7739921cc78b159f757d9254cecef5197d02900ad42f46aa14ae9cf61e6a38ac168d9d7bcd8fb31f481913a8cd8a5a4540ad202cb833bcd20cf67da12921780e5203761877c9e7b2955bdd2719c2e193612593b336fa66122b86e8d33dbe880cefd56b5", 0xb4, 0x100000001}], 0x0, &(0x7f0000001400)={[{'$-'}], [{@pcr={'pcr', 0x3d, 0x32}}, {@obj_type={'obj_type', 0x3d, '!,*!+)+[:]'}}, {@subj_user}]})
mkdirat(r0, &(0x7f0000001480)='./file0\x00', 0x100)

12:40:08 executing program 5:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000011e00))
mkdirat(r0, &(0x7f0000000300)='./file0\x00', 0x8)

12:40:08 executing program 2:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r3, &(0x7f00000000c0)={0xa, 0x0, 0x0, @empty}, 0x1c)
socket$inet(0x2, 0x80006, 0xfff)
pipe(&(0x7f0000000180)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
getsockopt$bt_hci(r4, 0x0, 0x1, &(0x7f0000000640)=""/77, &(0x7f00000001c0)=0x4d)
io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x2}}, './file0\x00'})
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x2, 0x4000, @fd, 0x7f, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:40:08 executing program 0:
syz_mount_image$nfs(&(0x7f0000000040), 0x0, 0xd7, 0x2, &(0x7f0000001380)=[{0x0}, {&(0x7f00000012c0)="d150f10b1f877a4c496d6687c2e3b01f89b282979140bba4631af63aff4b1e008012a9053d1fc4c722661014b5360d6d369bc958e205992997dfaa57602724ca2ce975471e70df706eac83e4712ada73b7739921cc78b159f757d9254cecef5197d02900ad42f46aa14ae9cf61e6a38ac168d9d7bcd8fb31f481913a8cd8a5a4540ad202cb833bcd20cf67da12921780e5203761877c9e7b2955bdd2719c2e193612593b336fa66122b86e8d33dbe880cefd56b5", 0xb4, 0x100000001}], 0x0, &(0x7f0000001400)={[{'$-'}], [{@pcr={'pcr', 0x3d, 0x32}}, {@obj_type={'obj_type', 0x3d, '!,*!+)+[:]'}}, {@subj_user}]})

[  386.387992] loop3: detected capacity change from 0 to 264192
[  386.395828] nfs: Unknown parameter '$-'
[  386.427737] loop0: detected capacity change from 0 to 264192
12:40:21 executing program 1:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 16)

12:40:21 executing program 7:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r3, &(0x7f00000000c0)={0xa, 0x0, 0x0, @empty}, 0x1c)
socket$inet(0x2, 0x80006, 0xfff)
r4 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x2, 0x4000, @fd=r4, 0x7f, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:40:21 executing program 6:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 20)

12:40:21 executing program 5:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000011e00))
mkdirat(r0, &(0x7f0000000300)='./file0\x00', 0x8)

12:40:21 executing program 3:
rmdir(&(0x7f0000000000)='./file0\x00')
r0 = syz_mount_image$nfs(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0xd7, 0x2, &(0x7f0000001380)=[{0x0}, {&(0x7f00000012c0)="d150f10b1f877a4c496d6687c2e3b01f89b282979140bba4631af63aff4b1e008012a9053d1fc4c722661014b5360d6d369bc958e205992997dfaa57602724ca2ce975471e70df706eac83e4712ada73b7739921cc78b159f757d9254cecef5197d02900ad42f46aa14ae9cf61e6a38ac168d9d7bcd8fb31f481913a8cd8a5a4540ad202cb833bcd20cf67da12921780e5203761877c9e7b2955bdd2719c2e193612593b336fa66122b86e8d33dbe880cefd56b5", 0xb4, 0x100000001}], 0x0, &(0x7f0000001400)={[{'$-'}], [{@pcr={'pcr', 0x3d, 0x32}}, {@obj_type={'obj_type', 0x3d, '!,*!+)+[:]'}}, {@subj_user}]})
mkdirat(r0, &(0x7f0000001480)='./file0\x00', 0x100)

12:40:21 executing program 2:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r3, &(0x7f00000000c0)={0xa, 0x0, 0x0, @empty}, 0x1c)
socket$inet(0x2, 0x80006, 0xfff)
pipe(&(0x7f0000000180)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
getsockopt$bt_hci(r4, 0x0, 0x1, &(0x7f0000000640)=""/77, &(0x7f00000001c0)=0x4d)
io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
r5 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x2, 0x4000, @fd=r5, 0x7f, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:40:21 executing program 0:
syz_mount_image$nfs(&(0x7f0000000040), 0x0, 0xd7, 0x2, &(0x7f0000001380)=[{0x0}, {&(0x7f00000012c0)="d150f10b1f877a4c496d6687c2e3b01f89b282979140bba4631af63aff4b1e008012a9053d1fc4c722661014b5360d6d369bc958e205992997dfaa57602724ca2ce975471e70df706eac83e4712ada73b7739921cc78b159f757d9254cecef5197d02900ad42f46aa14ae9cf61e6a38ac168d9d7bcd8fb31f481913a8cd8a5a4540ad202cb833bcd20cf67da12921780e5203761877c9e7b2955bdd2719c2e193612593b336fa66122b86e8d33dbe880cefd56b5", 0xb4, 0x100000001}], 0x0, &(0x7f0000001400)={[{'$-'}], [{@pcr={'pcr', 0x3d, 0x32}}, {@obj_type={'obj_type', 0x3d, '!,*!+)+[:]'}}, {@subj_user}]})

12:40:21 executing program 4:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff000000000000000007"], 0x1c}], 0x1}, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0)
sendmsg$IPVS_CMD_DEL_SERVICE(r0, &(0x7f0000001200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000001180)={&(0x7f0000001340)=ANY=[@ANYBLOB="f954b225", @ANYRES16=0x0, @ANYBLOB="01002dbd7000fddbdf2503000000140002800800030000000000080004002400000008000500ffffffff"], 0x30}, 0x1, 0x0, 0x0, 0x24008805}, 0x20000000)
preadv(r1, &(0x7f00000011c0)=[{&(0x7f0000000180)=""/4096, 0x1000}], 0x1, 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r2, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0)
r3 = fork()
r4 = pidfd_open(r3, 0x0)
process_madvise(r4, 0x0, 0x0, 0x14, 0x0)
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='uid_map\x00')
preadv(r5, &(0x7f0000000300)=[{&(0x7f0000000200)=""/66, 0x42}], 0x1, 0x1, 0x0)
read(r5, &(0x7f0000001240)=""/196, 0xc4)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
ioctl$SNDRV_TIMER_IOCTL_STOP(0xffffffffffffffff, 0x54a1)
read(r0, &(0x7f00000001c0)=""/133, 0x85)

[  399.656587] FAULT_INJECTION: forcing a failure.
[  399.656587] name failslab, interval 1, probability 0, space 0, times 0
[  399.659073] CPU: 1 PID: 5016 Comm: syz-executor.1 Not tainted 5.17.0-rc8-next-20220318 #1
[  399.660727] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  399.662974] Call Trace:
[  399.663494]  <TASK>
[  399.663938]  dump_stack_lvl+0x8b/0xb3
[  399.664716]  should_fail.cold+0x5/0xa
[  399.665477]  ? __register_sysctl_table+0x9e2/0x1090
[  399.666484]  should_failslab+0x5/0x10
[  399.667243]  __kmalloc+0x72/0x440
[  399.667967]  __register_sysctl_table+0x9e2/0x1090
[  399.668950]  ? proc_sys_evict_inode+0x180/0x180
[  399.669718] loop3: detected capacity change from 0 to 264192
[  399.669886]  ? trace_kmalloc+0x29/0xd0
[  399.671282]  ? __kmalloc_track_caller+0x213/0x430
[  399.671398] nfs: Unknown parameter '$-'
[  399.672253]  ? setup_userns_sysctls+0x4d/0x180
[  399.672284]  ? memcpy+0x39/0x60
[  399.674231]  setup_userns_sysctls+0xc2/0x180
[  399.675117]  create_user_ns+0x95a/0xe90
[  399.675932]  copy_creds+0x545/0xb20
[  399.676701]  copy_process+0xe3f/0x6d10
[  399.677515]  ? __cleanup_sighand+0xb0/0xb0
[  399.678374]  ? lock_is_held_type+0xd7/0x130
[  399.679236]  ? find_held_lock+0x2c/0x110
[  399.680087]  ? kernel_clone+0xc4/0xa60
[  399.680881]  kernel_clone+0xe7/0xa60
[  399.681642]  ? create_io_thread+0xf0/0xf0
[  399.682482]  ? find_held_lock+0x2c/0x110
[  399.683301]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  399.684308]  ? bit_wait_io_timeout+0x160/0x160
[  399.685227]  __do_sys_clone+0xc8/0x110
[  399.686012]  ? __do_sys_vfork+0xd0/0xd0
[  399.686813]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  399.687910]  ? vfs_write+0x428/0xad0
[  399.688685]  ? syscall_enter_from_user_mode+0x1d/0x50
[  399.689719]  do_syscall_64+0x3b/0x90
[  399.690475]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  399.691513] RIP: 0033:0x7f71bf82bb19
[  399.692261] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  399.695925] RSP: 002b:00007f71bcda1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  399.697463] RAX: ffffffffffffffda RBX: 00007f71bf93ef60 RCX: 00007f71bf82bb19
[  399.698885] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  399.699744] loop0: detected capacity change from 0 to 264192
[  399.700307] RBP: 00007f71bcda11d0 R08: 0000000000000000 R09: 0000000000000000
12:40:21 executing program 2:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r3, &(0x7f00000000c0)={0xa, 0x0, 0x0, @empty}, 0x1c)
socket$inet(0x2, 0x80006, 0xfff)
pipe(&(0x7f0000000180)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
getsockopt$bt_hci(r4, 0x0, 0x1, &(0x7f0000000640)=""/77, &(0x7f00000001c0)=0x4d)
r5 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x2, 0x4000, @fd=r5, 0x7f, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

[  399.702384] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  399.704033] R13: 00007ffdc313072f R14: 00007f71bcda1300 R15: 0000000000022000
[  399.705466]  </TASK>
[  399.706603] sysctl could not get directory: /user -12
[  399.707804] CPU: 1 PID: 5016 Comm: syz-executor.1 Not tainted 5.17.0-rc8-next-20220318 #1
[  399.709441] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  399.711716] Call Trace:
[  399.712230]  <TASK>
[  399.712673]  dump_stack_lvl+0x8b/0xb3
[  399.713442]  __register_sysctl_table+0xde7/0x1090
[  399.714418]  ? proc_sys_evict_inode+0x180/0x180
[  399.715621]  ? trace_kmalloc+0x29/0xd0
[  399.716400]  ? __kmalloc_track_caller+0x213/0x430
[  399.717346]  ? setup_userns_sysctls+0x4d/0x180
[  399.718248]  ? memcpy+0x39/0x60
[  399.718921]  setup_userns_sysctls+0xc2/0x180
[  399.719783]  create_user_ns+0x95a/0xe90
[  399.720592]  copy_creds+0x545/0xb20
[  399.721328]  copy_process+0xe3f/0x6d10
[  399.722138]  ? __cleanup_sighand+0xb0/0xb0
[  399.722985]  ? lock_is_held_type+0xd7/0x130
[  399.723858]  ? find_held_lock+0x2c/0x110
[  399.724689]  ? kernel_clone+0xc4/0xa60
[  399.725473]  kernel_clone+0xe7/0xa60
[  399.726225]  ? create_io_thread+0xf0/0xf0
[  399.727054]  ? find_held_lock+0x2c/0x110
[  399.727867]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  399.728861]  ? bit_wait_io_timeout+0x160/0x160
[  399.729777]  __do_sys_clone+0xc8/0x110
[  399.730563]  ? __do_sys_vfork+0xd0/0xd0
[  399.731360]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  399.731621] FAULT_INJECTION: forcing a failure.
[  399.731621] name failslab, interval 1, probability 0, space 0, times 0
[  399.732459]  ? vfs_write+0x428/0xad0
[  399.734476]  ? syscall_enter_from_user_mode+0x1d/0x50
[  399.735505]  do_syscall_64+0x3b/0x90
[  399.736269]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  399.737306] RIP: 0033:0x7f71bf82bb19
[  399.738038] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  399.741677] RSP: 002b:00007f71bcda1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  399.743173] RAX: ffffffffffffffda RBX: 00007f71bf93ef60 RCX: 00007f71bf82bb19
[  399.744599] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  399.746008] RBP: 00007f71bcda11d0 R08: 0000000000000000 R09: 0000000000000000
[  399.747411] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  399.748823] R13: 00007ffdc313072f R14: 00007f71bcda1300 R15: 0000000000022000
[  399.750252]  </TASK>
[  399.750714] CPU: 0 PID: 5029 Comm: syz-executor.6 Not tainted 5.17.0-rc8-next-20220318 #1
[  399.751634] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  399.752882] Call Trace:
[  399.753165]  <TASK>
[  399.753412]  dump_stack_lvl+0x8b/0xb3
[  399.753847]  should_fail.cold+0x5/0xa
[  399.754269]  ? alloc_fdtable+0x7e/0x270
[  399.754721]  should_failslab+0x5/0x10
[  399.755144]  kmem_cache_alloc_trace+0x55/0x3c0
[  399.755664]  alloc_fdtable+0x7e/0x270
[  399.756095]  dup_fd+0x718/0xca0
[  399.756468]  copy_process+0x1fd8/0x6d10
[  399.756927]  ? __cleanup_sighand+0xb0/0xb0
[  399.757379]  ? lock_is_held_type+0xd7/0x130
[  399.757857]  ? find_held_lock+0x2c/0x110
[  399.758311]  ? kernel_clone+0xc4/0xa60
[  399.758756]  kernel_clone+0xe7/0xa60
[  399.759170]  ? create_io_thread+0xf0/0xf0
[  399.759643]  ? find_held_lock+0x2c/0x110
[  399.760116]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  399.760674]  ? bit_wait_io_timeout+0x160/0x160
[  399.761189]  __do_sys_clone+0xc8/0x110
[  399.761627]  ? __do_sys_vfork+0xd0/0xd0
[  399.762073]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  399.762696]  ? vfs_write+0x428/0xad0
[  399.763124]  ? syscall_enter_from_user_mode+0x1d/0x50
[  399.763714]  do_syscall_64+0x3b/0x90
[  399.764143]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  399.764740] RIP: 0033:0x7fa70862cb19
[  399.765149] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  399.767247] RSP: 002b:00007fa705ba2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  399.768099] RAX: ffffffffffffffda RBX: 00007fa70873ff60 RCX: 00007fa70862cb19
[  399.768877] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  399.769656] RBP: 00007fa705ba21d0 R08: 0000000000000000 R09: 0000000000000000
[  399.770464] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  399.771244] R13: 00007ffd6adb49ef R14: 00007fa705ba2300 R15: 0000000000022000
[  399.772067]  </TASK>
12:40:22 executing program 7:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r3, &(0x7f00000000c0)={0xa, 0x0, 0x0, @empty}, 0x1c)
r4 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x2, 0x4000, @fd=r4, 0x7f, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:40:22 executing program 0:
syz_mount_image$nfs(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000001380)=[{0x0}, {&(0x7f00000012c0)="d150f10b1f877a4c496d6687c2e3b01f89b282979140bba4631af63aff4b1e008012a9053d1fc4c722661014b5360d6d369bc958e205992997dfaa57602724ca2ce975471e70df706eac83e4712ada73b7739921cc78b159f757d9254cecef5197d02900ad42f46aa14ae9cf61e6a38ac168d9d7bcd8fb31f481913a8cd8a5a4540ad202cb833bcd20cf67da12921780e5203761877c9e7b2955bdd2719c2e193612593b336fa66122b86e8d33dbe880cefd56b5", 0xb4, 0x100000001}], 0x0, &(0x7f0000001400)={[{'$-'}], [{@pcr={'pcr', 0x3d, 0x32}}, {@obj_type={'obj_type', 0x3d, '!,*!+)+[:]'}}, {@subj_user}]})

12:40:22 executing program 5:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000be000000000000be252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}], 0x0, &(0x7f0000011e00))
mkdirat(r0, &(0x7f0000000300)='./file0\x00', 0x8)

12:40:22 executing program 3:
rmdir(&(0x7f0000000000)='./file0\x00')
syz_mount_image$nfs(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0xd7, 0x2, &(0x7f0000001380)=[{0x0}, {&(0x7f00000012c0)="d150f10b1f877a4c496d6687c2e3b01f89b282979140bba4631af63aff4b1e008012a9053d1fc4c722661014b5360d6d369bc958e205992997dfaa57602724ca2ce975471e70df706eac83e4712ada73b7739921cc78b159f757d9254cecef5197d02900ad42f46aa14ae9cf61e6a38ac168d9d7bcd8fb31f481913a8cd8a5a4540ad202cb833bcd20cf67da12921780e5203761877c9e7b2955bdd2719c2e193612593b336fa66122b86e8d33dbe880cefd56b5", 0xb4, 0x100000001}], 0x0, &(0x7f0000001400)={[{'$-'}], [{@pcr={'pcr', 0x3d, 0x32}}, {@obj_type={'obj_type', 0x3d, '!,*!+)+[:]'}}, {@subj_user}]})

12:40:22 executing program 4:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff000000000000000007"], 0x1c}], 0x1}, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0)
sendmsg$IPVS_CMD_DEL_SERVICE(r0, &(0x7f0000001200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000001180)={&(0x7f0000001340)=ANY=[@ANYBLOB="f954b225", @ANYRES16=0x0, @ANYBLOB="01002dbd7000fddbdf2503000000140002800800030000000000080004002400000008000500ffffffff"], 0x30}, 0x1, 0x0, 0x0, 0x24008805}, 0x20000000)
preadv(r1, &(0x7f00000011c0)=[{&(0x7f0000000180)=""/4096, 0x1000}], 0x1, 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r2, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0)
r3 = fork()
r4 = pidfd_open(r3, 0x0)
process_madvise(r4, 0x0, 0x0, 0x14, 0x0)
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='uid_map\x00')
preadv(r5, &(0x7f0000000300)=[{&(0x7f0000000200)=""/66, 0x42}], 0x1, 0x1, 0x0)
read(r5, &(0x7f0000001240)=""/196, 0xc4)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
read(r0, &(0x7f00000001c0)=""/133, 0x85)

[  399.862574] loop0: detected capacity change from 0 to 264192
[  399.867235] nfs: Unknown parameter '$-'
[  399.872346] loop3: detected capacity change from 0 to 264192
[  399.880281] nfs: Unknown parameter '$-'
[  399.922708] loop5: detected capacity change from 0 to 136
[  399.937230] isofs_fill_super: get root inode failed
12:40:38 executing program 3:
syz_mount_image$nfs(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0xd7, 0x2, &(0x7f0000001380)=[{0x0}, {&(0x7f00000012c0)="d150f10b1f877a4c496d6687c2e3b01f89b282979140bba4631af63aff4b1e008012a9053d1fc4c722661014b5360d6d369bc958e205992997dfaa57602724ca2ce975471e70df706eac83e4712ada73b7739921cc78b159f757d9254cecef5197d02900ad42f46aa14ae9cf61e6a38ac168d9d7bcd8fb31f481913a8cd8a5a4540ad202cb833bcd20cf67da12921780e5203761877c9e7b2955bdd2719c2e193612593b336fa66122b86e8d33dbe880cefd56b5", 0xb4, 0x100000001}], 0x0, &(0x7f0000001400)={[{'$-'}], [{@pcr={'pcr', 0x3d, 0x32}}, {@obj_type={'obj_type', 0x3d, '!,*!+)+[:]'}}, {@subj_user}]})

12:40:38 executing program 4:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff000000000000000007"], 0x1c}], 0x1}, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0)
sendmsg$IPVS_CMD_DEL_SERVICE(r0, &(0x7f0000001200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000001180)={&(0x7f0000001340)=ANY=[@ANYBLOB="f954b225", @ANYRES16=0x0, @ANYBLOB="01002dbd7000fddbdf2503000000140002800800030000000000080004002400000008000500ffffffff"], 0x30}, 0x1, 0x0, 0x0, 0x24008805}, 0x20000000)
preadv(r1, &(0x7f00000011c0)=[{&(0x7f0000000180)=""/4096, 0x1000}], 0x1, 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r2, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0)
r3 = fork()
r4 = pidfd_open(r3, 0x0)
process_madvise(r4, 0x0, 0x0, 0x14, 0x0)
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='uid_map\x00')
preadv(r5, &(0x7f0000000300)=[{&(0x7f0000000200)=""/66, 0x42}], 0x1, 0x1, 0x0)
read(r5, &(0x7f0000001240)=""/196, 0xc4)
read(r0, &(0x7f00000001c0)=""/133, 0x85)

12:40:38 executing program 5:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000be000000000000be252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}], 0x0, &(0x7f0000011e00))
mkdirat(r0, &(0x7f0000000300)='./file0\x00', 0x8)

[  415.797055] loop5: detected capacity change from 0 to 136
12:40:38 executing program 2:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r3, &(0x7f00000000c0)={0xa, 0x0, 0x0, @empty}, 0x1c)
socket$inet(0x2, 0x80006, 0xfff)
pipe(&(0x7f0000000180))
r4 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x2, 0x4000, @fd=r4, 0x7f, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:40:38 executing program 1:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 17)

12:40:38 executing program 7:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x2, 0x4000, @fd=r3, 0x7f, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:40:38 executing program 6:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 21)

12:40:38 executing program 0:
syz_mount_image$nfs(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{'$-'}], [{@pcr={'pcr', 0x3d, 0x32}}, {@obj_type={'obj_type', 0x3d, '!,*!+)+[:]'}}, {@subj_user}]})

[  415.829940] isofs_fill_super: get root inode failed
[  415.833804] loop3: detected capacity change from 0 to 264192
[  415.843190] FAULT_INJECTION: forcing a failure.
[  415.843190] name failslab, interval 1, probability 0, space 0, times 0
[  415.844608] CPU: 1 PID: 5069 Comm: syz-executor.1 Not tainted 5.17.0-rc8-next-20220318 #1
[  415.845475] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  415.846653] Call Trace:
[  415.846923]  <TASK>
[  415.847160]  dump_stack_lvl+0x8b/0xb3
[  415.847580]  should_fail.cold+0x5/0xa
[  415.847984]  ? create_object.isra.0+0x3a/0xa20
[  415.848481]  should_failslab+0x5/0x10
[  415.848888]  kmem_cache_alloc+0x5b/0x480
[  415.849324]  create_object.isra.0+0x3a/0xa20
[  415.849798]  ? kasan_unpoison+0x23/0x50
[  415.850227]  kmem_cache_alloc_trace+0x22e/0x3c0
[  415.850724]  alloc_ucounts+0x1c5/0x660
[  415.851149]  ? get_ucounts+0x60/0x60
[  415.851530]  ? key_put+0x9/0x30
[  415.851883]  ? create_user_ns+0x13b/0xe90
[  415.852340]  copy_creds+0x629/0xb20
[  415.852742]  copy_process+0xe3f/0x6d10
[  415.853178]  ? __cleanup_sighand+0xb0/0xb0
[  415.853629]  ? lock_is_held_type+0xd7/0x130
[  415.854080]  ? find_held_lock+0x2c/0x110
[  415.854254] nfs: Unknown parameter '$-'
[  415.854510]  ? kernel_clone+0xc4/0xa60
[  415.854531]  kernel_clone+0xe7/0xa60
[  415.856178]  ? create_io_thread+0xf0/0xf0
[  415.856624]  ? find_held_lock+0x2c/0x110
[  415.856912] nfs: Unknown parameter '$-'
[  415.857052]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  415.858398]  ? bit_wait_io_timeout+0x160/0x160
[  415.858876]  __do_sys_clone+0xc8/0x110
[  415.859288]  ? __do_sys_vfork+0xd0/0xd0
[  415.859315] FAULT_INJECTION: forcing a failure.
[  415.859315] name failslab, interval 1, probability 0, space 0, times 0
[  415.859707]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  415.859725]  ? vfs_write+0x428/0xad0
[  415.863037]  ? syscall_enter_from_user_mode+0x1d/0x50
[  415.863581]  do_syscall_64+0x3b/0x90
[  415.863971]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  415.864539] RIP: 0033:0x7f71bf82bb19
[  415.864932] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  415.866839] RSP: 002b:00007f71bcda1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  415.867655] RAX: ffffffffffffffda RBX: 00007f71bf93ef60 RCX: 00007f71bf82bb19
[  415.868403] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  415.869148] RBP: 00007f71bcda11d0 R08: 0000000000000000 R09: 0000000000000000
[  415.869882] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  415.870637] R13: 00007ffdc313072f R14: 00007f71bcda1300 R15: 0000000000022000
[  415.871383]  </TASK>
[  415.873249] CPU: 0 PID: 5070 Comm: syz-executor.6 Not tainted 5.17.0-rc8-next-20220318 #1
[  415.875006] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  415.877383] Call Trace:
[  415.877925]  <TASK>
[  415.878386]  dump_stack_lvl+0x8b/0xb3
[  415.879199]  should_fail.cold+0x5/0xa
[  415.879994]  ? create_object.isra.0+0x3a/0xa20
[  415.880977]  should_failslab+0x5/0x10
[  415.881762]  kmem_cache_alloc+0x5b/0x480
[  415.882604]  ? obj_cgroup_charge+0x247/0x740
[  415.883528]  create_object.isra.0+0x3a/0xa20
[  415.884449]  ? kasan_unpoison+0x23/0x50
[  415.885278]  kmem_cache_alloc_trace+0x22e/0x3c0
[  415.886250]  alloc_fdtable+0x7e/0x270
[  415.887042]  dup_fd+0x718/0xca0
[  415.887744]  copy_process+0x1fd8/0x6d10
[  415.888616]  ? __cleanup_sighand+0xb0/0xb0
[  415.889510]  ? lock_is_held_type+0xd7/0x130
[  415.890403]  ? find_held_lock+0x2c/0x110
12:40:38 executing program 5:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000be000000000000be252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}], 0x0, &(0x7f0000011e00))
mkdirat(r0, &(0x7f0000000300)='./file0\x00', 0x8)

[  415.891252]  ? kernel_clone+0xc4/0xa60
[  415.892238]  kernel_clone+0xe7/0xa60
[  415.893024]  ? create_io_thread+0xf0/0xf0
[  415.893890]  ? find_held_lock+0x2c/0x110
[  415.894740]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  415.895762]  ? bit_wait_io_timeout+0x160/0x160
[  415.896721]  __do_sys_clone+0xc8/0x110
[  415.897529]  ? __do_sys_vfork+0xd0/0xd0
[  415.898357]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  415.899489]  ? vfs_write+0x428/0xad0
[  415.900296]  ? syscall_enter_from_user_mode+0x1d/0x50
[  415.901367]  do_syscall_64+0x3b/0x90
[  415.902142]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  415.903214] RIP: 0033:0x7fa70862cb19
[  415.903977] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  415.907731] RSP: 002b:00007fa705ba2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  415.909282] RAX: ffffffffffffffda RBX: 00007fa70873ff60 RCX: 00007fa70862cb19
[  415.910730] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  415.912179] RBP: 00007fa705ba21d0 R08: 0000000000000000 R09: 0000000000000000
[  415.913650] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  415.915108] R13: 00007ffd6adb49ef R14: 00007fa705ba2300 R15: 0000000000022000
[  415.916589]  </TASK>
12:40:38 executing program 7:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x2, 0x4000, @fd=r3, 0x7f, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:40:38 executing program 5:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000be000000000000be252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {0x0, 0x0, 0xf000}], 0x0, &(0x7f0000011e00))
mkdirat(r0, &(0x7f0000000300)='./file0\x00', 0x8)

12:40:38 executing program 3:
syz_mount_image$nfs(0x0, &(0x7f0000000080)='./file0\x00', 0xd7, 0x2, &(0x7f0000001380)=[{0x0}, {&(0x7f00000012c0)="d150f10b1f877a4c496d6687c2e3b01f89b282979140bba4631af63aff4b1e008012a9053d1fc4c722661014b5360d6d369bc958e205992997dfaa57602724ca2ce975471e70df706eac83e4712ada73b7739921cc78b159f757d9254cecef5197d02900ad42f46aa14ae9cf61e6a38ac168d9d7bcd8fb31f481913a8cd8a5a4540ad202cb833bcd20cf67da12921780e5203761877c9e7b2955bdd2719c2e193612593b336fa66122b86e8d33dbe880cefd56b5", 0xb4, 0x100000001}], 0x0, &(0x7f0000001400)={[{'$-'}], [{@pcr={'pcr', 0x3d, 0x32}}, {@obj_type={'obj_type', 0x3d, '!,*!+)+[:]'}}, {@subj_user}]})

12:40:38 executing program 0:
syz_mount_image$nfs(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)

12:40:38 executing program 2:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r3, &(0x7f00000000c0)={0xa, 0x0, 0x0, @empty}, 0x1c)
socket$inet(0x2, 0x80006, 0xfff)
r4 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x2, 0x4000, @fd=r4, 0x7f, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:40:38 executing program 4:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff000000000000000007"], 0x1c}], 0x1}, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0)
sendmsg$IPVS_CMD_DEL_SERVICE(r0, &(0x7f0000001200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000001180)={&(0x7f0000001340)=ANY=[@ANYBLOB="f954b225", @ANYRES16=0x0, @ANYBLOB="01002dbd7000fddbdf2503000000140002800800030000000000080004002400000008000500ffffffff"], 0x30}, 0x1, 0x0, 0x0, 0x24008805}, 0x20000000)
preadv(r1, &(0x7f00000011c0)=[{&(0x7f0000000180)=""/4096, 0x1000}], 0x1, 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r2, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0)
r3 = fork()
r4 = pidfd_open(r3, 0x0)
process_madvise(r4, 0x0, 0x0, 0x14, 0x0)
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='uid_map\x00')
preadv(r5, &(0x7f0000000300)=[{&(0x7f0000000200)=""/66, 0x42}], 0x1, 0x1, 0x0)
read(r5, &(0x7f0000001240)=""/196, 0xc4)
read(r0, &(0x7f00000001c0)=""/133, 0x85)

12:40:38 executing program 7:
r0 = epoll_create(0x1)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x2, 0x4000, @fd=r0, 0x7f, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(0xffffffffffffffff, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:40:52 executing program 6:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 22)

12:40:52 executing program 5:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000be000000000000be252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {0x0, 0x0, 0xf000}], 0x0, &(0x7f0000011e00))
mkdirat(r0, &(0x7f0000000300)='./file0\x00', 0x8)

12:40:52 executing program 2:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r3, &(0x7f00000000c0)={0xa, 0x0, 0x0, @empty}, 0x1c)
r4 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x2, 0x4000, @fd=r4, 0x7f, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:40:52 executing program 3:
syz_mount_image$nfs(0x0, &(0x7f0000000080)='./file0\x00', 0xd7, 0x2, &(0x7f0000001380)=[{0x0}, {&(0x7f00000012c0)="d150f10b1f877a4c496d6687c2e3b01f89b282979140bba4631af63aff4b1e008012a9053d1fc4c722661014b5360d6d369bc958e205992997dfaa57602724ca2ce975471e70df706eac83e4712ada73b7739921cc78b159f757d9254cecef5197d02900ad42f46aa14ae9cf61e6a38ac168d9d7bcd8fb31f481913a8cd8a5a4540ad202cb833bcd20cf67da12921780e5203761877c9e7b2955bdd2719c2e193612593b336fa66122b86e8d33dbe880cefd56b5", 0xb4, 0x100000001}], 0x0, &(0x7f0000001400)={[{'$-'}], [{@pcr={'pcr', 0x3d, 0x32}}, {@obj_type={'obj_type', 0x3d, '!,*!+)+[:]'}}, {@subj_user}]})

12:40:52 executing program 1:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 18)

12:40:52 executing program 0:
syz_mount_image$nfs(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)

12:40:52 executing program 4:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff000000000000000007"], 0x1c}], 0x1}, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0)
sendmsg$IPVS_CMD_DEL_SERVICE(r0, &(0x7f0000001200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000001180)={&(0x7f0000001340)=ANY=[@ANYBLOB="f954b225", @ANYRES16=0x0, @ANYBLOB="01002dbd7000fddbdf2503000000140002800800030000000000080004002400000008000500ffffffff"], 0x30}, 0x1, 0x0, 0x0, 0x24008805}, 0x20000000)
preadv(r1, &(0x7f00000011c0)=[{&(0x7f0000000180)=""/4096, 0x1000}], 0x1, 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r2, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0)
r3 = fork()
r4 = pidfd_open(r3, 0x0)
process_madvise(r4, 0x0, 0x0, 0x14, 0x0)
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='uid_map\x00')
preadv(r5, &(0x7f0000000300)=[{&(0x7f0000000200)=""/66, 0x42}], 0x1, 0x1, 0x0)
read(r5, &(0x7f0000001240)=""/196, 0xc4)
read(r0, &(0x7f00000001c0)=""/133, 0x85)

12:40:52 executing program 7:
r0 = epoll_create(0x1)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x2, 0x4000, @fd=r0, 0x7f, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(0xffffffffffffffff, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:40:52 executing program 7:
r0 = epoll_create(0x1)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x2, 0x4000, @fd=r0, 0x7f, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(0xffffffffffffffff, 0x4059, 0x0, 0x0, 0x0, 0x0)

[  430.272801] FAULT_INJECTION: forcing a failure.
[  430.272801] name failslab, interval 1, probability 0, space 0, times 0
[  430.274089] CPU: 0 PID: 5101 Comm: syz-executor.1 Not tainted 5.17.0-rc8-next-20220318 #1
[  430.274954] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  430.276135] Call Trace:
[  430.276422]  <TASK>
[  430.276661]  dump_stack_lvl+0x8b/0xb3
[  430.277072]  should_fail.cold+0x5/0xa
[  430.277478]  ? dup_fd+0x89/0xca0
[  430.277835]  should_failslab+0x5/0x10
[  430.278236]  kmem_cache_alloc+0x5b/0x480
[  430.278685]  dup_fd+0x89/0xca0
[  430.279021]  ? audit_filter_inodes+0x40/0x40
[  430.279486]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  430.280072]  ? security_task_alloc+0xe6/0x260
[  430.280556]  copy_process+0x1fd8/0x6d10
[  430.280993]  ? __cleanup_sighand+0xb0/0xb0
[  430.281454]  ? lock_is_held_type+0xd7/0x130
[  430.281906]  ? find_held_lock+0x2c/0x110
[  430.282333]  ? kernel_clone+0xc4/0xa60
[  430.282746]  kernel_clone+0xe7/0xa60
[  430.283153]  ? create_io_thread+0xf0/0xf0
[  430.283617]  ? find_held_lock+0x2c/0x110
[  430.284067]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  430.284624]  ? bit_wait_io_timeout+0x160/0x160
[  430.285132]  __do_sys_clone+0xc8/0x110
[  430.285563]  ? __do_sys_vfork+0xd0/0xd0
[  430.285980]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  430.286564]  ? vfs_write+0x428/0xad0
[  430.286965]  ? syscall_enter_from_user_mode+0x1d/0x50
[  430.287536]  do_syscall_64+0x3b/0x90
[  430.287939]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  430.288513] RIP: 0033:0x7f71bf82bb19
[  430.288918] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  430.290917] RSP: 002b:00007f71bcda1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  430.291733] RAX: ffffffffffffffda RBX: 00007f71bf93ef60 RCX: 00007f71bf82bb19
[  430.292499] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  430.293240] RBP: 00007f71bcda11d0 R08: 0000000000000000 R09: 0000000000000000
[  430.293995] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  430.294726] R13: 00007ffdc313072f R14: 00007f71bcda1300 R15: 0000000000022000
[  430.295483]  </TASK>
[  430.305600] loop3: detected capacity change from 0 to 264192
[  430.307850] loop5: detected capacity change from 0 to 240
[  430.315826] FAULT_INJECTION: forcing a failure.
[  430.315826] name failslab, interval 1, probability 0, space 0, times 0
[  430.317042] CPU: 0 PID: 5113 Comm: syz-executor.6 Not tainted 5.17.0-rc8-next-20220318 #1
[  430.317896] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  430.319080] Call Trace:
[  430.319348]  <TASK>
[  430.319578]  dump_stack_lvl+0x8b/0xb3
[  430.319983]  should_fail.cold+0x5/0xa
[  430.320394]  ? kvmalloc_node+0x3e/0x130
[  430.320840]  should_failslab+0x5/0x10
[  430.321235]  __kmalloc_node+0x76/0x470
[  430.321646]  kvmalloc_node+0x3e/0x130
[  430.322045]  alloc_fdtable+0xcd/0x270
[  430.322458]  dup_fd+0x718/0xca0
[  430.322813]  copy_process+0x1fd8/0x6d10
[  430.323252]  ? __cleanup_sighand+0xb0/0xb0
[  430.323698]  ? lock_is_held_type+0xd7/0x130
[  430.324148]  ? find_held_lock+0x2c/0x110
[  430.324595]  ? kernel_clone+0xc4/0xa60
[  430.325008]  kernel_clone+0xe7/0xa60
[  430.325411]  ? create_io_thread+0xf0/0xf0
[  430.325845]  ? find_held_lock+0x2c/0x110
[  430.326277]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  430.326790]  ? bit_wait_io_timeout+0x160/0x160
[  430.327275]  __do_sys_clone+0xc8/0x110
[  430.327680]  ? __do_sys_vfork+0xd0/0xd0
[  430.327700]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  430.327716]  ? vfs_write+0x428/0xad0
[  430.327742]  ? syscall_enter_from_user_mode+0x1d/0x50
[  430.330000]  do_syscall_64+0x3b/0x90
[  430.330402]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  430.330939] RIP: 0033:0x7fa70862cb19
[  430.331323] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  430.333239] RSP: 002b:00007fa705ba2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  430.334031] RAX: ffffffffffffffda RBX: 00007fa70873ff60 RCX: 00007fa70862cb19
[  430.334775] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  430.335524] RBP: 00007fa705ba21d0 R08: 0000000000000000 R09: 0000000000000000
[  430.336252] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  430.337001] R13: 00007ffd6adb49ef R14: 00007fa705ba2300 R15: 0000000000022000
[  430.337756]  </TASK>
12:40:52 executing program 2:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x2, 0x4000, @fd=r3, 0x7f, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

[  430.374110] isofs_fill_super: get root inode failed
12:40:52 executing program 7:
r0 = syz_io_uring_setup(0x0, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x2, 0x4000, @fd=r3, 0x7f, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:40:52 executing program 0:
syz_mount_image$nfs(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)

12:40:52 executing program 3:
syz_mount_image$nfs(0x0, &(0x7f0000000080)='./file0\x00', 0xd7, 0x2, &(0x7f0000001380)=[{0x0}, {&(0x7f00000012c0)="d150f10b1f877a4c496d6687c2e3b01f89b282979140bba4631af63aff4b1e008012a9053d1fc4c722661014b5360d6d369bc958e205992997dfaa57602724ca2ce975471e70df706eac83e4712ada73b7739921cc78b159f757d9254cecef5197d02900ad42f46aa14ae9cf61e6a38ac168d9d7bcd8fb31f481913a8cd8a5a4540ad202cb833bcd20cf67da12921780e5203761877c9e7b2955bdd2719c2e193612593b336fa66122b86e8d33dbe880cefd56b5", 0xb4, 0x100000001}], 0x0, &(0x7f0000001400)={[{'$-'}], [{@pcr={'pcr', 0x3d, 0x32}}, {@obj_type={'obj_type', 0x3d, '!,*!+)+[:]'}}, {@subj_user}]})

12:40:52 executing program 2:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x2, 0x4000, @fd=r3, 0x7f, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

[  430.535628] loop3: detected capacity change from 0 to 264192
12:41:10 executing program 7:
r0 = syz_io_uring_setup(0x0, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x2, 0x4000, @fd=r3, 0x7f, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:41:10 executing program 3:
syz_mount_image$nfs(&(0x7f0000000040), 0x0, 0xd7, 0x2, &(0x7f0000001380)=[{0x0}, {&(0x7f00000012c0)="d150f10b1f877a4c496d6687c2e3b01f89b282979140bba4631af63aff4b1e008012a9053d1fc4c722661014b5360d6d369bc958e205992997dfaa57602724ca2ce975471e70df706eac83e4712ada73b7739921cc78b159f757d9254cecef5197d02900ad42f46aa14ae9cf61e6a38ac168d9d7bcd8fb31f481913a8cd8a5a4540ad202cb833bcd20cf67da12921780e5203761877c9e7b2955bdd2719c2e193612593b336fa66122b86e8d33dbe880cefd56b5", 0xb4, 0x100000001}], 0x0, &(0x7f0000001400)={[{'$-'}], [{@pcr={'pcr', 0x3d, 0x32}}, {@obj_type={'obj_type', 0x3d, '!,*!+)+[:]'}}, {@subj_user}]})

12:41:10 executing program 0:
syz_mount_image$nfs(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[], [{@pcr={'pcr', 0x3d, 0x32}}, {@obj_type={'obj_type', 0x3d, '!,*!+)+[:]'}}, {@subj_user}]})

12:41:10 executing program 2:
r0 = epoll_create(0x1)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x2, 0x4000, @fd=r0, 0x7f, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(0xffffffffffffffff, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:41:10 executing program 6:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 23)

12:41:10 executing program 1:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 19)

12:41:10 executing program 4:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff000000000000000007"], 0x1c}], 0x1}, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0)
sendmsg$IPVS_CMD_DEL_SERVICE(r0, &(0x7f0000001200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000001180)={&(0x7f0000001340)=ANY=[@ANYBLOB="f954b225", @ANYRES16=0x0, @ANYBLOB="01002dbd7000fddbdf2503000000140002800800030000000000080004002400000008000500ffffffff"], 0x30}, 0x1, 0x0, 0x0, 0x24008805}, 0x20000000)
preadv(r1, &(0x7f00000011c0)=[{&(0x7f0000000180)=""/4096, 0x1000}], 0x1, 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r2, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0)
r3 = fork()
r4 = pidfd_open(r3, 0x0)
process_madvise(r4, 0x0, 0x0, 0x14, 0x0)
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='uid_map\x00')
preadv(r5, &(0x7f0000000300)=[{&(0x7f0000000200)=""/66, 0x42}], 0x1, 0x1, 0x0)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
read(r0, &(0x7f00000001c0)=""/133, 0x85)

12:41:10 executing program 5:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000be000000000000be252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {0x0, 0x0, 0xf000}], 0x0, &(0x7f0000011e00))
mkdirat(r0, &(0x7f0000000300)='./file0\x00', 0x8)

[  448.056950] FAULT_INJECTION: forcing a failure.
[  448.056950] name failslab, interval 1, probability 0, space 0, times 0
[  448.059623] CPU: 1 PID: 5141 Comm: syz-executor.1 Not tainted 5.17.0-rc8-next-20220318 #1
[  448.061433] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  448.063863] Call Trace:
[  448.064416]  <TASK>
[  448.064905]  dump_stack_lvl+0x8b/0xb3
[  448.065752]  should_fail.cold+0x5/0xa
[  448.066584]  ? create_object.isra.0+0x3a/0xa20
[  448.067590]  should_failslab+0x5/0x10
[  448.067859] FAULT_INJECTION: forcing a failure.
[  448.067859] name failslab, interval 1, probability 0, space 0, times 0
[  448.068413]  kmem_cache_alloc+0x5b/0x480
[  448.068456]  create_object.isra.0+0x3a/0xa20
[  448.072597]  ? kasan_unpoison+0x23/0x50
[  448.073490]  kmem_cache_alloc+0x239/0x480
[  448.074401]  dup_fd+0x89/0xca0
[  448.075101]  ? audit_filter_inodes+0x40/0x40
[  448.076063]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  448.077265]  ? security_task_alloc+0xe6/0x260
[  448.078256]  copy_process+0x1fd8/0x6d10
[  448.079165]  ? __cleanup_sighand+0xb0/0xb0
[  448.080109]  ? lock_is_held_type+0xd7/0x130
[  448.081071]  ? find_held_lock+0x2c/0x110
[  448.081967]  ? kernel_clone+0xc4/0xa60
[  448.082830]  kernel_clone+0xe7/0xa60
[  448.083655]  ? create_io_thread+0xf0/0xf0
[  448.084563]  ? find_held_lock+0x2c/0x110
[  448.085461]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  448.086545]  ? bit_wait_io_timeout+0x160/0x160
[  448.087552]  __do_sys_clone+0xc8/0x110
[  448.088442]  ? __do_sys_vfork+0xd0/0xd0
[  448.089342]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  448.090541]  ? vfs_write+0x428/0xad0
[  448.091378]  ? syscall_enter_from_user_mode+0x1d/0x50
[  448.092510]  do_syscall_64+0x3b/0x90
[  448.093342]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  448.094477] RIP: 0033:0x7f71bf82bb19
[  448.095280] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  448.099110] RSP: 002b:00007f71bcda1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  448.100599] RAX: ffffffffffffffda RBX: 00007f71bf93ef60 RCX: 00007f71bf82bb19
[  448.102005] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  448.103396] RBP: 00007f71bcda11d0 R08: 0000000000000000 R09: 0000000000000000
[  448.104806] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  448.106204] R13: 00007ffdc313072f R14: 00007f71bcda1300 R15: 0000000000022000
[  448.107618]  </TASK>
[  448.108076] CPU: 0 PID: 5148 Comm: syz-executor.6 Not tainted 5.17.0-rc8-next-20220318 #1
[  448.109873] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  448.111804] loop3: detected capacity change from 0 to 264192
[  448.112267] Call Trace:
[  448.112279]  <TASK>
[  448.114532]  dump_stack_lvl+0x8b/0xb3
[  448.115365]  should_fail.cold+0x5/0xa
[  448.115444] nfs: Unknown parameter 'pcr'
[  448.116185]  ? create_object.isra.0+0x3a/0xa20
[  448.117510] loop5: detected capacity change from 0 to 240
[  448.118046]  should_failslab+0x5/0x10
[  448.120025]  kmem_cache_alloc+0x5b/0x480
[  448.120911]  create_object.isra.0+0x3a/0xa20
[  448.121857]  ? kasan_unpoison+0x23/0x50
[  448.122723]  __kmalloc_node+0x26f/0x470
[  448.123579]  kvmalloc_node+0x3e/0x130
[  448.124394]  alloc_fdtable+0xcd/0x270
[  448.125217]  dup_fd+0x718/0xca0
[  448.125940]  copy_process+0x1fd8/0x6d10
[  448.126829]  ? __cleanup_sighand+0xb0/0xb0
[  448.127749]  ? lock_is_held_type+0xd7/0x130
[  448.128688]  ? find_held_lock+0x2c/0x110
[  448.129558]  ? kernel_clone+0xc4/0xa60
[  448.130402]  kernel_clone+0xe7/0xa60
[  448.131207]  ? create_io_thread+0xf0/0xf0
[  448.132096]  ? find_held_lock+0x2c/0x110
[  448.132973]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  448.134029]  ? bit_wait_io_timeout+0x160/0x160
[  448.135012]  __do_sys_clone+0xc8/0x110
[  448.135851]  ? __do_sys_vfork+0xd0/0xd0
[  448.136716]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  448.137889]  ? vfs_write+0x428/0xad0
[  448.138706]  ? syscall_enter_from_user_mode+0x1d/0x50
[  448.139807]  do_syscall_64+0x3b/0x90
[  448.140612]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  448.141739] RIP: 0033:0x7fa70862cb19
[  448.142522] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  448.146407] RSP: 002b:00007fa705ba2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  448.148014] RAX: ffffffffffffffda RBX: 00007fa70873ff60 RCX: 00007fa70862cb19
[  448.149534] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  448.151033] RBP: 00007fa705ba21d0 R08: 0000000000000000 R09: 0000000000000000
[  448.152537] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  448.154044] R13: 00007ffd6adb49ef R14: 00007fa705ba2300 R15: 0000000000022000
[  448.155573]  </TASK>
12:41:10 executing program 3:
syz_mount_image$nfs(&(0x7f0000000040), 0x0, 0xd7, 0x2, &(0x7f0000001380)=[{0x0}, {&(0x7f00000012c0)="d150f10b1f877a4c496d6687c2e3b01f89b282979140bba4631af63aff4b1e008012a9053d1fc4c722661014b5360d6d369bc958e205992997dfaa57602724ca2ce975471e70df706eac83e4712ada73b7739921cc78b159f757d9254cecef5197d02900ad42f46aa14ae9cf61e6a38ac168d9d7bcd8fb31f481913a8cd8a5a4540ad202cb833bcd20cf67da12921780e5203761877c9e7b2955bdd2719c2e193612593b336fa66122b86e8d33dbe880cefd56b5", 0xb4, 0x100000001}], 0x0, &(0x7f0000001400)={[{'$-'}], [{@pcr={'pcr', 0x3d, 0x32}}, {@obj_type={'obj_type', 0x3d, '!,*!+)+[:]'}}, {@subj_user}]})

12:41:10 executing program 2:
r0 = epoll_create(0x1)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x2, 0x4000, @fd=r0, 0x7f, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(0xffffffffffffffff, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:41:10 executing program 0:
syz_mount_image$nfs(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[], [{@pcr={'pcr', 0x3d, 0x32}}, {@obj_type={'obj_type', 0x3d, '!,*!+)+[:]'}}]})

[  448.245714] isofs_fill_super: get root inode failed
12:41:10 executing program 7:
r0 = syz_io_uring_setup(0x0, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x2, 0x4000, @fd=r3, 0x7f, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

[  448.280547] loop3: detected capacity change from 0 to 264192
[  448.356585] nfs: Unknown parameter 'pcr'
12:41:10 executing program 4:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff000000000000000007"], 0x1c}], 0x1}, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0)
sendmsg$IPVS_CMD_DEL_SERVICE(r0, &(0x7f0000001200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000001180)={&(0x7f0000001340)=ANY=[@ANYBLOB="f954b225", @ANYRES16=0x0, @ANYBLOB="01002dbd7000fddbdf2503000000140002800800030000000000080004002400000008000500ffffffff"], 0x30}, 0x1, 0x0, 0x0, 0x24008805}, 0x20000000)
preadv(r1, &(0x7f00000011c0)=[{&(0x7f0000000180)=""/4096, 0x1000}], 0x1, 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r2, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0)
r3 = fork()
r4 = pidfd_open(r3, 0x0)
process_madvise(r4, 0x0, 0x0, 0x14, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='uid_map\x00')
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
read(r0, &(0x7f00000001c0)=""/133, 0x85)

12:41:10 executing program 5:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000be000000000000be252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000000040), 0x0, 0xf000}], 0x0, &(0x7f0000011e00))
mkdirat(r0, &(0x7f0000000300)='./file0\x00', 0x8)

12:41:10 executing program 2:
r0 = epoll_create(0x1)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x2, 0x4000, @fd=r0, 0x7f, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(0xffffffffffffffff, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:41:10 executing program 3:
syz_mount_image$nfs(&(0x7f0000000040), 0x0, 0xd7, 0x2, &(0x7f0000001380)=[{0x0}, {&(0x7f00000012c0)="d150f10b1f877a4c496d6687c2e3b01f89b282979140bba4631af63aff4b1e008012a9053d1fc4c722661014b5360d6d369bc958e205992997dfaa57602724ca2ce975471e70df706eac83e4712ada73b7739921cc78b159f757d9254cecef5197d02900ad42f46aa14ae9cf61e6a38ac168d9d7bcd8fb31f481913a8cd8a5a4540ad202cb833bcd20cf67da12921780e5203761877c9e7b2955bdd2719c2e193612593b336fa66122b86e8d33dbe880cefd56b5", 0xb4, 0x100000001}], 0x0, &(0x7f0000001400)={[{'$-'}], [{@pcr={'pcr', 0x3d, 0x32}}, {@obj_type={'obj_type', 0x3d, '!,*!+)+[:]'}}, {@subj_user}]})

12:41:10 executing program 1:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 20)

12:41:10 executing program 7:
r0 = syz_io_uring_setup(0xeaf, 0x0, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x2, 0x4000, @fd=r3, 0x7f, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

[  448.450917] loop5: detected capacity change from 0 to 240
[  448.479483] isofs_fill_super: get root inode failed
[  448.485779] loop3: detected capacity change from 0 to 264192
12:41:10 executing program 0:
syz_mount_image$nfs(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[], [{@pcr={'pcr', 0x3d, 0x32}}]})

12:41:10 executing program 2:
r0 = syz_io_uring_setup(0x0, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x2, 0x4000, @fd=r3, 0x7f, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

[  448.561730] FAULT_INJECTION: forcing a failure.
[  448.561730] name failslab, interval 1, probability 0, space 0, times 0
[  448.564298] CPU: 1 PID: 5177 Comm: syz-executor.1 Not tainted 5.17.0-rc8-next-20220318 #1
[  448.565922] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  448.568128] Call Trace:
[  448.568633]  <TASK>
[  448.569089]  dump_stack_lvl+0x8b/0xb3
[  448.569856]  should_fail.cold+0x5/0xa
[  448.570609]  ? create_object.isra.0+0x3a/0xa20
[  448.571527]  should_failslab+0x5/0x10
[  448.572288]  kmem_cache_alloc+0x5b/0x480
[  448.573110]  create_object.isra.0+0x3a/0xa20
[  448.573974]  ? kasan_unpoison+0x23/0x50
[  448.574768]  kmem_cache_alloc+0x239/0x480
[  448.575583]  dup_fd+0x89/0xca0
[  448.576210]  ? audit_filter_inodes+0x40/0x40
[  448.577087]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  448.578160]  ? security_task_alloc+0xe6/0x260
[  448.579049]  copy_process+0x1fd8/0x6d10
[  448.579874]  ? __cleanup_sighand+0xb0/0xb0
[  448.580738]  ? lock_is_held_type+0xd7/0x130
[  448.581581]  ? find_held_lock+0x2c/0x110
[  448.582379]  ? kernel_clone+0xc4/0xa60
[  448.583157]  kernel_clone+0xe7/0xa60
[  448.583898]  ? create_io_thread+0xf0/0xf0
[  448.584724]  ? find_held_lock+0x2c/0x110
[  448.585528]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  448.586497]  ? bit_wait_io_timeout+0x160/0x160
[  448.587395]  __do_sys_clone+0xc8/0x110
[  448.588164]  ? __do_sys_vfork+0xd0/0xd0
[  448.588970]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  448.590041]  ? vfs_write+0x428/0xad0
[  448.590792]  ? syscall_enter_from_user_mode+0x1d/0x50
[  448.591807]  do_syscall_64+0x3b/0x90
[  448.592545]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  448.593596] RIP: 0033:0x7f71bf82bb19
[  448.594320] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  448.597962] RSP: 002b:00007f71bcda1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  448.599444] RAX: ffffffffffffffda RBX: 00007f71bf93ef60 RCX: 00007f71bf82bb19
[  448.600865] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  448.602259] RBP: 00007f71bcda11d0 R08: 0000000000000000 R09: 0000000000000000
[  448.603647] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  448.605048] R13: 00007ffdc313072f R14: 00007f71bcda1300 R15: 0000000000022000
[  448.606461]  </TASK>
[  448.646711] nfs: Unknown parameter 'pcr'
12:41:25 executing program 1:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 21)

[  463.456262] FAULT_INJECTION: forcing a failure.
[  463.456262] name failslab, interval 1, probability 0, space 0, times 0
[  463.457613] CPU: 0 PID: 5196 Comm: syz-executor.1 Not tainted 5.17.0-rc8-next-20220318 #1
[  463.458549] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  463.459740] Call Trace:
[  463.460036]  <TASK>
[  463.460287]  dump_stack_lvl+0x8b/0xb3
[  463.460738]  should_fail.cold+0x5/0xa
[  463.461181]  ? create_object.isra.0+0x3a/0xa20
[  463.461710]  should_failslab+0x5/0x10
[  463.462118]  kmem_cache_alloc+0x5b/0x480
[  463.462581]  ? obj_cgroup_charge+0x247/0x740
[  463.463083]  create_object.isra.0+0x3a/0xa20
[  463.463573]  ? kasan_unpoison+0x23/0x50
[  463.464025]  kmem_cache_alloc_trace+0x22e/0x3c0
[  463.464559]  alloc_fdtable+0x7e/0x270
[  463.465000]  dup_fd+0x718/0xca0
[  463.465363]  copy_process+0x1fd8/0x6d10
[  463.465833]  ? __cleanup_sighand+0xb0/0xb0
[  463.466319]  ? lock_is_held_type+0xd7/0x130
[  463.466809]  ? find_held_lock+0x2c/0x110
[  463.467273]  ? kernel_clone+0xc4/0xa60
[  463.467714]  kernel_clone+0xe7/0xa60
[  463.468152]  ? create_io_thread+0xf0/0xf0
[  463.468622]  ? find_held_lock+0x2c/0x110
[  463.469056]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  463.469606]  ? bit_wait_io_timeout+0x160/0x160
[  463.470092]  __do_sys_clone+0xc8/0x110
[  463.470535]  ? __do_sys_vfork+0xd0/0xd0
[  463.470985]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  463.471615]  ? vfs_write+0x428/0xad0
[  463.472020]  ? syscall_enter_from_user_mode+0x1d/0x50
[  463.472599]  do_syscall_64+0x3b/0x90
[  463.473044]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  463.473647] RIP: 0033:0x7f71bf82bb19
[  463.474070] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
12:41:25 executing program 4:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff000000000000000007"], 0x1c}], 0x1}, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0)
sendmsg$IPVS_CMD_DEL_SERVICE(r0, &(0x7f0000001200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000001180)={&(0x7f0000001340)=ANY=[@ANYBLOB="f954b225", @ANYRES16=0x0, @ANYBLOB="01002dbd7000fddbdf2503000000140002800800030000000000080004002400000008000500ffffffff"], 0x30}, 0x1, 0x0, 0x0, 0x24008805}, 0x20000000)
preadv(r1, &(0x7f00000011c0)=[{&(0x7f0000000180)=""/4096, 0x1000}], 0x1, 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r2, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0)
r3 = fork()
r4 = pidfd_open(r3, 0x0)
process_madvise(r4, 0x0, 0x0, 0x14, 0x0)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
read(r0, &(0x7f00000001c0)=""/133, 0x85)

[  463.476158] RSP: 002b:00007f71bcda1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
12:41:25 executing program 3:
syz_mount_image$nfs(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000001380)=[{0x0}, {&(0x7f00000012c0)="d150f10b1f877a4c496d6687c2e3b01f89b282979140bba4631af63aff4b1e008012a9053d1fc4c722661014b5360d6d369bc958e205992997dfaa57602724ca2ce975471e70df706eac83e4712ada73b7739921cc78b159f757d9254cecef5197d02900ad42f46aa14ae9cf61e6a38ac168d9d7bcd8fb31f481913a8cd8a5a4540ad202cb833bcd20cf67da12921780e5203761877c9e7b2955bdd2719c2e193612593b336fa66122b86e8d33dbe880cefd56b5", 0xb4, 0x100000001}], 0x0, &(0x7f0000001400)={[{'$-'}], [{@pcr={'pcr', 0x3d, 0x32}}, {@obj_type={'obj_type', 0x3d, '!,*!+)+[:]'}}, {@subj_user}]})

12:41:25 executing program 6:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 24)

12:41:25 executing program 5:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000be000000000000be252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000000040), 0x0, 0xf000}], 0x0, &(0x7f0000011e00))
mkdirat(r0, &(0x7f0000000300)='./file0\x00', 0x8)

12:41:25 executing program 7:
r0 = syz_io_uring_setup(0xeaf, 0x0, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x2, 0x4000, @fd=r3, 0x7f, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:41:25 executing program 2:
r0 = syz_io_uring_setup(0x0, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x2, 0x4000, @fd=r3, 0x7f, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:41:25 executing program 0:
syz_mount_image$nfs(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400))

[  463.477224] RAX: ffffffffffffffda RBX: 00007f71bf93ef60 RCX: 00007f71bf82bb19
[  463.478048] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  463.478794] RBP: 00007f71bcda11d0 R08: 0000000000000000 R09: 0000000000000000
[  463.479532] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  463.480275] R13: 00007ffdc313072f R14: 00007f71bcda1300 R15: 0000000000022000
[  463.481041]  </TASK>
[  463.503531] FAULT_INJECTION: forcing a failure.
[  463.503531] name failslab, interval 1, probability 0, space 0, times 0
[  463.506065] CPU: 1 PID: 5197 Comm: syz-executor.6 Not tainted 5.17.0-rc8-next-20220318 #1
[  463.507814] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  463.510225] Call Trace:
[  463.510665] FAULT_INJECTION: forcing a failure.
[  463.510665] name failslab, interval 1, probability 0, space 0, times 0
[  463.510762]  <TASK>
[  463.512481]  dump_stack_lvl+0x8b/0xb3
[  463.513326]  should_fail.cold+0x5/0xa
[  463.514145]  ? kvmalloc_node+0x3e/0x130
[  463.514983]  should_failslab+0x5/0x10
[  463.515802]  __kmalloc_node+0x76/0x470
[  463.516638]  kvmalloc_node+0x3e/0x130
[  463.517474]  alloc_fdtable+0x139/0x270
[  463.518302]  dup_fd+0x718/0xca0
[  463.519003]  copy_process+0x1fd8/0x6d10
[  463.519928]  ? __cleanup_sighand+0xb0/0xb0
[  463.520843]  ? lock_is_held_type+0xd7/0x130
[  463.521819]  ? find_held_lock+0x2c/0x110
[  463.522693]  ? kernel_clone+0xc4/0xa60
[  463.523554]  kernel_clone+0xe7/0xa60
[  463.524356]  ? create_io_thread+0xf0/0xf0
[  463.525276]  ? find_held_lock+0x2c/0x110
[  463.526144]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  463.527227]  ? bit_wait_io_timeout+0x160/0x160
[  463.528206]  __do_sys_clone+0xc8/0x110
[  463.529075]  ? __do_sys_vfork+0xd0/0xd0
[  463.529942]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  463.531141]  ? vfs_write+0x428/0xad0
[  463.531984]  ? syscall_enter_from_user_mode+0x1d/0x50
[  463.533087]  do_syscall_64+0x3b/0x90
[  463.533893]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  463.534987] RIP: 0033:0x7fa70862cb19
[  463.535785] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  463.539664] RSP: 002b:00007fa705ba2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  463.541315] RAX: ffffffffffffffda RBX: 00007fa70873ff60 RCX: 00007fa70862cb19
[  463.542806] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  463.544324] RBP: 00007fa705ba21d0 R08: 0000000000000000 R09: 0000000000000000
[  463.545826] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  463.547345] R13: 00007ffd6adb49ef R14: 00007fa705ba2300 R15: 0000000000022000
[  463.548863]  </TASK>
[  463.549375] CPU: 0 PID: 5204 Comm: syz-executor.1 Not tainted 5.17.0-rc8-next-20220318 #1
[  463.550302] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  463.551569] Call Trace:
[  463.551860]  <TASK>
[  463.552101]  dump_stack_lvl+0x8b/0xb3
[  463.552524]  should_fail.cold+0x5/0xa
[  463.552950]  ? kvmalloc_node+0x3e/0x130
[  463.553387]  should_failslab+0x5/0x10
[  463.553808]  __kmalloc_node+0x76/0x470
[  463.554242]  kvmalloc_node+0x3e/0x130
[  463.554661]  alloc_fdtable+0xcd/0x270
[  463.555091]  dup_fd+0x718/0xca0
[  463.555450]  copy_process+0x1fd8/0x6d10
[  463.555908]  ? __cleanup_sighand+0xb0/0xb0
[  463.556382]  ? lock_is_held_type+0xd7/0x130
[  463.556861]  ? find_held_lock+0x2c/0x110
[  463.557327]  ? kernel_clone+0xc4/0xa60
[  463.557774]  kernel_clone+0xe7/0xa60
[  463.558187]  ? create_io_thread+0xf0/0xf0
[  463.558649]  ? find_held_lock+0x2c/0x110
[  463.559098]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  463.559648]  ? bit_wait_io_timeout+0x160/0x160
[  463.560155]  __do_sys_clone+0xc8/0x110
[  463.560594]  ? __do_sys_vfork+0xd0/0xd0
[  463.561059]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  463.561685]  ? vfs_write+0x428/0xad0
[  463.562123]  ? syscall_enter_from_user_mode+0x1d/0x50
[  463.562714]  do_syscall_64+0x3b/0x90
[  463.563142]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  463.563736] RIP: 0033:0x7f71bf82bb19
[  463.564154] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  463.566237] RSP: 002b:00007f71bcda1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  463.567078] RAX: ffffffffffffffda RBX: 00007f71bf93ef60 RCX: 00007f71bf82bb19
[  463.567869] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  463.568652] RBP: 00007f71bcda11d0 R08: 0000000000000000 R09: 0000000000000000
[  463.569452] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  463.570238] R13: 00007ffdc313072f R14: 00007f71bcda1300 R15: 0000000000022000
[  463.571042]  </TASK>
12:41:25 executing program 1:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 22)

[  463.588197] loop3: detected capacity change from 0 to 264192
[  463.594831] nfs: Unknown parameter '$-'
[  463.596174] loop5: detected capacity change from 0 to 240
[  463.607942] isofs_fill_super: get root inode failed
12:41:41 executing program 1:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 23)

12:41:41 executing program 4:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff000000000000000007"], 0x1c}], 0x1}, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0)
sendmsg$IPVS_CMD_DEL_SERVICE(r0, &(0x7f0000001200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000001180)={&(0x7f0000001340)=ANY=[@ANYBLOB="f954b225", @ANYRES16=0x0, @ANYBLOB="01002dbd7000fddbdf2503000000140002800800030000000000080004002400000008000500ffffffff"], 0x30}, 0x1, 0x0, 0x0, 0x24008805}, 0x20000000)
preadv(r1, &(0x7f00000011c0)=[{&(0x7f0000000180)=""/4096, 0x1000}], 0x1, 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r2, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0)
r3 = fork()
pidfd_open(r3, 0x0)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
read(r0, &(0x7f00000001c0)=""/133, 0x85)

12:41:41 executing program 0:
syz_mount_image$nfs(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400))

12:41:41 executing program 6:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 25)

12:41:41 executing program 7:
r0 = syz_io_uring_setup(0xeaf, 0x0, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x2, 0x4000, @fd=r3, 0x7f, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:41:41 executing program 5:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000be000000000000be252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000000040), 0x0, 0xf000}], 0x0, &(0x7f0000011e00))
mkdirat(r0, &(0x7f0000000300)='./file0\x00', 0x8)

12:41:41 executing program 3:
syz_mount_image$nfs(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[{'$-'}], [{@pcr={'pcr', 0x3d, 0x32}}, {@obj_type={'obj_type', 0x3d, '!,*!+)+[:]'}}, {@subj_user}]})

12:41:41 executing program 2:
r0 = syz_io_uring_setup(0x0, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x2, 0x4000, @fd=r3, 0x7f, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

[  478.918064] loop5: detected capacity change from 0 to 240
[  478.935295] isofs_fill_super: get root inode failed
[  478.960319] FAULT_INJECTION: forcing a failure.
[  478.960319] name failslab, interval 1, probability 0, space 0, times 0
[  478.961600] CPU: 1 PID: 5233 Comm: syz-executor.1 Not tainted 5.17.0-rc8-next-20220318 #1
[  478.962494] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  478.963716] Call Trace:
[  478.963997]  <TASK>
[  478.964238]  dump_stack_lvl+0x8b/0xb3
[  478.964371] FAULT_INJECTION: forcing a failure.
[  478.964371] name failslab, interval 1, probability 0, space 0, times 0
[  478.964653]  should_fail.cold+0x5/0xa
[  478.967263]  ? create_object.isra.0+0x3a/0xa20
[  478.967772]  should_failslab+0x5/0x10
[  478.968181]  kmem_cache_alloc+0x5b/0x480
[  478.968615]  create_object.isra.0+0x3a/0xa20
[  478.969082]  ? kasan_unpoison+0x23/0x50
[  478.969531]  __kmalloc_node+0x26f/0x470
[  478.969966]  kvmalloc_node+0x3e/0x130
[  478.970378]  alloc_fdtable+0xcd/0x270
[  478.970795]  dup_fd+0x718/0xca0
[  478.971161]  copy_process+0x1fd8/0x6d10
[  478.971615]  ? __cleanup_sighand+0xb0/0xb0
[  478.972087]  ? lock_is_held_type+0xd7/0x130
[  478.972559]  ? find_held_lock+0x2c/0x110
[  478.973019]  ? kernel_clone+0xc4/0xa60
[  478.973477]  kernel_clone+0xe7/0xa60
[  478.973897]  ? create_io_thread+0xf0/0xf0
[  478.974356]  ? find_held_lock+0x2c/0x110
[  478.974802]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  478.975339]  ? bit_wait_io_timeout+0x160/0x160
[  478.975843]  __do_sys_clone+0xc8/0x110
[  478.976269]  ? __do_sys_vfork+0xd0/0xd0
[  478.976709]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  478.977320]  ? vfs_write+0x428/0xad0
[  478.977740]  ? syscall_enter_from_user_mode+0x1d/0x50
[  478.978312]  do_syscall_64+0x3b/0x90
[  478.978727]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  478.979298] RIP: 0033:0x7f71bf82bb19
[  478.979690] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  478.981691] RSP: 002b:00007f71bcda1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  478.982510] RAX: ffffffffffffffda RBX: 00007f71bf93ef60 RCX: 00007f71bf82bb19
[  478.983291] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  478.984074] RBP: 00007f71bcda11d0 R08: 0000000000000000 R09: 0000000000000000
[  478.984854] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  478.985641] R13: 00007ffdc313072f R14: 00007f71bcda1300 R15: 0000000000022000
[  478.986432]  </TASK>
[  478.986685] CPU: 0 PID: 5236 Comm: syz-executor.6 Not tainted 5.17.0-rc8-next-20220318 #1
[  478.988308] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  478.990510] Call Trace:
[  478.991009]  <TASK>
[  478.991446]  dump_stack_lvl+0x8b/0xb3
[  478.992205]  should_fail.cold+0x5/0xa
[  478.992953]  ? create_object.isra.0+0x3a/0xa20
[  478.993865]  should_failslab+0x5/0x10
[  478.994608]  kmem_cache_alloc+0x5b/0x480
[  478.995403]  ? obj_cgroup_charge+0x247/0x740
[  478.996304]  create_object.isra.0+0x3a/0xa20
[  478.997180]  ? kasan_unpoison+0x23/0x50
[  478.998006]  __kmalloc_node+0x26f/0x470
[  478.998793]  kvmalloc_node+0x3e/0x130
[  478.999568]  alloc_fdtable+0x139/0x270
[  479.000366]  dup_fd+0x718/0xca0
[  479.001046]  copy_process+0x1fd8/0x6d10
[  479.001884]  ? __cleanup_sighand+0xb0/0xb0
[  479.002756]  ? lock_is_held_type+0xd7/0x130
[  479.003601]  ? find_held_lock+0x2c/0x110
[  479.004425]  ? kernel_clone+0xc4/0xa60
[  479.005208]  kernel_clone+0xe7/0xa60
[  479.005978]  ? create_io_thread+0xf0/0xf0
[  479.006795]  ? find_held_lock+0x2c/0x110
[  479.007615]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  479.008579]  ? bit_wait_io_timeout+0x160/0x160
[  479.009512]  __do_sys_clone+0xc8/0x110
[  479.010283]  ? __do_sys_vfork+0xd0/0xd0
[  479.011086]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  479.012168]  ? vfs_write+0x428/0xad0
[  479.012950]  ? syscall_enter_from_user_mode+0x1d/0x50
[  479.013982]  do_syscall_64+0x3b/0x90
[  479.014749]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  479.015773] RIP: 0033:0x7fa70862cb19
[  479.016520] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  479.020109] RSP: 002b:00007fa705ba2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  479.021658] RAX: ffffffffffffffda RBX: 00007fa70873ff60 RCX: 00007fa70862cb19
[  479.023047] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  479.024430] RBP: 00007fa705ba21d0 R08: 0000000000000000 R09: 0000000000000000
[  479.025825] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  479.027209] R13: 00007ffd6adb49ef R14: 00007fa705ba2300 R15: 0000000000022000
[  479.028611]  </TASK>
12:41:41 executing program 0:
syz_mount_image$nfs(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400))

12:41:41 executing program 5:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000be000000000000be252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000000040)="22df1d0000000000000d000800", 0xd, 0xf000}], 0x0, &(0x7f0000011e00))
mkdirat(r0, &(0x7f0000000300)='./file0\x00', 0x8)

[  479.034648] nfs: Unknown parameter '$-'
[  479.068525] loop5: detected capacity change from 0 to 240
12:41:41 executing program 2:
r0 = syz_io_uring_setup(0xeaf, 0x0, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x2, 0x4000, @fd=r3, 0x7f, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:41:41 executing program 4:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff000000000000000007"], 0x1c}], 0x1}, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0)
sendmsg$IPVS_CMD_DEL_SERVICE(r0, &(0x7f0000001200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000001180)={&(0x7f0000001340)=ANY=[@ANYBLOB="f954b225", @ANYRES16=0x0, @ANYBLOB="01002dbd7000fddbdf2503000000140002800800030000000000080004002400000008000500ffffffff"], 0x30}, 0x1, 0x0, 0x0, 0x24008805}, 0x20000000)
preadv(r1, &(0x7f00000011c0)=[{&(0x7f0000000180)=""/4096, 0x1000}], 0x1, 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r2, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0)
fork()
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
read(r0, &(0x7f00000001c0)=""/133, 0x85)

[  479.085774] isofs_fill_super: root inode is not a directory. Corrupted media?
12:41:41 executing program 7:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, &(0x7f0000000380)=<r1=>0x0)
r2 = epoll_create(0x1)
syz_io_uring_submit(0x0, r1, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x2, 0x4000, @fd=r2, 0x7f, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:41:41 executing program 3:
syz_mount_image$nfs(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)

12:41:41 executing program 0:
syz_mount_image$nfs(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[], [{@pcr}]})

[  479.173179] nfs: Unknown parameter 'pcr'
12:41:41 executing program 2:
r0 = syz_io_uring_setup(0xeaf, 0x0, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x2, 0x4000, @fd=r3, 0x7f, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:41:41 executing program 1:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 24)

12:41:41 executing program 5:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000be000000000000be252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000000040)="22df1d0000000000000d000800", 0xd, 0xf000}], 0x0, &(0x7f0000011e00))
mkdirat(r0, &(0x7f0000000300)='./file0\x00', 0x8)

12:41:41 executing program 3:
syz_mount_image$nfs(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)

12:41:41 executing program 6:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 26)

[  479.243869] loop5: detected capacity change from 0 to 240
[  479.275456] isofs_fill_super: root inode is not a directory. Corrupted media?
12:41:41 executing program 7:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, &(0x7f0000000380)=<r1=>0x0)
r2 = epoll_create(0x1)
syz_io_uring_submit(0x0, r1, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x2, 0x4000, @fd=r2, 0x7f, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:41:41 executing program 3:
syz_mount_image$nfs(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)

[  479.315485] FAULT_INJECTION: forcing a failure.
[  479.315485] name failslab, interval 1, probability 0, space 0, times 0
[  479.316826] CPU: 1 PID: 5267 Comm: syz-executor.6 Not tainted 5.17.0-rc8-next-20220318 #1
[  479.317716] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  479.318916] Call Trace:
[  479.319188]  <TASK>
[  479.319428]  dump_stack_lvl+0x8b/0xb3
[  479.319845]  should_fail.cold+0x5/0xa
[  479.320251]  ? copy_fs_struct+0x45/0x340
[  479.320693]  should_failslab+0x5/0x10
[  479.321101]  kmem_cache_alloc+0x5b/0x480
[  479.321549]  copy_fs_struct+0x45/0x340
[  479.321959]  ? copy_process+0x206b/0x6d10
[  479.322404]  copy_process+0x32f5/0x6d10
[  479.322844]  ? __cleanup_sighand+0xb0/0xb0
[  479.323303]  ? lock_is_held_type+0xd7/0x130
[  479.323769]  ? find_held_lock+0x2c/0x110
[  479.324205]  ? kernel_clone+0xc4/0xa60
[  479.324631]  kernel_clone+0xe7/0xa60
[  479.325035]  ? create_io_thread+0xf0/0xf0
[  479.325484]  ? find_held_lock+0x2c/0x110
[  479.326145]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  479.326681]  ? bit_wait_io_timeout+0x160/0x160
[  479.327171]  __do_sys_clone+0xc8/0x110
[  479.327591]  ? __do_sys_vfork+0xd0/0xd0
[  479.328013]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  479.328600]  ? vfs_write+0x428/0xad0
[  479.329005]  ? syscall_enter_from_user_mode+0x1d/0x50
[  479.329572]  do_syscall_64+0x3b/0x90
[  479.329971]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  479.330529] RIP: 0033:0x7fa70862cb19
[  479.330920] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  479.332873] RSP: 002b:00007fa705ba2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  479.333682] RAX: ffffffffffffffda RBX: 00007fa70873ff60 RCX: 00007fa70862cb19
[  479.334463] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  479.335243] RBP: 00007fa705ba21d0 R08: 0000000000000000 R09: 0000000000000000
[  479.336023] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  479.336810] R13: 00007ffd6adb49ef R14: 00007fa705ba2300 R15: 0000000000022000
[  479.337622]  </TASK>
[  479.375042] FAULT_INJECTION: forcing a failure.
12:41:41 executing program 4:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff000000000000000007"], 0x1c}], 0x1}, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0)
sendmsg$IPVS_CMD_DEL_SERVICE(r0, &(0x7f0000001200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000001180)={&(0x7f0000001340)=ANY=[@ANYBLOB="f954b225", @ANYRES16=0x0, @ANYBLOB="01002dbd7000fddbdf2503000000140002800800030000000000080004002400000008000500ffffffff"], 0x30}, 0x1, 0x0, 0x0, 0x24008805}, 0x20000000)
preadv(r1, &(0x7f00000011c0)=[{&(0x7f0000000180)=""/4096, 0x1000}], 0x1, 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r2, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
read(r0, &(0x7f00000001c0)=""/133, 0x85)

[  479.375042] name failslab, interval 1, probability 0, space 0, times 0
[  479.376451] CPU: 1 PID: 5271 Comm: syz-executor.1 Not tainted 5.17.0-rc8-next-20220318 #1
[  479.377337] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  479.378548] Call Trace:
[  479.378826]  <TASK>
[  479.379059]  dump_stack_lvl+0x8b/0xb3
[  479.379468]  should_fail.cold+0x5/0xa
[  479.379880]  ? kvmalloc_node+0x3e/0x130
[  479.380296]  should_failslab+0x5/0x10
[  479.380697]  __kmalloc_node+0x76/0x470
[  479.381113]  kvmalloc_node+0x3e/0x130
[  479.381528]  alloc_fdtable+0x139/0x270
[  479.381938]  dup_fd+0x718/0xca0
[  479.382304]  copy_process+0x1fd8/0x6d10
[  479.382752]  ? __cleanup_sighand+0xb0/0xb0
[  479.383211]  ? lock_is_held_type+0xd7/0x130
[  479.383660]  ? find_held_lock+0x2c/0x110
[  479.384092]  ? kernel_clone+0xc4/0xa60
[  479.384509]  kernel_clone+0xe7/0xa60
[  479.384919]  ? create_io_thread+0xf0/0xf0
[  479.385370]  ? find_held_lock+0x2c/0x110
[  479.385817]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  479.386402]  ? bit_wait_io_timeout+0x160/0x160
[  479.387078]  __do_sys_clone+0xc8/0x110
[  479.387541]  ? __do_sys_vfork+0xd0/0xd0
[  479.387981]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  479.388593]  ? vfs_write+0x428/0xad0
[  479.389027]  ? syscall_enter_from_user_mode+0x1d/0x50
[  479.389618]  do_syscall_64+0x3b/0x90
[  479.390039]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  479.390621] RIP: 0033:0x7f71bf82bb19
[  479.391021] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  479.393017] RSP: 002b:00007f71bcda1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  479.393855] RAX: ffffffffffffffda RBX: 00007f71bf93ef60 RCX: 00007f71bf82bb19
[  479.394643] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  479.395425] RBP: 00007f71bcda11d0 R08: 0000000000000000 R09: 0000000000000000
[  479.396218] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  479.396983] R13: 00007ffdc313072f R14: 00007f71bcda1300 R15: 0000000000022000
[  479.397788]  </TASK>
12:41:57 executing program 2:
r0 = syz_io_uring_setup(0xeaf, 0x0, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x2, 0x4000, @fd=r3, 0x7f, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:41:57 executing program 4:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff000000000000000007"], 0x1c}], 0x1}, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0)
sendmsg$IPVS_CMD_DEL_SERVICE(r0, &(0x7f0000001200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000001180)={&(0x7f0000001340)=ANY=[@ANYBLOB="f954b225", @ANYRES16=0x0, @ANYBLOB="01002dbd7000fddbdf2503000000140002800800030000000000080004002400000008000500ffffffff"], 0x30}, 0x1, 0x0, 0x0, 0x24008805}, 0x20000000)
preadv(r1, &(0x7f00000011c0)=[{&(0x7f0000000180)=""/4096, 0x1000}], 0x1, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
read(r0, &(0x7f00000001c0)=""/133, 0x85)

12:41:57 executing program 1:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 25)

12:41:57 executing program 7:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, &(0x7f0000000380)=<r1=>0x0)
r2 = epoll_create(0x1)
syz_io_uring_submit(0x0, r1, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x2, 0x4000, @fd=r2, 0x7f, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:41:57 executing program 3:
syz_mount_image$nfs(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[], [{@pcr={'pcr', 0x3d, 0x32}}, {@obj_type={'obj_type', 0x3d, '!,*!+)+[:]'}}, {@subj_user}]})

12:41:57 executing program 5:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000be000000000000be252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000000040)="22df1d0000000000000d000800", 0xd, 0xf000}], 0x0, &(0x7f0000011e00))
mkdirat(r0, &(0x7f0000000300)='./file0\x00', 0x8)

12:41:57 executing program 6:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 27)

12:41:57 executing program 0:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff000000000000000007"], 0x1c}], 0x1}, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0)
sendmsg$IPVS_CMD_DEL_SERVICE(r0, &(0x7f0000001200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000001180)={&(0x7f0000001340)=ANY=[@ANYBLOB="f954b225", @ANYRES16=0x0, @ANYBLOB="01002dbd7000fddbdf2503000000140002800800030000000000080004002400000008000500ffffffff"], 0x30}, 0x1, 0x0, 0x0, 0x24008805}, 0x20000000)
preadv(r1, &(0x7f00000011c0)=[{&(0x7f0000000180)=""/4096, 0x1000}], 0x1, 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r2, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0)
fork()
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
read(r0, &(0x7f00000001c0)=""/133, 0x85)

[  495.320104] FAULT_INJECTION: forcing a failure.
[  495.320104] name failslab, interval 1, probability 0, space 0, times 0
[  495.322459] CPU: 1 PID: 5284 Comm: syz-executor.1 Not tainted 5.17.0-rc8-next-20220318 #1
[  495.324105] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  495.326429] Call Trace:
[  495.326953]  <TASK>
[  495.327427]  dump_stack_lvl+0x8b/0xb3
[  495.328220]  should_fail.cold+0x5/0xa
[  495.329022]  ? create_object.isra.0+0x3a/0xa20
[  495.329981]  should_failslab+0x5/0x10
[  495.330757]  kmem_cache_alloc+0x5b/0x480
[  495.331591]  ? obj_cgroup_charge+0x247/0x740
[  495.332525]  create_object.isra.0+0x3a/0xa20
[  495.333456]  ? kasan_unpoison+0x23/0x50
[  495.334282]  __kmalloc_node+0x26f/0x470
[  495.335088]  kvmalloc_node+0x3e/0x130
[  495.335866]  alloc_fdtable+0x139/0x270
[  495.336677]  dup_fd+0x718/0xca0
[  495.337379]  copy_process+0x1fd8/0x6d10
[  495.338228]  ? __cleanup_sighand+0xb0/0xb0
[  495.339109]  ? lock_is_held_type+0xd7/0x130
[  495.339990]  ? find_held_lock+0x2c/0x110
[  495.340843]  ? kernel_clone+0xc4/0xa60
[  495.341666]  kernel_clone+0xe7/0xa60
[  495.341766] FAULT_INJECTION: forcing a failure.
[  495.341766] name failslab, interval 1, probability 0, space 0, times 0
[  495.342441]  ? create_io_thread+0xf0/0xf0
[  495.345074]  ? find_held_lock+0x2c/0x110
[  495.345932]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  495.346941]  ? bit_wait_io_timeout+0x160/0x160
[  495.347880]  __do_sys_clone+0xc8/0x110
[  495.348694]  ? __do_sys_vfork+0xd0/0xd0
[  495.349532]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  495.350648]  ? vfs_write+0x428/0xad0
[  495.351434]  ? syscall_enter_from_user_mode+0x1d/0x50
[  495.352496]  do_syscall_64+0x3b/0x90
[  495.353264]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  495.354340] RIP: 0033:0x7f71bf82bb19
[  495.355078] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  495.358795] RSP: 002b:00007f71bcda1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  495.360343] RAX: ffffffffffffffda RBX: 00007f71bf93ef60 RCX: 00007f71bf82bb19
[  495.361790] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  495.363234] RBP: 00007f71bcda11d0 R08: 0000000000000000 R09: 0000000000000000
[  495.364697] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  495.366148] R13: 00007ffdc313072f R14: 00007f71bcda1300 R15: 0000000000022000
[  495.367629]  </TASK>
[  495.368094] CPU: 0 PID: 5290 Comm: syz-executor.6 Not tainted 5.17.0-rc8-next-20220318 #1
[  495.369426] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  495.371208] Call Trace:
[  495.371616]  <TASK>
[  495.371970]  dump_stack_lvl+0x8b/0xb3
[  495.372583]  should_fail.cold+0x5/0xa
[  495.373194]  ? create_object.isra.0+0x3a/0xa20
[  495.373940]  should_failslab+0x5/0x10
[  495.374544]  kmem_cache_alloc+0x5b/0x480
[  495.375186]  ? obj_cgroup_charge+0x247/0x740
[  495.375897]  create_object.isra.0+0x3a/0xa20
[  495.376605]  ? kasan_unpoison+0x23/0x50
[  495.377245]  kmem_cache_alloc+0x239/0x480
[  495.377918]  copy_fs_struct+0x45/0x340
[  495.378535]  ? copy_process+0x206b/0x6d10
[  495.379206]  copy_process+0x32f5/0x6d10
[  495.379864]  ? __cleanup_sighand+0xb0/0xb0
[  495.380549]  ? lock_is_held_type+0xd7/0x130
[  495.381224]  ? find_held_lock+0x2c/0x110
[  495.381894]  ? kernel_clone+0xc4/0xa60
[  495.382523]  kernel_clone+0xe7/0xa60
[  495.383125]  ? create_io_thread+0xf0/0xf0
[  495.383778]  ? find_held_lock+0x2c/0x110
[  495.384412]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  495.385194]  ? bit_wait_io_timeout+0x160/0x160
[  495.385916]  __do_sys_clone+0xc8/0x110
[  495.386534]  ? __do_sys_vfork+0xd0/0xd0
[  495.387165]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  495.388038]  ? vfs_write+0x428/0xad0
[  495.388635]  ? syscall_enter_from_user_mode+0x1d/0x50
[  495.389455]  do_syscall_64+0x3b/0x90
[  495.390046]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  495.390870] RIP: 0033:0x7fa70862cb19
[  495.391449] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  495.394330] RSP: 002b:00007fa705ba2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  495.395517] RAX: ffffffffffffffda RBX: 00007fa70873ff60 RCX: 00007fa70862cb19
[  495.396628] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  495.397755] RBP: 00007fa705ba21d0 R08: 0000000000000000 R09: 0000000000000000
[  495.398854] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  495.399733] loop5: detected capacity change from 0 to 240
[  495.399955] R13: 00007ffd6adb49ef R14: 00007fa705ba2300 R15: 0000000000022000
[  495.402208]  </TASK>
[  495.405579] nfs: Unknown parameter 'pcr'
12:41:57 executing program 4:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff000000000000000007"], 0x1c}], 0x1}, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0)
sendmsg$IPVS_CMD_DEL_SERVICE(r0, &(0x7f0000001200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000001180)={&(0x7f0000001340)=ANY=[@ANYBLOB="f954b225", @ANYRES16=0x0, @ANYBLOB="01002dbd7000fddbdf2503000000140002800800030000000000080004002400000008000500ffffffff"], 0x30}, 0x1, 0x0, 0x0, 0x24008805}, 0x20000000)
preadv(r1, &(0x7f00000011c0)=[{&(0x7f0000000180)=""/4096, 0x1000}], 0x1, 0x0, 0x0)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
read(r0, &(0x7f00000001c0)=""/133, 0x85)

[  495.427419] isofs_fill_super: root inode is not a directory. Corrupted media?
12:41:57 executing program 2:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, &(0x7f0000000380)=<r1=>0x0)
r2 = epoll_create(0x1)
syz_io_uring_submit(0x0, r1, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x2, 0x4000, @fd=r2, 0x7f, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:41:57 executing program 3:
syz_mount_image$nfs(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[], [{@pcr={'pcr', 0x3d, 0x32}}, {@obj_type={'obj_type', 0x3d, '!,*!+)+[:]'}}]})

12:41:57 executing program 7:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, 0x0)
r2 = epoll_create(0x1)
syz_io_uring_submit(r1, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x2, 0x4000, @fd=r2, 0x7f, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:41:57 executing program 5:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000be000000000000be252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000000040)="22df1d0000000000000d00080005e20008007809", 0x14, 0xf000}], 0x0, &(0x7f0000011e00))
mkdirat(r0, &(0x7f0000000300)='./file0\x00', 0x8)

[  495.629517] loop5: detected capacity change from 0 to 240
[  495.631718] nfs: Unknown parameter 'pcr'
[  495.653124] isofs_fill_super: root inode is not a directory. Corrupted media?
12:42:11 executing program 5:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000be000000000000be252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000000040)="22df1d0000000000000d00080005e20008007809", 0x14, 0xf000}], 0x0, &(0x7f0000011e00))
mkdirat(r0, &(0x7f0000000300)='./file0\x00', 0x8)

12:42:11 executing program 7:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, 0x0)
r2 = epoll_create(0x1)
syz_io_uring_submit(r1, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x2, 0x4000, @fd=r2, 0x7f, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:42:11 executing program 4:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff000000000000000007"], 0x1c}], 0x1}, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0)
sendmsg$IPVS_CMD_DEL_SERVICE(r0, &(0x7f0000001200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000001180)={&(0x7f0000001340)=ANY=[@ANYBLOB="f954b225", @ANYRES16=0x0, @ANYBLOB="01002dbd7000fddbdf2503000000140002800800030000000000080004002400000008000500ffffffff"], 0x30}, 0x1, 0x0, 0x0, 0x24008805}, 0x20000000)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
read(r0, &(0x7f00000001c0)=""/133, 0x85)

12:42:11 executing program 6:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 28)

12:42:11 executing program 0:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff000000000000000007"], 0x1c}], 0x1}, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0)
sendmsg$IPVS_CMD_DEL_SERVICE(r0, &(0x7f0000001200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000001180)={&(0x7f0000001340)=ANY=[@ANYBLOB="f954b225", @ANYRES16=0x0, @ANYBLOB="01002dbd7000fddbdf2503000000140002800800030000000000080004002400000008000500ffffffff"], 0x30}, 0x1, 0x0, 0x0, 0x24008805}, 0x20000000)
preadv(r1, &(0x7f00000011c0)=[{&(0x7f0000000180)=""/4096, 0x1000}], 0x1, 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r2, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
read(r0, &(0x7f00000001c0)=""/133, 0x85)

12:42:11 executing program 1:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 26)

12:42:11 executing program 2:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, &(0x7f0000000380)=<r1=>0x0)
r2 = epoll_create(0x1)
syz_io_uring_submit(0x0, r1, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x2, 0x4000, @fd=r2, 0x7f, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:42:11 executing program 3:
syz_mount_image$nfs(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[], [{@pcr={'pcr', 0x3d, 0x32}}]})

[  509.015089] FAULT_INJECTION: forcing a failure.
[  509.015089] name failslab, interval 1, probability 0, space 0, times 0
[  509.016849] CPU: 0 PID: 5324 Comm: syz-executor.1 Not tainted 5.17.0-rc8-next-20220318 #1
[  509.018073] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  509.019791] Call Trace:
[  509.020180]  <TASK>
[  509.020519]  dump_stack_lvl+0x8b/0xb3
[  509.021110]  should_fail.cold+0x5/0xa
[  509.021719]  ? copy_fs_struct+0x45/0x340
[  509.022351]  should_failslab+0x5/0x10
[  509.022934]  kmem_cache_alloc+0x5b/0x480
[  509.023569]  copy_fs_struct+0x45/0x340
[  509.024159]  ? copy_process+0x206b/0x6d10
[  509.024800]  copy_process+0x32f5/0x6d10
[  509.025438]  ? __cleanup_sighand+0xb0/0xb0
[  509.026112]  ? lock_is_held_type+0xd7/0x130
[  509.026774]  ? find_held_lock+0x2c/0x110
[  509.027404]  ? kernel_clone+0xc4/0xa60
[  509.028013]  kernel_clone+0xe7/0xa60
[  509.028164] nfs: Unknown parameter 'pcr'
[  509.028596]  ? create_io_thread+0xf0/0xf0
[  509.028622]  ? find_held_lock+0x2c/0x110
[  509.030678]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  509.031413]  ? bit_wait_io_timeout+0x160/0x160
[  509.032113]  __do_sys_clone+0xc8/0x110
[  509.032689]  ? __do_sys_vfork+0xd0/0xd0
[  509.033300]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  509.034084]  ? vfs_write+0x428/0xad0
[  509.034648]  ? syscall_enter_from_user_mode+0x1d/0x50
[  509.035379]  do_syscall_64+0x3b/0x90
[  509.035925]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  509.036663] RIP: 0033:0x7f71bf82bb19
[  509.037212] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  509.039731] RSP: 002b:00007f71bcda1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  509.040834] RAX: ffffffffffffffda RBX: 00007f71bf93ef60 RCX: 00007f71bf82bb19
[  509.041886] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  509.042957] RBP: 00007f71bcda11d0 R08: 0000000000000000 R09: 0000000000000000
[  509.044008] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  509.045065] R13: 00007ffdc313072f R14: 00007f71bcda1300 R15: 0000000000022000
[  509.046157]  </TASK>
[  509.059320] FAULT_INJECTION: forcing a failure.
[  509.059320] name failslab, interval 1, probability 0, space 0, times 0
[  509.060996] CPU: 0 PID: 5331 Comm: syz-executor.6 Not tainted 5.17.0-rc8-next-20220318 #1
[  509.062224] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  509.063915] Call Trace:
[  509.064291]  <TASK>
[  509.064609]  dump_stack_lvl+0x8b/0xb3
[  509.065183]  should_fail.cold+0x5/0xa
[  509.065746]  ? copy_process+0x22c1/0x6d10
[  509.066373]  should_failslab+0x5/0x10
[  509.066932]  kmem_cache_alloc+0x5b/0x480
[  509.067543]  copy_process+0x22c1/0x6d10
[  509.068152]  ? __cleanup_sighand+0xb0/0xb0
[  509.068771]  ? lock_is_held_type+0xd7/0x130
[  509.069406]  ? find_held_lock+0x2c/0x110
[  509.070019]  ? kernel_clone+0xc4/0xa60
[  509.070602]  kernel_clone+0xe7/0xa60
[  509.071167]  ? create_io_thread+0xf0/0xf0
[  509.071221] loop5: detected capacity change from 0 to 240
[  509.071781]  ? find_held_lock+0x2c/0x110
[  509.071804]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  509.071830]  ? bit_wait_io_timeout+0x160/0x160
[  509.074869]  __do_sys_clone+0xc8/0x110
[  509.075406]  ? __do_sys_vfork+0xd0/0xd0
[  509.075987]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  509.076817]  ? vfs_write+0x428/0xad0
[  509.077379]  ? syscall_enter_from_user_mode+0x1d/0x50
[  509.078143]  do_syscall_64+0x3b/0x90
[  509.078704]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  509.079426] RIP: 0033:0x7fa70862cb19
[  509.079944] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  509.082532] RSP: 002b:00007fa705ba2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  509.083582] RAX: ffffffffffffffda RBX: 00007fa70873ff60 RCX: 00007fa70862cb19
[  509.084580] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  509.085580] RBP: 00007fa705ba21d0 R08: 0000000000000000 R09: 0000000000000000
[  509.086562] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  509.087549] R13: 00007ffd6adb49ef R14: 00007fa705ba2300 R15: 0000000000022000
[  509.088555]  </TASK>
[  509.090915] isofs_fill_super: root inode is not a directory. Corrupted media?
12:42:11 executing program 1:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 27)

12:42:11 executing program 3:
syz_mount_image$nfs(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400))

12:42:11 executing program 5:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000be000000000000be252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000000040)="22df1d0000000000000d00080005e20008007809", 0x14, 0xf000}], 0x0, &(0x7f0000011e00))
mkdirat(r0, &(0x7f0000000300)='./file0\x00', 0x8)

12:42:11 executing program 2:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, &(0x7f0000000380)=<r1=>0x0)
r2 = epoll_create(0x1)
syz_io_uring_submit(0x0, r1, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x2, 0x4000, @fd=r2, 0x7f, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:42:11 executing program 7:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, 0x0)
r2 = epoll_create(0x1)
syz_io_uring_submit(r1, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x2, 0x4000, @fd=r2, 0x7f, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

[  509.185104] loop5: detected capacity change from 0 to 240
12:42:11 executing program 4:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff000000000000000007"], 0x1c}], 0x1}, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
read(r0, &(0x7f00000001c0)=""/133, 0x85)

[  509.190773] isofs_fill_super: root inode is not a directory. Corrupted media?
[  509.222742] FAULT_INJECTION: forcing a failure.
[  509.222742] name failslab, interval 1, probability 0, space 0, times 0
[  509.225096] CPU: 1 PID: 5336 Comm: syz-executor.1 Not tainted 5.17.0-rc8-next-20220318 #1
[  509.226751] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  509.229011] Call Trace:
[  509.229522]  <TASK>
12:42:11 executing program 5:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000be000000000000be252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000000040)="22df1d0000000000000d00080005e20008007809140b2a", 0x17, 0xf000}], 0x0, &(0x7f0000011e00))
mkdirat(r0, &(0x7f0000000300)='./file0\x00', 0x8)

[  509.229986]  dump_stack_lvl+0x8b/0xb3
[  509.230935]  should_fail.cold+0x5/0xa
[  509.231712]  ? create_object.isra.0+0x3a/0xa20
[  509.232634]  should_failslab+0x5/0x10
[  509.233391]  kmem_cache_alloc+0x5b/0x480
[  509.234231]  ? obj_cgroup_charge+0x247/0x740
[  509.235125]  create_object.isra.0+0x3a/0xa20
[  509.236027]  ? kasan_unpoison+0x23/0x50
[  509.236830]  kmem_cache_alloc+0x239/0x480
[  509.237691]  copy_fs_struct+0x45/0x340
[  509.238491]  ? copy_process+0x206b/0x6d10
[  509.239325]  copy_process+0x32f5/0x6d10
[  509.240158]  ? __cleanup_sighand+0xb0/0xb0
[  509.241020]  ? lock_is_held_type+0xd7/0x130
[  509.241893]  ? find_held_lock+0x2c/0x110
[  509.242709]  ? kernel_clone+0xc4/0xa60
[  509.243495]  kernel_clone+0xe7/0xa60
[  509.244249]  ? create_io_thread+0xf0/0xf0
[  509.245079]  ? find_held_lock+0x2c/0x110
[  509.245916]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  509.246906]  ? bit_wait_io_timeout+0x160/0x160
[  509.247824]  __do_sys_clone+0xc8/0x110
[  509.248613]  ? __do_sys_vfork+0xd0/0xd0
[  509.249411]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  509.250517]  ? vfs_write+0x428/0xad0
[  509.251291]  ? syscall_enter_from_user_mode+0x1d/0x50
[  509.252349]  do_syscall_64+0x3b/0x90
[  509.253107]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  509.254162] RIP: 0033:0x7f71bf82bb19
[  509.254898] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  509.259092] RSP: 002b:00007f71bcda1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  509.261072] RAX: ffffffffffffffda RBX: 00007f71bf93ef60 RCX: 00007f71bf82bb19
[  509.262597] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  509.264026] RBP: 00007f71bcda11d0 R08: 0000000000000000 R09: 0000000000000000
[  509.265473] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  509.266928] R13: 00007ffdc313072f R14: 00007f71bcda1300 R15: 0000000000022000
[  509.268386]  </TASK>
12:42:11 executing program 7:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x2, 0x4000, @fd=r3, 0x7f, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:42:11 executing program 0:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff000000000000000007"], 0x1c}], 0x1}, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0)
sendmsg$IPVS_CMD_DEL_SERVICE(r0, &(0x7f0000001200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000001180)={&(0x7f0000001340)=ANY=[@ANYBLOB="f954b225", @ANYRES16=0x0, @ANYBLOB="01002dbd7000fddbdf2503000000140002800800030000000000080004002400000008000500ffffffff"], 0x30}, 0x1, 0x0, 0x0, 0x24008805}, 0x20000000)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
read(r0, &(0x7f00000001c0)=""/133, 0x85)

12:42:11 executing program 6:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 29)

12:42:11 executing program 3:
syz_mount_image$nfs(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400))

12:42:11 executing program 7:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x2, 0x4000, @fd=r3, 0x7f, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

[  509.388023] FAULT_INJECTION: forcing a failure.
[  509.388023] name failslab, interval 1, probability 0, space 0, times 0
[  509.389484] CPU: 1 PID: 5353 Comm: syz-executor.6 Not tainted 5.17.0-rc8-next-20220318 #1
[  509.390381] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  509.391681] Call Trace:
[  509.391960]  <TASK>
[  509.392215]  dump_stack_lvl+0x8b/0xb3
[  509.392667]  should_fail.cold+0x5/0xa
[  509.393110]  ? create_object.isra.0+0x3a/0xa20
[  509.393643]  should_failslab+0x5/0x10
[  509.394084]  kmem_cache_alloc+0x5b/0x480
[  509.394552]  ? obj_cgroup_charge+0x247/0x740
[  509.395053]  create_object.isra.0+0x3a/0xa20
[  509.395567]  ? kasan_unpoison+0x23/0x50
[  509.396003]  kmem_cache_alloc+0x239/0x480
[  509.396474]  copy_process+0x22c1/0x6d10
[  509.396921]  ? __cleanup_sighand+0xb0/0xb0
[  509.397407]  ? lock_is_held_type+0xd7/0x130
[  509.397882]  ? find_held_lock+0x2c/0x110
[  509.398364]  ? kernel_clone+0xc4/0xa60
[  509.398787]  kernel_clone+0xe7/0xa60
[  509.399214]  ? create_io_thread+0xf0/0xf0
[  509.399672]  ? find_held_lock+0x2c/0x110
[  509.400139]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  509.400701]  ? bit_wait_io_timeout+0x160/0x160
[  509.401199]  __do_sys_clone+0xc8/0x110
[  509.401656]  ? __do_sys_vfork+0xd0/0xd0
[  509.402081]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  509.402707]  ? vfs_write+0x428/0xad0
[  509.403144]  ? syscall_enter_from_user_mode+0x1d/0x50
[  509.403741]  do_syscall_64+0x3b/0x90
[  509.404152]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  509.404753] RIP: 0033:0x7fa70862cb19
[  509.405148] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  509.407275] RSP: 002b:00007fa705ba2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  509.408078] RAX: ffffffffffffffda RBX: 00007fa70873ff60 RCX: 00007fa70862cb19
[  509.408896] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  509.409716] RBP: 00007fa705ba21d0 R08: 0000000000000000 R09: 0000000000000000
[  509.410535] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  509.411342] R13: 00007ffd6adb49ef R14: 00007fa705ba2300 R15: 0000000000022000
[  509.412184]  </TASK>
[  509.481967] loop5: detected capacity change from 0 to 240
[  509.484594] isofs_fill_super: root inode is not a directory. Corrupted media?
12:42:24 executing program 5:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000be000000000000be252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000000040)="22df1d0000000000000d00080005e20008007809140b2a", 0x17, 0xf000}], 0x0, &(0x7f0000011e00))
mkdirat(r0, &(0x7f0000000300)='./file0\x00', 0x8)

12:42:24 executing program 2:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, 0x0)
r2 = epoll_create(0x1)
syz_io_uring_submit(r1, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x2, 0x4000, @fd=r2, 0x7f, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:42:24 executing program 0:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff000000000000000007"], 0x1c}], 0x1}, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0)
sendmsg$IPVS_CMD_DEL_SERVICE(r0, &(0x7f0000001200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000001180)={&(0x7f0000001340)=ANY=[@ANYBLOB="f954b225", @ANYRES16=0x0, @ANYBLOB="01002dbd7000fddbdf2503000000140002800800030000000000080004002400000008000500ffffffff"], 0x30}, 0x1, 0x0, 0x0, 0x24008805}, 0x20000000)
preadv(r1, &(0x7f00000011c0)=[{&(0x7f0000000180)=""/4096, 0x1000}], 0x1, 0x0, 0x0)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
read(r0, &(0x7f00000001c0)=""/133, 0x85)

12:42:24 executing program 7:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x2, 0x4000, @fd=r3, 0x7f, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:42:24 executing program 4:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff000000000000000007"], 0x1c}], 0x1}, 0x0)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
read(r0, &(0x7f00000001c0)=""/133, 0x85)

12:42:24 executing program 1:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 28)

12:42:24 executing program 3:
syz_mount_image$nfs(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400))

12:42:24 executing program 6:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 30)

[  522.527769] loop5: detected capacity change from 0 to 240
[  522.542455] FAULT_INJECTION: forcing a failure.
[  522.542455] name failslab, interval 1, probability 0, space 0, times 0
[  522.544227] CPU: 0 PID: 5379 Comm: syz-executor.6 Not tainted 5.17.0-rc8-next-20220318 #1
[  522.545483] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  522.547220] Call Trace:
[  522.547607]  <TASK>
[  522.547952]  dump_stack_lvl+0x8b/0xb3
[  522.548551]  should_fail.cold+0x5/0xa
[  522.549137]  ? create_new_namespaces+0x30/0xb30
[  522.549879]  should_failslab+0x5/0x10
[  522.550473]  kmem_cache_alloc+0x5b/0x480
[  522.551096]  ? cap_capable+0x1eb/0x250
[  522.551701]  create_new_namespaces+0x30/0xb30
[  522.552411]  copy_namespaces+0x391/0x450
[  522.553042]  copy_process+0x2ba5/0x6d10
[  522.553677]  ? __cleanup_sighand+0xb0/0xb0
[  522.554339]  ? lock_is_held_type+0xd7/0x130
[  522.554999]  ? find_held_lock+0x2c/0x110
[  522.555623]  ? kernel_clone+0xc4/0xa60
[  522.556227]  kernel_clone+0xe7/0xa60
[  522.556799]  ? create_io_thread+0xf0/0xf0
[  522.557446]  ? find_held_lock+0x2c/0x110
[  522.558083]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  522.558851]  ? bit_wait_io_timeout+0x160/0x160
[  522.559557]  __do_sys_clone+0xc8/0x110
[  522.560166]  ? __do_sys_vfork+0xd0/0xd0
[  522.560777]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  522.561619]  ? vfs_write+0x428/0xad0
[  522.562212]  ? syscall_enter_from_user_mode+0x1d/0x50
[  522.563003]  do_syscall_64+0x3b/0x90
[  522.563583]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  522.564380] RIP: 0033:0x7fa70862cb19
[  522.564942] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  522.567743] RSP: 002b:00007fa705ba2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  522.568910] RAX: ffffffffffffffda RBX: 00007fa70873ff60 RCX: 00007fa70862cb19
[  522.570012] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  522.571090] RBP: 00007fa705ba21d0 R08: 0000000000000000 R09: 0000000000000000
[  522.572178] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  522.573256] R13: 00007ffd6adb49ef R14: 00007fa705ba2300 R15: 0000000000022000
[  522.574365]  </TASK>
[  522.584060] FAULT_INJECTION: forcing a failure.
[  522.584060] name failslab, interval 1, probability 0, space 0, times 0
[  522.585833] CPU: 0 PID: 5380 Comm: syz-executor.1 Not tainted 5.17.0-rc8-next-20220318 #1
[  522.587087] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  522.588821] Call Trace:
[  522.589210]  <TASK>
[  522.589552]  dump_stack_lvl+0x8b/0xb3
[  522.590160]  should_fail.cold+0x5/0xa
[  522.590747]  ? copy_process+0x22c1/0x6d10
[  522.591396]  should_failslab+0x5/0x10
[  522.591977]  kmem_cache_alloc+0x5b/0x480
[  522.592609]  copy_process+0x22c1/0x6d10
[  522.593243]  ? __cleanup_sighand+0xb0/0xb0
[  522.593913]  ? lock_is_held_type+0xd7/0x130
[  522.594584]  ? find_held_lock+0x2c/0x110
[  522.595212]  ? kernel_clone+0xc4/0xa60
[  522.595804]  kernel_clone+0xe7/0xa60
[  522.596382]  ? create_io_thread+0xf0/0xf0
[  522.597022]  ? find_held_lock+0x2c/0x110
[  522.597648]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  522.598427]  ? bit_wait_io_timeout+0x160/0x160
[  522.599130]  __do_sys_clone+0xc8/0x110
[  522.599734]  ? __do_sys_vfork+0xd0/0xd0
[  522.600344]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  522.601185]  ? vfs_write+0x428/0xad0
[  522.601785]  ? syscall_enter_from_user_mode+0x1d/0x50
[  522.602576]  do_syscall_64+0x3b/0x90
[  522.603152]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  522.603956] RIP: 0033:0x7f71bf82bb19
[  522.604520] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  522.607343] RSP: 002b:00007f71bcda1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  522.608500] RAX: ffffffffffffffda RBX: 00007f71bf93ef60 RCX: 00007f71bf82bb19
[  522.609596] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  522.610697] RBP: 00007f71bcda11d0 R08: 0000000000000000 R09: 0000000000000000
[  522.611786] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  522.612867] R13: 00007ffdc313072f R14: 00007f71bcda1300 R15: 0000000000022000
[  522.613980]  </TASK>
12:42:24 executing program 4:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
read(r0, &(0x7f00000001c0)=""/133, 0x85)

[  522.649115] isofs_fill_super: root inode is not a directory. Corrupted media?
12:42:24 executing program 7:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000380)=<r1=>0x0)
r2 = epoll_create(0x1)
syz_io_uring_submit(0x0, r1, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x2, 0x4000, @fd=r2, 0x7f, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:42:24 executing program 3:
syz_mount_image$nfs(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400)={[], [{@pcr}]})

12:42:24 executing program 2:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, 0x0)
r2 = epoll_create(0x1)
syz_io_uring_submit(r1, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x2, 0x4000, @fd=r2, 0x7f, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:42:25 executing program 0:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, 0x0)
r2 = epoll_create(0x1)
syz_io_uring_submit(r1, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x2, 0x4000, @fd=r2, 0x7f, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:42:25 executing program 1:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 29)

[  522.748193] nfs: Unknown parameter 'pcr'
[  522.785967] FAULT_INJECTION: forcing a failure.
[  522.785967] name failslab, interval 1, probability 0, space 0, times 0
[  522.788243] CPU: 1 PID: 5396 Comm: syz-executor.1 Not tainted 5.17.0-rc8-next-20220318 #1
[  522.789876] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  522.792121] Call Trace:
[  522.792627]  <TASK>
[  522.793068]  dump_stack_lvl+0x8b/0xb3
[  522.793850]  should_fail.cold+0x5/0xa
[  522.794616]  ? create_object.isra.0+0x3a/0xa20
[  522.795539]  should_failslab+0x5/0x10
[  522.796295]  kmem_cache_alloc+0x5b/0x480
[  522.797115]  ? obj_cgroup_charge+0x247/0x740
[  522.798034]  create_object.isra.0+0x3a/0xa20
[  522.798928]  ? kasan_unpoison+0x23/0x50
[  522.799745]  kmem_cache_alloc+0x239/0x480
[  522.800589]  copy_process+0x22c1/0x6d10
[  522.801440]  ? __cleanup_sighand+0xb0/0xb0
[  522.802306]  ? lock_is_held_type+0xd7/0x130
[  522.803172]  ? find_held_lock+0x2c/0x110
[  522.803991]  ? kernel_clone+0xc4/0xa60
[  522.804776]  kernel_clone+0xe7/0xa60
[  522.805534]  ? create_io_thread+0xf0/0xf0
[  522.806382]  ? find_held_lock+0x2c/0x110
[  522.807199]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  522.808189]  ? bit_wait_io_timeout+0x160/0x160
[  522.809106]  __do_sys_clone+0xc8/0x110
[  522.809902]  ? __do_sys_vfork+0xd0/0xd0
[  522.810705]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  522.811813]  ? vfs_write+0x428/0xad0
[  522.812572]  ? syscall_enter_from_user_mode+0x1d/0x50
[  522.813611]  do_syscall_64+0x3b/0x90
[  522.814370]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  522.815417] RIP: 0033:0x7f71bf82bb19
[  522.816149] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  522.819854] RSP: 002b:00007f71bcda1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  522.821373] RAX: ffffffffffffffda RBX: 00007f71bf93ef60 RCX: 00007f71bf82bb19
[  522.822792] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  522.824214] RBP: 00007f71bcda11d0 R08: 0000000000000000 R09: 0000000000000000
[  522.825635] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  522.827064] R13: 00007ffdc313072f R14: 00007f71bcda1300 R15: 0000000000022000
[  522.828511]  </TASK>
12:42:37 executing program 6:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 31)

12:42:37 executing program 4:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
read(r0, &(0x7f00000001c0)=""/133, 0x85)

12:42:37 executing program 3:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff000000000000000007"], 0x1c}], 0x1}, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0)
sendmsg$IPVS_CMD_DEL_SERVICE(r0, &(0x7f0000001200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000001180)={&(0x7f0000001340)=ANY=[@ANYBLOB="f954b225", @ANYRES16=0x0, @ANYBLOB="01002dbd7000fddbdf2503000000140002800800030000000000080004002400000008000500ffffffff"], 0x30}, 0x1, 0x0, 0x0, 0x24008805}, 0x20000000)
preadv(r1, &(0x7f00000011c0)=[{&(0x7f0000000180)=""/4096, 0x1000}], 0x1, 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r2, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
read(r0, &(0x7f00000001c0)=""/133, 0x85)

12:42:37 executing program 0:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff000000000000000007"], 0x1c}], 0x1}, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0)
sendmsg$IPVS_CMD_DEL_SERVICE(r0, &(0x7f0000001200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000001180)={&(0x7f0000001340)=ANY=[@ANYBLOB="f954b225", @ANYRES16=0x0, @ANYBLOB="01002dbd7000fddbdf2503000000140002800800030000000000080004002400000008000500ffffffff"], 0x30}, 0x1, 0x0, 0x0, 0x24008805}, 0x20000000)
preadv(r1, &(0x7f00000011c0)=[{&(0x7f0000000180)=""/4096, 0x1000}], 0x1, 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r2, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
read(r0, &(0x7f00000001c0)=""/133, 0x85)

12:42:37 executing program 5:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000be000000000000be252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000000040)="22df1d0000000000000d00080005e20008007809140b2a", 0x17, 0xf000}], 0x0, &(0x7f0000011e00))
mkdirat(r0, &(0x7f0000000300)='./file0\x00', 0x8)

12:42:37 executing program 2:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, 0x0)
r2 = epoll_create(0x1)
syz_io_uring_submit(r1, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x2, 0x4000, @fd=r2, 0x7f, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:42:37 executing program 7:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000380)=<r1=>0x0)
r2 = epoll_create(0x1)
syz_io_uring_submit(0x0, r1, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x2, 0x4000, @fd=r2, 0x7f, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:42:37 executing program 1:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 30)

[  535.607561] loop5: detected capacity change from 0 to 240
[  535.610705] FAULT_INJECTION: forcing a failure.
[  535.610705] name failslab, interval 1, probability 0, space 0, times 0
[  535.612989] CPU: 1 PID: 5414 Comm: syz-executor.1 Not tainted 5.17.0-rc8-next-20220318 #1
12:42:37 executing program 2:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x2, 0x4000, @fd=r3, 0x7f, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

[  535.614621] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  535.617017] Call Trace:
[  535.617528]  <TASK>
[  535.617976]  dump_stack_lvl+0x8b/0xb3
[  535.618766]  should_fail.cold+0x5/0xa
[  535.619547]  ? create_new_namespaces+0x30/0xb30
[  535.620485]  should_failslab+0x5/0x10
[  535.621237]  kmem_cache_alloc+0x5b/0x480
[  535.622064]  ? cap_capable+0x1eb/0x250
[  535.622848]  create_new_namespaces+0x30/0xb30
[  535.623762]  copy_namespaces+0x391/0x450
[  535.624584]  copy_process+0x2ba5/0x6d10
[  535.625415]  ? __cleanup_sighand+0xb0/0xb0
[  535.626296]  ? lock_is_held_type+0xd7/0x130
[  535.627156]  ? find_held_lock+0x2c/0x110
[  535.627973]  ? kernel_clone+0xc4/0xa60
[  535.628762]  kernel_clone+0xe7/0xa60
[  535.629520]  ? create_io_thread+0xf0/0xf0
[  535.630380]  ? find_held_lock+0x2c/0x110
[  535.631205]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  535.632198]  ? bit_wait_io_timeout+0x160/0x160
[  535.633123]  __do_sys_clone+0xc8/0x110
[  535.633912]  ? __do_sys_vfork+0xd0/0xd0
[  535.634737]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  535.635840]  ? vfs_write+0x428/0xad0
12:42:37 executing program 2:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x2, 0x4000, @fd=r3, 0x7f, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

[  535.636610]  ? syscall_enter_from_user_mode+0x1d/0x50
[  535.637766]  do_syscall_64+0x3b/0x90
[  535.638529]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  535.639567] RIP: 0033:0x7f71bf82bb19
[  535.640306] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  535.643992] RSP: 002b:00007f71bcda1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  535.645518] RAX: ffffffffffffffda RBX: 00007f71bf93ef60 RCX: 00007f71bf82bb19
[  535.646983] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  535.648405] RBP: 00007f71bcda11d0 R08: 0000000000000000 R09: 0000000000000000
[  535.649841] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  535.651264] R13: 00007ffdc313072f R14: 00007f71bcda1300 R15: 0000000000022000
[  535.652703]  </TASK>
[  535.661119] FAULT_INJECTION: forcing a failure.
[  535.661119] name failslab, interval 1, probability 0, space 0, times 0
[  535.662461] CPU: 0 PID: 5424 Comm: syz-executor.6 Not tainted 5.17.0-rc8-next-20220318 #1
[  535.663335] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  535.664564] Call Trace:
[  535.664847]  <TASK>
[  535.665093]  dump_stack_lvl+0x8b/0xb3
[  535.665509]  should_fail.cold+0x5/0xa
[  535.665921]  ? create_object.isra.0+0x3a/0xa20
[  535.666455]  should_failslab+0x5/0x10
[  535.666869]  kmem_cache_alloc+0x5b/0x480
[  535.667315]  ? obj_cgroup_charge+0x247/0x740
[  535.667797]  create_object.isra.0+0x3a/0xa20
[  535.668279]  ? kasan_unpoison+0x23/0x50
[  535.668719]  kmem_cache_alloc+0x239/0x480
[  535.669180]  create_new_namespaces+0x30/0xb30
[  535.669683]  copy_namespaces+0x391/0x450
[  535.670152]  copy_process+0x2ba5/0x6d10
[  535.670602]  ? __cleanup_sighand+0xb0/0xb0
[  535.671072]  ? lock_is_held_type+0xd7/0x130
[  535.671547]  ? find_held_lock+0x2c/0x110
[  535.672000]  ? kernel_clone+0xc4/0xa60
[  535.672433]  kernel_clone+0xe7/0xa60
[  535.672841]  ? create_io_thread+0xf0/0xf0
[  535.673297]  ? find_held_lock+0x2c/0x110
[  535.673739]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  535.674297]  ? bit_wait_io_timeout+0x160/0x160
[  535.674798]  __do_sys_clone+0xc8/0x110
[  535.675231]  ? __do_sys_vfork+0xd0/0xd0
[  535.675667]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  535.676267]  ? vfs_write+0x428/0xad0
[  535.676688]  ? syscall_enter_from_user_mode+0x1d/0x50
[  535.677252]  do_syscall_64+0x3b/0x90
[  535.677667]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  535.678253] RIP: 0033:0x7fa70862cb19
[  535.678661] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  535.680656] RSP: 002b:00007fa705ba2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  535.681472] RAX: ffffffffffffffda RBX: 00007fa70873ff60 RCX: 00007fa70862cb19
[  535.682271] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  535.683058] RBP: 00007fa705ba21d0 R08: 0000000000000000 R09: 0000000000000000
[  535.683805] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  535.684581] R13: 00007ffd6adb49ef R14: 00007fa705ba2300 R15: 0000000000022000
[  535.685361]  </TASK>
[  535.696475] isofs_fill_super: root inode is not a directory. Corrupted media?
12:42:53 executing program 4:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
read(r0, &(0x7f00000001c0)=""/133, 0x85)

12:42:53 executing program 0:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000be000000000000be252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000000040)="22df1d0000000000000d000800", 0xd, 0xf000}], 0x0, &(0x7f0000011e00))
mkdirat(r0, &(0x7f0000000300)='./file0\x00', 0x8)

12:42:53 executing program 2:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x2, 0x4000, @fd=r3, 0x7f, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:42:53 executing program 1:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 31)

12:42:53 executing program 7:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000380)=<r1=>0x0)
r2 = epoll_create(0x1)
syz_io_uring_submit(0x0, r1, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x2, 0x4000, @fd=r2, 0x7f, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:42:53 executing program 5:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000be000000000000be252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000000040)="22df1d0000000000000d00080005e20008007809140b2a3a08", 0x19, 0xf000}], 0x0, &(0x7f0000011e00))
mkdirat(r0, &(0x7f0000000300)='./file0\x00', 0x8)

12:42:53 executing program 3:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000be000000000000be252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000000040)="22df1d0000000000000d00080005e20008007809140b2a", 0x17, 0xf000}], 0x0, &(0x7f0000011e00))
mkdirat(r0, &(0x7f0000000300)='./file0\x00', 0x8)

12:42:53 executing program 6:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 32)

[  550.804016] FAULT_INJECTION: forcing a failure.
[  550.804016] name failslab, interval 1, probability 0, space 0, times 0
[  550.805075] loop5: detected capacity change from 0 to 240
[  550.806318] CPU: 1 PID: 5435 Comm: syz-executor.1 Not tainted 5.17.0-rc8-next-20220318 #1
[  550.808535] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  550.810837] Call Trace:
[  550.811349]  <TASK>
[  550.811360]  dump_stack_lvl+0x8b/0xb3
[  550.812378]  should_fail.cold+0x5/0xa
[  550.813149]  ? create_object.isra.0+0x3a/0xa20
[  550.814099]  should_failslab+0x5/0x10
[  550.814872]  kmem_cache_alloc+0x5b/0x480
[  550.815680]  ? obj_cgroup_charge+0x247/0x740
[  550.816569]  create_object.isra.0+0x3a/0xa20
[  550.817457]  ? kasan_unpoison+0x23/0x50
[  550.818283]  kmem_cache_alloc+0x239/0x480
[  550.819116]  create_new_namespaces+0x30/0xb30
[  550.820033]  copy_namespaces+0x391/0x450
[  550.820855]  copy_process+0x2ba5/0x6d10
[  550.821685]  ? __cleanup_sighand+0xb0/0xb0
[  550.822553]  ? lock_is_held_type+0xd7/0x130
[  550.823438]  ? find_held_lock+0x2c/0x110
[  550.824255]  ? kernel_clone+0xc4/0xa60
[  550.825045]  kernel_clone+0xe7/0xa60
[  550.825796]  ? create_io_thread+0xf0/0xf0
[  550.826640]  ? find_held_lock+0x2c/0x110
[  550.827454]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  550.828442]  ? bit_wait_io_timeout+0x160/0x160
[  550.829364]  __do_sys_clone+0xc8/0x110
[  550.830145]  ? __do_sys_vfork+0xd0/0xd0
[  550.830967]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  550.832053]  ? vfs_write+0x428/0xad0
[  550.832843]  ? syscall_enter_from_user_mode+0x1d/0x50
[  550.833842]  do_syscall_64+0x3b/0x90
[  550.834602]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  550.835704] RIP: 0033:0x7f71bf82bb19
[  550.836459] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  550.840203] RSP: 002b:00007f71bcda1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  550.841655] RAX: ffffffffffffffda RBX: 00007f71bf93ef60 RCX: 00007f71bf82bb19
[  550.843103] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  550.844518] RBP: 00007f71bcda11d0 R08: 0000000000000000 R09: 0000000000000000
[  550.845930] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  550.847351] R13: 00007ffdc313072f R14: 00007f71bcda1300 R15: 0000000000022000
[  550.848782]  </TASK>
[  550.880425] FAULT_INJECTION: forcing a failure.
[  550.880425] name failslab, interval 1, probability 0, space 0, times 0
[  550.881705] CPU: 0 PID: 5445 Comm: syz-executor.6 Not tainted 5.17.0-rc8-next-20220318 #1
[  550.882567] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  550.883749] Call Trace:
[  550.884020]  <TASK>
[  550.884250]  dump_stack_lvl+0x8b/0xb3
[  550.884664]  should_fail.cold+0x5/0xa
[  550.885061]  ? copy_utsname+0x155/0x4a0
[  550.885483]  should_failslab+0x5/0x10
[  550.885883]  kmem_cache_alloc+0x5b/0x480
[  550.886336]  copy_utsname+0x155/0x4a0
[  550.886743]  create_new_namespaces+0x16e/0xb30
[  550.887233]  copy_namespaces+0x391/0x450
[  550.887664]  copy_process+0x2ba5/0x6d10
[  550.888097]  ? __cleanup_sighand+0xb0/0xb0
[  550.888548]  ? lock_is_held_type+0xd7/0x130
[  550.889000]  ? find_held_lock+0x2c/0x110
[  550.889426]  ? kernel_clone+0xc4/0xa60
[  550.889836]  kernel_clone+0xe7/0xa60
[  550.890269]  ? create_io_thread+0xf0/0xf0
[  550.890709]  ? find_held_lock+0x2c/0x110
[  550.891132]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  550.891654]  ? bit_wait_io_timeout+0x160/0x160
[  550.892132]  __do_sys_clone+0xc8/0x110
[  550.892547]  ? __do_sys_vfork+0xd0/0xd0
[  550.892967]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  550.893543]  ? vfs_write+0x428/0xad0
[  550.893945]  ? syscall_enter_from_user_mode+0x1d/0x50
[  550.894506]  do_syscall_64+0x3b/0x90
[  550.894901]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  550.895445] RIP: 0033:0x7fa70862cb19
[  550.895830] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  550.897738] RSP: 002b:00007fa705ba2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  550.898531] RAX: ffffffffffffffda RBX: 00007fa70873ff60 RCX: 00007fa70862cb19
[  550.899265] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  550.899995] RBP: 00007fa705ba21d0 R08: 0000000000000000 R09: 0000000000000000
[  550.900736] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  550.901248] loop0: detected capacity change from 0 to 240
[  550.901473] R13: 00007ffd6adb49ef R14: 00007fa705ba2300 R15: 0000000000022000
[  550.901496]  </TASK>
[  550.901896] loop3: detected capacity change from 0 to 240
[  550.912475] isofs_fill_super: root inode is not a directory. Corrupted media?
[  550.915952] isofs_fill_super: root inode is not a directory. Corrupted media?
[  550.917598] isofs_fill_super: root inode is not a directory. Corrupted media?
12:42:53 executing program 7:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380))
r2 = epoll_create(0x1)
syz_io_uring_submit(r1, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x2, 0x4000, @fd=r2, 0x7f, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:42:53 executing program 3:
syz_mount_image$nfs(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400))

12:42:53 executing program 2:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000380)=<r1=>0x0)
r2 = epoll_create(0x1)
syz_io_uring_submit(0x0, r1, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x2, 0x4000, @fd=r2, 0x7f, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:42:53 executing program 5:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000be000000000000be252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000000040)="22df1d0000000000000d00080005e20008007809140b2a3a08", 0x19, 0xf000}], 0x0, &(0x7f0000011e00))
mkdirat(r0, &(0x7f0000000300)='./file0\x00', 0x8)

12:42:53 executing program 7:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380))
r2 = epoll_create(0x1)
syz_io_uring_submit(r1, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x2, 0x4000, @fd=r2, 0x7f, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:42:53 executing program 0:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff000000000000000007"], 0x1c}], 0x1}, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0)
sendmsg$IPVS_CMD_DEL_SERVICE(r0, &(0x7f0000001200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000001180)={&(0x7f0000001340)=ANY=[@ANYBLOB="f954b225", @ANYRES16=0x0, @ANYBLOB="01002dbd7000fddbdf2503000000140002800800030000000000080004002400000008000500ffffffff"], 0x30}, 0x1, 0x0, 0x0, 0x24008805}, 0x20000000)
preadv(r1, &(0x7f00000011c0)=[{&(0x7f0000000180)=""/4096, 0x1000}], 0x1, 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r2, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0)
r3 = fork()
r4 = pidfd_open(r3, 0x0)
process_madvise(r4, 0x0, 0x0, 0x14, 0x0)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
read(r0, &(0x7f00000001c0)=""/133, 0x85)

12:42:53 executing program 3:
syz_mount_image$nfs(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x0, 0x2, &(0x7f0000001380)=[{0x0}, {&(0x7f00000012c0)="d150f10b1f877a4c496d6687c2e3b01f89b282979140bba4631af63aff4b1e008012a9053d1fc4c722661014b5360d6d369bc958e205992997dfaa57602724ca2ce975471e70df706eac83e4712ada73b7739921cc78b159f757d9254cecef5197d02900ad42f46aa14ae9cf61e6a38ac168d9d7bcd8fb31f481913a8cd8a5a4540ad202cb833bcd20cf67da12921780e5203761877c9e7b2955bdd2719c2e193612593b336fa66122b86e8d33dbe880cefd56b5", 0xb4, 0x100000001}], 0x0, &(0x7f0000001400)={[{'$-'}], [{@pcr={'pcr', 0x3d, 0x32}}, {@obj_type={'obj_type', 0x3d, '!,*!+)+[:]'}}, {@subj_user}]})

12:42:53 executing program 6:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 33)

[  551.076680] FAULT_INJECTION: forcing a failure.
[  551.076680] name failslab, interval 1, probability 0, space 0, times 0
[  551.077985] CPU: 0 PID: 5463 Comm: syz-executor.6 Not tainted 5.17.0-rc8-next-20220318 #1
[  551.078893] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  551.080062] Call Trace:
[  551.080329]  <TASK>
[  551.080562]  dump_stack_lvl+0x8b/0xb3
[  551.080972]  should_fail.cold+0x5/0xa
[  551.081375]  ? create_object.isra.0+0x3a/0xa20
[  551.081857]  should_failslab+0x5/0x10
[  551.082262]  kmem_cache_alloc+0x5b/0x480
[  551.082685]  ? obj_cgroup_charge+0x247/0x740
[  551.083150]  create_object.isra.0+0x3a/0xa20
[  551.083611]  ? kasan_unpoison+0x23/0x50
[  551.084026]  kmem_cache_alloc+0x239/0x480
[  551.084480]  copy_utsname+0x155/0x4a0
[  551.084890]  create_new_namespaces+0x16e/0xb30
[  551.085371]  ? __sanitizer_cov_trace_const_cmp4+0x3/0x70
[  551.085998]  copy_namespaces+0x391/0x450
[  551.086471]  copy_process+0x2ba5/0x6d10
[  551.086944]  ? __cleanup_sighand+0xb0/0xb0
[  551.087430]  ? lock_is_held_type+0xd7/0x130
[  551.087931]  ? find_held_lock+0x2c/0x110
[  551.088405]  ? kernel_clone+0xc4/0xa60
[  551.088872]  kernel_clone+0xe7/0xa60
[  551.089307]  ? create_io_thread+0xf0/0xf0
[  551.089788]  ? find_held_lock+0x2c/0x110
[  551.090263]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  551.090835]  ? bit_wait_io_timeout+0x160/0x160
[  551.091363]  __do_sys_clone+0xc8/0x110
[  551.091802]  ? __do_sys_vfork+0xd0/0xd0
[  551.092265]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  551.092890]  ? vfs_write+0x428/0xad0
[  551.093331]  ? syscall_enter_from_user_mode+0x1d/0x50
[  551.093919]  do_syscall_64+0x3b/0x90
[  551.094345]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  551.094918] RIP: 0033:0x7fa70862cb19
[  551.095321] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  551.097351] RSP: 002b:00007fa705ba2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  551.098189] RAX: ffffffffffffffda RBX: 00007fa70873ff60 RCX: 00007fa70862cb19
[  551.098959] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  551.099732] RBP: 00007fa705ba21d0 R08: 0000000000000000 R09: 0000000000000000
[  551.100516] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  551.101307] R13: 00007ffd6adb49ef R14: 00007fa705ba2300 R15: 0000000000022000
[  551.102104]  </TASK>
[  551.106593] loop5: detected capacity change from 0 to 240
[  551.111791] loop3: detected capacity change from 0 to 264192
[  551.114449] isofs_fill_super: root inode is not a directory. Corrupted media?
[  551.114524] nfs: Unknown parameter '$-'
[  565.933709] FAULT_INJECTION: forcing a failure.
[  565.933709] name failslab, interval 1, probability 0, space 0, times 0
[  565.936247] CPU: 1 PID: 5476 Comm: syz-executor.6 Not tainted 5.17.0-rc8-next-20220318 #1
[  565.938027] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  565.940460] Call Trace:
[  565.941043]  <TASK>
[  565.941520]  dump_stack_lvl+0x8b/0xb3
[  565.942346]  should_fail.cold+0x5/0xa
[  565.943192]  ? copy_ipcs+0x184/0x5d0
[  565.944011]  should_failslab+0x5/0x10
[  565.944838]  kmem_cache_alloc_trace+0x55/0x3c0
[  565.945813]  copy_ipcs+0x184/0x5d0
[  565.946597]  ? copy_utsname+0xa9/0x4a0
[  565.947464]  create_new_namespaces+0x210/0xb30
[  565.948477]  copy_namespaces+0x391/0x450
[  565.949374]  copy_process+0x2ba5/0x6d10
[  565.950256]  ? __cleanup_sighand+0xb0/0xb0
[  565.951181]  ? lock_is_held_type+0xd7/0x130
[  565.952106]  ? find_held_lock+0x2c/0x110
[  565.953012]  ? kernel_clone+0xc4/0xa60
[  565.953871]  kernel_clone+0xe7/0xa60
[  565.954694]  ? create_io_thread+0xf0/0xf0
[  565.955617]  ? find_held_lock+0x2c/0x110
[  565.956510]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  565.957589]  ? bit_wait_io_timeout+0x160/0x160
[  565.958624]  __do_sys_clone+0xc8/0x110
[  565.959464]  ? __do_sys_vfork+0xd0/0xd0
12:43:08 executing program 6:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 34)

12:43:08 executing program 0:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff000000000000000007"], 0x1c}], 0x1}, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0)
sendmsg$IPVS_CMD_DEL_SERVICE(r0, &(0x7f0000001200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000001180)={&(0x7f0000001340)=ANY=[@ANYBLOB="f954b225", @ANYRES16=0x0, @ANYBLOB="01002dbd7000fddbdf2503000000140002800800030000000000080004002400000008000500ffffffff"], 0x30}, 0x1, 0x0, 0x0, 0x24008805}, 0x20000000)
preadv(r1, &(0x7f00000011c0)=[{&(0x7f0000000180)=""/4096, 0x1000}], 0x1, 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r2, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0)
r3 = fork()
r4 = pidfd_open(r3, 0x0)
process_madvise(r4, 0x0, 0x0, 0x14, 0x0)
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='uid_map\x00')
preadv(r5, &(0x7f0000000300)=[{&(0x7f0000000200)=""/66, 0x42}], 0x1, 0x1, 0x0)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
read(r0, &(0x7f00000001c0)=""/133, 0x85)

12:43:08 executing program 2:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000380)=<r1=>0x0)
r2 = epoll_create(0x1)
syz_io_uring_submit(0x0, r1, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x2, 0x4000, @fd=r2, 0x7f, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:43:08 executing program 7:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380))
r2 = epoll_create(0x1)
syz_io_uring_submit(r1, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x2, 0x4000, @fd=r2, 0x7f, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:43:08 executing program 4:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff000000000000000007"], 0x1c}], 0x1}, 0x0)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
read(0xffffffffffffffff, &(0x7f00000001c0)=""/133, 0x85)

12:43:08 executing program 3:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff000000000000000007"], 0x1c}], 0x1}, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0)
sendmsg$IPVS_CMD_DEL_SERVICE(r0, &(0x7f0000001200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000001180)={&(0x7f0000001340)=ANY=[@ANYBLOB="f954b225", @ANYRES16=0x0, @ANYBLOB="01002dbd7000fddbdf2503000000140002800800030000000000080004002400000008000500ffffffff"], 0x30}, 0x1, 0x0, 0x0, 0x24008805}, 0x20000000)
preadv(r1, &(0x7f00000011c0)=[{&(0x7f0000000180)=""/4096, 0x1000}], 0x1, 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r2, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0)
r3 = fork()
r4 = pidfd_open(r3, 0x0)
process_madvise(r4, 0x0, 0x0, 0x14, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='uid_map\x00')
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
read(r0, &(0x7f00000001c0)=""/133, 0x85)

12:43:08 executing program 5:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000be000000000000be252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000000040)="22df1d0000000000000d00080005e20008007809140b2a3a08", 0x19, 0xf000}], 0x0, &(0x7f0000011e00))
mkdirat(r0, &(0x7f0000000300)='./file0\x00', 0x8)

12:43:08 executing program 1:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 32)

[  565.960546]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  565.962002]  ? vfs_write+0x428/0xad0
[  565.962846]  ? syscall_enter_from_user_mode+0x1d/0x50
[  565.963991]  do_syscall_64+0x3b/0x90
[  565.964795]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  565.965947] RIP: 0033:0x7fa70862cb19
[  565.966762] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  565.970819] RSP: 002b:00007fa705ba2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  565.972426] RAX: ffffffffffffffda RBX: 00007fa70873ff60 RCX: 00007fa70862cb19
[  565.973925] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  565.975632] RBP: 00007fa705ba21d0 R08: 0000000000000000 R09: 0000000000000000
[  565.977137] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  565.978651] R13: 00007ffd6adb49ef R14: 00007fa705ba2300 R15: 0000000000022000
[  565.980178]  </TASK>
[  565.983520] FAULT_INJECTION: forcing a failure.
[  565.983520] name failslab, interval 1, probability 0, space 0, times 0
[  565.985955] CPU: 1 PID: 5484 Comm: syz-executor.1 Not tainted 5.17.0-rc8-next-20220318 #1
[  565.987699] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  565.990085] Call Trace:
[  565.990635]  <TASK>
[  565.991118]  dump_stack_lvl+0x8b/0xb3
[  565.991963]  should_fail.cold+0x5/0xa
[  565.992783]  ? copy_utsname+0x155/0x4a0
[  565.993667]  should_failslab+0x5/0x10
[  565.994508]  kmem_cache_alloc+0x5b/0x480
[  565.995377]  copy_utsname+0x155/0x4a0
[  565.996206]  create_new_namespaces+0x16e/0xb30
[  565.997210]  copy_namespaces+0x391/0x450
[  565.998097]  copy_process+0x2ba5/0x6d10
[  565.998985]  ? __cleanup_sighand+0xb0/0xb0
[  565.999923]  ? lock_is_held_type+0xd7/0x130
[  566.000834]  ? find_held_lock+0x2c/0x110
[  566.001699]  ? kernel_clone+0xc4/0xa60
[  566.002566]  kernel_clone+0xe7/0xa60
[  566.003397]  ? create_io_thread+0xf0/0xf0
[  566.004285]  ? find_held_lock+0x2c/0x110
[  566.005158]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  566.006205]  ? bit_wait_io_timeout+0x160/0x160
[  566.007204]  __do_sys_clone+0xc8/0x110
[  566.008051]  ? __do_sys_vfork+0xd0/0xd0
[  566.008919]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  566.010115]  ? vfs_write+0x428/0xad0
[  566.010946]  ? syscall_enter_from_user_mode+0x1d/0x50
[  566.012047]  do_syscall_64+0x3b/0x90
[  566.012838]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  566.013940] RIP: 0033:0x7f71bf82bb19
[  566.014762] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  566.018625] RSP: 002b:00007f71bcda1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  566.020290] RAX: ffffffffffffffda RBX: 00007f71bf93ef60 RCX: 00007f71bf82bb19
[  566.021886] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  566.023453] RBP: 00007f71bcda11d0 R08: 0000000000000000 R09: 0000000000000000
[  566.024978] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  566.026502] R13: 00007ffdc313072f R14: 00007f71bcda1300 R15: 0000000000022000
[  566.028025]  </TASK>
[  566.044806] loop5: detected capacity change from 0 to 240
12:43:08 executing program 2:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000380)=<r1=>0x0)
r2 = epoll_create(0x1)
syz_io_uring_submit(0x0, r1, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x2, 0x4000, @fd=r2, 0x7f, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:43:08 executing program 4:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff000000000000000007"], 0x1c}], 0x1}, 0x0)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
read(0xffffffffffffffff, &(0x7f00000001c0)=""/133, 0x85)

[  566.087404] isofs_fill_super: root inode is not a directory. Corrupted media?
12:43:08 executing program 1:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 33)

12:43:08 executing program 6:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 35)

12:43:08 executing program 7:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
epoll_create(0x1)
syz_io_uring_submit(r1, r2, 0x0, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:43:08 executing program 4:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff000000000000000007"], 0x1c}], 0x1}, 0x0)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
read(0xffffffffffffffff, &(0x7f00000001c0)=""/133, 0x85)

12:43:08 executing program 3:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff000000000000000007"], 0x1c}], 0x1}, 0x0)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
read(0xffffffffffffffff, &(0x7f00000001c0)=""/133, 0x85)

12:43:08 executing program 0:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff000000000000000007"], 0x1c}], 0x1}, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0)
sendmsg$IPVS_CMD_DEL_SERVICE(r0, &(0x7f0000001200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000001180)={&(0x7f0000001340)=ANY=[@ANYBLOB="f954b225", @ANYRES16=0x0, @ANYBLOB="01002dbd7000fddbdf2503000000140002800800030000000000080004002400000008000500ffffffff"], 0x30}, 0x1, 0x0, 0x0, 0x24008805}, 0x20000000)
preadv(r1, &(0x7f00000011c0)=[{&(0x7f0000000180)=""/4096, 0x1000}], 0x1, 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r2, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0)
r3 = fork()
r4 = pidfd_open(r3, 0x0)
process_madvise(r4, 0x0, 0x0, 0x14, 0x0)
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='uid_map\x00')
preadv(r5, &(0x7f0000000300)=[{&(0x7f0000000200)=""/66, 0x42}], 0x1, 0x1, 0x0)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
read(r0, &(0x7f00000001c0)=""/133, 0x85)

[  566.175160] FAULT_INJECTION: forcing a failure.
[  566.175160] name failslab, interval 1, probability 0, space 0, times 0
[  566.176458] CPU: 0 PID: 5503 Comm: syz-executor.6 Not tainted 5.17.0-rc8-next-20220318 #1
[  566.177315] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  566.178502] Call Trace:
[  566.178767]  <TASK>
[  566.179003]  dump_stack_lvl+0x8b/0xb3
[  566.179414]  should_fail.cold+0x5/0xa
[  566.179812]  ? create_object.isra.0+0x3a/0xa20
[  566.180314]  should_failslab+0x5/0x10
[  566.180712]  kmem_cache_alloc+0x5b/0x480
[  566.181146]  create_object.isra.0+0x3a/0xa20
[  566.181614]  ? kasan_unpoison+0x23/0x50
[  566.182039]  kmem_cache_alloc_trace+0x22e/0x3c0
[  566.182546]  copy_ipcs+0x184/0x5d0
[  566.182918]  ? copy_utsname+0xa9/0x4a0
[  566.183330]  create_new_namespaces+0x210/0xb30
[  566.183814]  copy_namespaces+0x391/0x450
[  566.184242]  copy_process+0x2ba5/0x6d10
[  566.184679]  ? __cleanup_sighand+0xb0/0xb0
[  566.185137]  ? lock_is_held_type+0xd7/0x130
[  566.185591]  ? find_held_lock+0x2c/0x110
[  566.186028]  ? kernel_clone+0xc4/0xa60
[  566.186459]  kernel_clone+0xe7/0xa60
[  566.186862]  ? create_io_thread+0xf0/0xf0
[  566.187302]  ? find_held_lock+0x2c/0x110
[  566.187733]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  566.188267]  ? bit_wait_io_timeout+0x160/0x160
[  566.188761]  __do_sys_clone+0xc8/0x110
[  566.189175]  ? __do_sys_vfork+0xd0/0xd0
[  566.189597]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  566.190169]  ? vfs_write+0x428/0xad0
[  566.190577]  ? syscall_enter_from_user_mode+0x1d/0x50
[  566.191139]  do_syscall_64+0x3b/0x90
[  566.191543]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  566.192093] RIP: 0033:0x7fa70862cb19
[  566.192484] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  566.194406] RSP: 002b:00007fa705ba2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  566.195218] RAX: ffffffffffffffda RBX: 00007fa70873ff60 RCX: 00007fa70862cb19
[  566.195961] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  566.196697] RBP: 00007fa705ba21d0 R08: 0000000000000000 R09: 0000000000000000
[  566.197442] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  566.198191] R13: 00007ffd6adb49ef R14: 00007fa705ba2300 R15: 0000000000022000
[  566.198980]  </TASK>
12:43:08 executing program 2:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380))
r2 = epoll_create(0x1)
syz_io_uring_submit(r1, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x2, 0x4000, @fd=r2, 0x7f, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:43:08 executing program 5:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000be000000000000be252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000000040)="22df1d0000000000000d00080005e20008007809140b2a3a0802", 0x1a}], 0x0, &(0x7f0000011e00))
mkdirat(r0, &(0x7f0000000300)='./file0\x00', 0x8)

12:43:08 executing program 7:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
epoll_create(0x1)
syz_io_uring_submit(r1, r2, 0x0, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

[  566.268808] loop5: detected capacity change from 0 to 136
[  566.286708] isofs_fill_super: get root inode failed
[  566.346155] FAULT_INJECTION: forcing a failure.
[  566.346155] name failslab, interval 1, probability 0, space 0, times 0
[  566.348589] CPU: 1 PID: 5517 Comm: syz-executor.1 Not tainted 5.17.0-rc8-next-20220318 #1
[  566.350273] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  566.352820] Call Trace:
[  566.353466]  <TASK>
[  566.353920]  dump_stack_lvl+0x8b/0xb3
[  566.354740]  should_fail.cold+0x5/0xa
[  566.355528]  ? create_object.isra.0+0x3a/0xa20
[  566.356488]  should_failslab+0x5/0x10
[  566.357250]  kmem_cache_alloc+0x5b/0x480
[  566.358065]  ? obj_cgroup_charge+0x247/0x740
[  566.358999]  create_object.isra.0+0x3a/0xa20
[  566.359915]  ? kasan_unpoison+0x23/0x50
[  566.360748]  kmem_cache_alloc+0x239/0x480
[  566.361606]  copy_utsname+0x155/0x4a0
[  566.362399]  create_new_namespaces+0x16e/0xb30
[  566.363341]  copy_namespaces+0x391/0x450
[  566.364184]  copy_process+0x2ba5/0x6d10
[  566.365016]  ? __cleanup_sighand+0xb0/0xb0
[  566.365899]  ? lock_is_held_type+0xd7/0x130
[  566.366786]  ? find_held_lock+0x2c/0x110
[  566.367619]  ? kernel_clone+0xc4/0xa60
[  566.368421]  kernel_clone+0xe7/0xa60
[  566.369197]  ? create_io_thread+0xf0/0xf0
[  566.370057]  ? find_held_lock+0x2c/0x110
[  566.370901]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  566.371911]  ? bit_wait_io_timeout+0x160/0x160
[  566.372837]  __do_sys_clone+0xc8/0x110
[  566.373636]  ? __do_sys_vfork+0xd0/0xd0
[  566.374455]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  566.375565]  ? vfs_write+0x428/0xad0
[  566.376329]  ? syscall_enter_from_user_mode+0x1d/0x50
[  566.377510]  do_syscall_64+0x3b/0x90
[  566.378356]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  566.379550] RIP: 0033:0x7f71bf82bb19
[  566.380369] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  566.384528] RSP: 002b:00007f71bcda1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  566.386236] RAX: ffffffffffffffda RBX: 00007f71bf93ef60 RCX: 00007f71bf82bb19
[  566.387852] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  566.389442] RBP: 00007f71bcda11d0 R08: 0000000000000000 R09: 0000000000000000
[  566.391042] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  566.392638] R13: 00007ffdc313072f R14: 00007f71bcda1300 R15: 0000000000022000
[  566.394255]  </TASK>
12:43:08 executing program 4:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff000000000000000007"], 0x1c}], 0x1}, 0x0)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
read(r0, &(0x7f00000001c0)=""/133, 0x85)

12:43:08 executing program 2:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380))
r2 = epoll_create(0x1)
syz_io_uring_submit(r1, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x2, 0x4000, @fd=r2, 0x7f, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:43:08 executing program 3:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff000000000000000007"], 0x1c}], 0x1}, 0x0)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
read(0xffffffffffffffff, &(0x7f00000001c0)=""/133, 0x85)

12:43:08 executing program 7:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
epoll_create(0x1)
syz_io_uring_submit(r1, r2, 0x0, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:43:08 executing program 5:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000be000000000000be252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000000040)="22df1d0000000000000d00080005e20008007809140b2a3a0802", 0x1a}], 0x0, &(0x7f0000011e00))
mkdirat(r0, &(0x7f0000000300)='./file0\x00', 0x8)

[  566.547803] loop5: detected capacity change from 0 to 136
12:43:08 executing program 2:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380))
r2 = epoll_create(0x1)
syz_io_uring_submit(r1, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x2, 0x4000, @fd=r2, 0x7f, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:43:08 executing program 4:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff000000000000000007"], 0x1c}], 0x1}, 0x0)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
read(r0, &(0x7f00000001c0)=""/133, 0x85)

[  566.593959] isofs_fill_super: get root inode failed
12:43:21 executing program 7:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x7f, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:43:21 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff000000000000000007"], 0x1c}], 0x1}, 0x0)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
read(r0, &(0x7f00000001c0)=""/133, 0x85)

12:43:21 executing program 3:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380))
r2 = epoll_create(0x1)
syz_io_uring_submit(r1, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x2, 0x4000, @fd=r2, 0x7f, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:43:21 executing program 4:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff000000000000000007"], 0x1c}], 0x1}, 0x0)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
read(r0, &(0x7f00000001c0)=""/133, 0x85)

[  579.547645] FAULT_INJECTION: forcing a failure.
[  579.547645] name failslab, interval 1, probability 0, space 0, times 0
[  579.550123] CPU: 1 PID: 5550 Comm: syz-executor.6 Not tainted 5.17.0-rc8-next-20220318 #1
[  579.551913] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  579.554330] Call Trace:
[  579.554891]  <TASK>
[  579.555376]  dump_stack_lvl+0x8b/0xb3
[  579.556209]  should_fail.cold+0x5/0xa
[  579.557039]  ? alloc_fs_context+0x58/0x9d0
[  579.557953]  should_failslab+0x5/0x10
[  579.558797]  kmem_cache_alloc_trace+0x55/0x3c0
[  579.559793]  alloc_fs_context+0x58/0x9d0
[  579.560689]  mq_init_ns+0x16e/0x630
[  579.561494]  copy_ipcs+0x35e/0x5d0
[  579.562251]  ? copy_utsname+0xa9/0x4a0
[  579.563111]  create_new_namespaces+0x210/0xb30
[  579.564110]  copy_namespaces+0x391/0x450
[  579.564967]  copy_process+0x2ba5/0x6d10
[  579.565859]  ? __cleanup_sighand+0xb0/0xb0
[  579.566809]  ? lock_is_held_type+0xd7/0x130
[  579.567733]  ? find_held_lock+0x2c/0x110
[  579.568613]  ? kernel_clone+0xc4/0xa60
[  579.569460]  kernel_clone+0xe7/0xa60
[  579.570274]  ? create_io_thread+0xf0/0xf0
[  579.571187]  ? find_held_lock+0x2c/0x110
[  579.572062]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  579.573122]  ? bit_wait_io_timeout+0x160/0x160
12:43:21 executing program 2:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
epoll_create(0x1)
syz_io_uring_submit(r1, r2, 0x0, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:43:21 executing program 6:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 36)

12:43:21 executing program 1:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 34)

12:43:21 executing program 5:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000be000000000000be252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000000040)="22df1d0000000000000d00080005e20008007809140b2a3a0802", 0x1a}], 0x0, &(0x7f0000011e00))
mkdirat(r0, &(0x7f0000000300)='./file0\x00', 0x8)

[  579.574119]  __do_sys_clone+0xc8/0x110
[  579.575197]  ? __do_sys_vfork+0xd0/0xd0
[  579.576046]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  579.577210]  ? vfs_write+0x428/0xad0
[  579.578023]  ? syscall_enter_from_user_mode+0x1d/0x50
[  579.579137]  do_syscall_64+0x3b/0x90
[  579.579947]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  579.581041] RIP: 0033:0x7fa70862cb19
[  579.581825] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  579.585691] RSP: 002b:00007fa705ba2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  579.586477] loop5: detected capacity change from 0 to 136
[  579.587286] RAX: ffffffffffffffda RBX: 00007fa70873ff60 RCX: 00007fa70862cb19
[  579.587311] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  579.590869] RBP: 00007fa705ba21d0 R08: 0000000000000000 R09: 0000000000000000
[  579.592352] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  579.593839] R13: 00007ffd6adb49ef R14: 00007fa705ba2300 R15: 0000000000022000
[  579.595366]  </TASK>
[  579.597509] FAULT_INJECTION: forcing a failure.
[  579.597509] name failslab, interval 1, probability 0, space 0, times 0
[  579.599852] CPU: 1 PID: 5558 Comm: syz-executor.1 Not tainted 5.17.0-rc8-next-20220318 #1
[  579.601556] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  579.603924] Call Trace:
[  579.604462]  <TASK>
[  579.604931]  dump_stack_lvl+0x8b/0xb3
[  579.605744]  should_fail.cold+0x5/0xa
[  579.606550]  ? copy_ipcs+0x184/0x5d0
[  579.607354]  should_failslab+0x5/0x10
[  579.608149]  kmem_cache_alloc_trace+0x55/0x3c0
[  579.609113]  copy_ipcs+0x184/0x5d0
[  579.609856]  ? copy_utsname+0xa9/0x4a0
[  579.610697]  create_new_namespaces+0x210/0xb30
[  579.611672]  copy_namespaces+0x391/0x450
[  579.612528]  copy_process+0x2ba5/0x6d10
[  579.613398]  ? __cleanup_sighand+0xb0/0xb0
[  579.614295]  ? lock_is_held_type+0xd7/0x130
[  579.615172]  ? find_held_lock+0x2c/0x110
[  579.615976]  ? kernel_clone+0xc4/0xa60
[  579.616752]  kernel_clone+0xe7/0xa60
[  579.617492]  ? create_io_thread+0xf0/0xf0
[  579.618309]  ? find_held_lock+0x2c/0x110
[  579.619118]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  579.620087]  ? bit_wait_io_timeout+0x160/0x160
[  579.620988]  __do_sys_clone+0xc8/0x110
[  579.621756]  ? __do_sys_vfork+0xd0/0xd0
[  579.622537]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  579.623627]  ? vfs_write+0x428/0xad0
[  579.624377]  ? syscall_enter_from_user_mode+0x1d/0x50
[  579.625386]  do_syscall_64+0x3b/0x90
[  579.626121]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  579.627144] RIP: 0033:0x7f71bf82bb19
[  579.627863] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  579.631427] RSP: 002b:00007f71bcda1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  579.632906] RAX: ffffffffffffffda RBX: 00007f71bf93ef60 RCX: 00007f71bf82bb19
[  579.634288] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  579.635679] RBP: 00007f71bcda11d0 R08: 0000000000000000 R09: 0000000000000000
[  579.637056] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  579.638432] R13: 00007ffdc313072f R14: 00007f71bcda1300 R15: 0000000000022000
[  579.639850]  </TASK>
[  579.656258] isofs_fill_super: get root inode failed
12:43:21 executing program 4:
syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff000000000000000007"], 0x1c}], 0x1}, 0x0)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
read(r0, &(0x7f00000001c0)=""/133, 0x85)

12:43:21 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff000000000000000007"], 0x1c}], 0x1}, 0x0)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
read(r0, &(0x7f00000001c0)=""/133, 0x85)

12:43:21 executing program 0:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000380)=<r1=>0x0)
r2 = epoll_create(0x1)
syz_io_uring_submit(0x0, r1, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x2, 0x4000, @fd=r2, 0x7f, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:43:21 executing program 7:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r3, 0x7f, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:43:21 executing program 2:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
epoll_create(0x1)
syz_io_uring_submit(r1, r2, 0x0, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:43:21 executing program 5:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="22df1d0000000000000d00080005e20008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000011e00))
mkdirat(r0, &(0x7f0000000300)='./file0\x00', 0x8)

12:43:22 executing program 3:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x7f, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:43:22 executing program 0:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff000000000000000007"], 0x1c}], 0x1}, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0)
sendmsg$IPVS_CMD_DEL_SERVICE(r0, &(0x7f0000001200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000001180)={&(0x7f0000001340)=ANY=[@ANYBLOB="f954b225", @ANYRES16=0x0, @ANYBLOB="01002dbd7000fddbdf2503000000140002800800030000000000080004002400000008000500ffffffff"], 0x30}, 0x1, 0x0, 0x0, 0x24008805}, 0x20000000)
preadv(r1, &(0x7f00000011c0)=[{&(0x7f0000000180)=""/4096, 0x1000}], 0x1, 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r2, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0)
r3 = fork()
r4 = pidfd_open(r3, 0x0)
process_madvise(r4, 0x0, 0x0, 0x14, 0x0)
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='uid_map\x00')
preadv(r5, &(0x7f0000000300)=[{&(0x7f0000000200)=""/66, 0x42}], 0x1, 0x1, 0x0)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
read(r0, &(0x7f00000001c0)=""/133, 0x85)

[  579.753160] loop5: detected capacity change from 0 to 240
12:43:22 executing program 7:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r3, 0x7f, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:43:22 executing program 2:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
epoll_create(0x1)
syz_io_uring_submit(r1, r2, 0x0, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

[  579.791381] isofs_fill_super: bread failed, dev=loop5, iso_blknum=60, block=120
12:43:38 executing program 6:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 37)

12:43:38 executing program 0:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff000000000000000007"], 0x1c}], 0x1}, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0)
sendmsg$IPVS_CMD_DEL_SERVICE(r0, &(0x7f0000001200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000001180)={&(0x7f0000001340)=ANY=[@ANYBLOB="f954b225", @ANYRES16=0x0, @ANYBLOB="01002dbd7000fddbdf2503000000140002800800030000000000080004002400000008000500ffffffff"], 0x30}, 0x1, 0x0, 0x0, 0x24008805}, 0x20000000)
preadv(r1, &(0x7f00000011c0)=[{&(0x7f0000000180)=""/4096, 0x1000}], 0x1, 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r2, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0)
r3 = fork()
r4 = pidfd_open(r3, 0x0)
process_madvise(r4, 0x0, 0x0, 0x14, 0x0)
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='uid_map\x00')
preadv(r5, &(0x7f0000000300)=[{&(0x7f0000000200)=""/66, 0x42}], 0x1, 0x1, 0x0)
read(r5, &(0x7f0000001240)=""/196, 0xc4)
read(r0, &(0x7f00000001c0)=""/133, 0x85)

12:43:38 executing program 5:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="22df1d0000000000000d00080005e20008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000011e00))
mkdirat(r0, &(0x7f0000000300)='./file0\x00', 0x8)

12:43:38 executing program 4:
syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff000000000000000007"], 0x1c}], 0x1}, 0x0)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
read(r0, &(0x7f00000001c0)=""/133, 0x85)

12:43:38 executing program 3:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000be000000000000be252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {0x0, 0x0, 0xf000}], 0x0, &(0x7f0000011e00))
mkdirat(r0, &(0x7f0000000300)='./file0\x00', 0x8)

12:43:38 executing program 7:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r3, 0x7f, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:43:38 executing program 2:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x7f, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:43:38 executing program 1:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 35)

[  595.771263] FAULT_INJECTION: forcing a failure.
[  595.771263] name failslab, interval 1, probability 0, space 0, times 0
[  595.773714] CPU: 1 PID: 5600 Comm: syz-executor.6 Not tainted 5.17.0-rc8-next-20220318 #1
[  595.775490] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  595.777910] Call Trace:
[  595.778457]  <TASK>
[  595.778940]  dump_stack_lvl+0x8b/0xb3
[  595.779769]  should_fail.cold+0x5/0xa
[  595.780590]  ? create_object.isra.0+0x3a/0xa20
[  595.781575]  should_failslab+0x5/0x10
[  595.782382]  kmem_cache_alloc+0x5b/0x480
[  595.783261]  ? obj_cgroup_charge+0x247/0x740
[  595.784212]  create_object.isra.0+0x3a/0xa20
[  595.785154]  ? kasan_unpoison+0x23/0x50
[  595.786024]  kmem_cache_alloc_trace+0x22e/0x3c0
[  595.787033]  alloc_fs_context+0x58/0x9d0
[  595.787917]  mq_init_ns+0x16e/0x630
[  595.788702]  copy_ipcs+0x35e/0x5d0
[  595.789457]  ? copy_utsname+0xa9/0x4a0
[  595.790291]  create_new_namespaces+0x210/0xb30
[  595.791286]  copy_namespaces+0x391/0x450
[  595.792176]  copy_process+0x2ba5/0x6d10
[  595.793059]  ? __cleanup_sighand+0xb0/0xb0
[  595.793990]  ? lock_is_held_type+0xd7/0x130
[  595.794924]  ? find_held_lock+0x2c/0x110
[  595.796018]  ? kernel_clone+0xc4/0xa60
[  595.796858]  kernel_clone+0xe7/0xa60
[  595.797677]  ? create_io_thread+0xf0/0xf0
[  595.798572]  ? find_held_lock+0x2c/0x110
[  595.799453]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  595.800513]  ? bit_wait_io_timeout+0x160/0x160
[  595.801498]  __do_sys_clone+0xc8/0x110
[  595.802349]  ? __do_sys_vfork+0xd0/0xd0
[  595.803235]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  595.804421]  ? vfs_write+0x428/0xad0
[  595.805248]  ? syscall_enter_from_user_mode+0x1d/0x50
[  595.806370]  do_syscall_64+0x3b/0x90
[  595.807187]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  595.808308] RIP: 0033:0x7fa70862cb19
[  595.809105] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  595.813061] RSP: 002b:00007fa705ba2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  595.814696] RAX: ffffffffffffffda RBX: 00007fa70873ff60 RCX: 00007fa70862cb19
[  595.816252] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  595.817791] RBP: 00007fa705ba21d0 R08: 0000000000000000 R09: 0000000000000000
[  595.819340] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  595.820872] R13: 00007ffd6adb49ef R14: 00007fa705ba2300 R15: 0000000000022000
[  595.822437]  </TASK>
[  595.825606] FAULT_INJECTION: forcing a failure.
[  595.825606] name failslab, interval 1, probability 0, space 0, times 0
[  595.826872] CPU: 0 PID: 5604 Comm: syz-executor.1 Not tainted 5.17.0-rc8-next-20220318 #1
[  595.827767] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  595.829010] Call Trace:
[  595.829287]  <TASK>
[  595.829534]  dump_stack_lvl+0x8b/0xb3
[  595.829960]  should_fail.cold+0x5/0xa
[  595.830391]  ? create_object.isra.0+0x3a/0xa20
[  595.830917]  should_failslab+0x5/0x10
[  595.831336]  kmem_cache_alloc+0x5b/0x480
[  595.831384] loop5: detected capacity change from 0 to 240
[  595.831782]  create_object.isra.0+0x3a/0xa20
[  595.833418]  ? kasan_unpoison+0x23/0x50
[  595.833863]  kmem_cache_alloc_trace+0x22e/0x3c0
[  595.834388]  copy_ipcs+0x184/0x5d0
[  595.834778]  ? copy_utsname+0xa9/0x4a0
[  595.835224]  create_new_namespaces+0x210/0xb30
[  595.835727]  copy_namespaces+0x391/0x450
[  595.836198]  copy_process+0x2ba5/0x6d10
[  595.836649]  ? __cleanup_sighand+0xb0/0xb0
[  595.837113]  ? lock_is_held_type+0xd7/0x130
[  595.837585]  ? find_held_lock+0x2c/0x110
[  595.838047]  ? kernel_clone+0xc4/0xa60
[  595.838471]  kernel_clone+0xe7/0xa60
[  595.838890]  ? create_io_thread+0xf0/0xf0
[  595.839341]  ? find_held_lock+0x2c/0x110
[  595.839805]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  595.840350]  ? bit_wait_io_timeout+0x160/0x160
[  595.840830]  __do_sys_clone+0xc8/0x110
[  595.841257]  ? __do_sys_vfork+0xd0/0xd0
[  595.841678]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  595.842275]  ? vfs_write+0x428/0xad0
[  595.842691]  ? syscall_enter_from_user_mode+0x1d/0x50
[  595.843276]  do_syscall_64+0x3b/0x90
[  595.843692]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  595.844256] RIP: 0033:0x7f71bf82bb19
[  595.844662] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  595.846641] RSP: 002b:00007f71bcda1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  595.847465] RAX: ffffffffffffffda RBX: 00007f71bf93ef60 RCX: 00007f71bf82bb19
[  595.848236] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  595.849014] RBP: 00007f71bcda11d0 R08: 0000000000000000 R09: 0000000000000000
[  595.849792] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  595.850559] R13: 00007ffdc313072f R14: 00007f71bcda1300 R15: 0000000000022000
[  595.851355]  </TASK>
[  595.852330] loop3: detected capacity change from 0 to 240
[  595.854145] isofs_fill_super: bread failed, dev=loop5, iso_blknum=60, block=120
[  595.863800] isofs_fill_super: get root inode failed
12:43:52 executing program 4:
syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff000000000000000007"], 0x1c}], 0x1}, 0x0)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
read(r0, &(0x7f00000001c0)=""/133, 0x85)

12:43:52 executing program 0:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff000000000000000007"], 0x1c}], 0x1}, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0)
sendmsg$IPVS_CMD_DEL_SERVICE(r0, &(0x7f0000001200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000001180)={&(0x7f0000001340)=ANY=[@ANYBLOB="f954b225", @ANYRES16=0x0, @ANYBLOB="01002dbd7000fddbdf2503000000140002800800030000000000080004002400000008000500ffffffff"], 0x30}, 0x1, 0x0, 0x0, 0x24008805}, 0x20000000)
preadv(r1, &(0x7f00000011c0)=[{&(0x7f0000000180)=""/4096, 0x1000}], 0x1, 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r2, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0)
r3 = fork()
r4 = pidfd_open(r3, 0x0)
process_madvise(r4, 0x0, 0x0, 0x14, 0x0)
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='uid_map\x00')
preadv(r5, &(0x7f0000000300)=[{&(0x7f0000000200)=""/66, 0x42}], 0x1, 0x1, 0x0)
read(r5, &(0x7f0000001240)=""/196, 0xc4)
read(r0, &(0x7f00000001c0)=""/133, 0x85)

12:43:52 executing program 6:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 38)

12:43:52 executing program 3:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff000000000000000007"], 0x1c}], 0x1}, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0)
sendmsg$IPVS_CMD_DEL_SERVICE(r0, &(0x7f0000001200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000001180)={&(0x7f0000001340)=ANY=[@ANYBLOB="f954b225", @ANYRES16=0x0, @ANYBLOB="01002dbd7000fddbdf2503000000140002800800030000000000080004002400000008000500ffffffff"], 0x30}, 0x1, 0x0, 0x0, 0x24008805}, 0x20000000)
preadv(r1, &(0x7f00000011c0)=[{&(0x7f0000000180)=""/4096, 0x1000}], 0x1, 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r2, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0)
r3 = fork()
r4 = pidfd_open(r3, 0x0)
process_madvise(r4, 0x0, 0x0, 0x14, 0x0)
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='uid_map\x00')
preadv(r5, &(0x7f0000000300)=[{&(0x7f0000000200)=""/66, 0x42}], 0x1, 0x1, 0x0)
read(r5, &(0x7f0000001240)=""/196, 0xc4)
read(r0, &(0x7f00000001c0)=""/133, 0x85)

12:43:52 executing program 7:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd, 0x7f, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:43:52 executing program 2:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r3, 0x7f, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:43:52 executing program 5:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="22df1d0000000000000d00080005e20008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000011e00))
mkdirat(r0, &(0x7f0000000300)='./file0\x00', 0x8)

12:43:52 executing program 1:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 36)

[  610.505446] FAULT_INJECTION: forcing a failure.
[  610.505446] name failslab, interval 1, probability 0, space 0, times 0
[  610.507894] CPU: 0 PID: 5624 Comm: syz-executor.1 Not tainted 5.17.0-rc8-next-20220318 #1
[  610.509582] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  610.511880] Call Trace:
[  610.512422]  <TASK>
[  610.512880]  dump_stack_lvl+0x8b/0xb3
[  610.513686]  should_fail.cold+0x5/0xa
[  610.514479]  ? alloc_fs_context+0x58/0x9d0
[  610.515372]  should_failslab+0x5/0x10
[  610.516136]  kmem_cache_alloc_trace+0x55/0x3c0
[  610.517087]  alloc_fs_context+0x58/0x9d0
[  610.517935]  mq_init_ns+0x16e/0x630
[  610.518689]  copy_ipcs+0x35e/0x5d0
[  610.519426]  ? copy_utsname+0xa9/0x4a0
[  610.520227]  create_new_namespaces+0x210/0xb30
[  610.521170]  copy_namespaces+0x391/0x450
[  610.522024]  copy_process+0x2ba5/0x6d10
[  610.522869]  ? __cleanup_sighand+0xb0/0xb0
[  610.523767]  ? lock_is_held_type+0xd7/0x130
[  610.524643]  ? find_held_lock+0x2c/0x110
[  610.525492]  ? kernel_clone+0xc4/0xa60
[  610.526298]  kernel_clone+0xe7/0xa60
[  610.527059]  ? create_io_thread+0xf0/0xf0
[  610.527917]  ? find_held_lock+0x2c/0x110
[  610.528749]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  610.529768]  ? bit_wait_io_timeout+0x160/0x160
[  610.530709]  __do_sys_clone+0xc8/0x110
[  610.531523]  ? __do_sys_vfork+0xd0/0xd0
[  610.532340]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  610.533456]  ? vfs_write+0x428/0xad0
[  610.534256]  ? syscall_enter_from_user_mode+0x1d/0x50
[  610.535362]  do_syscall_64+0x3b/0x90
[  610.536121]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  610.537229] RIP: 0033:0x7f71bf82bb19
[  610.537973] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  610.541697] RSP: 002b:00007f71bcda1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  610.543264] RAX: ffffffffffffffda RBX: 00007f71bf93ef60 RCX: 00007f71bf82bb19
[  610.544709] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  610.546137] RBP: 00007f71bcda11d0 R08: 0000000000000000 R09: 0000000000000000
[  610.547587] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  610.549023] R13: 00007ffdc313072f R14: 00007f71bcda1300 R15: 0000000000022000
[  610.550502]  </TASK>
[  610.554406] FAULT_INJECTION: forcing a failure.
[  610.554406] name failslab, interval 1, probability 0, space 0, times 0
[  610.556766] CPU: 0 PID: 5630 Comm: syz-executor.6 Not tainted 5.17.0-rc8-next-20220318 #1
[  610.558436] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  610.560721] Call Trace:
[  610.561246]  <TASK>
[  610.561691]  dump_stack_lvl+0x8b/0xb3
[  610.562487]  should_fail.cold+0x5/0xa
[  610.563290]  ? mqueue_init_fs_context+0x47/0x490
[  610.564256]  should_failslab+0x5/0x10
[  610.565014]  kmem_cache_alloc_trace+0x55/0x3c0
[  610.566237]  mqueue_init_fs_context+0x47/0x490
[  610.567180]  ? mqueue_create+0x20/0x20
[  610.567984]  alloc_fs_context+0x563/0x9d0
[  610.568843]  mq_init_ns+0x16e/0x630
[  610.569593]  copy_ipcs+0x35e/0x5d0
[  610.570317]  ? copy_utsname+0xa9/0x4a0
[  610.571122]  create_new_namespaces+0x210/0xb30
[  610.572073]  copy_namespaces+0x391/0x450
[  610.572911]  copy_process+0x2ba5/0x6d10
[  610.573753]  ? __cleanup_sighand+0xb0/0xb0
[  610.574627]  ? lock_is_held_type+0xd7/0x130
[  610.575527]  ? find_held_lock+0x2c/0x110
[  610.576359]  ? kernel_clone+0xc4/0xa60
[  610.577153]  kernel_clone+0xe7/0xa60
[  610.578111]  ? create_io_thread+0xf0/0xf0
[  610.579229]  ? find_held_lock+0x2c/0x110
[  610.580290]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  610.581506]  ? bit_wait_io_timeout+0x160/0x160
[  610.582453]  __do_sys_clone+0xc8/0x110
[  610.583267]  ? __do_sys_vfork+0xd0/0xd0
[  610.584070]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  610.585193]  ? vfs_write+0x428/0xad0
[  610.585983]  ? syscall_enter_from_user_mode+0x1d/0x50
[  610.587028]  do_syscall_64+0x3b/0x90
[  610.587818]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  610.588886] RIP: 0033:0x7fa70862cb19
[  610.589638] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  610.593358] RSP: 002b:00007fa705ba2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  610.594892] RAX: ffffffffffffffda RBX: 00007fa70873ff60 RCX: 00007fa70862cb19
[  610.596340] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  610.597766] RBP: 00007fa705ba21d0 R08: 0000000000000000 R09: 0000000000000000
[  610.599229] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  610.600670] R13: 00007ffd6adb49ef R14: 00007fa705ba2300 R15: 0000000000022000
[  610.602119]  </TASK>
[  610.605895] loop5: detected capacity change from 0 to 240
12:43:52 executing program 4:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff000000000000000007"], 0x1c}], 0x1}, 0x0)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
read(r0, &(0x7f00000001c0)=""/133, 0x85)

12:43:52 executing program 2:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r3, 0x7f, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:43:52 executing program 7:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd, 0x7f, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

[  610.673588] isofs_fill_super: bread failed, dev=loop5, iso_blknum=60, block=120
12:43:53 executing program 6:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 39)

12:43:53 executing program 1:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 37)

12:43:53 executing program 2:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r3, 0x7f, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:43:53 executing program 5:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{0x0, 0x0, 0x8800}, {&(0x7f0000000040)="22df1d0000000000000d00080005e20008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000011e00))
mkdirat(r0, &(0x7f0000000300)='./file0\x00', 0x8)

12:43:53 executing program 7:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd, 0x7f, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:43:53 executing program 0:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="22df1d0000000000000d00080005e20008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000011e00))
mkdirat(r0, &(0x7f0000000300)='./file0\x00', 0x8)

[  610.847053] FAULT_INJECTION: forcing a failure.
[  610.847053] name failslab, interval 1, probability 0, space 0, times 0
[  610.847147] FAULT_INJECTION: forcing a failure.
[  610.847147] name failslab, interval 1, probability 0, space 0, times 0
[  610.849386] CPU: 0 PID: 5651 Comm: syz-executor.6 Not tainted 5.17.0-rc8-next-20220318 #1
[  610.853256] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  610.855577] Call Trace:
[  610.856104]  <TASK>
[  610.856566]  dump_stack_lvl+0x8b/0xb3
[  610.857367]  should_fail.cold+0x5/0xa
[  610.858172]  ? create_object.isra.0+0x3a/0xa20
[  610.859158]  should_failslab+0x5/0x10
[  610.859938]  kmem_cache_alloc+0x5b/0x480
[  610.860788]  create_object.isra.0+0x3a/0xa20
[  610.861690]  ? kasan_unpoison+0x23/0x50
[  610.862543]  kmem_cache_alloc_trace+0x22e/0x3c0
[  610.863534]  mqueue_init_fs_context+0x47/0x490
[  610.864485]  ? mqueue_create+0x20/0x20
[  610.865320]  alloc_fs_context+0x563/0x9d0
[  610.866197]  mq_init_ns+0x16e/0x630
[  610.866961]  copy_ipcs+0x35e/0x5d0
[  610.867717]  ? copy_utsname+0xa9/0x4a0
[  610.868540]  create_new_namespaces+0x210/0xb30
[  610.869499]  copy_namespaces+0x391/0x450
[  610.870355]  copy_process+0x2ba5/0x6d10
[  610.871226]  ? __cleanup_sighand+0xb0/0xb0
[  610.872115]  ? lock_is_held_type+0xd7/0x130
[  610.873015]  ? find_held_lock+0x2c/0x110
[  610.873855]  ? kernel_clone+0xc4/0xa60
[  610.874671]  kernel_clone+0xe7/0xa60
[  610.875461]  ? create_io_thread+0xf0/0xf0
[  610.876315]  ? find_held_lock+0x2c/0x110
[  610.877170]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  610.878212]  ? bit_wait_io_timeout+0x160/0x160
[  610.879168]  __do_sys_clone+0xc8/0x110
[  610.879978]  ? __do_sys_vfork+0xd0/0xd0
[  610.880816]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  610.881929]  ? vfs_write+0x428/0xad0
[  610.882693]  ? syscall_enter_from_user_mode+0x1d/0x50
[  610.883739]  do_syscall_64+0x3b/0x90
[  610.884485]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  610.885522] RIP: 0033:0x7fa70862cb19
[  610.886256] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  610.889904] RSP: 002b:00007fa705ba2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  610.891416] RAX: ffffffffffffffda RBX: 00007fa70873ff60 RCX: 00007fa70862cb19
[  610.892841] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  610.894255] RBP: 00007fa705ba21d0 R08: 0000000000000000 R09: 0000000000000000
[  610.895684] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  610.897088] R13: 00007ffd6adb49ef R14: 00007fa705ba2300 R15: 0000000000022000
[  610.898558]  </TASK>
[  610.899018] CPU: 1 PID: 5649 Comm: syz-executor.1 Not tainted 5.17.0-rc8-next-20220318 #1
[  610.900679] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  610.902893] Call Trace:
[  610.903418]  <TASK>
[  610.903863]  dump_stack_lvl+0x8b/0xb3
[  610.904633]  should_fail.cold+0x5/0xa
[  610.905395]  ? create_object.isra.0+0x3a/0xa20
[  610.906313]  should_failslab+0x5/0x10
[  610.907063]  kmem_cache_alloc+0x5b/0x480
[  610.907874]  ? obj_cgroup_charge+0x247/0x740
[  610.908750]  create_object.isra.0+0x3a/0xa20
[  610.909625]  ? kasan_unpoison+0x23/0x50
[  610.910419]  kmem_cache_alloc_trace+0x22e/0x3c0
[  610.911363]  alloc_fs_context+0x58/0x9d0
[  610.912182]  mq_init_ns+0x16e/0x630
[  610.912907]  copy_ipcs+0x35e/0x5d0
[  610.913606]  ? copy_utsname+0xa9/0x4a0
[  610.914393]  create_new_namespaces+0x210/0xb30
[  610.915324]  copy_namespaces+0x391/0x450
[  610.916141]  copy_process+0x2ba5/0x6d10
[  610.916969]  ? __cleanup_sighand+0xb0/0xb0
[  610.917824]  ? lock_is_held_type+0xd7/0x130
[  610.918677]  ? find_held_lock+0x2c/0x110
[  610.919491]  ? kernel_clone+0xc4/0xa60
[  610.920267]  kernel_clone+0xe7/0xa60
[  610.921014]  ? create_io_thread+0xf0/0xf0
[  610.921840]  ? find_held_lock+0x2c/0x110
[  610.922643]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  610.923637]  ? bit_wait_io_timeout+0x160/0x160
[  610.924544]  __do_sys_clone+0xc8/0x110
[  610.925318]  ? __do_sys_vfork+0xd0/0xd0
[  610.926107]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  610.927194]  ? vfs_write+0x428/0xad0
[  610.927956]  ? syscall_enter_from_user_mode+0x1d/0x50
[  610.928973]  do_syscall_64+0x3b/0x90
[  610.929716]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  610.930741] RIP: 0033:0x7f71bf82bb19
[  610.931481] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  610.935095] RSP: 002b:00007f71bcda1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  610.936935] RAX: ffffffffffffffda RBX: 00007f71bf93ef60 RCX: 00007f71bf82bb19
[  610.938638] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  610.940374] RBP: 00007f71bcda11d0 R08: 0000000000000000 R09: 0000000000000000
[  610.942077] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  610.943819] R13: 00007ffdc313072f R14: 00007f71bcda1300 R15: 0000000000022000
[  610.945551]  </TASK>
12:43:53 executing program 3:
syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff000000000000000007"], 0x1c}], 0x1}, 0x0)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
read(r0, &(0x7f00000001c0)=""/133, 0x85)

[  610.961589] loop0: detected capacity change from 0 to 240
[  610.994108] isofs_fill_super: bread failed, dev=loop0, iso_blknum=60, block=120
[  611.003016] loop5: detected capacity change from 0 to 240
12:43:53 executing program 7:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:43:53 executing program 3:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff000000000000000007"], 0x1c}], 0x1}, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0)
sendmsg$IPVS_CMD_DEL_SERVICE(r0, &(0x7f0000001200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000001180)={&(0x7f0000001340)=ANY=[@ANYBLOB="f954b225", @ANYRES16=0x0, @ANYBLOB="01002dbd7000fddbdf2503000000140002800800030000000000080004002400000008000500ffffffff"], 0x30}, 0x1, 0x0, 0x0, 0x24008805}, 0x20000000)
preadv(r1, &(0x7f00000011c0)=[{&(0x7f0000000180)=""/4096, 0x1000}], 0x1, 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r2, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0)
r3 = fork()
r4 = pidfd_open(r3, 0x0)
process_madvise(r4, 0x0, 0x0, 0x14, 0x0)
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='uid_map\x00')
preadv(r5, &(0x7f0000000300)=[{&(0x7f0000000200)=""/66, 0x42}], 0x1, 0x1, 0x0)
read(r5, &(0x7f0000001240)=""/196, 0xc4)
read(r0, &(0x7f00000001c0)=""/133, 0x85)

[  611.071927] isofs_fill_super: bread failed, dev=loop5, iso_blknum=60, block=120
12:43:53 executing program 2:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd, 0x7f, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:44:06 executing program 6:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 40)

12:44:06 executing program 4:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff000000000000000007"], 0x1c}], 0x1}, 0x0)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
read(r0, &(0x7f00000001c0)=""/133, 0x85)

12:44:06 executing program 3:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff000000000000000007"], 0x1c}], 0x1}, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0)
sendmsg$IPVS_CMD_DEL_SERVICE(r0, &(0x7f0000001200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000001180)={&(0x7f0000001340)=ANY=[@ANYBLOB="f954b225", @ANYRES16=0x0, @ANYBLOB="01002dbd7000fddbdf2503000000140002800800030000000000080004002400000008000500ffffffff"], 0x30}, 0x1, 0x0, 0x0, 0x24008805}, 0x20000000)
preadv(r1, &(0x7f00000011c0)=[{&(0x7f0000000180)=""/4096, 0x1000}], 0x1, 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r2, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0)
r3 = fork()
r4 = pidfd_open(r3, 0x0)
process_madvise(r4, 0x0, 0x0, 0x14, 0x0)
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='uid_map\x00')
preadv(r5, &(0x7f0000000300)=[{&(0x7f0000000200)=""/66, 0x42}], 0x1, 0x1, 0x0)
read(r5, &(0x7f0000001240)=""/196, 0xc4)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
ioctl$SNDRV_TIMER_IOCTL_STOP(0xffffffffffffffff, 0x54a1)
read(r0, &(0x7f00000001c0)=""/133, 0x85)

12:44:06 executing program 5:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{0x0, 0x0, 0x8800}, {&(0x7f0000000040)="22df1d0000000000000d00080005e20008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000011e00))
mkdirat(r0, &(0x7f0000000300)='./file0\x00', 0x8)

12:44:06 executing program 0:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff000000000000000007"], 0x1c}], 0x1}, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0)
sendmsg$IPVS_CMD_DEL_SERVICE(r0, &(0x7f0000001200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000001180)={&(0x7f0000001340)=ANY=[@ANYBLOB="f954b225", @ANYRES16=0x0, @ANYBLOB="01002dbd7000fddbdf2503000000140002800800030000000000080004002400000008000500ffffffff"], 0x30}, 0x1, 0x0, 0x0, 0x24008805}, 0x20000000)
preadv(r1, &(0x7f00000011c0)=[{&(0x7f0000000180)=""/4096, 0x1000}], 0x1, 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r2, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0)
r3 = fork()
r4 = pidfd_open(r3, 0x0)
process_madvise(r4, 0x0, 0x0, 0x14, 0x0)
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='uid_map\x00')
preadv(r5, &(0x7f0000000300)=[{&(0x7f0000000200)=""/66, 0x42}], 0x1, 0x1, 0x0)
read(r5, &(0x7f0000001240)=""/196, 0xc4)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
read(r0, &(0x7f00000001c0)=""/133, 0x85)

12:44:06 executing program 7:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0, 0x0, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:44:06 executing program 1:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 38)

12:44:06 executing program 2:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd, 0x7f, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

[  624.160805] FAULT_INJECTION: forcing a failure.
[  624.160805] name failslab, interval 1, probability 0, space 0, times 0
[  624.162905] CPU: 0 PID: 5682 Comm: syz-executor.6 Not tainted 5.17.0-rc8-next-20220318 #1
[  624.164423] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  624.166560] Call Trace:
[  624.167042]  <TASK>
[  624.167474]  dump_stack_lvl+0x8b/0xb3
[  624.168195]  should_fail.cold+0x5/0xa
[  624.168913]  ? alloc_super+0x54/0x9d0
[  624.169642]  should_failslab+0x5/0x10
[  624.170832]  kmem_cache_alloc_trace+0x55/0x3c0
[  624.172099]  ? do_raw_spin_lock+0x121/0x260
[  624.173287]  alloc_super+0x54/0x9d0
[  624.174274]  sget_fc+0x13e/0x7a0
[  624.175182]  ? refcount_dec_not_one+0x13b/0x1e0
[  624.176242]  ? set_anon_super+0xb0/0xb0
[  624.177070]  ? mqueue_get_tree+0x130/0x130
[  624.177932]  get_tree_nodev+0x24/0x1d0
[  624.178724]  mqueue_get_tree+0xee/0x130
[  624.179538]  vfs_get_tree+0x8e/0x2f0
[  624.180293]  fc_mount+0x13/0xc0
[  624.180960]  mq_init_ns+0x43e/0x630
[  624.181719]  copy_ipcs+0x35e/0x5d0
[  624.182462]  ? copy_utsname+0xa9/0x4a0
[  624.183254]  create_new_namespaces+0x210/0xb30
[  624.184205]  copy_namespaces+0x391/0x450
[  624.185028]  copy_process+0x2ba5/0x6d10
[  624.185869]  ? __cleanup_sighand+0xb0/0xb0
[  624.186780]  ? lock_is_held_type+0xd7/0x130
[  624.187689]  ? find_held_lock+0x2c/0x110
[  624.188512]  ? kernel_clone+0xc4/0xa60
[  624.189301]  kernel_clone+0xe7/0xa60
[  624.190061]  ? create_io_thread+0xf0/0xf0
[  624.190923]  ? find_held_lock+0x2c/0x110
[  624.191755]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  624.192761]  ? bit_wait_io_timeout+0x160/0x160
[  624.193680]  __do_sys_clone+0xc8/0x110
[  624.194471]  ? __do_sys_vfork+0xd0/0xd0
[  624.195323]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  624.196435]  ? vfs_write+0x428/0xad0
[  624.197198]  ? syscall_enter_from_user_mode+0x1d/0x50
[  624.198243]  do_syscall_64+0x3b/0x90
[  624.198997]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  624.200091] RIP: 0033:0x7fa70862cb19
[  624.200831] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  624.204807] RSP: 002b:00007fa705ba2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  624.206539] RAX: ffffffffffffffda RBX: 00007fa70873ff60 RCX: 00007fa70862cb19
[  624.208201] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  624.209832] RBP: 00007fa705ba21d0 R08: 0000000000000000 R09: 0000000000000000
[  624.211461] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  624.213092] R13: 00007ffd6adb49ef R14: 00007fa705ba2300 R15: 0000000000022000
[  624.214737]  </TASK>
12:44:06 executing program 2:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd, 0x7f, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

[  624.233620] loop5: detected capacity change from 0 to 240
[  624.252160] FAULT_INJECTION: forcing a failure.
[  624.252160] name failslab, interval 1, probability 0, space 0, times 0
[  624.254646] CPU: 0 PID: 5697 Comm: syz-executor.1 Not tainted 5.17.0-rc8-next-20220318 #1
[  624.256498] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  624.258974] Call Trace:
12:44:06 executing program 2:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

[  624.259575]  <TASK>
[  624.260191]  dump_stack_lvl+0x8b/0xb3
[  624.261037]  should_fail.cold+0x5/0xa
[  624.261878]  ? mqueue_init_fs_context+0x47/0x490
[  624.262919]  should_failslab+0x5/0x10
[  624.263769]  kmem_cache_alloc_trace+0x55/0x3c0
[  624.264800]  mqueue_init_fs_context+0x47/0x490
[  624.265787]  ? mqueue_create+0x20/0x20
[  624.266652]  alloc_fs_context+0x563/0x9d0
[  624.267579]  mq_init_ns+0x16e/0x630
[  624.268378]  copy_ipcs+0x35e/0x5d0
[  624.269172]  ? copy_utsname+0xa9/0x4a0
[  624.270036]  create_new_namespaces+0x210/0xb30
[  624.271069]  copy_namespaces+0x391/0x450
[  624.271966]  copy_process+0x2ba5/0x6d10
[  624.272908]  ? __cleanup_sighand+0xb0/0xb0
[  624.273864]  ? lock_is_held_type+0xd7/0x130
[  624.274813]  ? find_held_lock+0x2c/0x110
[  624.275723]  ? kernel_clone+0xc4/0xa60
[  624.276601]  kernel_clone+0xe7/0xa60
[  624.277441]  ? create_io_thread+0xf0/0xf0
[  624.278353]  ? find_held_lock+0x2c/0x110
[  624.279235]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  624.280309]  ? bit_wait_io_timeout+0x160/0x160
[  624.281303]  __do_sys_clone+0xc8/0x110
[  624.282175]  ? __do_sys_vfork+0xd0/0xd0
[  624.283045]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  624.284241]  ? vfs_write+0x428/0xad0
[  624.285064]  ? syscall_enter_from_user_mode+0x1d/0x50
[  624.286200]  do_syscall_64+0x3b/0x90
[  624.287042]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  624.288197] RIP: 0033:0x7f71bf82bb19
[  624.288982] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  624.292960] RSP: 002b:00007f71bcda1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  624.294592] RAX: ffffffffffffffda RBX: 00007f71bf93ef60 RCX: 00007f71bf82bb19
[  624.296154] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  624.297695] RBP: 00007f71bcda11d0 R08: 0000000000000000 R09: 0000000000000000
[  624.299201] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  624.300709] R13: 00007ffdc313072f R14: 00007f71bcda1300 R15: 0000000000022000
[  624.302263]  </TASK>
12:44:06 executing program 3:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r3, &(0x7f00000000c0)={0xa, 0x0, 0x0, @empty}, 0x1c)
socket$inet(0x2, 0x80006, 0xfff)
pipe(&(0x7f0000000180)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
getsockopt$bt_hci(r4, 0x0, 0x1, &(0x7f0000000640)=""/77, &(0x7f00000001c0)=0x4d)
io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
r5 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x2, 0x4000, @fd=r5, 0x7f, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

[  624.344749] isofs_fill_super: bread failed, dev=loop5, iso_blknum=60, block=120
12:44:06 executing program 2:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0, 0x0, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:44:06 executing program 7:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0, 0x0, 0x0, 0x1, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:44:06 executing program 2:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0, 0x0, 0x0, 0x1, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:44:22 executing program 1:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 39)

12:44:22 executing program 4:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff000000000000000007"], 0x1c}], 0x1}, 0x0)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
read(r0, &(0x7f00000001c0)=""/133, 0x85)

12:44:22 executing program 7:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:44:22 executing program 2:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:44:22 executing program 6:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 41)

12:44:22 executing program 5:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{0x0, 0x0, 0x8800}, {&(0x7f0000000040)="22df1d0000000000000d00080005e20008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000011e00))
mkdirat(r0, &(0x7f0000000300)='./file0\x00', 0x8)

12:44:22 executing program 3:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:44:22 executing program 0:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r3, &(0x7f00000000c0)={0xa, 0x0, 0x0, @empty}, 0x1c)
socket$inet(0x2, 0x80006, 0xfff)
pipe(&(0x7f0000000180))
r4 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x2, 0x4000, @fd=r4, 0x7f, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

[  639.879256] FAULT_INJECTION: forcing a failure.
[  639.879256] name failslab, interval 1, probability 0, space 0, times 0
[  639.881677] CPU: 0 PID: 5718 Comm: syz-executor.1 Not tainted 5.17.0-rc8-next-20220318 #1
[  639.883442] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  639.885865] Call Trace:
[  639.886408]  <TASK>
[  639.886884]  dump_stack_lvl+0x8b/0xb3
[  639.887728]  should_fail.cold+0x5/0xa
[  639.888094] loop5: detected capacity change from 0 to 240
[  639.888586]  ? alloc_fs_context+0x58/0x9d0
[  639.890105]  should_failslab+0x5/0x10
[  639.890940]  kmem_cache_alloc_trace+0x55/0x3c0
[  639.891994]  alloc_fs_context+0x58/0x9d0
[  639.892902]  mq_init_ns+0x16e/0x630
[  639.893684]  copy_ipcs+0x35e/0x5d0
[  639.894450]  ? copy_utsname+0xa9/0x4a0
[  639.895284]  create_new_namespaces+0x210/0xb30
[  639.896305]  copy_namespaces+0x391/0x450
[  639.897214]  copy_process+0x2ba5/0x6d10
[  639.898141]  ? __cleanup_sighand+0xb0/0xb0
[  639.899092]  ? lock_is_held_type+0xd7/0x130
[  639.900103]  ? find_held_lock+0x2c/0x110
[  639.901012]  ? kernel_clone+0xc4/0xa60
[  639.901915]  kernel_clone+0xe7/0xa60
[  639.903021]  ? create_io_thread+0xf0/0xf0
[  639.903947]  ? find_held_lock+0x2c/0x110
[  639.904827]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  639.905912]  ? bit_wait_io_timeout+0x160/0x160
[  639.906893]  __do_sys_clone+0xc8/0x110
[  639.907750]  ? __do_sys_vfork+0xd0/0xd0
[  639.908610]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  639.909797]  ? vfs_write+0x428/0xad0
[  639.910612]  ? syscall_enter_from_user_mode+0x1d/0x50
[  639.911711]  do_syscall_64+0x3b/0x90
[  639.912511]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  639.913615] RIP: 0033:0x7f71bf82bb19
[  639.914408] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  639.918282] RSP: 002b:00007f71bcda1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  639.919898] RAX: ffffffffffffffda RBX: 00007f71bf93ef60 RCX: 00007f71bf82bb19
[  639.921399] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  639.922912] RBP: 00007f71bcda11d0 R08: 0000000000000000 R09: 0000000000000000
[  639.924438] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  639.925942] R13: 00007ffdc313072f R14: 00007f71bcda1300 R15: 0000000000022000
[  639.927460]  </TASK>
[  639.950934] isofs_fill_super: bread failed, dev=loop5, iso_blknum=60, block=120
[  639.955170] FAULT_INJECTION: forcing a failure.
[  639.955170] name failslab, interval 1, probability 0, space 0, times 0
[  639.957669] CPU: 0 PID: 5731 Comm: syz-executor.6 Not tainted 5.17.0-rc8-next-20220318 #1
[  639.959399] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  639.961801] Call Trace:
[  639.962344]  <TASK>
[  639.962819]  dump_stack_lvl+0x8b/0xb3
[  639.963670]  should_fail.cold+0x5/0xa
[  639.964491]  ? create_object.isra.0+0x3a/0xa20
[  639.965485]  should_failslab+0x5/0x10
[  639.966302]  kmem_cache_alloc+0x5b/0x480
[  639.967187]  create_object.isra.0+0x3a/0xa20
[  639.968144]  ? kasan_unpoison+0x23/0x50
[  639.969010]  kmem_cache_alloc_trace+0x22e/0x3c0
[  639.970018]  alloc_super+0x54/0x9d0
[  639.970815]  sget_fc+0x13e/0x7a0
[  639.971579]  ? refcount_dec_not_one+0x13b/0x1e0
[  639.972581]  ? set_anon_super+0xb0/0xb0
[  639.973447]  ? mqueue_get_tree+0x130/0x130
[  639.974360]  get_tree_nodev+0x24/0x1d0
[  639.975207]  mqueue_get_tree+0xee/0x130
[  639.976069]  vfs_get_tree+0x8e/0x2f0
[  639.976881]  fc_mount+0x13/0xc0
[  639.977598]  mq_init_ns+0x43e/0x630
[  639.978387]  copy_ipcs+0x35e/0x5d0
[  639.979145]  ? copy_utsname+0xa9/0x4a0
[  639.980001]  create_new_namespaces+0x210/0xb30
[  639.981000]  copy_namespaces+0x391/0x450
[  639.981883]  copy_process+0x2ba5/0x6d10
[  639.982778]  ? __cleanup_sighand+0xb0/0xb0
12:44:22 executing program 3:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r3, &(0x7f00000000c0)={0xa, 0x0, 0x0, @empty}, 0x1c)
socket$inet(0x2, 0x80006, 0xfff)
pipe(&(0x7f0000000180)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
getsockopt$bt_hci(r4, 0x0, 0x1, &(0x7f0000000640)=""/77, &(0x7f00000001c0)=0x4d)
io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x2}}, './file0\x00'})
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x2, 0x4000, @fd, 0x7f, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:44:22 executing program 2:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:44:22 executing program 0:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff000000000000000007"], 0x1c}], 0x1}, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0)
sendmsg$IPVS_CMD_DEL_SERVICE(r0, &(0x7f0000001200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000001180)={&(0x7f0000001340)=ANY=[@ANYBLOB="f954b225", @ANYRES16=0x0, @ANYBLOB="01002dbd7000fddbdf2503000000140002800800030000000000080004002400000008000500ffffffff"], 0x30}, 0x1, 0x0, 0x0, 0x24008805}, 0x20000000)
preadv(r1, &(0x7f00000011c0)=[{&(0x7f0000000180)=""/4096, 0x1000}], 0x1, 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r2, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0)
r3 = fork()
r4 = pidfd_open(r3, 0x0)
process_madvise(r4, 0x0, 0x0, 0x14, 0x0)
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='uid_map\x00')
preadv(r5, &(0x7f0000000300)=[{&(0x7f0000000200)=""/66, 0x42}], 0x1, 0x1, 0x0)
read(r5, &(0x7f0000001240)=""/196, 0xc4)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
ioctl$SNDRV_TIMER_IOCTL_STOP(0xffffffffffffffff, 0x54a1)
connect$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x1c)
read(r0, &(0x7f00000001c0)=""/133, 0x85)

[  639.983713]  ? lock_is_held_type+0xd7/0x130
[  639.984808]  ? find_held_lock+0x2c/0x110
[  639.985679]  ? kernel_clone+0xc4/0xa60
[  639.986523]  kernel_clone+0xe7/0xa60
[  639.987331]  ? create_io_thread+0xf0/0xf0
[  639.988236]  ? find_held_lock+0x2c/0x110
[  639.989114]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  639.990308]  ? bit_wait_io_timeout+0x160/0x160
[  639.991293]  __do_sys_clone+0xc8/0x110
[  639.992152]  ? __do_sys_vfork+0xd0/0xd0
[  639.993013]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  639.994185]  ? vfs_write+0x428/0xad0
[  639.995007]  ? syscall_enter_from_user_mode+0x1d/0x50
[  639.996126]  do_syscall_64+0x3b/0x90
[  639.996935]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  639.998048] RIP: 0033:0x7fa70862cb19
[  639.998838] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  640.002744] RSP: 002b:00007fa705ba2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  640.004377] RAX: ffffffffffffffda RBX: 00007fa70873ff60 RCX: 00007fa70862cb19
[  640.005890] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  640.007409] RBP: 00007fa705ba21d0 R08: 0000000000000000 R09: 0000000000000000
[  640.008925] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  640.010445] R13: 00007ffd6adb49ef R14: 00007fa705ba2300 R15: 0000000000022000
[  640.011992]  </TASK>
[  640.035629] blk_print_req_error: 446 callbacks suppressed
[  640.035640] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
12:44:38 executing program 4:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, 0x0, 0x0)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
read(r0, &(0x7f00000001c0)=""/133, 0x85)

12:44:38 executing program 3:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff000000000000000007"], 0x1c}], 0x1}, 0x0)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
read(r0, &(0x7f00000001c0)=""/133, 0x85)

12:44:38 executing program 6:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 42)

12:44:38 executing program 2:
syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r0=>0x0, &(0x7f0000000380)=<r1=>0x0)
r2 = epoll_create(0x1)
syz_io_uring_submit(r0, r1, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r2, 0x0, 0x0}, 0x0)
io_uring_enter(0xffffffffffffffff, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:44:38 executing program 7:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:44:38 executing program 5:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600), 0x0, 0x8800}, {&(0x7f0000000040)="22df1d0000000000000d00080005e20008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000011e00))
mkdirat(r0, &(0x7f0000000300)='./file0\x00', 0x8)

12:44:38 executing program 0:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:44:38 executing program 1:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 40)

[  656.414627] FAULT_INJECTION: forcing a failure.
[  656.414627] name failslab, interval 1, probability 0, space 0, times 0
[  656.415887] CPU: 0 PID: 5755 Comm: syz-executor.1 Not tainted 5.17.0-rc8-next-20220318 #1
[  656.416758] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  656.417949] Call Trace:
[  656.418218]  <TASK>
[  656.418453]  dump_stack_lvl+0x8b/0xb3
[  656.418867]  should_fail.cold+0x5/0xa
[  656.419276]  ? alloc_super+0x54/0x9d0
[  656.419691]  should_failslab+0x5/0x10
[  656.420104]  kmem_cache_alloc_trace+0x55/0x3c0
[  656.420595]  ? do_raw_spin_lock+0x121/0x260
[  656.421057]  alloc_super+0x54/0x9d0
[  656.421449]  sget_fc+0x13e/0x7a0
[  656.421812]  ? refcount_dec_not_one+0x13b/0x1e0
[  656.422303]  ? set_anon_super+0xb0/0xb0
[  656.422730]  ? mqueue_get_tree+0x130/0x130
[  656.423175]  get_tree_nodev+0x24/0x1d0
[  656.423597]  mqueue_get_tree+0xee/0x130
[  656.424038]  vfs_get_tree+0x8e/0x2f0
[  656.424439]  fc_mount+0x13/0xc0
[  656.424790]  mq_init_ns+0x43e/0x630
[  656.425180]  copy_ipcs+0x35e/0x5d0
[  656.425563]  ? copy_utsname+0xa9/0x4a0
[  656.425982]  create_new_namespaces+0x210/0xb30
[  656.426475]  copy_namespaces+0x391/0x450
[  656.426905]  copy_process+0x2ba5/0x6d10
[  656.427348]  ? __cleanup_sighand+0xb0/0xb0
[  656.427807]  ? lock_is_held_type+0xd7/0x130
[  656.428264]  ? find_held_lock+0x2c/0x110
[  656.428693]  ? kernel_clone+0xc4/0xa60
[  656.429114]  kernel_clone+0xe7/0xa60
[  656.429513]  ? create_io_thread+0xf0/0xf0
[  656.429954]  ? find_held_lock+0x2c/0x110
[  656.430383]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  656.430910]  ? bit_wait_io_timeout+0x160/0x160
[  656.431392]  __do_sys_clone+0xc8/0x110
[  656.431809]  ? __do_sys_vfork+0xd0/0xd0
[  656.432234]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  656.432819]  ? vfs_write+0x428/0xad0
[  656.433232]  ? syscall_enter_from_user_mode+0x1d/0x50
[  656.433781]  do_syscall_64+0x3b/0x90
[  656.434186]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  656.434735] RIP: 0033:0x7f71bf82bb19
[  656.435122] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  656.437076] RSP: 002b:00007f71bcda1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  656.437868] RAX: ffffffffffffffda RBX: 00007f71bf93ef60 RCX: 00007f71bf82bb19
[  656.438612] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  656.439342] RBP: 00007f71bcda11d0 R08: 0000000000000000 R09: 0000000000000000
[  656.440094] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  656.440844] R13: 00007ffdc313072f R14: 00007f71bcda1300 R15: 0000000000022000
[  656.441610]  </TASK>
[  656.442726] FAULT_INJECTION: forcing a failure.
[  656.442726] name failslab, interval 1, probability 0, space 0, times 0
[  656.444294] CPU: 0 PID: 5759 Comm: syz-executor.6 Not tainted 5.17.0-rc8-next-20220318 #1
[  656.445188] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  656.446378] Call Trace:
[  656.446650]  <TASK>
[  656.446896]  dump_stack_lvl+0x8b/0xb3
[  656.447312]  should_fail.cold+0x5/0xa
[  656.447728]  ? security_sb_alloc+0x107/0x250
[  656.448215]  should_failslab+0x5/0x10
[  656.448612]  __kmalloc+0x72/0x440
[  656.448977]  ? rwsem_mark_wake+0xaf0/0xaf0
[  656.449444]  security_sb_alloc+0x107/0x250
[  656.449900]  alloc_super+0x1dd/0x9d0
[  656.450305]  sget_fc+0x13e/0x7a0
[  656.450670]  ? refcount_dec_not_one+0x13b/0x1e0
[  656.451152]  ? set_anon_super+0xb0/0xb0
[  656.451579]  ? mqueue_get_tree+0x130/0x130
[  656.452041]  get_tree_nodev+0x24/0x1d0
[  656.452456]  mqueue_get_tree+0xee/0x130
[  656.452887]  vfs_get_tree+0x8e/0x2f0
[  656.453294]  fc_mount+0x13/0xc0
[  656.453652]  mq_init_ns+0x43e/0x630
[  656.454037]  copy_ipcs+0x35e/0x5d0
[  656.454417]  ? copy_utsname+0xa9/0x4a0
[  656.454832]  create_new_namespaces+0x210/0xb30
[  656.455326]  copy_namespaces+0x391/0x450
[  656.455466] loop5: detected capacity change from 0 to 240
[  656.455765]  copy_process+0x2ba5/0x6d10
[  656.457369]  ? __cleanup_sighand+0xb0/0xb0
[  656.457827]  ? lock_is_held_type+0xd7/0x130
[  656.458280]  ? find_held_lock+0x2c/0x110
[  656.458715]  ? kernel_clone+0xc4/0xa60
[  656.459137]  kernel_clone+0xe7/0xa60
[  656.459542]  ? create_io_thread+0xf0/0xf0
[  656.460006]  ? find_held_lock+0x2c/0x110
[  656.460444]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  656.460965]  ? bit_wait_io_timeout+0x160/0x160
[  656.461457]  __do_sys_clone+0xc8/0x110
[  656.461872]  ? __do_sys_vfork+0xd0/0xd0
[  656.462295]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  656.462881]  ? vfs_write+0x428/0xad0
[  656.463289]  ? syscall_enter_from_user_mode+0x1d/0x50
[  656.463845]  do_syscall_64+0x3b/0x90
[  656.464249]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  656.464807] RIP: 0033:0x7fa70862cb19
[  656.465195] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  656.467119] RSP: 002b:00007fa705ba2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  656.467924] RAX: ffffffffffffffda RBX: 00007fa70873ff60 RCX: 00007fa70862cb19
[  656.468676] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  656.469433] RBP: 00007fa705ba21d0 R08: 0000000000000000 R09: 0000000000000000
[  656.470176] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  656.470916] R13: 00007ffd6adb49ef R14: 00007fa705ba2300 R15: 0000000000022000
[  656.471678]  </TASK>
[  656.514512] isofs_fill_super: bread failed, dev=loop5, iso_blknum=60, block=120
12:44:38 executing program 1:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 41)

12:44:38 executing program 6:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 43)

[  656.548769] FAULT_INJECTION: forcing a failure.
[  656.548769] name failslab, interval 1, probability 0, space 0, times 0
[  656.550088] CPU: 0 PID: 5765 Comm: syz-executor.1 Not tainted 5.17.0-rc8-next-20220318 #1
[  656.550979] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  656.552194] Call Trace:
[  656.552469]  <TASK>
[  656.552706]  dump_stack_lvl+0x8b/0xb3
[  656.553120]  should_fail.cold+0x5/0xa
[  656.553533]  ? create_object.isra.0+0x3a/0xa20
[  656.554039]  should_failslab+0x5/0x10
[  656.554444]  kmem_cache_alloc+0x5b/0x480
[  656.554881]  create_object.isra.0+0x3a/0xa20
[  656.555348]  ? kasan_unpoison+0x23/0x50
[  656.555780]  kmem_cache_alloc_trace+0x22e/0x3c0
[  656.556284]  alloc_super+0x54/0x9d0
[  656.556683]  sget_fc+0x13e/0x7a0
[  656.557054]  ? refcount_dec_not_one+0x13b/0x1e0
[  656.557552]  ? set_anon_super+0xb0/0xb0
[  656.557978]  ? mqueue_get_tree+0x130/0x130
[  656.558423]  get_tree_nodev+0x24/0x1d0
[  656.558840]  mqueue_get_tree+0xee/0x130
[  656.559256]  vfs_get_tree+0x8e/0x2f0
[  656.559653]  fc_mount+0x13/0xc0
[  656.560023]  mq_init_ns+0x43e/0x630
[  656.560406]  copy_ipcs+0x35e/0x5d0
[  656.560784]  ? copy_utsname+0xa9/0x4a0
[  656.561195]  create_new_namespaces+0x210/0xb30
[  656.561687]  copy_namespaces+0x391/0x450
[  656.562122]  copy_process+0x2ba5/0x6d10
[  656.562557]  ? __cleanup_sighand+0xb0/0xb0
[  656.563007]  ? lock_is_held_type+0xd7/0x130
[  656.563459]  ? find_held_lock+0x2c/0x110
[  656.563899]  ? kernel_clone+0xc4/0xa60
[  656.564316]  kernel_clone+0xe7/0xa60
[  656.564715]  ? create_io_thread+0xf0/0xf0
[  656.565150]  ? find_held_lock+0x2c/0x110
[  656.565575]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  656.566089]  ? bit_wait_io_timeout+0x160/0x160
[  656.566576]  __do_sys_clone+0xc8/0x110
[  656.566992]  ? __do_sys_vfork+0xd0/0xd0
[  656.567406]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  656.567997]  ? vfs_write+0x428/0xad0
[  656.568397]  ? syscall_enter_from_user_mode+0x1d/0x50
[  656.568947]  do_syscall_64+0x3b/0x90
[  656.569344]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  656.569885] RIP: 0033:0x7f71bf82bb19
[  656.570280] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  656.572191] RSP: 002b:00007f71bcda1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  656.572991] RAX: ffffffffffffffda RBX: 00007f71bf93ef60 RCX: 00007f71bf82bb19
[  656.573729] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  656.574471] RBP: 00007f71bcda11d0 R08: 0000000000000000 R09: 0000000000000000
[  656.575242] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  656.575985] R13: 00007ffdc313072f R14: 00007f71bcda1300 R15: 0000000000022000
[  656.576733]  </TASK>
12:44:38 executing program 7:
syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r0=>0x0, &(0x7f0000000380)=<r1=>0x0)
r2 = epoll_create(0x1)
syz_io_uring_submit(r0, r1, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r2, 0x0, 0x0}, 0x0)
io_uring_enter(0xffffffffffffffff, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:44:38 executing program 0:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

[  656.588523] FAULT_INJECTION: forcing a failure.
[  656.588523] name failslab, interval 1, probability 0, space 0, times 0
[  656.589733] CPU: 0 PID: 5767 Comm: syz-executor.6 Not tainted 5.17.0-rc8-next-20220318 #1
[  656.590603] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  656.591808] Call Trace:
[  656.592084]  <TASK>
[  656.592325]  dump_stack_lvl+0x8b/0xb3
[  656.592739]  should_fail.cold+0x5/0xa
[  656.593152]  ? create_object.isra.0+0x3a/0xa20
[  656.593642]  should_failslab+0x5/0x10
[  656.594055]  kmem_cache_alloc+0x5b/0x480
[  656.594488]  create_object.isra.0+0x3a/0xa20
[  656.594947]  ? kasan_unpoison+0x23/0x50
[  656.595387]  __kmalloc+0x25b/0x440
[  656.595799]  security_sb_alloc+0x107/0x250
[  656.596298]  alloc_super+0x1dd/0x9d0
[  656.596704]  sget_fc+0x13e/0x7a0
[  656.597075]  ? refcount_dec_not_one+0x13b/0x1e0
[  656.597569]  ? set_anon_super+0xb0/0xb0
[  656.598002]  ? mqueue_get_tree+0x130/0x130
[  656.598468]  get_tree_nodev+0x24/0x1d0
[  656.598889]  mqueue_get_tree+0xee/0x130
[  656.599315]  vfs_get_tree+0x8e/0x2f0
[  656.599714]  fc_mount+0x13/0xc0
[  656.600099]  mq_init_ns+0x43e/0x630
[  656.600502]  copy_ipcs+0x35e/0x5d0
[  656.600878]  ? copy_utsname+0xa9/0x4a0
[  656.601293]  create_new_namespaces+0x210/0xb30
[  656.601788]  copy_namespaces+0x391/0x450
[  656.602218]  copy_process+0x2ba5/0x6d10
[  656.602662]  ? __cleanup_sighand+0xb0/0xb0
[  656.603117]  ? lock_is_held_type+0xd7/0x130
[  656.603567]  ? find_held_lock+0x2c/0x110
[  656.604009]  ? kernel_clone+0xc4/0xa60
[  656.604422]  kernel_clone+0xe7/0xa60
[  656.604825]  ? create_io_thread+0xf0/0xf0
[  656.605270]  ? find_held_lock+0x2c/0x110
[  656.605707]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  656.606226]  ? bit_wait_io_timeout+0x160/0x160
[  656.606712]  __do_sys_clone+0xc8/0x110
[  656.607127]  ? __do_sys_vfork+0xd0/0xd0
[  656.607554]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  656.608158]  ? vfs_write+0x428/0xad0
[  656.608559]  ? syscall_enter_from_user_mode+0x1d/0x50
[  656.609103]  do_syscall_64+0x3b/0x90
[  656.609499]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  656.610058] RIP: 0033:0x7fa70862cb19
[  656.610449] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  656.612376] RSP: 002b:00007fa705ba2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  656.613173] RAX: ffffffffffffffda RBX: 00007fa70873ff60 RCX: 00007fa70862cb19
[  656.613929] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  656.614683] RBP: 00007fa705ba21d0 R08: 0000000000000000 R09: 0000000000000000
[  656.615422] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  656.616320] R13: 00007ffd6adb49ef R14: 00007fa705ba2300 R15: 0000000000022000
[  656.617079]  </TASK>
12:44:38 executing program 2:
syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r0=>0x0, &(0x7f0000000380)=<r1=>0x0)
r2 = epoll_create(0x1)
syz_io_uring_submit(r0, r1, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r2, 0x0, 0x0}, 0x0)
io_uring_enter(0xffffffffffffffff, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:44:38 executing program 5:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600), 0x0, 0x8800}, {&(0x7f0000000040)="22df1d0000000000000d00080005e20008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000011e00))
mkdirat(r0, &(0x7f0000000300)='./file0\x00', 0x8)

12:44:38 executing program 2:
syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r0=>0x0, &(0x7f0000000380)=<r1=>0x0)
r2 = epoll_create(0x1)
syz_io_uring_submit(r0, r1, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r2, 0x0, 0x0}, 0x0)
io_uring_enter(0xffffffffffffffff, 0x4059, 0x0, 0x0, 0x0, 0x0)

[  656.703716] loop5: detected capacity change from 0 to 240
12:44:39 executing program 1:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 42)

[  656.769650] isofs_fill_super: bread failed, dev=loop5, iso_blknum=60, block=120
[  656.815244] FAULT_INJECTION: forcing a failure.
[  656.815244] name failslab, interval 1, probability 0, space 0, times 0
[  656.820749] CPU: 0 PID: 5781 Comm: syz-executor.1 Not tainted 5.17.0-rc8-next-20220318 #1
[  656.822445] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  656.824653] Call Trace:
[  656.825158]  <TASK>
[  656.825645]  dump_stack_lvl+0x8b/0xb3
[  656.826494]  should_fail.cold+0x5/0xa
[  656.827332]  ? security_sb_alloc+0x107/0x250
[  656.828305]  should_failslab+0x5/0x10
[  656.829135]  __kmalloc+0x72/0x440
[  656.829896]  ? rwsem_mark_wake+0xaf0/0xaf0
[  656.830822]  security_sb_alloc+0x107/0x250
[  656.831755]  alloc_super+0x1dd/0x9d0
[  656.832612]  sget_fc+0x13e/0x7a0
[  656.833362]  ? refcount_dec_not_one+0x13b/0x1e0
[  656.834384]  ? set_anon_super+0xb0/0xb0
[  656.835263]  ? mqueue_get_tree+0x130/0x130
[  656.836193]  get_tree_nodev+0x24/0x1d0
[  656.837058]  mqueue_get_tree+0xee/0x130
[  656.837975]  vfs_get_tree+0x8e/0x2f0
[  656.838833]  fc_mount+0x13/0xc0
[  656.839581]  mq_init_ns+0x43e/0x630
[  656.840430]  copy_ipcs+0x35e/0x5d0
[  656.841222]  ? copy_utsname+0xa9/0x4a0
[  656.842137]  create_new_namespaces+0x210/0xb30
[  656.843191]  copy_namespaces+0x391/0x450
[  656.844148]  copy_process+0x2ba5/0x6d10
[  656.845094]  ? __cleanup_sighand+0xb0/0xb0
[  656.846075]  ? lock_is_held_type+0xd7/0x130
[  656.847020]  ? find_held_lock+0x2c/0x110
[  656.847920]  ? kernel_clone+0xc4/0xa60
[  656.848783]  kernel_clone+0xe7/0xa60
[  656.849610]  ? create_io_thread+0xf0/0xf0
[  656.850521]  ? find_held_lock+0x2c/0x110
[  656.851415]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  656.852508]  ? bit_wait_io_timeout+0x160/0x160
[  656.853517]  __do_sys_clone+0xc8/0x110
[  656.854377]  ? __do_sys_vfork+0xd0/0xd0
[  656.855249]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  656.856461]  ? vfs_write+0x428/0xad0
[  656.857297]  ? syscall_enter_from_user_mode+0x1d/0x50
[  656.858424]  do_syscall_64+0x3b/0x90
[  656.859242]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  656.860382] RIP: 0033:0x7f71bf82bb19
[  656.861183] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  656.865178] RSP: 002b:00007f71bcda1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  656.866830] RAX: ffffffffffffffda RBX: 00007f71bf93ef60 RCX: 00007f71bf82bb19
[  656.868387] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  656.869932] RBP: 00007f71bcda11d0 R08: 0000000000000000 R09: 0000000000000000
[  656.871474] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  656.873023] R13: 00007ffdc313072f R14: 00007f71bcda1300 R15: 0000000000022000
[  656.874595]  </TASK>
[  669.424523] loop5: detected capacity change from 0 to 240
12:44:51 executing program 2:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x0, 0x0, 0x0, 0x0, 0x0)

12:44:51 executing program 3:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600), 0x0, 0x8800}, {&(0x7f0000000040)="22df1d0000000000000d00080005e20008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000011e00))
mkdirat(r0, &(0x7f0000000300)='./file0\x00', 0x8)

12:44:51 executing program 4:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, 0x0, 0x0)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
read(r0, &(0x7f00000001c0)=""/133, 0x85)

12:44:51 executing program 7:
syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r0=>0x0, &(0x7f0000000380)=<r1=>0x0)
r2 = epoll_create(0x1)
syz_io_uring_submit(r0, r1, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r2, 0x0, 0x0}, 0x0)
io_uring_enter(0xffffffffffffffff, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:44:51 executing program 5:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600), 0x0, 0x8800}, {&(0x7f0000000040)="22df1d0000000000000d00080005e20008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000011e00))
mkdirat(r0, &(0x7f0000000300)='./file0\x00', 0x8)

12:44:51 executing program 0:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:44:51 executing program 1:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 43)

12:44:51 executing program 6:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 44)

[  669.457135] FAULT_INJECTION: forcing a failure.
[  669.457135] name failslab, interval 1, probability 0, space 0, times 0
[  669.458374] CPU: 1 PID: 5801 Comm: syz-executor.1 Not tainted 5.17.0-rc8-next-20220318 #1
[  669.459226] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  669.460405] Call Trace:
[  669.460670]  <TASK>
[  669.460903]  dump_stack_lvl+0x8b/0xb3
[  669.461311]  should_fail.cold+0x5/0xa
[  669.461711]  ? create_object.isra.0+0x3a/0xa20
[  669.462194]  should_failslab+0x5/0x10
[  669.462595]  kmem_cache_alloc+0x5b/0x480
[  669.463028]  create_object.isra.0+0x3a/0xa20
[  669.463494]  ? kasan_unpoison+0x23/0x50
[  669.463914]  __kmalloc+0x25b/0x440
[  669.464307]  security_sb_alloc+0x107/0x250
[  669.464752]  alloc_super+0x1dd/0x9d0
[  669.465182]  sget_fc+0x13e/0x7a0
[  669.465461] FAULT_INJECTION: forcing a failure.
[  669.465461] name failslab, interval 1, probability 0, space 0, times 0
[  669.465544]  ? refcount_dec_not_one+0x13b/0x1e0
[  669.468394]  ? set_anon_super+0xb0/0xb0
[  669.468817]  ? mqueue_get_tree+0x130/0x130
[  669.469250]  get_tree_nodev+0x24/0x1d0
[  669.469660]  mqueue_get_tree+0xee/0x130
[  669.470076]  vfs_get_tree+0x8e/0x2f0
[  669.470472]  fc_mount+0x13/0xc0
[  669.470815]  mq_init_ns+0x43e/0x630
[  669.471199]  copy_ipcs+0x35e/0x5d0
[  669.471582]  ? copy_utsname+0xa9/0x4a0
[  669.472011]  create_new_namespaces+0x210/0xb30
[  669.472507]  copy_namespaces+0x391/0x450
[  669.472935]  copy_process+0x2ba5/0x6d10
[  669.473370]  ? __cleanup_sighand+0xb0/0xb0
[  669.473824]  ? lock_is_held_type+0xd7/0x130
[  669.474285]  ? find_held_lock+0x2c/0x110
[  669.474717]  ? kernel_clone+0xc4/0xa60
[  669.475132]  kernel_clone+0xe7/0xa60
[  669.475526]  ? create_io_thread+0xf0/0xf0
[  669.475981]  ? find_held_lock+0x2c/0x110
[  669.476415]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  669.476931]  ? bit_wait_io_timeout+0x160/0x160
[  669.477408]  __do_sys_clone+0xc8/0x110
[  669.477816]  ? __do_sys_vfork+0xd0/0xd0
[  669.478231]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  669.478812]  ? vfs_write+0x428/0xad0
[  669.479210]  ? syscall_enter_from_user_mode+0x1d/0x50
[  669.479759]  do_syscall_64+0x3b/0x90
[  669.480164]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  669.480714] RIP: 0033:0x7f71bf82bb19
[  669.481098] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  669.482992] RSP: 002b:00007f71bcda1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  669.483773] RAX: ffffffffffffffda RBX: 00007f71bf93ef60 RCX: 00007f71bf82bb19
[  669.484535] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  669.485269] RBP: 00007f71bcda11d0 R08: 0000000000000000 R09: 0000000000000000
[  669.486013] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  669.486752] R13: 00007ffdc313072f R14: 00007f71bcda1300 R15: 0000000000022000
[  669.487500]  </TASK>
[  669.487738] CPU: 0 PID: 5803 Comm: syz-executor.6 Not tainted 5.17.0-rc8-next-20220318 #1
[  669.489512] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  669.491944] Call Trace:
[  669.492509]  <TASK>
[  669.492993]  dump_stack_lvl+0x8b/0xb3
12:44:51 executing program 0:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000380))
epoll_create(0x1)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

[  669.493834]  should_fail.cold+0x5/0xa
[  669.494726]  ? create_object.isra.0+0x3a/0xa20
[  669.495726]  should_failslab+0x5/0x10
[  669.496555]  kmem_cache_alloc+0x5b/0x480
[  669.497439]  create_object.isra.0+0x3a/0xa20
[  669.498397]  kmemleak_alloc_percpu+0xa0/0x100
[  669.499370]  pcpu_alloc+0x7bf/0x1060
[  669.500201]  __percpu_init_rwsem+0x22/0x150
[  669.501138]  alloc_super+0x222/0x9d0
[  669.501947]  sget_fc+0x13e/0x7a0
[  669.502683]  ? refcount_dec_not_one+0x13b/0x1e0
[  669.503674]  ? set_anon_super+0xb0/0xb0
[  669.504565]  ? mqueue_get_tree+0x130/0x130
[  669.505456]  get_tree_nodev+0x24/0x1d0
[  669.506306]  mqueue_get_tree+0xee/0x130
[  669.507167]  vfs_get_tree+0x8e/0x2f0
[  669.507976]  fc_mount+0x13/0xc0
[  669.508693]  mq_init_ns+0x43e/0x630
[  669.509474]  copy_ipcs+0x35e/0x5d0
[  669.510235]  ? copy_utsname+0xa9/0x4a0
[  669.511068]  create_new_namespaces+0x210/0xb30
[  669.512089]  copy_namespaces+0x391/0x450
[  669.512964]  copy_process+0x2ba5/0x6d10
[  669.513859]  ? __cleanup_sighand+0xb0/0xb0
[  669.514786]  ? lock_is_held_type+0xd7/0x130
[  669.515714]  ? find_held_lock+0x2c/0x110
[  669.516617]  ? kernel_clone+0xc4/0xa60
[  669.517470]  kernel_clone+0xe7/0xa60
[  669.518289]  ? create_io_thread+0xf0/0xf0
[  669.519197]  ? find_held_lock+0x2c/0x110
[  669.520089]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  669.521157]  ? bit_wait_io_timeout+0x160/0x160
[  669.522157]  __do_sys_clone+0xc8/0x110
[  669.522989]  ? __do_sys_vfork+0xd0/0xd0
[  669.523862]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  669.525047]  ? vfs_write+0x428/0xad0
[  669.525882]  ? syscall_enter_from_user_mode+0x1d/0x50
[  669.526977]  do_syscall_64+0x3b/0x90
[  669.527792]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  669.528909] RIP: 0033:0x7fa70862cb19
[  669.529708] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  669.533571] RSP: 002b:00007fa705ba2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  669.535202] RAX: ffffffffffffffda RBX: 00007fa70873ff60 RCX: 00007fa70862cb19
[  669.536741] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  669.538268] RBP: 00007fa705ba21d0 R08: 0000000000000000 R09: 0000000000000000
[  669.539807] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  669.541357] R13: 00007ffd6adb49ef R14: 00007fa705ba2300 R15: 0000000000022000
[  669.542917]  </TASK>
12:44:51 executing program 2:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x0, 0x0, 0x0, 0x0, 0x0)

12:44:51 executing program 0:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000380))
epoll_create(0x1)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

[  669.559846] isofs_fill_super: bread failed, dev=loop5, iso_blknum=60, block=120
[  669.560117] loop3: detected capacity change from 0 to 240
12:44:51 executing program 5:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000", 0x50, 0x8800}, {&(0x7f0000000040)="22df1d0000000000000d00080005e20008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000011e00))
mkdirat(r0, &(0x7f0000000300)='./file0\x00', 0x8)

[  669.603636] isofs_fill_super: bread failed, dev=loop3, iso_blknum=60, block=120
12:44:51 executing program 7:
syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r0=>0x0, &(0x7f0000000380)=<r1=>0x0)
r2 = epoll_create(0x1)
syz_io_uring_submit(r0, r1, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r2, 0x0, 0x0}, 0x0)
io_uring_enter(0xffffffffffffffff, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:44:51 executing program 0:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000380))
epoll_create(0x1)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:44:51 executing program 2:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x0, 0x0, 0x0, 0x0, 0x0)

12:44:51 executing program 5:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000", 0x50, 0x8800}, {&(0x7f0000000040)="22df1d0000000000000d00080005e20008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000011e00))
mkdirat(r0, &(0x7f0000000300)='./file0\x00', 0x8)

12:44:51 executing program 7:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x0, 0x0, 0x0, 0x0, 0x0)

12:44:52 executing program 1:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 44)

[  669.751558] loop5: detected capacity change from 0 to 240
[  669.778283] isofs_fill_super: bread failed, dev=loop5, iso_blknum=60, block=120
[  669.811213] FAULT_INJECTION: forcing a failure.
[  669.811213] name failslab, interval 1, probability 0, space 0, times 0
[  669.812499] CPU: 1 PID: 5828 Comm: syz-executor.1 Not tainted 5.17.0-rc8-next-20220318 #1
[  669.813347] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  669.814547] Call Trace:
[  669.814826]  <TASK>
[  669.815063]  dump_stack_lvl+0x8b/0xb3
[  669.815474]  should_fail.cold+0x5/0xa
[  669.815877]  ? create_object.isra.0+0x3a/0xa20
[  669.816370]  should_failslab+0x5/0x10
[  669.816767]  kmem_cache_alloc+0x5b/0x480
[  669.817193]  create_object.isra.0+0x3a/0xa20
[  669.817654]  ? kasan_unpoison+0x23/0x50
[  669.818072]  __kmalloc+0x25b/0x440
[  669.818453]  security_sb_alloc+0x107/0x250
[  669.818898]  alloc_super+0x1dd/0x9d0
[  669.819305]  sget_fc+0x13e/0x7a0
[  669.819669]  ? refcount_dec_not_one+0x13b/0x1e0
[  669.820170]  ? set_anon_super+0xb0/0xb0
[  669.820589]  ? mqueue_get_tree+0x130/0x130
[  669.821034]  get_tree_nodev+0x24/0x1d0
[  669.821446]  mqueue_get_tree+0xee/0x130
[  669.821866]  vfs_get_tree+0x8e/0x2f0
[  669.822255]  fc_mount+0x13/0xc0
[  669.822611]  mq_init_ns+0x43e/0x630
[  669.823000]  copy_ipcs+0x35e/0x5d0
[  669.823370]  ? copy_utsname+0xa9/0x4a0
[  669.823784]  create_new_namespaces+0x210/0xb30
[  669.824302]  copy_namespaces+0x391/0x450
[  669.824735]  copy_process+0x2ba5/0x6d10
[  669.825185]  ? __cleanup_sighand+0xb0/0xb0
[  669.825640]  ? lock_is_held_type+0xd7/0x130
[  669.826111]  ? find_held_lock+0x2c/0x110
[  669.826546]  ? kernel_clone+0xc4/0xa60
[  669.826977]  kernel_clone+0xe7/0xa60
[  669.827379]  ? create_io_thread+0xf0/0xf0
[  669.827821]  ? find_held_lock+0x2c/0x110
[  669.828289]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  669.828819]  ? bit_wait_io_timeout+0x160/0x160
[  669.829335]  __do_sys_clone+0xc8/0x110
[  669.829746]  ? __do_sys_vfork+0xd0/0xd0
[  669.830181]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  669.830764]  ? vfs_write+0x428/0xad0
[  669.831184]  ? syscall_enter_from_user_mode+0x1d/0x50
[  669.831750]  do_syscall_64+0x3b/0x90
[  669.832175]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  669.832748] RIP: 0033:0x7f71bf82bb19
[  669.833156] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  669.835166] RSP: 002b:00007f71bcda1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  669.836013] RAX: ffffffffffffffda RBX: 00007f71bf93ef60 RCX: 00007f71bf82bb19
[  669.836802] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  669.837591] RBP: 00007f71bcda11d0 R08: 0000000000000000 R09: 0000000000000000
[  669.838372] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  669.839148] R13: 00007ffdc313072f R14: 00007f71bcda1300 R15: 0000000000022000
[  669.839943]  </TASK>
12:45:05 executing program 4:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, 0x0, 0x0)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
read(r0, &(0x7f00000001c0)=""/133, 0x85)

12:45:05 executing program 1:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 45)

12:45:05 executing program 0:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:45:05 executing program 3:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000", 0x50, 0x8800}, {&(0x7f0000000040)="22df1d0000000000000d00080005e20008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000011e00))
mkdirat(r0, &(0x7f0000000300)='./file0\x00', 0x8)

12:45:05 executing program 7:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x0, 0x0, 0x0, 0x0, 0x0)

12:45:05 executing program 2:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:45:05 executing program 5:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000", 0x50, 0x8800}, {&(0x7f0000000040)="22df1d0000000000000d00080005e20008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000011e00))
mkdirat(r0, &(0x7f0000000300)='./file0\x00', 0x8)

12:45:05 executing program 6:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 45)

[  683.423156] loop3: detected capacity change from 0 to 240
[  683.426183] FAULT_INJECTION: forcing a failure.
[  683.426183] name failslab, interval 1, probability 0, space 0, times 0
[  683.427530] CPU: 0 PID: 5840 Comm: syz-executor.6 Not tainted 5.17.0-rc8-next-20220318 #1
[  683.428405] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  683.429667] Call Trace:
[  683.429954]  <TASK>
[  683.430200]  dump_stack_lvl+0x8b/0xb3
[  683.430641]  should_fail.cold+0x5/0xa
[  683.431076]  ? create_object.isra.0+0x3a/0xa20
[  683.431580]  should_failslab+0x5/0x10
[  683.431988]  kmem_cache_alloc+0x5b/0x480
[  683.432447]  create_object.isra.0+0x3a/0xa20
[  683.432944]  ? kasan_unpoison+0x23/0x50
[  683.433379]  __kmalloc+0x25b/0x440
[  683.433812]  security_sb_alloc+0x107/0x250
[  683.434337]  alloc_super+0x1dd/0x9d0
[  683.434791]  sget_fc+0x13e/0x7a0
[  683.435201]  ? refcount_dec_not_one+0x13b/0x1e0
[  683.435629] FAULT_INJECTION: forcing a failure.
[  683.435629] name failslab, interval 1, probability 0, space 0, times 0
[  683.435762]  ? set_anon_super+0xb0/0xb0
[  683.438433]  ? mqueue_get_tree+0x130/0x130
[  683.438937]  get_tree_nodev+0x24/0x1d0
[  683.439408]  mqueue_get_tree+0xee/0x130
[  683.439879]  vfs_get_tree+0x8e/0x2f0
[  683.440340]  fc_mount+0x13/0xc0
[  683.440744]  mq_init_ns+0x43e/0x630
[  683.441136]  copy_ipcs+0x35e/0x5d0
[  683.441558]  ? copy_utsname+0xa9/0x4a0
[  683.442034]  create_new_namespaces+0x210/0xb30
[  683.442605]  copy_namespaces+0x391/0x450
[  683.443093]  copy_process+0x2ba5/0x6d10
[  683.443596]  ? __cleanup_sighand+0xb0/0xb0
[  683.444056]  ? lock_is_held_type+0xd7/0x130
[  683.444595]  ? find_held_lock+0x2c/0x110
[  683.445060]  ? kernel_clone+0xc4/0xa60
[  683.445532]  kernel_clone+0xe7/0xa60
[  683.445989]  ? create_io_thread+0xf0/0xf0
[  683.446494]  ? find_held_lock+0x2c/0x110
[  683.446980]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  683.447574]  ? bit_wait_io_timeout+0x160/0x160
[  683.448118]  __do_sys_clone+0xc8/0x110
[  683.448552]  ? __do_sys_vfork+0xd0/0xd0
[  683.448978]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  683.449640]  ? vfs_write+0x428/0xad0
[  683.450090]  ? syscall_enter_from_user_mode+0x1d/0x50
[  683.450718]  do_syscall_64+0x3b/0x90
[  683.451164]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  683.451734] RIP: 0033:0x7fa70862cb19
[  683.452181] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  683.454365] RSP: 002b:00007fa705ba2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  683.455231] RAX: ffffffffffffffda RBX: 00007fa70873ff60 RCX: 00007fa70862cb19
[  683.456076] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  683.456827] RBP: 00007fa705ba21d0 R08: 0000000000000000 R09: 0000000000000000
[  683.457570] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  683.458342] R13: 00007ffd6adb49ef R14: 00007fa705ba2300 R15: 0000000000022000
[  683.459097]  </TASK>
[  683.459346] CPU: 1 PID: 5836 Comm: syz-executor.1 Not tainted 5.17.0-rc8-next-20220318 #1
[  683.461036] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  683.463266] Call Trace:
[  683.463773]  <TASK>
[  683.464233]  dump_stack_lvl+0x8b/0xb3
[  683.465005]  should_fail.cold+0x5/0xa
[  683.465762]  ? create_object.isra.0+0x3a/0xa20
[  683.466678]  should_failslab+0x5/0x10
[  683.467439]  kmem_cache_alloc+0x5b/0x480
[  683.468272]  create_object.isra.0+0x3a/0xa20
[  683.469156]  kmemleak_alloc_percpu+0xa0/0x100
[  683.470047]  pcpu_alloc+0x7bf/0x1060
[  683.470816]  __percpu_init_rwsem+0x22/0x150
[  683.471729]  alloc_super+0x222/0x9d0
[  683.472535]  sget_fc+0x13e/0x7a0
[  683.473221]  ? refcount_dec_not_one+0x13b/0x1e0
[  683.474166]  ? set_anon_super+0xb0/0xb0
[  683.475004]  ? mqueue_get_tree+0x130/0x130
[  683.475984]  get_tree_nodev+0x24/0x1d0
[  683.476795]  mqueue_get_tree+0xee/0x130
[  683.477602]  vfs_get_tree+0x8e/0x2f0
[  683.478452]  fc_mount+0x13/0xc0
[  683.479121]  mq_init_ns+0x43e/0x630
[  683.479873]  copy_ipcs+0x35e/0x5d0
[  683.480656] isofs_fill_super: bread failed, dev=loop3, iso_blknum=60, block=120
[  683.480658]  ? copy_utsname+0xa9/0x4a0
[  683.482227]  create_new_namespaces+0x210/0xb30
[  683.483169]  copy_namespaces+0x391/0x450
[  683.484001]  copy_process+0x2ba5/0x6d10
[  683.484859]  ? __cleanup_sighand+0xb0/0xb0
[  683.485713]  ? lock_is_held_type+0xd7/0x130
[  683.486599]  ? find_held_lock+0x2c/0x110
[  683.487415]  ? kernel_clone+0xc4/0xa60
[  683.488221]  kernel_clone+0xe7/0xa60
[  683.489017]  ? create_io_thread+0xf0/0xf0
[  683.489995]  ? find_held_lock+0x2c/0x110
[  683.490828]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  683.491959]  ? bit_wait_io_timeout+0x160/0x160
[  683.493074]  __do_sys_clone+0xc8/0x110
[  683.493865]  ? __do_sys_vfork+0xd0/0xd0
[  683.494720]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  683.495823]  ? vfs_write+0x428/0xad0
[  683.496775]  ? syscall_enter_from_user_mode+0x1d/0x50
[  683.497816]  do_syscall_64+0x3b/0x90
[  683.498713]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  683.499942] RIP: 0033:0x7f71bf82bb19
[  683.500806] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  683.504764] RSP: 002b:00007f71bcda1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  683.506420] RAX: ffffffffffffffda RBX: 00007f71bf93ef60 RCX: 00007f71bf82bb19
[  683.507830] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  683.509252] RBP: 00007f71bcda11d0 R08: 0000000000000000 R09: 0000000000000000
[  683.510676] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  683.512174] R13: 00007ffdc313072f R14: 00007f71bcda1300 R15: 0000000000022000
[  683.513640]  </TASK>
[  683.527235] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[  683.540964] loop5: detected capacity change from 0 to 240
[  683.569926] isofs_fill_super: bread failed, dev=loop5, iso_blknum=60, block=120
12:45:05 executing program 6:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 46)

12:45:05 executing program 0:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:45:05 executing program 3:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000", 0x50, 0x8800}, {&(0x7f0000000040)="22df1d0000000000000d00080005e20008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000011e00))
mkdirat(r0, &(0x7f0000000300)='./file0\x00', 0x8)

12:45:05 executing program 7:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x0, 0x0, 0x0, 0x0, 0x0)

12:45:05 executing program 2:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

[  683.640929] loop3: detected capacity change from 0 to 240
12:45:05 executing program 5:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000be000000000000be252f4500"/120, 0x78, 0x8800}, {&(0x7f0000000040)="22df1d0000000000000d00080005e20008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000011e00))
mkdirat(r0, &(0x7f0000000300)='./file0\x00', 0x8)

[  683.670097] FAULT_INJECTION: forcing a failure.
[  683.670097] name failslab, interval 1, probability 0, space 0, times 0
[  683.672704] CPU: 1 PID: 5859 Comm: syz-executor.6 Not tainted 5.17.0-rc8-next-20220318 #1
[  683.674348] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  683.676627] Call Trace:
[  683.677144]  <TASK>
[  683.677602]  dump_stack_lvl+0x8b/0xb3
[  683.678392]  should_fail.cold+0x5/0xa
[  683.679172]  ? create_object.isra.0+0x3a/0xa20
[  683.680109]  should_failslab+0x5/0x10
[  683.680915]  kmem_cache_alloc+0x5b/0x480
[  683.681908]  create_object.isra.0+0x3a/0xa20
[  683.682980]  kmemleak_alloc_percpu+0xa0/0x100
[  683.683913]  pcpu_alloc+0x7bf/0x1060
12:45:05 executing program 0:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

[  683.684859]  __percpu_init_rwsem+0x22/0x150
[  683.685922]  alloc_super+0x222/0x9d0
[  683.686838]  sget_fc+0x13e/0x7a0
[  683.687647]  ? refcount_dec_not_one+0x13b/0x1e0
[  683.688692]  ? set_anon_super+0xb0/0xb0
[  683.689665]  ? mqueue_get_tree+0x130/0x130
[  683.690596]  get_tree_nodev+0x24/0x1d0
[  683.691553]  mqueue_get_tree+0xee/0x130
[  683.692389]  vfs_get_tree+0x8e/0x2f0
[  683.693287]  fc_mount+0x13/0xc0
[  683.694093]  mq_init_ns+0x43e/0x630
[  683.694984]  copy_ipcs+0x35e/0x5d0
[  683.695841]  ? copy_utsname+0xa9/0x4a0
[  683.696725]  create_new_namespaces+0x210/0xb30
[  683.697674]  copy_namespaces+0x391/0x450
[  683.698521]  copy_process+0x2ba5/0x6d10
[  683.699362]  ? __cleanup_sighand+0xb0/0xb0
[  683.700240]  ? lock_is_held_type+0xd7/0x130
[  683.701099]  ? find_held_lock+0x2c/0x110
[  683.701916]  ? kernel_clone+0xc4/0xa60
[  683.702715]  kernel_clone+0xe7/0xa60
[  683.703471]  ? create_io_thread+0xf0/0xf0
[  683.704323]  ? find_held_lock+0x2c/0x110
[  683.705163]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  683.706169]  ? bit_wait_io_timeout+0x160/0x160
[  683.707188]  __do_sys_clone+0xc8/0x110
[  683.707976]  ? __do_sys_vfork+0xd0/0xd0
[  683.708794]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  683.710053]  ? vfs_write+0x428/0xad0
[  683.710833]  ? syscall_enter_from_user_mode+0x1d/0x50
[  683.711871]  do_syscall_64+0x3b/0x90
[  683.712640]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  683.713884] RIP: 0033:0x7fa70862cb19
[  683.714676] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  683.718804] RSP: 002b:00007fa705ba2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  683.720372] RAX: ffffffffffffffda RBX: 00007fa70873ff60 RCX: 00007fa70862cb19
[  683.721990] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  683.723453] RBP: 00007fa705ba21d0 R08: 0000000000000000 R09: 0000000000000000
[  683.724984] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
12:45:05 executing program 0:
r0 = epoll_create(0x1)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r0, 0x0, 0x0}, 0x0)
io_uring_enter(0xffffffffffffffff, 0x4059, 0x0, 0x0, 0x0, 0x0)

[  683.726440] R13: 00007ffd6adb49ef R14: 00007fa705ba2300 R15: 0000000000022000
[  683.728061]  </TASK>
[  683.734760] isofs_fill_super: bread failed, dev=loop3, iso_blknum=60, block=120
[  683.804738] loop5: detected capacity change from 0 to 240
[  683.810356] ISOFS: Logical zone size(0) < hardware blocksize(1024)
12:45:21 executing program 4:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, 0x0}, 0x0)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
read(r0, &(0x7f00000001c0)=""/133, 0x85)

12:45:21 executing program 6:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 47)

12:45:21 executing program 2:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000", 0x50, 0x8800}, {&(0x7f0000000040)="22df1d0000000000000d00080005e20008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000011e00))
mkdirat(r0, &(0x7f0000000300)='./file0\x00', 0x8)

12:45:21 executing program 3:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:45:21 executing program 0:
r0 = epoll_create(0x1)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r0, 0x0, 0x0}, 0x0)
io_uring_enter(0xffffffffffffffff, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:45:21 executing program 1:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 46)

12:45:21 executing program 5:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000be000000000000be252f4500"/120, 0x78, 0x8800}, {&(0x7f0000000040)="22df1d0000000000000d00080005e20008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000011e00))
mkdirat(r0, &(0x7f0000000300)='./file0\x00', 0x8)

[  699.628623] loop2: detected capacity change from 0 to 240
[  699.631245] loop5: detected capacity change from 0 to 240
[  699.649442] ISOFS: Logical zone size(0) < hardware blocksize(1024)
12:45:21 executing program 7:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x0, 0x0, 0x0, 0x0, 0x0)

[  699.696803] FAULT_INJECTION: forcing a failure.
[  699.696803] name failslab, interval 1, probability 0, space 0, times 0
[  699.699570] CPU: 0 PID: 5888 Comm: syz-executor.1 Not tainted 5.17.0-rc8-next-20220318 #1
[  699.701462] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  699.703753] Call Trace:
[  699.704282]  <TASK>
[  699.704748]  dump_stack_lvl+0x8b/0xb3
[  699.705534]  should_fail.cold+0x5/0xa
[  699.706310]  ? create_object.isra.0+0x3a/0xa20
[  699.707244]  should_failslab+0x5/0x10
[  699.708018]  kmem_cache_alloc+0x5b/0x480
[  699.708890]  create_object.isra.0+0x3a/0xa20
[  699.709794]  kmemleak_alloc_percpu+0xa0/0x100
[  699.710706]  pcpu_alloc+0x7bf/0x1060
[  699.711480]  __percpu_init_rwsem+0x22/0x150
[  699.712351]  alloc_super+0x222/0x9d0
[  699.713134]  sget_fc+0x13e/0x7a0
[  699.713834]  ? refcount_dec_not_one+0x13b/0x1e0
[  699.714770]  ? set_anon_super+0xb0/0xb0
[  699.715583]  ? mqueue_get_tree+0x130/0x130
[  699.716433]  get_tree_nodev+0x24/0x1d0
[  699.717238]  mqueue_get_tree+0xee/0x130
[  699.718034]  vfs_get_tree+0x8e/0x2f0
[  699.718799]  fc_mount+0x13/0xc0
[  699.719468]  mq_init_ns+0x43e/0x630
[  699.720212]  copy_ipcs+0x35e/0x5d0
[  699.720944]  ? copy_utsname+0xa9/0x4a0
[  699.721733]  create_new_namespaces+0x210/0xb30
[  699.722665]  copy_namespaces+0x391/0x450
[  699.723489]  copy_process+0x2ba5/0x6d10
[  699.724326]  ? __cleanup_sighand+0xb0/0xb0
[  699.725216]  ? lock_is_held_type+0xd7/0x130
[  699.726078]  ? find_held_lock+0x2c/0x110
[  699.726903]  ? kernel_clone+0xc4/0xa60
[  699.727691]  kernel_clone+0xe7/0xa60
[  699.728473]  ? create_io_thread+0xf0/0xf0
[  699.729314]  ? find_held_lock+0x2c/0x110
[  699.730138]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  699.731133]  ? bit_wait_io_timeout+0x160/0x160
12:45:22 executing program 5:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000be000000000000be252f4500"/120, 0x78, 0x8800}, {&(0x7f0000000040)="22df1d0000000000000d00080005e20008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000011e00))
mkdirat(r0, &(0x7f0000000300)='./file0\x00', 0x8)

[  699.732062]  __do_sys_clone+0xc8/0x110
[  699.733077]  ? __do_sys_vfork+0xd0/0xd0
[  699.733881]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  699.734992]  ? vfs_write+0x428/0xad0
[  699.735784]  ? syscall_enter_from_user_mode+0x1d/0x50
[  699.736842]  do_syscall_64+0x3b/0x90
[  699.737593]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  699.738633] RIP: 0033:0x7f71bf82bb19
[  699.739378] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  699.743037] RSP: 002b:00007f71bcda1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  699.744563] RAX: ffffffffffffffda RBX: 00007f71bf93ef60 RCX: 00007f71bf82bb19
[  699.745994] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  699.747406] RBP: 00007f71bcda11d0 R08: 0000000000000000 R09: 0000000000000000
[  699.748849] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  699.750262] R13: 00007ffdc313072f R14: 00007f71bcda1300 R15: 0000000000022000
[  699.751705]  </TASK>
[  699.752529] FAULT_INJECTION: forcing a failure.
[  699.752529] name failslab, interval 1, probability 0, space 0, times 0
[  699.754882] CPU: 1 PID: 5889 Comm: syz-executor.6 Not tainted 5.17.0-rc8-next-20220318 #1
[  699.756580] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  699.758821] Call Trace:
[  699.759337]  <TASK>
[  699.759784]  dump_stack_lvl+0x8b/0xb3
[  699.760580]  should_fail.cold+0x5/0xa
[  699.761370]  ? create_object.isra.0+0x3a/0xa20
[  699.762306]  should_failslab+0x5/0x10
[  699.763071]  kmem_cache_alloc+0x5b/0x480
[  699.763893]  ? mark_held_locks+0x9e/0xe0
[  699.764732]  create_object.isra.0+0x3a/0xa20
[  699.765633]  kmemleak_alloc_percpu+0xa0/0x100
[  699.766548]  pcpu_alloc+0x7bf/0x1060
[  699.767325]  __percpu_init_rwsem+0x22/0x150
[  699.768190]  ? __sanitizer_cov_trace_pc+0x59/0x60
[  699.769185]  alloc_super+0x222/0x9d0
[  699.769956]  sget_fc+0x13e/0x7a0
[  699.770650]  ? refcount_dec_not_one+0x13b/0x1e0
[  699.771594]  ? set_anon_super+0xb0/0xb0
[  699.772413]  ? mqueue_get_tree+0x130/0x130
[  699.773267]  get_tree_nodev+0x24/0x1d0
[  699.774064]  mqueue_get_tree+0xee/0x130
[  699.774866]  vfs_get_tree+0x8e/0x2f0
[  699.775628]  fc_mount+0x13/0xc0
[  699.776296]  mq_init_ns+0x43e/0x630
[  699.777055]  copy_ipcs+0x35e/0x5d0
[  699.777771]  ? copy_utsname+0xa9/0x4a0
[  699.778568]  create_new_namespaces+0x210/0xb30
[  699.779505]  copy_namespaces+0x391/0x450
[  699.780331]  copy_process+0x2ba5/0x6d10
[  699.781156]  ? mark_lock.part.0+0xef/0x2f60
[  699.782051]  ? __cleanup_sighand+0xb0/0xb0
[  699.782917]  ? lock_is_held_type+0xd7/0x130
[  699.783782]  ? find_held_lock+0x2c/0x110
[  699.784607]  ? kernel_clone+0xc4/0xa60
[  699.785401]  kernel_clone+0xe7/0xa60
[  699.786158]  ? asm_sysvec_apic_timer_interrupt+0x12/0x20
[  699.787246]  ? create_io_thread+0xf0/0xf0
[  699.788082]  ? lockdep_hardirqs_on+0x79/0x100
[  699.788999]  ? asm_sysvec_apic_timer_interrupt+0x12/0x20
[  699.790089]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  699.791087]  ? bit_wait_io_timeout+0x160/0x160
[  699.792013]  __do_sys_clone+0xc8/0x110
[  699.792811]  ? __do_sys_vfork+0xd0/0xd0
[  699.793616]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  699.794717]  ? vfs_write+0x428/0xad0
[  699.795489]  ? syscall_enter_from_user_mode+0x1d/0x50
[  699.796537]  do_syscall_64+0x3b/0x90
[  699.797293]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  699.798342] RIP: 0033:0x7fa70862cb19
[  699.799083] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  699.802753] RSP: 002b:00007fa705ba2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  699.804271] RAX: ffffffffffffffda RBX: 00007fa70873ff60 RCX: 00007fa70862cb19
[  699.805717] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  699.807137] RBP: 00007fa705ba21d0 R08: 0000000000000000 R09: 0000000000000000
[  699.808567] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  699.809986] R13: 00007ffd6adb49ef R14: 00007fa705ba2300 R15: 0000000000022000
[  699.811433]  </TASK>
[  699.812915] isofs_fill_super: bread failed, dev=loop2, iso_blknum=60, block=120
12:45:22 executing program 7:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff000000000000000007"], 0x1c}], 0x1}, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0)
sendmsg$IPVS_CMD_DEL_SERVICE(r0, &(0x7f0000001200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000001180)={&(0x7f0000001340)=ANY=[@ANYBLOB="f954b225", @ANYRES16=0x0, @ANYBLOB="01002dbd7000fddbdf2503000000140002800800030000000000080004002400000008000500ffffffff"], 0x30}, 0x1, 0x0, 0x0, 0x24008805}, 0x20000000)
preadv(r1, &(0x7f00000011c0)=[{&(0x7f0000000180)=""/4096, 0x1000}], 0x1, 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r2, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0)
r3 = fork()
r4 = pidfd_open(r3, 0x0)
process_madvise(r4, 0x0, 0x0, 0x14, 0x0)
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='uid_map\x00')
preadv(r5, &(0x7f0000000300)=[{&(0x7f0000000200)=""/66, 0x42}], 0x1, 0x1, 0x0)
read(r5, &(0x7f0000001240)=""/196, 0xc4)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
ioctl$SNDRV_TIMER_IOCTL_STOP(0xffffffffffffffff, 0x54a1)
connect$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x1c)
read(r0, &(0x7f00000001c0)=""/133, 0x85)

12:45:22 executing program 3:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff000000000000000007"], 0x1c}], 0x1}, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0)
sendmsg$IPVS_CMD_DEL_SERVICE(r0, &(0x7f0000001200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000001180)={&(0x7f0000001340)=ANY=[@ANYBLOB="f954b225", @ANYRES16=0x0, @ANYBLOB="01002dbd7000fddbdf2503000000140002800800030000000000080004002400000008000500ffffffff"], 0x30}, 0x1, 0x0, 0x0, 0x24008805}, 0x20000000)
preadv(r1, &(0x7f00000011c0)=[{&(0x7f0000000180)=""/4096, 0x1000}], 0x1, 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r2, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0)
r3 = fork()
r4 = pidfd_open(r3, 0x0)
process_madvise(r4, 0x0, 0x0, 0x14, 0x0)
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='uid_map\x00')
preadv(r5, &(0x7f0000000300)=[{&(0x7f0000000200)=""/66, 0x42}], 0x1, 0x1, 0x0)
read(r5, &(0x7f0000001240)=""/196, 0xc4)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
ioctl$SNDRV_TIMER_IOCTL_STOP(0xffffffffffffffff, 0x54a1)
connect$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x1c)
read(r0, &(0x7f00000001c0)=""/133, 0x85)

12:45:22 executing program 0:
r0 = epoll_create(0x1)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r0, 0x0, 0x0}, 0x0)
io_uring_enter(0xffffffffffffffff, 0x4059, 0x0, 0x0, 0x0, 0x0)

[  699.855461] loop5: detected capacity change from 0 to 240
[  699.860049] ISOFS: Logical zone size(0) < hardware blocksize(1024)
12:45:22 executing program 5:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000be000000000000be252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c", 0x8c, 0x8800}, {&(0x7f0000000040)="22df1d0000000000000d00080005e20008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000011e00))
mkdirat(r0, &(0x7f0000000300)='./file0\x00', 0x8)

12:45:22 executing program 2:
r0 = epoll_create(0x1)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r0, 0x0, 0x0}, 0x0)
io_uring_enter(0xffffffffffffffff, 0x4059, 0x0, 0x0, 0x0, 0x0)

[  700.023772] loop5: detected capacity change from 0 to 240
[  700.034427] isofs_fill_super: get root inode failed
12:45:37 executing program 0:
r0 = syz_io_uring_setup(0x0, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:45:37 executing program 4:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, 0x0}, 0x0)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
read(r0, &(0x7f00000001c0)=""/133, 0x85)

12:45:37 executing program 3:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0) (fail_nth: 1)

12:45:37 executing program 2:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r3, &(0x7f00000000c0)={0xa, 0x0, 0x0, @empty}, 0x1c)
socket$inet(0x2, 0x80006, 0xfff)
pipe(&(0x7f0000000180)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
getsockopt$bt_hci(r4, 0x0, 0x1, &(0x7f0000000640)=""/77, &(0x7f00000001c0)=0x4d)
io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x2}}, './file0\x00'})
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x2, 0x4000, @fd, 0x7f, &(0x7f0000000080)=[{&(0x7f0000000280)="28e85cd3903d904966ef20ed13c74e55525bfd4e5d9746e9d0b4768b4eaf7dc62073fe08ca6b04908b8187351ad72e453a691dce62178832ef1f62bba9e950e5fa162d56f254c3bfe56878fb60ed209bb69e63b6369e794742354477faebf45158045b2deac94644ca3b4cdcc00957536d6d56fd942e2111df33f0114710c30da9577c3228e327c3827b8c67c6c2dad053cc66d6e67506be4af45632f42e48c41addb80fcb93eaa649ab4d78740726c85bccd2226296c8a626f00388792f8d03755cdec95ff405372f1acb1c287f9016", 0xd0}, {&(0x7f00000003c0)="bd0730e2586b20bb78ac0008d60551be3bb6cb7d408e456107b772bf9fdca59aee3bd51d0a5bb21b308d263847b69f65357386203e800101f120f33783bfda1f8be5068c2a6cda4ed00c09c350c601ed4d843f230138989fa98e3215c2056d740d326da16e2d7f15817b9788aefa66fab5aef0ac700032ddeda8ea0f9864b16519a4", 0x82}, {&(0x7f0000000480)="ef66f13cf01dd56dae0577a803e85146e053a96d169fcd12cb005b379492622e58b121025e8a655d03bc66c5e1ef94a5ff8a08fef9612b87db7f647ac23988a405cb1118ead28561a906975f2f56a62bacf60f69cfce1a1e348188422489ae486a68f0003705133ccc3150b54a06ecb60ff5aaed01c78c3a3c75dc30806ed8b626a470e27732cfe966acf629552f81b76dae974aab61c16fe0973e4eab2375ae4643d208fa9480cd1088d08538f7e3ac1bd70589966ef3edd670789d0098269d3f69abeba448b14ab590301c22b82a24a2939fcf", 0xd4}, {&(0x7f0000000580)="9b4963b1f3b753309e2aa27c5aed97ecc6e81ae2b5f234dd95a4fa29891e457c2ad62d64898eef8362ff85f04eb0a9ba3881c084f556342aa3c40f5405033e7327c9ab53d4404ad222fb56def81c9366ed85c90926a29922edafdfe63bd98dcfa0c7208bc9dd6a2183c56245b1e84a46259e08d556cf85f86d0c7dc671050b6d3b000cbccdfea89de961f06d0a54c42073228fae720b6bce7984b745b00a8e5981aa232fe5e3", 0xa6}], 0x4, 0x4, 0x1, {0x1}}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:45:37 executing program 1:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 47)

12:45:37 executing program 6:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 48)

12:45:37 executing program 5:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000be000000000000be252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c", 0x8c, 0x8800}, {&(0x7f0000000040)="22df1d0000000000000d00080005e20008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000011e00))
mkdirat(r0, &(0x7f0000000300)='./file0\x00', 0x8)

12:45:37 executing program 7:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff000000000000000007"], 0x1c}], 0x1}, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0)
sendmsg$IPVS_CMD_DEL_SERVICE(r0, &(0x7f0000001200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000001180)={&(0x7f0000001340)=ANY=[@ANYBLOB="f954b225", @ANYRES16=0x0, @ANYBLOB="01002dbd7000fddbdf2503000000140002800800030000000000080004002400000008000500ffffffff"], 0x30}, 0x1, 0x0, 0x0, 0x24008805}, 0x20000000)
preadv(r1, &(0x7f00000011c0)=[{&(0x7f0000000180)=""/4096, 0x1000}], 0x1, 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r2, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0)
r3 = fork()
r4 = pidfd_open(r3, 0x0)
process_madvise(r4, 0x0, 0x0, 0x14, 0x0)
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='uid_map\x00')
preadv(r5, &(0x7f0000000300)=[{&(0x7f0000000200)=""/66, 0x42}], 0x1, 0x1, 0x0)
read(r5, &(0x7f0000001240)=""/196, 0xc4)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
ioctl$SNDRV_TIMER_IOCTL_STOP(0xffffffffffffffff, 0x54a1)
connect$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x1c)
read(r0, &(0x7f00000001c0)=""/133, 0x85)

[  715.474698] loop5: detected capacity change from 0 to 240
[  715.477176] FAULT_INJECTION: forcing a failure.
[  715.477176] name failslab, interval 1, probability 0, space 0, times 0
[  715.478915] CPU: 1 PID: 5922 Comm: syz-executor.6 Not tainted 5.17.0-rc8-next-20220318 #1
[  715.480064] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  715.481660] Call Trace:
[  715.482029]  <TASK>
[  715.482341]  dump_stack_lvl+0x8b/0xb3
[  715.482910]  should_fail.cold+0x5/0xa
[  715.483461]  ? create_object.isra.0+0x3a/0xa20
[  715.484121]  should_failslab+0x5/0x10
[  715.484678]  kmem_cache_alloc+0x5b/0x480
[  715.485122]  create_object.isra.0+0x3a/0xa20
[  715.485599]  kmemleak_alloc_percpu+0xa0/0x100
[  715.486094]  pcpu_alloc+0x7bf/0x1060
[  715.486500]  __percpu_init_rwsem+0x22/0x150
[  715.486981]  alloc_super+0x222/0x9d0
[  715.487395]  sget_fc+0x13e/0x7a0
[  715.487777]  ? refcount_dec_not_one+0x13b/0x1e0
[  715.488294]  ? set_anon_super+0xb0/0xb0
[  715.488767]  ? mqueue_get_tree+0x130/0x130
[  715.489233]  get_tree_nodev+0x24/0x1d0
[  715.489677]  mqueue_get_tree+0xee/0x130
[  715.490121]  vfs_get_tree+0x8e/0x2f0
[  715.490549]  fc_mount+0x13/0xc0
[  715.490926]  mq_init_ns+0x43e/0x630
[  715.491339]  copy_ipcs+0x35e/0x5d0
[  715.491714]  ? copy_utsname+0xa9/0x4a0
[  715.492153]  create_new_namespaces+0x210/0xb30
[  715.492675]  copy_namespaces+0x391/0x450
[  715.493135]  copy_process+0x2ba5/0x6d10
[  715.493605]  ? __cleanup_sighand+0xb0/0xb0
[  715.494086]  ? lock_is_held_type+0xd7/0x130
[  715.494566]  ? find_held_lock+0x2c/0x110
[  715.495024]  ? kernel_clone+0xc4/0xa60
[  715.495459]  kernel_clone+0xe7/0xa60
[  715.495877]  ? create_io_thread+0xf0/0xf0
[  715.496335]  ? find_held_lock+0x2c/0x110
[  715.496775]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  715.497329]  ? bit_wait_io_timeout+0x160/0x160
[  715.497835]  __do_sys_clone+0xc8/0x110
[  715.498273]  ? __do_sys_vfork+0xd0/0xd0
[  715.498717]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  715.499325]  ? vfs_write+0x428/0xad0
[  715.499756]  ? syscall_enter_from_user_mode+0x1d/0x50
[  715.500332]  do_syscall_64+0x3b/0x90
[  715.500752]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  715.501334] RIP: 0033:0x7fa70862cb19
[  715.501740] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  715.503794] RSP: 002b:00007fa705ba2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  715.504647] RAX: ffffffffffffffda RBX: 00007fa70873ff60 RCX: 00007fa70862cb19
[  715.505419] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  715.506212] RBP: 00007fa705ba21d0 R08: 0000000000000000 R09: 0000000000000000
[  715.506988] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  715.507769] R13: 00007ffd6adb49ef R14: 00007fa705ba2300 R15: 0000000000022000
[  715.508573]  </TASK>
[  715.517884] FAULT_INJECTION: forcing a failure.
[  715.517884] name failslab, interval 1, probability 0, space 0, times 0
[  715.520294] CPU: 0 PID: 5932 Comm: syz-executor.1 Not tainted 5.17.0-rc8-next-20220318 #1
[  715.522057] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  715.522183] FAULT_INJECTION: forcing a failure.
[  715.522183] name failslab, interval 1, probability 0, space 0, times 0
[  715.524454] Call Trace:
[  715.524462]  <TASK>
[  715.524472]  dump_stack_lvl+0x8b/0xb3
[  715.527690]  should_fail.cold+0x5/0xa
[  715.528516]  ? create_object.isra.0+0x3a/0xa20
[  715.529528]  should_failslab+0x5/0x10
[  715.530344]  kmem_cache_alloc+0x5b/0x480
[  715.531213]  ? mark_held_locks+0x9e/0xe0
[  715.532090]  create_object.isra.0+0x3a/0xa20
[  715.533061]  kmemleak_alloc_percpu+0xa0/0x100
[  715.534026]  pcpu_alloc+0x7bf/0x1060
[  715.534863]  __percpu_init_rwsem+0x22/0x150
[  715.535787]  alloc_super+0x222/0x9d0
[  715.536607]  sget_fc+0x13e/0x7a0
[  715.537362]  ? refcount_dec_not_one+0x13b/0x1e0
[  715.538358]  ? set_anon_super+0xb0/0xb0
[  715.539218]  ? mqueue_get_tree+0x130/0x130
[  715.540120]  get_tree_nodev+0x24/0x1d0
[  715.540973]  mqueue_get_tree+0xee/0x130
[  715.541821]  vfs_get_tree+0x8e/0x2f0
[  715.542622]  fc_mount+0x13/0xc0
[  715.543330]  mq_init_ns+0x43e/0x630
[  715.544112]  copy_ipcs+0x35e/0x5d0
[  715.544877]  ? copy_utsname+0xa9/0x4a0
[  715.545715]  create_new_namespaces+0x210/0xb30
[  715.546712]  copy_namespaces+0x391/0x450
[  715.547588]  copy_process+0x2ba5/0x6d10
[  715.548479]  ? __cleanup_sighand+0xb0/0xb0
[  715.549419]  ? lock_is_held_type+0xd7/0x130
[  715.550346]  ? find_held_lock+0x2c/0x110
[  715.551215]  ? kernel_clone+0xc4/0xa60
[  715.552065]  kernel_clone+0xe7/0xa60
[  715.552885]  ? create_io_thread+0xf0/0xf0
[  715.553779]  ? find_held_lock+0x2c/0x110
[  715.554652]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  715.555705]  ? bit_wait_io_timeout+0x160/0x160
[  715.556693]  __do_sys_clone+0xc8/0x110
[  715.557529]  ? __do_sys_vfork+0xd0/0xd0
[  715.558382]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  715.559548]  ? vfs_write+0x428/0xad0
[  715.560366]  ? syscall_enter_from_user_mode+0x1d/0x50
[  715.561493]  do_syscall_64+0x3b/0x90
[  715.562297]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  715.563404] RIP: 0033:0x7f71bf82bb19
[  715.564188] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  715.568089] RSP: 002b:00007f71bcda1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  715.569711] RAX: ffffffffffffffda RBX: 00007f71bf93ef60 RCX: 00007f71bf82bb19
[  715.571220] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  715.572734] RBP: 00007f71bcda11d0 R08: 0000000000000000 R09: 0000000000000000
[  715.574238] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  715.575741] R13: 00007ffdc313072f R14: 00007f71bcda1300 R15: 0000000000022000
[  715.577283]  </TASK>
[  715.577774] CPU: 1 PID: 5933 Comm: syz-executor.3 Not tainted 5.17.0-rc8-next-20220318 #1
[  715.578692] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  715.579971] Call Trace:
[  715.580252]  <TASK>
[  715.580504]  dump_stack_lvl+0x8b/0xb3
[  715.580956]  should_fail.cold+0x5/0xa
[  715.581391]  should_failslab+0x5/0x10
[  715.581813]  kmem_cache_alloc_bulk+0x47/0x780
[  715.582303]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  715.582918]  ? percpu_counter_add_batch+0xb4/0x170
[  715.583465]  io_submit_sqes.cold+0x1b6/0x3eb
[  715.583967]  ? find_held_lock+0x2c/0x110
[  715.584418]  ? io_apoll_task_func+0x230/0x230
[  715.584924]  ? lock_release+0x3b2/0x6f0
[  715.585367]  ? __do_sys_io_uring_enter+0x424/0x1520
[  715.585937]  ? lock_downgrade+0x6d0/0x6d0
[  715.586405]  ? __do_sys_io_uring_enter+0xa17/0x1520
[  715.586985]  __do_sys_io_uring_enter+0xa17/0x1520
[  715.587539]  ? bit_wait_io_timeout+0x160/0x160
[  715.588061]  ? lock_is_held_type+0xd7/0x130
[  715.588541]  ? io_submit_sqes+0x9690/0x9690
[  715.589048]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  715.589659]  ? vfs_write+0x428/0xad0
[  715.590084]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  715.590686]  ? fput+0x2a/0x50
[  715.591044]  ? syscall_enter_from_user_mode+0x1d/0x50
[  715.591612]  do_syscall_64+0x3b/0x90
[  715.592035]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  715.592608] RIP: 0033:0x7f9f5db0bb19
[  715.593032] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  715.595032] RSP: 002b:00007f9f5b081188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[  715.595891] RAX: ffffffffffffffda RBX: 00007f9f5dc1ef60 RCX: 00007f9f5db0bb19
[  715.596710] RDX: 0000000000000000 RSI: 0000000000004059 RDI: 0000000000000003
[  715.597508] RBP: 00007f9f5b0811d0 R08: 0000000000000000 R09: 0000000000000000
[  715.598308] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  715.599100] R13: 00007ffd1170c0ff R14: 00007f9f5b081300 R15: 0000000000022000
[  715.599909]  </TASK>
[  715.607128] isofs_fill_super: get root inode failed
12:45:37 executing program 5:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000be000000000000be252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c", 0x8c, 0x8800}, {&(0x7f0000000040)="22df1d0000000000000d00080005e20008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000011e00))
mkdirat(r0, &(0x7f0000000300)='./file0\x00', 0x8)

12:45:37 executing program 0:
r0 = syz_io_uring_setup(0x0, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:45:37 executing program 2:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0) (fail_nth: 1)

[  715.658844] loop5: detected capacity change from 0 to 240
12:45:37 executing program 6:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 49)

[  715.694482] isofs_fill_super: get root inode failed
[  715.727290] FAULT_INJECTION: forcing a failure.
[  715.727290] name failslab, interval 1, probability 0, space 0, times 0
[  715.728598] CPU: 1 PID: 5944 Comm: syz-executor.6 Not tainted 5.17.0-rc8-next-20220318 #1
[  715.729482] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  715.730692] Call Trace:
[  715.730967]  <TASK>
[  715.731202]  dump_stack_lvl+0x8b/0xb3
[  715.731618]  should_fail.cold+0x5/0xa
[  715.732021]  ? create_object.isra.0+0x3a/0xa20
[  715.732525]  should_failslab+0x5/0x10
[  715.732937]  kmem_cache_alloc+0x5b/0x480
[  715.733371]  ? mark_held_locks+0x9e/0xe0
[  715.733809]  create_object.isra.0+0x3a/0xa20
[  715.734274]  kmemleak_alloc_percpu+0xa0/0x100
[  715.734755]  pcpu_alloc+0x7bf/0x1060
[  715.735168]  __percpu_init_rwsem+0x22/0x150
[  715.735627]  alloc_super+0x222/0x9d0
[  715.736034]  sget_fc+0x13e/0x7a0
[  715.736402]  ? refcount_dec_not_one+0x13b/0x1e0
[  715.736916]  ? set_anon_super+0xb0/0xb0
[  715.737359]  ? mqueue_get_tree+0x130/0x130
[  715.737827]  get_tree_nodev+0x24/0x1d0
[  715.738272]  mqueue_get_tree+0xee/0x130
[  715.738712]  vfs_get_tree+0x8e/0x2f0
[  715.739137]  fc_mount+0x13/0xc0
[  715.739501]  mq_init_ns+0x43e/0x630
[  715.739912]  copy_ipcs+0x35e/0x5d0
[  715.740315]  ? copy_utsname+0xa9/0x4a0
[  715.740770]  create_new_namespaces+0x210/0xb30
[  715.741289]  copy_namespaces+0x391/0x450
[  715.741759]  copy_process+0x2ba5/0x6d10
[  715.742229]  ? __cleanup_sighand+0xb0/0xb0
[  715.742714]  ? lock_is_held_type+0xd7/0x130
[  715.743197]  ? find_held_lock+0x2c/0x110
[  715.743663]  ? kernel_clone+0xc4/0xa60
[  715.744101]  kernel_clone+0xe7/0xa60
[  715.744523]  ? create_io_thread+0xf0/0xf0
[  715.744999]  ? find_held_lock+0x2c/0x110
[  715.745469]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  715.746032]  ? bit_wait_io_timeout+0x160/0x160
[  715.746561]  __do_sys_clone+0xc8/0x110
[  715.746997]  ? __do_sys_vfork+0xd0/0xd0
[  715.747449]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  715.748065]  ? vfs_write+0x428/0xad0
[  715.748502]  ? syscall_enter_from_user_mode+0x1d/0x50
[  715.749099]  do_syscall_64+0x3b/0x90
[  715.749528]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  715.750092] RIP: 0033:0x7fa70862cb19
[  715.750179] FAULT_INJECTION: forcing a failure.
[  715.750179] name failslab, interval 1, probability 0, space 0, times 0
[  715.750501] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  715.750514] RSP: 002b:00007fa705ba2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  715.750528] RAX: ffffffffffffffda RBX: 00007fa70873ff60 RCX: 00007fa70862cb19
[  715.750537] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  715.750545] RBP: 00007fa705ba21d0 R08: 0000000000000000 R09: 0000000000000000
[  715.750553] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  715.750560] R13: 00007ffd6adb49ef R14: 00007fa705ba2300 R15: 0000000000022000
[  715.759734]  </TASK>
[  715.759999] CPU: 0 PID: 5949 Comm: syz-executor.2 Not tainted 5.17.0-rc8-next-20220318 #1
[  715.761763] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  715.764153] Call Trace:
[  715.764705]  <TASK>
[  715.765179]  dump_stack_lvl+0x8b/0xb3
[  715.766003]  should_fail.cold+0x5/0xa
[  715.766825]  should_failslab+0x5/0x10
[  715.767635]  kmem_cache_alloc_bulk+0x47/0x780
[  715.768585]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  715.769768]  ? percpu_counter_add_batch+0xb4/0x170
[  715.770818]  io_submit_sqes.cold+0x1b6/0x3eb
[  715.771778]  ? find_held_lock+0x2c/0x110
[  715.772648]  ? io_apoll_task_func+0x230/0x230
[  715.773608]  ? lock_release+0x3b2/0x6f0
[  715.774449]  ? __do_sys_io_uring_enter+0x424/0x1520
[  715.775513]  ? lock_downgrade+0x6d0/0x6d0
[  715.776412]  ? __do_sys_io_uring_enter+0xa17/0x1520
[  715.777490]  __do_sys_io_uring_enter+0xa17/0x1520
[  715.778533]  ? bit_wait_io_timeout+0x160/0x160
[  715.779513]  ? lock_is_held_type+0xd7/0x130
[  715.780432]  ? io_submit_sqes+0x9690/0x9690
[  715.781370]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  715.782543]  ? vfs_write+0x428/0xad0
[  715.783344]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  715.784514]  ? fput+0x2a/0x50
[  715.785205]  ? syscall_enter_from_user_mode+0x1d/0x50
[  715.786311]  do_syscall_64+0x3b/0x90
[  715.787109]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  715.788214] RIP: 0033:0x7fb6c8047b19
[  715.789011] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  715.792893] RSP: 002b:00007fb6c55bd188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[  715.794493] RAX: ffffffffffffffda RBX: 00007fb6c815af60 RCX: 00007fb6c8047b19
[  715.795997] RDX: 0000000000000000 RSI: 0000000000004059 RDI: 0000000000000003
[  715.797512] RBP: 00007fb6c55bd1d0 R08: 0000000000000000 R09: 0000000000000000
[  715.799009] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  715.800510] R13: 00007fff02802d3f R14: 00007fb6c55bd300 R15: 0000000000022000
[  715.802053]  </TASK>
12:45:38 executing program 5:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000be000000000000be252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000", 0x96, 0x8800}, {&(0x7f0000000040)="22df1d0000000000000d00080005e20008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000011e00))
mkdirat(r0, &(0x7f0000000300)='./file0\x00', 0x8)

12:45:38 executing program 0:
r0 = syz_io_uring_setup(0x0, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:45:38 executing program 1:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 48)

[  715.847987] FAULT_INJECTION: forcing a failure.
[  715.847987] name failslab, interval 1, probability 0, space 0, times 0
[  715.849332] CPU: 1 PID: 5951 Comm: syz-executor.1 Not tainted 5.17.0-rc8-next-20220318 #1
[  715.850222] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  715.851412] Call Trace:
[  715.851686]  <TASK>
[  715.851924]  dump_stack_lvl+0x8b/0xb3
[  715.852338]  should_fail.cold+0x5/0xa
[  715.852770]  ? create_object.isra.0+0x3a/0xa20
[  715.853266]  should_failslab+0x5/0x10
[  715.853679]  kmem_cache_alloc+0x5b/0x480
[  715.854116]  create_object.isra.0+0x3a/0xa20
[  715.854586]  kmemleak_alloc_percpu+0xa0/0x100
[  715.855070]  pcpu_alloc+0x7bf/0x1060
[  715.855484]  __percpu_init_rwsem+0x22/0x150
[  715.855946]  alloc_super+0x222/0x9d0
[  715.856351]  sget_fc+0x13e/0x7a0
[  715.856726]  ? refcount_dec_not_one+0x13b/0x1e0
[  715.857224]  ? set_anon_super+0xb0/0xb0
[  715.857661]  ? mqueue_get_tree+0x130/0x130
[  715.858108]  get_tree_nodev+0x24/0x1d0
[  715.858548]  mqueue_get_tree+0xee/0x130
[  715.858997]  vfs_get_tree+0x8e/0x2f0
[  715.859425]  fc_mount+0x13/0xc0
[  715.859794]  mq_init_ns+0x43e/0x630
[  715.860201]  copy_ipcs+0x35e/0x5d0
[  715.860607]  ? copy_utsname+0xa9/0x4a0
[  715.861069]  create_new_namespaces+0x210/0xb30
[  715.861590]  copy_namespaces+0x391/0x450
[  715.862042]  copy_process+0x2ba5/0x6d10
[  715.862514]  ? __cleanup_sighand+0xb0/0xb0
[  715.862996]  ? lock_is_held_type+0xd7/0x130
[  715.863479]  ? find_held_lock+0x2c/0x110
[  715.863939]  ? kernel_clone+0xc4/0xa60
[  715.864378]  kernel_clone+0xe7/0xa60
[  715.864800]  ? create_io_thread+0xf0/0xf0
[  715.865274]  ? find_held_lock+0x2c/0x110
[  715.865727]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  715.866285]  ? bit_wait_io_timeout+0x160/0x160
[  715.866793]  __do_sys_clone+0xc8/0x110
[  715.867242]  ? __do_sys_vfork+0xd0/0xd0
[  715.867699]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  715.868324]  ? vfs_write+0x428/0xad0
[  715.868761]  ? syscall_enter_from_user_mode+0x1d/0x50
[  715.869343]  do_syscall_64+0x3b/0x90
[  715.869774]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  715.870365] RIP: 0033:0x7f71bf82bb19
[  715.870780] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  715.872909] RSP: 002b:00007f71bcda1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  715.873765] RAX: ffffffffffffffda RBX: 00007f71bf93ef60 RCX: 00007f71bf82bb19
[  715.874575] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  715.875373] RBP: 00007f71bcda11d0 R08: 0000000000000000 R09: 0000000000000000
[  715.876171] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  715.876987] R13: 00007ffdc313072f R14: 00007f71bcda1300 R15: 0000000000022000
[  715.877794]  </TASK>
[  715.900176] loop5: detected capacity change from 0 to 240
[  715.909572] isofs_fill_super: get root inode failed
12:45:38 executing program 6:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 50)

[  715.944505] FAULT_INJECTION: forcing a failure.
[  715.944505] name failslab, interval 1, probability 0, space 0, times 0
[  715.945787] CPU: 1 PID: 5958 Comm: syz-executor.6 Not tainted 5.17.0-rc8-next-20220318 #1
[  715.946653] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  715.947853] Call Trace:
[  715.948123]  <TASK>
[  715.948359]  dump_stack_lvl+0x8b/0xb3
[  715.948782]  should_fail.cold+0x5/0xa
[  715.949185]  ? __list_lru_init+0xc7/0x590
[  715.949633]  should_failslab+0x5/0x10
[  715.950030]  __kmalloc+0x72/0x440
[  715.950417]  __list_lru_init+0xc7/0x590
[  715.950844]  alloc_super+0x814/0x9d0
[  715.951247]  sget_fc+0x13e/0x7a0
[  715.951609]  ? refcount_dec_not_one+0x13b/0x1e0
[  715.952126]  ? set_anon_super+0xb0/0xb0
[  715.952559]  ? mqueue_get_tree+0x130/0x130
[  715.953024]  get_tree_nodev+0x24/0x1d0
[  715.953442]  mqueue_get_tree+0xee/0x130
[  715.953889]  vfs_get_tree+0x8e/0x2f0
[  715.954322]  fc_mount+0x13/0xc0
[  715.954697]  mq_init_ns+0x43e/0x630
[  715.955117]  copy_ipcs+0x35e/0x5d0
[  715.955521]  ? copy_utsname+0xa9/0x4a0
[  715.955970]  create_new_namespaces+0x210/0xb30
[  715.956485]  copy_namespaces+0x391/0x450
[  715.956955]  copy_process+0x2ba5/0x6d10
[  715.957415]  ? __cleanup_sighand+0xb0/0xb0
[  715.957894]  ? lock_is_held_type+0xd7/0x130
[  715.958364]  ? find_held_lock+0x2c/0x110
[  715.958825]  ? kernel_clone+0xc4/0xa60
[  715.959266]  kernel_clone+0xe7/0xa60
[  715.959700]  ? create_io_thread+0xf0/0xf0
[  715.960166]  ? find_held_lock+0x2c/0x110
[  715.960630]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  715.961193]  ? bit_wait_io_timeout+0x160/0x160
[  715.961722]  __do_sys_clone+0xc8/0x110
[  715.962166]  ? __do_sys_vfork+0xd0/0xd0
[  715.962626]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  715.963252]  ? vfs_write+0x428/0xad0
[  715.963686]  ? syscall_enter_from_user_mode+0x1d/0x50
[  715.964270]  do_syscall_64+0x3b/0x90
[  715.964706]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  715.965279] RIP: 0033:0x7fa70862cb19
[  715.965689] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  715.967750] RSP: 002b:00007fa705ba2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  715.968601] RAX: ffffffffffffffda RBX: 00007fa70873ff60 RCX: 00007fa70862cb19
[  715.969400] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  715.970207] RBP: 00007fa705ba21d0 R08: 0000000000000000 R09: 0000000000000000
[  715.970998] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  715.971800] R13: 00007ffd6adb49ef R14: 00007fa705ba2300 R15: 0000000000022000
[  715.972622]  </TASK>
12:45:38 executing program 3:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0) (fail_nth: 2)

[  715.993290] FAULT_INJECTION: forcing a failure.
[  715.993290] name failslab, interval 1, probability 0, space 0, times 0
[  715.994631] CPU: 1 PID: 5960 Comm: syz-executor.3 Not tainted 5.17.0-rc8-next-20220318 #1
[  715.995488] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  715.996685] Call Trace:
[  715.996973]  <TASK>
[  715.997204]  dump_stack_lvl+0x8b/0xb3
[  715.997627]  should_fail.cold+0x5/0xa
[  715.998033]  ? create_object.isra.0+0x3a/0xa20
[  715.998524]  should_failslab+0x5/0x10
[  715.998922]  kmem_cache_alloc+0x5b/0x480
[  715.999371]  create_object.isra.0+0x3a/0xa20
[  715.999833]  ? kasan_unpoison+0x23/0x50
[  716.000270]  kmem_cache_alloc_bulk+0x3fa/0x780
[  716.000770]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  716.001350]  ? percpu_counter_add_batch+0xb4/0x170
[  716.001908]  io_submit_sqes.cold+0x1b6/0x3eb
[  716.002416]  ? find_held_lock+0x2c/0x110
[  716.002870]  ? io_apoll_task_func+0x230/0x230
[  716.003396]  ? __do_sys_io_uring_enter+0xa17/0x1520
[  716.003966]  __do_sys_io_uring_enter+0xa17/0x1520
[  716.004508]  ? bit_wait_io_timeout+0x160/0x160
[  716.005050]  ? lock_is_held_type+0xd7/0x130
[  716.005540]  ? io_submit_sqes+0x9690/0x9690
[  716.006027]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  716.006638]  ? vfs_write+0x428/0xad0
[  716.007061]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  716.007690]  ? fput+0x2a/0x50
[  716.008056]  ? syscall_enter_from_user_mode+0x1d/0x50
[  716.008653]  do_syscall_64+0x3b/0x90
[  716.009081]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  716.009653] RIP: 0033:0x7f9f5db0bb19
[  716.010068] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  716.012105] RSP: 002b:00007f9f5b081188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[  716.012968] RAX: ffffffffffffffda RBX: 00007f9f5dc1ef60 RCX: 00007f9f5db0bb19
[  716.013766] RDX: 0000000000000000 RSI: 0000000000004059 RDI: 0000000000000003
[  716.014567] RBP: 00007f9f5b0811d0 R08: 0000000000000000 R09: 0000000000000000
[  716.015346] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  716.016151] R13: 00007ffd1170c0ff R14: 00007f9f5b081300 R15: 0000000000022000
[  716.016965]  </TASK>
[  734.138525] FAULT_INJECTION: forcing a failure.
[  734.138525] name failslab, interval 1, probability 0, space 0, times 0
[  734.140949] CPU: 1 PID: 5974 Comm: syz-executor.1 Not tainted 5.17.0-rc8-next-20220318 #1
[  734.142620] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  734.144880] Call Trace:
[  734.145407]  <TASK>
[  734.145853]  dump_stack_lvl+0x8b/0xb3
[  734.146629]  should_fail.cold+0x5/0xa
[  734.147403]  ? create_object.isra.0+0x3a/0xa20
[  734.148332]  should_failslab+0x5/0x10
[  734.149114]  kmem_cache_alloc+0x5b/0x480
[  734.149939]  create_object.isra.0+0x3a/0xa20
[  734.150827]  kmemleak_alloc_percpu+0xa0/0x100
12:45:56 executing program 4:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, 0x0}, 0x0)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
read(r0, &(0x7f00000001c0)=""/133, 0x85)

12:45:56 executing program 0:
r0 = syz_io_uring_setup(0xeaf, 0x0, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:45:56 executing program 6:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 51)

12:45:56 executing program 5:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000be000000000000be252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000", 0x96, 0x8800}, {&(0x7f0000000040)="22df1d0000000000000d00080005e20008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000011e00))
mkdirat(r0, &(0x7f0000000300)='./file0\x00', 0x8)

12:45:56 executing program 1:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 49)

12:45:56 executing program 7:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff000000000000000007"], 0x1c}], 0x1}, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0)
sendmsg$IPVS_CMD_DEL_SERVICE(r0, &(0x7f0000001200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000001180)={&(0x7f0000001340)=ANY=[@ANYBLOB="f954b225", @ANYRES16=0x0, @ANYBLOB="01002dbd7000fddbdf2503000000140002800800030000000000080004002400000008000500ffffffff"], 0x30}, 0x1, 0x0, 0x0, 0x24008805}, 0x20000000)
preadv(r1, &(0x7f00000011c0)=[{&(0x7f0000000180)=""/4096, 0x1000}], 0x1, 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r2, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0)
r3 = fork()
r4 = pidfd_open(r3, 0x0)
process_madvise(r4, 0x0, 0x0, 0x14, 0x0)
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='uid_map\x00')
preadv(r5, &(0x7f0000000300)=[{&(0x7f0000000200)=""/66, 0x42}], 0x1, 0x1, 0x0)
read(r5, &(0x7f0000001240)=""/196, 0xc4)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
ioctl$SNDRV_TIMER_IOCTL_STOP(0xffffffffffffffff, 0x54a1)
connect$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x1c)
read(r0, &(0x7f00000001c0)=""/133, 0x85)

12:45:56 executing program 2:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0) (fail_nth: 2)

12:45:56 executing program 3:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0) (fail_nth: 3)

[  734.151744]  pcpu_alloc+0x7bf/0x1060
[  734.152763]  __percpu_init_rwsem+0x22/0x150
[  734.153653]  alloc_super+0x222/0x9d0
[  734.154417]  sget_fc+0x13e/0x7a0
[  734.155105]  ? refcount_dec_not_one+0x13b/0x1e0
[  734.156055]  ? set_anon_super+0xb0/0xb0
[  734.156862]  ? mqueue_get_tree+0x130/0x130
[  734.157726]  get_tree_nodev+0x24/0x1d0
[  734.158081] loop5: detected capacity change from 0 to 240
[  734.158524]  mqueue_get_tree+0xee/0x130
[  734.158553]  vfs_get_tree+0x8e/0x2f0
[  734.161170]  fc_mount+0x13/0xc0
[  734.161844]  mq_init_ns+0x43e/0x630
[  734.162579]  copy_ipcs+0x35e/0x5d0
[  734.163293]  ? copy_utsname+0xa9/0x4a0
[  734.164073]  create_new_namespaces+0x210/0xb30
[  734.165028]  copy_namespaces+0x391/0x450
[  734.165844]  copy_process+0x2ba5/0x6d10
[  734.166681]  ? __cleanup_sighand+0xb0/0xb0
[  734.167542]  ? lock_is_held_type+0xd7/0x130
[  734.168430]  ? find_held_lock+0x2c/0x110
[  734.169265]  ? kernel_clone+0xc4/0xa60
[  734.170062]  kernel_clone+0xe7/0xa60
[  734.170825]  ? create_io_thread+0xf0/0xf0
[  734.171644] FAULT_INJECTION: forcing a failure.
[  734.171644] name failslab, interval 1, probability 0, space 0, times 0
[  734.171658]  ? find_held_lock+0x2c/0x110
[  734.171691]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  734.175656]  ? bit_wait_io_timeout+0x160/0x160
[  734.176583]  __do_sys_clone+0xc8/0x110
[  734.177377]  ? __do_sys_vfork+0xd0/0xd0
[  734.178180]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  734.179280]  ? vfs_write+0x428/0xad0
[  734.180050]  ? syscall_enter_from_user_mode+0x1d/0x50
[  734.181099]  do_syscall_64+0x3b/0x90
[  734.181858]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  734.182899] RIP: 0033:0x7f71bf82bb19
[  734.183642] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  734.187317] RSP: 002b:00007f71bcda1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  734.188828] RAX: ffffffffffffffda RBX: 00007f71bf93ef60 RCX: 00007f71bf82bb19
[  734.190254] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  734.191670] RBP: 00007f71bcda11d0 R08: 0000000000000000 R09: 0000000000000000
[  734.193100] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  734.194513] R13: 00007ffdc313072f R14: 00007f71bcda1300 R15: 0000000000022000
[  734.195950]  </TASK>
[  734.196412] CPU: 0 PID: 5981 Comm: syz-executor.6 Not tainted 5.17.0-rc8-next-20220318 #1
[  734.198054] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  734.200311] Call Trace:
[  734.200817]  <TASK>
[  734.201270]  dump_stack_lvl+0x8b/0xb3
[  734.202051]  should_fail.cold+0x5/0xa
[  734.202830]  ? create_object.isra.0+0x3a/0xa20
[  734.203762]  should_failslab+0x5/0x10
[  734.204528]  kmem_cache_alloc+0x5b/0x480
[  734.205370]  create_object.isra.0+0x3a/0xa20
[  734.206262]  ? kasan_unpoison+0x23/0x50
[  734.207083]  __kmalloc+0x25b/0x440
[  734.207809]  __list_lru_init+0xc7/0x590
[  734.208619]  alloc_super+0x814/0x9d0
[  734.209389]  sget_fc+0x13e/0x7a0
[  734.210080]  ? refcount_dec_not_one+0x13b/0x1e0
[  734.211010]  ? set_anon_super+0xb0/0xb0
[  734.211791]  ? mqueue_get_tree+0x130/0x130
[  734.212636]  get_tree_nodev+0x24/0x1d0
[  734.213437]  mqueue_get_tree+0xee/0x130
[  734.214231]  vfs_get_tree+0x8e/0x2f0
[  734.214985]  fc_mount+0x13/0xc0
[  734.215652]  mq_init_ns+0x43e/0x630
[  734.216387]  copy_ipcs+0x35e/0x5d0
[  734.217115]  ? copy_utsname+0xa9/0x4a0
[  734.217906]  create_new_namespaces+0x210/0xb30
[  734.218839]  copy_namespaces+0x391/0x450
[  734.219419] FAULT_INJECTION: forcing a failure.
[  734.219419] name failslab, interval 1, probability 0, space 0, times 0
[  734.219661]  copy_process+0x2ba5/0x6d10
[  734.222661]  ? __cleanup_sighand+0xb0/0xb0
[  734.223516]  ? lock_is_held_type+0xd7/0x130
[  734.224375]  ? find_held_lock+0x2c/0x110
[  734.225200]  ? kernel_clone+0xc4/0xa60
[  734.225983]  kernel_clone+0xe7/0xa60
[  734.226734]  ? create_io_thread+0xf0/0xf0
[  734.227562]  ? find_held_lock+0x2c/0x110
[  734.228374]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  734.229362]  ? bit_wait_io_timeout+0x160/0x160
[  734.230280]  __do_sys_clone+0xc8/0x110
[  734.231059]  ? __do_sys_vfork+0xd0/0xd0
[  734.231854]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  734.232964]  ? vfs_write+0x428/0xad0
[  734.233726]  ? syscall_enter_from_user_mode+0x1d/0x50
[  734.234755]  do_syscall_64+0x3b/0x90
[  734.235499]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  734.236527] RIP: 0033:0x7fa70862cb19
[  734.237261] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  734.240866] RSP: 002b:00007fa705ba2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  734.242369] RAX: ffffffffffffffda RBX: 00007fa70873ff60 RCX: 00007fa70862cb19
[  734.243767] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  734.245185] RBP: 00007fa705ba21d0 R08: 0000000000000000 R09: 0000000000000000
[  734.246585] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  734.247979] R13: 00007ffd6adb49ef R14: 00007fa705ba2300 R15: 0000000000022000
[  734.249411]  </TASK>
[  734.249867] CPU: 1 PID: 5973 Comm: syz-executor.2 Not tainted 5.17.0-rc8-next-20220318 #1
[  734.251519] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  734.253811] Call Trace:
[  734.254321]  <TASK>
[  734.254766]  dump_stack_lvl+0x8b/0xb3
[  734.255538]  should_fail.cold+0x5/0xa
[  734.256304]  ? create_object.isra.0+0x3a/0xa20
[  734.257236]  should_failslab+0x5/0x10
[  734.257994]  kmem_cache_alloc+0x5b/0x480
[  734.258810]  create_object.isra.0+0x3a/0xa20
[  734.259693]  ? kasan_unpoison+0x23/0x50
[  734.260505]  kmem_cache_alloc_bulk+0x3fa/0x780
[  734.261429]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  734.262522]  ? percpu_counter_add_batch+0xb4/0x170
[  734.263513]  io_submit_sqes.cold+0x1b6/0x3eb
[  734.264413]  ? find_held_lock+0x2c/0x110
[  734.265230]  ? io_apoll_task_func+0x230/0x230
[  734.266160]  ? __do_sys_io_uring_enter+0xa17/0x1520
[  734.267161]  __do_sys_io_uring_enter+0xa17/0x1520
[  734.268139]  ? bit_wait_io_timeout+0x160/0x160
[  734.269071]  ? lock_is_held_type+0xd7/0x130
[  734.269931]  ? io_submit_sqes+0x9690/0x9690
[  734.270799]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  734.271897]  ? vfs_write+0x428/0xad0
[  734.272647]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  734.273754]  ? fput+0x2a/0x50
[  734.274396]  ? syscall_enter_from_user_mode+0x1d/0x50
[  734.275433]  do_syscall_64+0x3b/0x90
[  734.276189]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  734.277243] RIP: 0033:0x7fb6c8047b19
[  734.277979] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  734.281637] RSP: 002b:00007fb6c55bd188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[  734.283149] RAX: ffffffffffffffda RBX: 00007fb6c815af60 RCX: 00007fb6c8047b19
[  734.284562] RDX: 0000000000000000 RSI: 0000000000004059 RDI: 0000000000000003
[  734.285993] RBP: 00007fb6c55bd1d0 R08: 0000000000000000 R09: 0000000000000000
[  734.287405] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  734.288817] R13: 00007fff02802d3f R14: 00007fb6c55bd300 R15: 0000000000022000
[  734.290263]  </TASK>
[  734.292431] FAULT_INJECTION: forcing a failure.
[  734.292431] name failslab, interval 1, probability 0, space 0, times 0
[  734.292756] isofs_fill_super: get root inode failed
[  734.294667] CPU: 1 PID: 5982 Comm: syz-executor.3 Not tainted 5.17.0-rc8-next-20220318 #1
[  734.294693] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  734.299551] Call Trace:
[  734.300060]  <TASK>
[  734.300505]  dump_stack_lvl+0x8b/0xb3
[  734.301283]  should_fail.cold+0x5/0xa
[  734.302051]  ? create_object.isra.0+0x3a/0xa20
[  734.302974]  should_failslab+0x5/0x10
[  734.303730]  kmem_cache_alloc+0x5b/0x480
[  734.304545]  ? mark_held_locks+0x9e/0xe0
[  734.305379]  create_object.isra.0+0x3a/0xa20
[  734.306264]  ? kasan_unpoison+0x23/0x50
[  734.307073]  kmem_cache_alloc_bulk+0x3fa/0x780
[  734.307997]  io_submit_sqes.cold+0x1b6/0x3eb
[  734.308901]  ? find_held_lock+0x2c/0x110
[  734.309723]  ? io_apoll_task_func+0x230/0x230
[  734.310662]  ? __do_sys_io_uring_enter+0xa17/0x1520
[  734.311675]  __do_sys_io_uring_enter+0xa17/0x1520
[  734.312682]  ? bit_wait_io_timeout+0x160/0x160
[  734.313643]  ? lock_is_held_type+0xd7/0x130
[  734.314529]  ? io_submit_sqes+0x9690/0x9690
[  734.315415]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  734.316545]  ? vfs_write+0x428/0xad0
[  734.317332]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  734.318450]  ? fput+0x2a/0x50
[  734.319099]  ? syscall_enter_from_user_mode+0x1d/0x50
[  734.320139]  do_syscall_64+0x3b/0x90
[  734.320900]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  734.321967] RIP: 0033:0x7f9f5db0bb19
[  734.322705] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  734.326408] RSP: 002b:00007f9f5b081188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[  734.327882] RAX: ffffffffffffffda RBX: 00007f9f5dc1ef60 RCX: 00007f9f5db0bb19
[  734.329288] RDX: 0000000000000000 RSI: 0000000000004059 RDI: 0000000000000003
[  734.330675] RBP: 00007f9f5b0811d0 R08: 0000000000000000 R09: 0000000000000000
[  734.332043] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  734.333428] R13: 00007ffd1170c0ff R14: 00007f9f5b081300 R15: 0000000000022000
[  734.334831]  </TASK>
12:45:56 executing program 0:
r0 = syz_io_uring_setup(0xeaf, 0x0, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:45:56 executing program 6:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 52)

12:45:56 executing program 1:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 50)

12:45:56 executing program 5:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000be000000000000be252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000", 0x96, 0x8800}, {&(0x7f0000000040)="22df1d0000000000000d00080005e20008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000011e00))
mkdirat(r0, &(0x7f0000000300)='./file0\x00', 0x8)

12:45:56 executing program 2:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0) (fail_nth: 3)

12:45:56 executing program 7:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff000000000000000007"], 0x1c}], 0x1}, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0)
sendmsg$IPVS_CMD_DEL_SERVICE(r0, &(0x7f0000001200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000001180)={&(0x7f0000001340)=ANY=[@ANYBLOB="f954b225", @ANYRES16=0x0, @ANYBLOB="01002dbd7000fddbdf2503000000140002800800030000000000080004002400000008000500ffffffff"], 0x30}, 0x1, 0x0, 0x0, 0x24008805}, 0x20000000)
preadv(r1, &(0x7f00000011c0)=[{&(0x7f0000000180)=""/4096, 0x1000}], 0x1, 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r2, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0)
r3 = fork()
r4 = pidfd_open(r3, 0x0)
process_madvise(r4, 0x0, 0x0, 0x14, 0x0)
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='uid_map\x00')
preadv(r5, &(0x7f0000000300)=[{&(0x7f0000000200)=""/66, 0x42}], 0x1, 0x1, 0x0)
read(r5, &(0x7f0000001240)=""/196, 0xc4)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
ioctl$SNDRV_TIMER_IOCTL_STOP(0xffffffffffffffff, 0x54a1)
connect$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x1c)

12:45:56 executing program 3:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0) (fail_nth: 4)

[  734.548410] loop5: detected capacity change from 0 to 240
12:45:56 executing program 0:
r0 = syz_io_uring_setup(0xeaf, 0x0, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

[  734.572518] isofs_fill_super: get root inode failed
[  734.578191] FAULT_INJECTION: forcing a failure.
[  734.578191] name failslab, interval 1, probability 0, space 0, times 0
[  734.580795] CPU: 0 PID: 6002 Comm: syz-executor.6 Not tainted 5.17.0-rc8-next-20220318 #1
[  734.582679] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  734.585279] Call Trace:
[  734.585864]  <TASK>
[  734.586365]  dump_stack_lvl+0x8b/0xb3
[  734.587167]  should_fail.cold+0x5/0xa
[  734.587925]  ? __list_lru_init+0xc7/0x590
[  734.588758]  should_failslab+0x5/0x10
[  734.589521]  __kmalloc+0x72/0x440
[  734.590203]  __list_lru_init+0xc7/0x590
[  734.591002]  alloc_super+0x83e/0x9d0
[  734.591763]  sget_fc+0x13e/0x7a0
[  734.592445]  ? refcount_dec_not_one+0x13b/0x1e0
[  734.592650] FAULT_INJECTION: forcing a failure.
[  734.592650] name failslab, interval 1, probability 0, space 0, times 0
[  734.593391]  ? set_anon_super+0xb0/0xb0
[  734.596371]  ? mqueue_get_tree+0x130/0x130
[  734.597289]  get_tree_nodev+0x24/0x1d0
[  734.598081]  mqueue_get_tree+0xee/0x130
[  734.598876]  vfs_get_tree+0x8e/0x2f0
[  734.599626]  fc_mount+0x13/0xc0
[  734.600287]  mq_init_ns+0x43e/0x630
[  734.601035]  copy_ipcs+0x35e/0x5d0
[  734.601769]  ? copy_utsname+0xa9/0x4a0
[  734.602557]  create_new_namespaces+0x210/0xb30
[  734.603501]  copy_namespaces+0x391/0x450
[  734.604318]  copy_process+0x2ba5/0x6d10
[  734.605154]  ? __cleanup_sighand+0xb0/0xb0
[  734.606012]  ? lock_is_held_type+0xd7/0x130
[  734.606869]  ? find_held_lock+0x2c/0x110
[  734.607682]  ? kernel_clone+0xc4/0xa60
[  734.608465]  kernel_clone+0xe7/0xa60
[  734.609250]  ? create_io_thread+0xf0/0xf0
[  734.610085]  ? find_held_lock+0x2c/0x110
[  734.610899]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  734.611886]  ? bit_wait_io_timeout+0x160/0x160
[  734.612806]  __do_sys_clone+0xc8/0x110
[  734.613596]  ? __do_sys_vfork+0xd0/0xd0
[  734.614394]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  734.615489]  ? vfs_write+0x428/0xad0
[  734.616252]  ? syscall_enter_from_user_mode+0x1d/0x50
[  734.617299]  do_syscall_64+0x3b/0x90
[  734.618048]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  734.619085] RIP: 0033:0x7fa70862cb19
[  734.619819] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  734.623464] RSP: 002b:00007fa705ba2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  734.624977] RAX: ffffffffffffffda RBX: 00007fa70873ff60 RCX: 00007fa70862cb19
[  734.626388] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  734.627798] RBP: 00007fa705ba21d0 R08: 0000000000000000 R09: 0000000000000000
[  734.629224] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  734.630635] R13: 00007ffd6adb49ef R14: 00007fa705ba2300 R15: 0000000000022000
[  734.632076]  </TASK>
[  734.632539] CPU: 1 PID: 6003 Comm: syz-executor.2 Not tainted 5.17.0-rc8-next-20220318 #1
[  734.634205] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  734.636457] Call Trace:
[  734.636993]  <TASK>
[  734.637442]  dump_stack_lvl+0x8b/0xb3
[  734.638220]  should_fail.cold+0x5/0xa
[  734.638987]  ? create_object.isra.0+0x3a/0xa20
[  734.639911]  should_failslab+0x5/0x10
[  734.640667]  kmem_cache_alloc+0x5b/0x480
[  734.641491]  ? mark_held_locks+0x9e/0xe0
[  734.642308]  create_object.isra.0+0x3a/0xa20
[  734.643193]  ? kasan_unpoison+0x23/0x50
[  734.643998]  kmem_cache_alloc_bulk+0x3fa/0x780
[  734.644904]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  734.646021]  ? percpu_counter_add_batch+0xb4/0x170
[  734.647007]  io_submit_sqes.cold+0x1b6/0x3eb
[  734.647910]  ? find_held_lock+0x2c/0x110
[  734.648717]  ? io_apoll_task_func+0x230/0x230
[  734.649654]  ? __do_sys_io_uring_enter+0xa17/0x1520
[  734.650654]  __do_sys_io_uring_enter+0xa17/0x1520
[  734.651626]  ? bit_wait_io_timeout+0x160/0x160
[  734.652565]  ? lock_is_held_type+0xd7/0x130
[  734.653705]  ? io_submit_sqes+0x9690/0x9690
[  734.654660]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  734.655761]  ? vfs_write+0x428/0xad0
[  734.656528]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  734.657643]  ? fput+0x2a/0x50
[  734.658290]  ? syscall_enter_from_user_mode+0x1d/0x50
[  734.659330]  do_syscall_64+0x3b/0x90
[  734.660087]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  734.661152] RIP: 0033:0x7fb6c8047b19
[  734.661994] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  734.665943] RSP: 002b:00007fb6c55bd188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[  734.667453] RAX: ffffffffffffffda RBX: 00007fb6c815af60 RCX: 00007fb6c8047b19
[  734.668865] RDX: 0000000000000000 RSI: 0000000000004059 RDI: 0000000000000003
[  734.670286] RBP: 00007fb6c55bd1d0 R08: 0000000000000000 R09: 0000000000000000
[  734.671687] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  734.673117] R13: 00007fff02802d3f R14: 00007fb6c55bd300 R15: 0000000000022000
[  734.674555]  </TASK>
[  734.693103] FAULT_INJECTION: forcing a failure.
[  734.693103] name failslab, interval 1, probability 0, space 0, times 0
[  734.693126] FAULT_INJECTION: forcing a failure.
[  734.693126] name failslab, interval 1, probability 0, space 0, times 0
[  734.695611] CPU: 0 PID: 6006 Comm: syz-executor.1 Not tainted 5.17.0-rc8-next-20220318 #1
[  734.699310] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  734.701604] Call Trace:
[  734.702117]  <TASK>
[  734.702564]  dump_stack_lvl+0x8b/0xb3
[  734.703353]  should_fail.cold+0x5/0xa
[  734.704125]  ? __list_lru_init+0xc7/0x590
[  734.704979]  should_failslab+0x5/0x10
[  734.705741]  __kmalloc+0x72/0x440
[  734.706453]  __list_lru_init+0xc7/0x590
[  734.707269]  alloc_super+0x814/0x9d0
[  734.708034]  sget_fc+0x13e/0x7a0
[  734.708723]  ? refcount_dec_not_one+0x13b/0x1e0
[  734.709674]  ? set_anon_super+0xb0/0xb0
[  734.710487]  ? mqueue_get_tree+0x130/0x130
[  734.711339]  get_tree_nodev+0x24/0x1d0
[  734.712133]  mqueue_get_tree+0xee/0x130
[  734.712948]  vfs_get_tree+0x8e/0x2f0
[  734.713708]  fc_mount+0x13/0xc0
[  734.714375]  mq_init_ns+0x43e/0x630
[  734.715111]  copy_ipcs+0x35e/0x5d0
[  734.715823]  ? copy_utsname+0xa9/0x4a0
[  734.716621]  create_new_namespaces+0x210/0xb30
[  734.717561]  copy_namespaces+0x391/0x450
[  734.718395]  copy_process+0x2ba5/0x6d10
[  734.719234]  ? __cleanup_sighand+0xb0/0xb0
[  734.720098]  ? lock_is_held_type+0xd7/0x130
[  734.720969]  ? find_held_lock+0x2c/0x110
[  734.721782]  ? kernel_clone+0xc4/0xa60
[  734.722577]  kernel_clone+0xe7/0xa60
[  734.723341]  ? create_io_thread+0xf0/0xf0
[  734.724174]  ? find_held_lock+0x2c/0x110
[  734.725007]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  734.725998]  ? bit_wait_io_timeout+0x160/0x160
[  734.726939]  __do_sys_clone+0xc8/0x110
[  734.727726]  ? __do_sys_vfork+0xd0/0xd0
[  734.728527]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  734.729646]  ? vfs_write+0x428/0xad0
[  734.730420]  ? syscall_enter_from_user_mode+0x1d/0x50
[  734.731458]  do_syscall_64+0x3b/0x90
[  734.732212]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  734.733262] RIP: 0033:0x7f71bf82bb19
[  734.734002] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  734.737674] RSP: 002b:00007f71bcda1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  734.739197] RAX: ffffffffffffffda RBX: 00007f71bf93ef60 RCX: 00007f71bf82bb19
[  734.740621] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  734.742053] RBP: 00007f71bcda11d0 R08: 0000000000000000 R09: 0000000000000000
[  734.743471] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  734.744891] R13: 00007ffdc313072f R14: 00007f71bcda1300 R15: 0000000000022000
[  734.746341]  </TASK>
[  734.746804] CPU: 1 PID: 6007 Comm: syz-executor.3 Not tainted 5.17.0-rc8-next-20220318 #1
[  734.748430] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  734.750647] Call Trace:
[  734.751143]  <TASK>
[  734.751578]  dump_stack_lvl+0x8b/0xb3
[  734.752337]  should_fail.cold+0x5/0xa
[  734.753110]  ? create_object.isra.0+0x3a/0xa20
[  734.754012]  should_failslab+0x5/0x10
[  734.754757]  kmem_cache_alloc+0x5b/0x480
[  734.755548]  ? mark_held_locks+0x9e/0xe0
[  734.756361]  create_object.isra.0+0x3a/0xa20
[  734.757254]  ? kasan_unpoison+0x23/0x50
[  734.758044]  kmem_cache_alloc_bulk+0x3fa/0x780
[  734.758946]  io_submit_sqes.cold+0x1b6/0x3eb
[  734.759830]  ? find_held_lock+0x2c/0x110
[  734.760621]  ? io_apoll_task_func+0x230/0x230
[  734.761540]  ? __do_sys_io_uring_enter+0xa17/0x1520
[  734.762538]  __do_sys_io_uring_enter+0xa17/0x1520
[  734.763500]  ? bit_wait_io_timeout+0x160/0x160
[  734.764408]  ? lock_is_held_type+0xd7/0x130
[  734.765258]  ? io_submit_sqes+0x9690/0x9690
[  734.766109]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  734.767180]  ? vfs_write+0x428/0xad0
[  734.767917]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  734.769018]  ? fput+0x2a/0x50
[  734.769662]  ? syscall_enter_from_user_mode+0x1d/0x50
[  734.770674]  do_syscall_64+0x3b/0x90
[  734.771413]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  734.772416] RIP: 0033:0x7f9f5db0bb19
[  734.773144] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  734.776685] RSP: 002b:00007f9f5b081188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[  734.778158] RAX: ffffffffffffffda RBX: 00007f9f5dc1ef60 RCX: 00007f9f5db0bb19
[  734.779525] RDX: 0000000000000000 RSI: 0000000000004059 RDI: 0000000000000003
[  734.780888] RBP: 00007f9f5b0811d0 R08: 0000000000000000 R09: 0000000000000000
[  734.782258] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  734.783631] R13: 00007ffd1170c0ff R14: 00007f9f5b081300 R15: 0000000000022000
[  734.785030]  </TASK>
12:46:09 executing program 2:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0) (fail_nth: 4)

12:46:09 executing program 4:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)}, 0x0)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
read(r0, &(0x7f00000001c0)=""/133, 0x85)

12:46:09 executing program 1:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 51)

12:46:09 executing program 3:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0) (fail_nth: 5)

12:46:09 executing program 6:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 53)

12:46:09 executing program 5:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000be000000000000be252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a000000", 0x9b, 0x8800}, {&(0x7f0000000040)="22df1d0000000000000d00080005e20008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000011e00))
mkdirat(r0, &(0x7f0000000300)='./file0\x00', 0x8)

12:46:09 executing program 0:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, &(0x7f0000000380)=<r1=>0x0)
r2 = epoll_create(0x1)
syz_io_uring_submit(0x0, r1, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r2, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

[  746.925812] FAULT_INJECTION: forcing a failure.
[  746.925812] name failslab, interval 1, probability 0, space 0, times 0
[  746.926829] FAULT_INJECTION: forcing a failure.
[  746.926829] name failslab, interval 1, probability 0, space 0, times 0
[  746.928220] CPU: 0 PID: 6020 Comm: syz-executor.6 Not tainted 5.17.0-rc8-next-20220318 #1
[  746.931056] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  746.933455] Call Trace:
[  746.933990]  <TASK>
[  746.934470]  dump_stack_lvl+0x8b/0xb3
[  746.935294]  should_fail.cold+0x5/0xa
[  746.936111]  ? create_object.isra.0+0x3a/0xa20
[  746.937129]  should_failslab+0x5/0x10
[  746.937940]  kmem_cache_alloc+0x5b/0x480
[  746.938818]  create_object.isra.0+0x3a/0xa20
[  746.939836]  ? kasan_unpoison+0x23/0x50
[  746.940982]  __kmalloc+0x25b/0x440
[  746.942001]  __list_lru_init+0xc7/0x590
[  746.943140]  alloc_super+0x83e/0x9d0
[  746.944221]  sget_fc+0x13e/0x7a0
[  746.945157]  ? refcount_dec_not_one+0x13b/0x1e0
[  746.946165]  ? set_anon_super+0xb0/0xb0
[  746.947016]  ? mqueue_get_tree+0x130/0x130
[  746.947909]  get_tree_nodev+0x24/0x1d0
[  746.948745]  mqueue_get_tree+0xee/0x130
[  746.949614]  vfs_get_tree+0x8e/0x2f0
[  746.950428]  fc_mount+0x13/0xc0
[  746.951139]  mq_init_ns+0x43e/0x630
[  746.951907]  copy_ipcs+0x35e/0x5d0
[  746.952683]  ? copy_utsname+0xa9/0x4a0
[  746.953579]  create_new_namespaces+0x210/0xb30
[  746.954618]  copy_namespaces+0x391/0x450
[  746.955516]  copy_process+0x2ba5/0x6d10
[  746.956428]  ? __cleanup_sighand+0xb0/0xb0
[  746.957405]  ? lock_is_held_type+0xd7/0x130
[  746.958352]  ? find_held_lock+0x2c/0x110
[  746.959247]  ? kernel_clone+0xc4/0xa60
[  746.960113]  kernel_clone+0xe7/0xa60
[  746.960930]  ? create_io_thread+0xf0/0xf0
[  746.961869]  ? find_held_lock+0x2c/0x110
[  746.962797]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  746.963867]  ? bit_wait_io_timeout+0x160/0x160
[  746.964865]  __do_sys_clone+0xc8/0x110
[  746.965748]  ? __do_sys_vfork+0xd0/0xd0
[  746.966619]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  746.967817]  ? vfs_write+0x428/0xad0
[  746.968847]  ? syscall_enter_from_user_mode+0x1d/0x50
[  746.969988]  do_syscall_64+0x3b/0x90
[  746.970840]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  746.971988] RIP: 0033:0x7fa70862cb19
[  746.972857] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  746.976894] RSP: 002b:00007fa705ba2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  746.978558] RAX: ffffffffffffffda RBX: 00007fa70873ff60 RCX: 00007fa70862cb19
[  746.980118] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  746.981662] RBP: 00007fa705ba21d0 R08: 0000000000000000 R09: 0000000000000000
[  746.983225] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  746.984753] R13: 00007ffd6adb49ef R14: 00007fa705ba2300 R15: 0000000000022000
[  746.986371]  </TASK>
[  746.986874] CPU: 1 PID: 6023 Comm: syz-executor.1 Not tainted 5.17.0-rc8-next-20220318 #1
[  746.987759] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  746.988956] Call Trace:
[  746.989239]  <TASK>
[  746.989475]  dump_stack_lvl+0x8b/0xb3
[  746.989885]  should_fail.cold+0x5/0xa
[  746.990302]  ? create_object.isra.0+0x3a/0xa20
[  746.990801]  should_failslab+0x5/0x10
[  746.991209]  kmem_cache_alloc+0x5b/0x480
[  746.991649]  create_object.isra.0+0x3a/0xa20
[  746.992128]  ? kasan_unpoison+0x23/0x50
[  746.992568]  __kmalloc+0x25b/0x440
[  746.992960]  __list_lru_init+0xc7/0x590
[  746.993411]  alloc_super+0x814/0x9d0
[  746.993820]  sget_fc+0x13e/0x7a0
[  746.994185]  ? refcount_dec_not_one+0x13b/0x1e0
[  746.994686]  ? set_anon_super+0xb0/0xb0
[  746.995121]  ? mqueue_get_tree+0x130/0x130
[  746.995571]  get_tree_nodev+0x24/0x1d0
[  746.995992]  mqueue_get_tree+0xee/0x130
[  746.996418]  vfs_get_tree+0x8e/0x2f0
[  746.996820]  fc_mount+0x13/0xc0
[  746.997196]  mq_init_ns+0x43e/0x630
[  746.997597]  copy_ipcs+0x35e/0x5d0
[  746.997989]  ? copy_utsname+0xa9/0x4a0
[  746.998417]  create_new_namespaces+0x210/0xb30
[  746.998910]  copy_namespaces+0x391/0x450
[  746.999367]  copy_process+0x2ba5/0x6d10
[  746.999824]  ? __cleanup_sighand+0xb0/0xb0
[  747.000301]  ? lock_is_held_type+0xd7/0x130
[  747.000754]  ? find_held_lock+0x2c/0x110
[  747.001209]  ? kernel_clone+0xc4/0xa60
[  747.001639]  kernel_clone+0xe7/0xa60
[  747.002049]  ? create_io_thread+0xf0/0xf0
[  747.002500]  ? find_held_lock+0x2c/0x110
[  747.002946]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  747.003469]  ? bit_wait_io_timeout+0x160/0x160
[  747.003981]  __do_sys_clone+0xc8/0x110
[  747.004397]  ? __do_sys_vfork+0xd0/0xd0
[  747.004840]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  747.005438]  ? vfs_write+0x428/0xad0
[  747.005854]  ? syscall_enter_from_user_mode+0x1d/0x50
[  747.006403]  do_syscall_64+0x3b/0x90
[  747.006826]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  747.007386] RIP: 0033:0x7f71bf82bb19
[  747.007794] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  747.009785] RSP: 002b:00007f71bcda1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  747.010595] RAX: ffffffffffffffda RBX: 00007f71bf93ef60 RCX: 00007f71bf82bb19
[  747.011358] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  747.012124] RBP: 00007f71bcda11d0 R08: 0000000000000000 R09: 0000000000000000
[  747.012881] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  747.013658] R13: 00007ffdc313072f R14: 00007f71bcda1300 R15: 0000000000022000
[  747.014432]  </TASK>
[  747.018908] FAULT_INJECTION: forcing a failure.
[  747.018908] name failslab, interval 1, probability 0, space 0, times 0
[  747.020146] CPU: 1 PID: 6024 Comm: syz-executor.3 Not tainted 5.17.0-rc8-next-20220318 #1
[  747.021042] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  747.022270] Call Trace:
[  747.022547]  <TASK>
[  747.022797]  dump_stack_lvl+0x8b/0xb3
[  747.023217]  should_fail.cold+0x5/0xa
[  747.023644]  ? create_object.isra.0+0x3a/0xa20
[  747.024156]  should_failslab+0x5/0x10
[  747.024568]  kmem_cache_alloc+0x5b/0x480
[  747.025015]  ? mark_held_locks+0x9e/0xe0
[  747.025484]  create_object.isra.0+0x3a/0xa20
[  747.025971]  ? kasan_unpoison+0x23/0x50
[  747.026431]  kmem_cache_alloc_bulk+0x3fa/0x780
[  747.026932]  io_submit_sqes.cold+0x1b6/0x3eb
[  747.027427]  ? find_held_lock+0x2c/0x110
[  747.027884]  ? io_apoll_task_func+0x230/0x230
[  747.027990] loop5: detected capacity change from 0 to 240
[  747.028403]  ? __do_sys_io_uring_enter+0xa17/0x1520
[  747.030128]  __do_sys_io_uring_enter+0xa17/0x1520
[  747.030646]  ? bit_wait_io_timeout+0x160/0x160
[  747.031161]  ? lock_is_held_type+0xd7/0x130
[  747.031622]  ? io_submit_sqes+0x9690/0x9690
[  747.032102]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  747.032698]  ? vfs_write+0x428/0xad0
[  747.033125]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  747.033711]  ? fput+0x2a/0x50
[  747.034077]  ? syscall_enter_from_user_mode+0x1d/0x50
[  747.034646]  do_syscall_64+0x3b/0x90
[  747.035062]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  747.035616] RIP: 0033:0x7f9f5db0bb19
[  747.036029] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  747.037993] RSP: 002b:00007f9f5b081188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[  747.038829] RAX: ffffffffffffffda RBX: 00007f9f5dc1ef60 RCX: 00007f9f5db0bb19
[  747.039618] RDX: 0000000000000000 RSI: 0000000000004059 RDI: 0000000000000003
[  747.040411] RBP: 00007f9f5b0811d0 R08: 0000000000000000 R09: 0000000000000000
[  747.041201] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  747.041988] R13: 00007ffd1170c0ff R14: 00007f9f5b081300 R15: 0000000000022000
[  747.042787]  </TASK>
[  747.045747] FAULT_INJECTION: forcing a failure.
[  747.045747] name failslab, interval 1, probability 0, space 0, times 0
[  747.048746] CPU: 0 PID: 6022 Comm: syz-executor.2 Not tainted 5.17.0-rc8-next-20220318 #1
[  747.050549] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  747.052988] Call Trace:
[  747.053576]  <TASK>
[  747.054067]  dump_stack_lvl+0x8b/0xb3
[  747.054898]  should_fail.cold+0x5/0xa
[  747.055732]  ? create_object.isra.0+0x3a/0xa20
[  747.056737]  should_failslab+0x5/0x10
[  747.057593]  kmem_cache_alloc+0x5b/0x480
[  747.058477]  ? mark_held_locks+0x9e/0xe0
[  747.059370]  create_object.isra.0+0x3a/0xa20
[  747.060334]  ? kasan_unpoison+0x23/0x50
[  747.061247]  kmem_cache_alloc_bulk+0x3fa/0x780
[  747.062257]  io_submit_sqes.cold+0x1b6/0x3eb
[  747.063242]  ? find_held_lock+0x2c/0x110
[  747.064127]  ? io_apoll_task_func+0x230/0x230
[  747.065184]  ? __do_sys_io_uring_enter+0xa17/0x1520
[  747.066278]  __do_sys_io_uring_enter+0xa17/0x1520
[  747.067337]  ? bit_wait_io_timeout+0x160/0x160
[  747.068333]  ? lock_is_held_type+0xd7/0x130
[  747.069290]  ? io_submit_sqes+0x9690/0x9690
[  747.070246]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  747.071433]  ? vfs_write+0x428/0xad0
[  747.072251]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  747.073464]  ? fput+0x2a/0x50
[  747.074169]  ? syscall_enter_from_user_mode+0x1d/0x50
[  747.075295]  do_syscall_64+0x3b/0x90
[  747.076112]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  747.077253] RIP: 0033:0x7fb6c8047b19
12:46:09 executing program 7:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff000000000000000007"], 0x1c}], 0x1}, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0)
sendmsg$IPVS_CMD_DEL_SERVICE(r0, &(0x7f0000001200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000001180)={&(0x7f0000001340)=ANY=[@ANYBLOB="f954b225", @ANYRES16=0x0, @ANYBLOB="01002dbd7000fddbdf2503000000140002800800030000000000080004002400000008000500ffffffff"], 0x30}, 0x1, 0x0, 0x0, 0x24008805}, 0x20000000)
preadv(r1, &(0x7f00000011c0)=[{&(0x7f0000000180)=""/4096, 0x1000}], 0x1, 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r2, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0)
r3 = fork()
r4 = pidfd_open(r3, 0x0)
process_madvise(r4, 0x0, 0x0, 0x14, 0x0)
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='uid_map\x00')
preadv(r5, &(0x7f0000000300)=[{&(0x7f0000000200)=""/66, 0x42}], 0x1, 0x1, 0x0)
read(r5, &(0x7f0000001240)=""/196, 0xc4)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
ioctl$SNDRV_TIMER_IOCTL_STOP(0xffffffffffffffff, 0x54a1)

[  747.078055] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  747.082227] RSP: 002b:00007fb6c55bd188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[  747.083891] RAX: ffffffffffffffda RBX: 00007fb6c815af60 RCX: 00007fb6c8047b19
[  747.085447] RDX: 0000000000000000 RSI: 0000000000004059 RDI: 0000000000000003
[  747.087037] RBP: 00007fb6c55bd1d0 R08: 0000000000000000 R09: 0000000000000000
[  747.088589] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  747.090163] R13: 00007fff02802d3f R14: 00007fb6c55bd300 R15: 0000000000022000
[  747.091700]  </TASK>
[  747.105542] isofs_fill_super: get root inode failed
12:46:09 executing program 3:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0) (fail_nth: 6)

12:46:09 executing program 6:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 54)

12:46:09 executing program 1:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 52)

12:46:09 executing program 0:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, &(0x7f0000000380)=<r1=>0x0)
r2 = epoll_create(0x1)
syz_io_uring_submit(0x0, r1, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r2, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

[  747.183272] FAULT_INJECTION: forcing a failure.
[  747.183272] name failslab, interval 1, probability 0, space 0, times 0
[  747.184870] CPU: 1 PID: 6037 Comm: syz-executor.3 Not tainted 5.17.0-rc8-next-20220318 #1
[  747.185761] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  747.186972] Call Trace:
[  747.187244]  <TASK>
[  747.187484]  dump_stack_lvl+0x8b/0xb3
[  747.187912]  should_fail.cold+0x5/0xa
[  747.188328]  ? create_object.isra.0+0x3a/0xa20
[  747.188839]  should_failslab+0x5/0x10
[  747.189270]  kmem_cache_alloc+0x5b/0x480
[  747.189705]  ? mark_held_locks+0x9e/0xe0
[  747.190242]  create_object.isra.0+0x3a/0xa20
[  747.190719]  ? kasan_unpoison+0x23/0x50
[  747.191246]  kmem_cache_alloc_bulk+0x3fa/0x780
[  747.191749]  io_submit_sqes.cold+0x1b6/0x3eb
[  747.192339]  ? find_held_lock+0x2c/0x110
[  747.192868]  ? io_apoll_task_func+0x230/0x230
[  747.193378]  ? __do_sys_io_uring_enter+0xa17/0x1520
[  747.194030]  __do_sys_io_uring_enter+0xa17/0x1520
[  747.194581]  ? bit_wait_io_timeout+0x160/0x160
[  747.195179]  ? lock_is_held_type+0xd7/0x130
[  747.195667]  ? io_submit_sqes+0x9690/0x9690
[  747.196232]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  747.196865]  ? vfs_write+0x428/0xad0
[  747.197367]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  747.198071]  ? fput+0x2a/0x50
[  747.198432]  ? syscall_enter_from_user_mode+0x1d/0x50
[  747.199106]  do_syscall_64+0x3b/0x90
[  747.199521]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  747.200194] RIP: 0033:0x7f9f5db0bb19
[  747.200606] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  747.202972] RSP: 002b:00007f9f5b081188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[  747.203819] RAX: ffffffffffffffda RBX: 00007f9f5dc1ef60 RCX: 00007f9f5db0bb19
[  747.204630] RDX: 0000000000000000 RSI: 0000000000004059 RDI: 0000000000000003
[  747.205432] RBP: 00007f9f5b0811d0 R08: 0000000000000000 R09: 0000000000000000
[  747.206210] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  747.207003] R13: 00007ffd1170c0ff R14: 00007f9f5b081300 R15: 0000000000022000
[  747.207809]  </TASK>
12:46:09 executing program 5:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000be000000000000be252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a000000", 0x9b, 0x8800}, {&(0x7f0000000040)="22df1d0000000000000d00080005e20008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000011e00))
mkdirat(r0, &(0x7f0000000300)='./file0\x00', 0x8)

[  747.214470] FAULT_INJECTION: forcing a failure.
[  747.214470] name failslab, interval 1, probability 0, space 0, times 0
[  747.217049] CPU: 0 PID: 6039 Comm: syz-executor.1 Not tainted 5.17.0-rc8-next-20220318 #1
[  747.218853] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  747.221310] Call Trace:
[  747.221860]  <TASK>
[  747.222355]  dump_stack_lvl+0x8b/0xb3
[  747.223205]  should_fail.cold+0x5/0xa
[  747.224050]  ? __list_lru_init+0xc7/0x590
[  747.224960]  should_failslab+0x5/0x10
[  747.225812]  __kmalloc+0x72/0x440
[  747.226591]  __list_lru_init+0xc7/0x590
[  747.227474]  alloc_super+0x83e/0x9d0
[  747.228307]  sget_fc+0x13e/0x7a0
[  747.229055]  ? refcount_dec_not_one+0x13b/0x1e0
[  747.230083]  ? set_anon_super+0xb0/0xb0
[  747.230951]  ? mqueue_get_tree+0x130/0x130
[  747.231878]  get_tree_nodev+0x24/0x1d0
[  747.232738]  mqueue_get_tree+0xee/0x130
[  747.233614]  vfs_get_tree+0x8e/0x2f0
[  747.234447]  fc_mount+0x13/0xc0
[  747.235180]  mq_init_ns+0x43e/0x630
[  747.235970]  copy_ipcs+0x35e/0x5d0
[  747.236738]  ? copy_utsname+0xa9/0x4a0
[  747.237617]  create_new_namespaces+0x210/0xb30
[  747.238628]  copy_namespaces+0x391/0x450
[  747.239534]  copy_process+0x2ba5/0x6d10
[  747.240448]  ? __cleanup_sighand+0xb0/0xb0
[  747.241392]  ? lock_is_held_type+0xd7/0x130
[  747.242335]  ? find_held_lock+0x2c/0x110
[  747.243223]  ? kernel_clone+0xc4/0xa60
[  747.244095]  kernel_clone+0xe7/0xa60
[  747.244915]  ? create_io_thread+0xf0/0xf0
[  747.245841]  ? find_held_lock+0x2c/0x110
[  747.246731]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  747.248081]  ? bit_wait_io_timeout+0x160/0x160
[  747.249354]  __do_sys_clone+0xc8/0x110
[  747.250407]  ? __do_sys_vfork+0xd0/0xd0
[  747.251483]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  747.252936]  ? vfs_write+0x428/0xad0
[  747.253988]  ? syscall_enter_from_user_mode+0x1d/0x50
[  747.255370]  do_syscall_64+0x3b/0x90
[  747.256381]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  747.257787] RIP: 0033:0x7f71bf82bb19
[  747.258727] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  747.262718] RSP: 002b:00007f71bcda1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  747.264371] RAX: ffffffffffffffda RBX: 00007f71bf93ef60 RCX: 00007f71bf82bb19
[  747.265925] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  747.267475] RBP: 00007f71bcda11d0 R08: 0000000000000000 R09: 0000000000000000
[  747.269013] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  747.270591] R13: 00007ffdc313072f R14: 00007f71bcda1300 R15: 0000000000022000
[  747.272162]  </TASK>
[  747.331437] FAULT_INJECTION: forcing a failure.
[  747.331437] name failslab, interval 1, probability 0, space 0, times 0
[  747.332866] CPU: 1 PID: 6047 Comm: syz-executor.6 Not tainted 5.17.0-rc8-next-20220318 #1
[  747.333781] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  747.335243] Call Trace:
[  747.335577]  <TASK>
[  747.335872]  dump_stack_lvl+0x8b/0xb3
[  747.336382]  should_fail.cold+0x5/0xa
[  747.336885]  should_failslab+0x5/0x10
[  747.337391]  kmem_cache_alloc_lru+0x60/0x7c0
[  747.337965]  ? mqueue_alloc_inode+0x23/0x40
[  747.338525]  mqueue_alloc_inode+0x23/0x40
[  747.339063]  ? mqueue_free_inode+0x20/0x20
[  747.339613]  alloc_inode+0x63/0x240
[  747.340100]  new_inode+0x23/0x240
[  747.340555]  mqueue_get_inode+0x31/0xe20
[  747.341078]  ? sget_fc+0x156/0x7a0
[  747.341561]  ? mqueue_get_tree+0x130/0x130
[  747.342105]  mqueue_fill_super+0x10f/0x200
[  747.342647]  get_tree_nodev+0xce/0x1d0
[  747.343155]  mqueue_get_tree+0xee/0x130
[  747.343662]  vfs_get_tree+0x8e/0x2f0
[  747.344149]  fc_mount+0x13/0xc0
[  747.344573]  mq_init_ns+0x43e/0x630
[  747.344971]  copy_ipcs+0x35e/0x5d0
[  747.345451]  ? copy_utsname+0xa9/0x4a0
[  747.345968]  create_new_namespaces+0x210/0xb30
[  747.346569]  copy_namespaces+0x391/0x450
[  747.347096]  copy_process+0x2ba5/0x6d10
[  747.347635]  ? __cleanup_sighand+0xb0/0xb0
[  747.348182]  ? lock_is_held_type+0xd7/0x130
[  747.348735]  ? find_held_lock+0x2c/0x110
[  747.349279]  ? kernel_clone+0xc4/0xa60
[  747.349782]  kernel_clone+0xe7/0xa60
[  747.350268]  ? create_io_thread+0xf0/0xf0
[  747.350804]  ? find_held_lock+0x2c/0x110
[  747.351333]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  747.351965]  ? bit_wait_io_timeout+0x160/0x160
[  747.352560]  __do_sys_clone+0xc8/0x110
[  747.353063]  ? __do_sys_vfork+0xd0/0xd0
[  747.353507]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  747.354217]  ? vfs_write+0x428/0xad0
[  747.354714]  ? syscall_enter_from_user_mode+0x1d/0x50
[  747.355380]  do_syscall_64+0x3b/0x90
[  747.355661] loop5: detected capacity change from 0 to 240
[  747.355876]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  747.358004] RIP: 0033:0x7fa70862cb19
[  747.358479] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  747.360827] RSP: 002b:00007fa705ba2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  747.361809] RAX: ffffffffffffffda RBX: 00007fa70873ff60 RCX: 00007fa70862cb19
[  747.362719] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  747.363624] RBP: 00007fa705ba21d0 R08: 0000000000000000 R09: 0000000000000000
[  747.364537] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  747.365468] R13: 00007ffd6adb49ef R14: 00007fa705ba2300 R15: 0000000000022000
[  747.366401]  </TASK>
[  747.372171] isofs_fill_super: get root inode failed
12:46:09 executing program 3:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0) (fail_nth: 7)

12:46:09 executing program 2:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0) (fail_nth: 5)

12:46:09 executing program 0:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, &(0x7f0000000380)=<r1=>0x0)
r2 = epoll_create(0x1)
syz_io_uring_submit(0x0, r1, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r2, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

[  747.411543] FAULT_INJECTION: forcing a failure.
[  747.411543] name failslab, interval 1, probability 0, space 0, times 0
[  747.412818] CPU: 1 PID: 6050 Comm: syz-executor.3 Not tainted 5.17.0-rc8-next-20220318 #1
[  747.413703] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  747.414899] Call Trace:
[  747.415174]  <TASK>
[  747.415422]  dump_stack_lvl+0x8b/0xb3
[  747.415848]  should_fail.cold+0x5/0xa
[  747.416260]  ? create_object.isra.0+0x3a/0xa20
[  747.416756]  should_failslab+0x5/0x10
[  747.417183]  kmem_cache_alloc+0x5b/0x480
[  747.417620]  ? mark_held_locks+0x9e/0xe0
[  747.418155]  create_object.isra.0+0x3a/0xa20
[  747.418632]  ? kasan_unpoison+0x23/0x50
[  747.419159]  kmem_cache_alloc_bulk+0x3fa/0x780
[  747.419655]  io_submit_sqes.cold+0x1b6/0x3eb
[  747.420242]  ? find_held_lock+0x2c/0x110
[  747.420685]  ? io_apoll_task_func+0x230/0x230
[  747.421202]  ? __do_sys_io_uring_enter+0xa17/0x1520
[  747.421860]  __do_sys_io_uring_enter+0xa17/0x1520
[  747.422495]  ? bit_wait_io_timeout+0x160/0x160
[  747.423000]  ? lock_is_held_type+0xd7/0x130
[  747.423557]  ? io_submit_sqes+0x9690/0x9690
[  747.424039]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  747.424753]  ? vfs_write+0x428/0xad0
[  747.425191]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  747.425900]  ? fput+0x2a/0x50
[  747.426266]  ? syscall_enter_from_user_mode+0x1d/0x50
[  747.426935]  do_syscall_64+0x3b/0x90
[  747.427354]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  747.428025] RIP: 0033:0x7f9f5db0bb19
[  747.428440] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  747.430359] RSP: 002b:00007f9f5b081188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[  747.431182] RAX: ffffffffffffffda RBX: 00007f9f5dc1ef60 RCX: 00007f9f5db0bb19
[  747.431966] RDX: 0000000000000000 RSI: 0000000000004059 RDI: 0000000000000003
[  747.432717] RBP: 00007f9f5b0811d0 R08: 0000000000000000 R09: 0000000000000000
[  747.433486] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  747.434235] R13: 00007ffd1170c0ff R14: 00007f9f5b081300 R15: 0000000000022000
[  747.435011]  </TASK>
[  747.441703] FAULT_INJECTION: forcing a failure.
[  747.441703] name failslab, interval 1, probability 0, space 0, times 0
[  747.443232] CPU: 1 PID: 6052 Comm: syz-executor.2 Not tainted 5.17.0-rc8-next-20220318 #1
[  747.444136] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  747.445359] Call Trace:
[  747.445641]  <TASK>
[  747.445889]  dump_stack_lvl+0x8b/0xb3
[  747.446322]  should_fail.cold+0x5/0xa
[  747.446750]  ? create_object.isra.0+0x3a/0xa20
[  747.447270]  should_failslab+0x5/0x10
[  747.447686]  kmem_cache_alloc+0x5b/0x480
[  747.448132]  ? mark_held_locks+0x9e/0xe0
[  747.448585]  create_object.isra.0+0x3a/0xa20
[  747.449072]  ? kasan_unpoison+0x23/0x50
[  747.449537]  kmem_cache_alloc_bulk+0x3fa/0x780
[  747.450061]  io_submit_sqes.cold+0x1b6/0x3eb
[  747.450556]  ? find_held_lock+0x2c/0x110
[  747.450960]  ? io_apoll_task_func+0x230/0x230
[  747.451471]  ? __do_sys_io_uring_enter+0xa17/0x1520
[  747.452018]  __do_sys_io_uring_enter+0xa17/0x1520
[  747.452560]  ? bit_wait_io_timeout+0x160/0x160
[  747.453072]  ? lock_is_held_type+0xd7/0x130
[  747.453550]  ? io_submit_sqes+0x9690/0x9690
[  747.454022]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  747.454636]  ? vfs_write+0x428/0xad0
[  747.455054]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  747.455662]  ? fput+0x2a/0x50
[  747.456022]  ? syscall_enter_from_user_mode+0x1d/0x50
[  747.456588]  do_syscall_64+0x3b/0x90
[  747.456997]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  747.457590] RIP: 0033:0x7fb6c8047b19
[  747.457999] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  747.460020] RSP: 002b:00007fb6c55bd188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[  747.460778] RAX: ffffffffffffffda RBX: 00007fb6c815af60 RCX: 00007fb6c8047b19
[  747.461553] RDX: 0000000000000000 RSI: 0000000000004059 RDI: 0000000000000003
[  747.462250] RBP: 00007fb6c55bd1d0 R08: 0000000000000000 R09: 0000000000000000
[  747.463021] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  747.463716] R13: 00007fff02802d3f R14: 00007fb6c55bd300 R15: 0000000000022000
[  747.464513]  </TASK>
12:46:09 executing program 7:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff000000000000000007"], 0x1c}], 0x1}, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0)
sendmsg$IPVS_CMD_DEL_SERVICE(r0, &(0x7f0000001200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000001180)={&(0x7f0000001340)=ANY=[@ANYBLOB="f954b225", @ANYRES16=0x0, @ANYBLOB="01002dbd7000fddbdf2503000000140002800800030000000000080004002400000008000500ffffffff"], 0x30}, 0x1, 0x0, 0x0, 0x24008805}, 0x20000000)
preadv(r1, &(0x7f00000011c0)=[{&(0x7f0000000180)=""/4096, 0x1000}], 0x1, 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r2, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0)
r3 = fork()
r4 = pidfd_open(r3, 0x0)
process_madvise(r4, 0x0, 0x0, 0x14, 0x0)
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='uid_map\x00')
preadv(r5, &(0x7f0000000300)=[{&(0x7f0000000200)=""/66, 0x42}], 0x1, 0x1, 0x0)
read(r5, &(0x7f0000001240)=""/196, 0xc4)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))

12:46:22 executing program 4:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)}, 0x0)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
read(r0, &(0x7f00000001c0)=""/133, 0x85)

12:46:22 executing program 7:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff000000000000000007"], 0x1c}], 0x1}, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0)
sendmsg$IPVS_CMD_DEL_SERVICE(r0, &(0x7f0000001200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000001180)={&(0x7f0000001340)=ANY=[@ANYBLOB="f954b225", @ANYRES16=0x0, @ANYBLOB="01002dbd7000fddbdf2503000000140002800800030000000000080004002400000008000500ffffffff"], 0x30}, 0x1, 0x0, 0x0, 0x24008805}, 0x20000000)
preadv(r1, &(0x7f00000011c0)=[{&(0x7f0000000180)=""/4096, 0x1000}], 0x1, 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r2, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0)
r3 = fork()
r4 = pidfd_open(r3, 0x0)
process_madvise(r4, 0x0, 0x0, 0x14, 0x0)
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='uid_map\x00')
preadv(r5, &(0x7f0000000300)=[{&(0x7f0000000200)=""/66, 0x42}], 0x1, 0x1, 0x0)
read(r5, &(0x7f0000001240)=""/196, 0xc4)

12:46:22 executing program 5:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000be000000000000be252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a000000", 0x9b, 0x8800}, {&(0x7f0000000040)="22df1d0000000000000d00080005e20008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000011e00))
mkdirat(r0, &(0x7f0000000300)='./file0\x00', 0x8)

12:46:22 executing program 2:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0) (fail_nth: 6)

12:46:22 executing program 1:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 53)

12:46:22 executing program 3:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0) (fail_nth: 8)

12:46:22 executing program 0:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, 0x0)
r2 = epoll_create(0x1)
syz_io_uring_submit(r1, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r2, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:46:22 executing program 6:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 55)

[  760.717076] FAULT_INJECTION: forcing a failure.
[  760.717076] name failslab, interval 1, probability 0, space 0, times 0
[  760.718393] CPU: 0 PID: 6070 Comm: syz-executor.1 Not tainted 5.17.0-rc8-next-20220318 #1
[  760.719254] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  760.720429] Call Trace:
[  760.720698]  <TASK>
[  760.720932]  dump_stack_lvl+0x8b/0xb3
[  760.721355]  should_fail.cold+0x5/0xa
[  760.721758]  ? create_object.isra.0+0x3a/0xa20
[  760.722244]  should_failslab+0x5/0x10
[  760.722644]  kmem_cache_alloc+0x5b/0x480
[  760.723075]  create_object.isra.0+0x3a/0xa20
[  760.723541]  ? kasan_unpoison+0x23/0x50
[  760.723971]  __kmalloc+0x25b/0x440
[  760.724348]  __list_lru_init+0xc7/0x590
[  760.724771]  alloc_super+0x83e/0x9d0
[  760.725149]  sget_fc+0x13e/0x7a0
[  760.725523]  ? refcount_dec_not_one+0x13b/0x1e0
[  760.726011]  ? set_anon_super+0xb0/0xb0
[  760.726409]  ? mqueue_get_tree+0x130/0x130
[  760.726851]  get_tree_nodev+0x24/0x1d0
[  760.727264]  mqueue_get_tree+0xee/0x130
[  760.727656]  vfs_get_tree+0x8e/0x2f0
[  760.728049]  fc_mount+0x13/0xc0
[  760.728380]  mq_init_ns+0x43e/0x630
[  760.728767]  copy_ipcs+0x35e/0x5d0
[  760.729140]  ? copy_utsname+0xa9/0x4a0
[  760.729560]  create_new_namespaces+0x210/0xb30
[  760.730045]  copy_namespaces+0x391/0x450
[  760.730451]  copy_process+0x2ba5/0x6d10
[  760.730886]  ? __cleanup_sighand+0xb0/0xb0
[  760.731332]  ? lock_is_held_type+0xd7/0x130
[  760.731781]  ? find_held_lock+0x2c/0x110
[  760.732207]  ? kernel_clone+0xc4/0xa60
[  760.732616]  kernel_clone+0xe7/0xa60
[  760.733012]  ? create_io_thread+0xf0/0xf0
[  760.733434]  ? find_held_lock+0x2c/0x110
[  760.733864]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  760.734379]  ? bit_wait_io_timeout+0x160/0x160
[  760.734868]  __do_sys_clone+0xc8/0x110
[  760.735282]  ? __do_sys_vfork+0xd0/0xd0
[  760.735704]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  760.736278]  ? vfs_write+0x428/0xad0
[  760.736657]  ? syscall_enter_from_user_mode+0x1d/0x50
[  760.737200]  do_syscall_64+0x3b/0x90
[  760.737579]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  760.738128] RIP: 0033:0x7f71bf82bb19
[  760.738491] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  760.740263] RSP: 002b:00007f71bcda1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  760.740997] RAX: ffffffffffffffda RBX: 00007f71bf93ef60 RCX: 00007f71bf82bb19
[  760.741696] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  760.742381] RBP: 00007f71bcda11d0 R08: 0000000000000000 R09: 0000000000000000
[  760.743063] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  760.743746] R13: 00007ffdc313072f R14: 00007f71bcda1300 R15: 0000000000022000
[  760.744452]  </TASK>
[  760.750204] loop5: detected capacity change from 0 to 240
[  760.760866] isofs_fill_super: get root inode failed
[  760.767401] FAULT_INJECTION: forcing a failure.
[  760.767401] name failslab, interval 1, probability 0, space 0, times 0
[  760.769843] CPU: 1 PID: 6078 Comm: syz-executor.6 Not tainted 5.17.0-rc8-next-20220318 #1
[  760.771554] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  760.773917] Call Trace:
[  760.774452]  <TASK>
[  760.774919]  dump_stack_lvl+0x8b/0xb3
[  760.775734]  should_fail.cold+0x5/0xa
[  760.776539]  ? memcg_list_lru_alloc+0x23f/0xb10
[  760.777617]  should_failslab+0x5/0x10
[  760.778469]  __kmalloc+0x72/0x440
[  760.779261]  memcg_list_lru_alloc+0x23f/0xb10
[  760.780435]  ? lock_is_held_type+0xd7/0x130
[  760.781431]  ? memcg_reparent_list_lrus+0x8f0/0x8f0
[  760.782718]  ? kmem_cache_alloc_lru+0xe8/0x7c0
[  760.783767]  kmem_cache_alloc_lru+0x10e/0x7c0
[  760.784922]  ? mqueue_alloc_inode+0x23/0x40
[  760.785917]  mqueue_alloc_inode+0x23/0x40
[  760.786946]  ? mqueue_free_inode+0x20/0x20
[  760.787870]  alloc_inode+0x63/0x240
[  760.788647]  new_inode+0x23/0x240
[  760.789424]  mqueue_get_inode+0x31/0xe20
[  760.790275]  ? sget_fc+0x156/0x7a0
[  760.791029]  ? mqueue_get_tree+0x130/0x130
[  760.791910]  mqueue_fill_super+0x10f/0x200
[  760.792798]  get_tree_nodev+0xce/0x1d0
[  760.793633]  mqueue_get_tree+0xee/0x130
[  760.794463]  vfs_get_tree+0x8e/0x2f0
[  760.795251]  fc_mount+0x13/0xc0
[  760.795946]  mq_init_ns+0x43e/0x630
[  760.796719]  copy_ipcs+0x35e/0x5d0
[  760.797468]  ? copy_utsname+0xa9/0x4a0
[  760.798293]  create_new_namespaces+0x210/0xb30
[  760.799264]  copy_namespaces+0x391/0x450
[  760.800121]  copy_process+0x2ba5/0x6d10
[  760.800995]  ? __cleanup_sighand+0xb0/0xb0
[  760.801913]  ? lock_is_held_type+0xd7/0x130
[  760.802812]  ? find_held_lock+0x2c/0x110
[  760.803668]  ? kernel_clone+0xc4/0xa60
[  760.804493]  kernel_clone+0xe7/0xa60
[  760.805288]  ? create_io_thread+0xf0/0xf0
[  760.806173]  ? find_held_lock+0x2c/0x110
[  760.807035]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  760.808071]  ? bit_wait_io_timeout+0x160/0x160
[  760.809038]  __do_sys_clone+0xc8/0x110
[  760.809870]  ? __do_sys_vfork+0xd0/0xd0
[  760.810711]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  760.811855]  ? vfs_write+0x428/0xad0
[  760.812662]  ? syscall_enter_from_user_mode+0x1d/0x50
[  760.813759]  do_syscall_64+0x3b/0x90
[  760.814549]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  760.815636] RIP: 0033:0x7fa70862cb19
[  760.816407] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  760.820223] RSP: 002b:00007fa705ba2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  760.821803] RAX: ffffffffffffffda RBX: 00007fa70873ff60 RCX: 00007fa70862cb19
[  760.823281] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  760.824763] RBP: 00007fa705ba21d0 R08: 0000000000000000 R09: 0000000000000000
[  760.826260] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  760.827733] R13: 00007ffd6adb49ef R14: 00007fa705ba2300 R15: 0000000000022000
[  760.829233]  </TASK>
12:46:23 executing program 0:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, 0x0)
r2 = epoll_create(0x1)
syz_io_uring_submit(r1, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r2, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:46:23 executing program 7:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff000000000000000007"], 0x1c}], 0x1}, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0)
sendmsg$IPVS_CMD_DEL_SERVICE(r0, &(0x7f0000001200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000001180)={&(0x7f0000001340)=ANY=[@ANYBLOB="f954b225", @ANYRES16=0x0, @ANYBLOB="01002dbd7000fddbdf2503000000140002800800030000000000080004002400000008000500ffffffff"], 0x30}, 0x1, 0x0, 0x0, 0x24008805}, 0x20000000)
preadv(r1, &(0x7f00000011c0)=[{&(0x7f0000000180)=""/4096, 0x1000}], 0x1, 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r2, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0)
r3 = fork()
r4 = pidfd_open(r3, 0x0)
process_madvise(r4, 0x0, 0x0, 0x14, 0x0)
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='uid_map\x00')
preadv(r5, &(0x7f0000000300)=[{&(0x7f0000000200)=""/66, 0x42}], 0x1, 0x1, 0x0)

12:46:23 executing program 0:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, 0x0)
r2 = epoll_create(0x1)
syz_io_uring_submit(r1, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r2, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

[  760.838991] FAULT_INJECTION: forcing a failure.
[  760.838991] name failslab, interval 1, probability 0, space 0, times 0
[  760.840228] CPU: 0 PID: 6079 Comm: syz-executor.3 Not tainted 5.17.0-rc8-next-20220318 #1
[  760.841055] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  760.842185] Call Trace:
[  760.842434]  <TASK>
[  760.842651]  dump_stack_lvl+0x8b/0xb3
[  760.843031]  should_fail.cold+0x5/0xa
[  760.843407]  ? create_object.isra.0+0x3a/0xa20
[  760.843861]  should_failslab+0x5/0x10
[  760.844240]  kmem_cache_alloc+0x5b/0x480
[  760.844639]  ? mark_held_locks+0x9e/0xe0
[  760.845044]  create_object.isra.0+0x3a/0xa20
[  760.845490]  ? kasan_unpoison+0x23/0x50
[  760.845884]  kmem_cache_alloc_bulk+0x3fa/0x780
[  760.846328]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  760.846862]  ? percpu_counter_add_batch+0xb4/0x170
[  760.847344]  io_submit_sqes.cold+0x1b6/0x3eb
[  760.847786]  ? find_held_lock+0x2c/0x110
[  760.848182]  ? io_apoll_task_func+0x230/0x230
[  760.848637]  ? __do_sys_io_uring_enter+0xa17/0x1520
[  760.849124]  __do_sys_io_uring_enter+0xa17/0x1520
[  760.849616]  ? bit_wait_io_timeout+0x160/0x160
[  760.850064]  ? lock_is_held_type+0xd7/0x130
[  760.850497]  ? io_submit_sqes+0x9690/0x9690
[  760.850937]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  760.851489]  ? vfs_write+0x428/0xad0
[  760.851867]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  760.852411]  ? fput+0x2a/0x50
[  760.852731]  ? syscall_enter_from_user_mode+0x1d/0x50
[  760.853251]  do_syscall_64+0x3b/0x90
[  760.853644]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  760.854171] RIP: 0033:0x7f9f5db0bb19
[  760.854664] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  760.856591] RSP: 002b:00007f9f5b081188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[  760.857377] RAX: ffffffffffffffda RBX: 00007f9f5dc1ef60 RCX: 00007f9f5db0bb19
[  760.858096] RDX: 0000000000000000 RSI: 0000000000004059 RDI: 0000000000000003
[  760.858811] RBP: 00007f9f5b0811d0 R08: 0000000000000000 R09: 0000000000000000
[  760.859519] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  760.860239] R13: 00007ffd1170c0ff R14: 00007f9f5b081300 R15: 0000000000022000
[  760.860958]  </TASK>
[  760.864912] FAULT_INJECTION: forcing a failure.
[  760.864912] name failslab, interval 1, probability 0, space 0, times 0
[  760.866228] CPU: 0 PID: 6080 Comm: syz-executor.2 Not tainted 5.17.0-rc8-next-20220318 #1
[  760.867093] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  760.868209] Call Trace:
[  760.868468]  <TASK>
[  760.868688]  dump_stack_lvl+0x8b/0xb3
[  760.869071]  should_fail.cold+0x5/0xa
[  760.869462]  ? create_object.isra.0+0x3a/0xa20
[  760.869924]  should_failslab+0x5/0x10
[  760.870314]  kmem_cache_alloc+0x5b/0x480
[  760.870728]  ? mark_held_locks+0x9e/0xe0
[  760.871146]  create_object.isra.0+0x3a/0xa20
[  760.871593]  ? kasan_unpoison+0x23/0x50
[  760.872007]  kmem_cache_alloc_bulk+0x3fa/0x780
[  760.872474]  io_submit_sqes.cold+0x1b6/0x3eb
[  760.872930]  ? find_held_lock+0x2c/0x110
[  760.873346]  ? io_apoll_task_func+0x230/0x230
[  760.873822]  ? __do_sys_io_uring_enter+0xa17/0x1520
[  760.874340]  __do_sys_io_uring_enter+0xa17/0x1520
[  760.874829]  ? bit_wait_io_timeout+0x160/0x160
[  760.875297]  ? lock_is_held_type+0xd7/0x130
[  760.875737]  ? io_submit_sqes+0x9690/0x9690
[  760.876180]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  760.876735]  ? vfs_write+0x428/0xad0
[  760.877118]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  760.877696]  ? fput+0x2a/0x50
[  760.878023]  ? syscall_enter_from_user_mode+0x1d/0x50
[  760.878549]  do_syscall_64+0x3b/0x90
[  760.878932]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  760.879457] RIP: 0033:0x7fb6c8047b19
[  760.879830] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  760.882144] RSP: 002b:00007fb6c55bd188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[  760.883717] RAX: ffffffffffffffda RBX: 00007fb6c815af60 RCX: 00007fb6c8047b19
[  760.885147] RDX: 0000000000000000 RSI: 0000000000004059 RDI: 0000000000000003
[  760.886683] RBP: 00007fb6c55bd1d0 R08: 0000000000000000 R09: 0000000000000000
[  760.888411] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  760.890113] R13: 00007fff02802d3f R14: 00007fb6c55bd300 R15: 0000000000022000
[  760.891880]  </TASK>
12:46:23 executing program 5:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000be000000000000be252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022", 0x9d, 0x8800}, {&(0x7f0000000040)="22df1d0000000000000d00080005e20008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000011e00))
mkdirat(r0, &(0x7f0000000300)='./file0\x00', 0x8)

12:46:23 executing program 6:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 56)

[  760.991817] loop5: detected capacity change from 0 to 240
12:46:23 executing program 1:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 54)

[  761.008389] isofs_fill_super: get root inode failed
[  761.028083] FAULT_INJECTION: forcing a failure.
[  761.028083] name failslab, interval 1, probability 0, space 0, times 0
[  761.030431] CPU: 1 PID: 6094 Comm: syz-executor.6 Not tainted 5.17.0-rc8-next-20220318 #1
[  761.032046] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  761.034287] Call Trace:
[  761.034794]  <TASK>
[  761.035233]  dump_stack_lvl+0x8b/0xb3
[  761.036008]  should_fail.cold+0x5/0xa
[  761.036771]  ? create_object.isra.0+0x3a/0xa20
[  761.037717]  should_failslab+0x5/0x10
[  761.038474]  kmem_cache_alloc+0x5b/0x480
[  761.039288]  create_object.isra.0+0x3a/0xa20
[  761.040167]  ? kasan_unpoison+0x23/0x50
[  761.040970]  __kmalloc+0x25b/0x440
[  761.041723]  memcg_list_lru_alloc+0x23f/0xb10
[  761.042714]  ? lock_is_held_type+0xd7/0x130
[  761.043671]  ? memcg_reparent_list_lrus+0x8f0/0x8f0
[  761.044773]  ? kmem_cache_alloc_lru+0xe8/0x7c0
[  761.045851]  kmem_cache_alloc_lru+0x10e/0x7c0
[  761.046838]  ? mqueue_alloc_inode+0x23/0x40
[  761.047798]  mqueue_alloc_inode+0x23/0x40
[  761.048707]  ? mqueue_free_inode+0x20/0x20
[  761.049650]  alloc_inode+0x63/0x240
[  761.050465]  new_inode+0x23/0x240
[  761.051248]  mqueue_get_inode+0x31/0xe20
[  761.052156]  ? sget_fc+0x156/0x7a0
[  761.052953]  ? mqueue_get_tree+0x130/0x130
[  761.053952]  mqueue_fill_super+0x10f/0x200
[  761.054888]  get_tree_nodev+0xce/0x1d0
[  761.055793]  mqueue_get_tree+0xee/0x130
[  761.056677]  vfs_get_tree+0x8e/0x2f0
[  761.057553]  fc_mount+0x13/0xc0
[  761.058284]  mq_init_ns+0x43e/0x630
[  761.059095]  copy_ipcs+0x35e/0x5d0
[  761.059875]  ? copy_utsname+0xa9/0x4a0
[  761.060741]  create_new_namespaces+0x210/0xb30
[  761.061762]  copy_namespaces+0x391/0x450
[  761.062576]  copy_process+0x2ba5/0x6d10
[  761.063493]  ? __cleanup_sighand+0xb0/0xb0
[  761.064437]  ? lock_is_held_type+0xd7/0x130
[  761.065400]  ? find_held_lock+0x2c/0x110
[  761.066298]  ? kernel_clone+0xc4/0xa60
[  761.067170]  kernel_clone+0xe7/0xa60
[  761.068002]  ? create_io_thread+0xf0/0xf0
[  761.068924]  ? find_held_lock+0x2c/0x110
[  761.069832]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  761.070918]  ? bit_wait_io_timeout+0x160/0x160
[  761.071926]  __do_sys_clone+0xc8/0x110
[  761.072789]  ? __do_sys_vfork+0xd0/0xd0
[  761.073679]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  761.074881]  ? vfs_write+0x428/0xad0
[  761.075725]  ? syscall_enter_from_user_mode+0x1d/0x50
[  761.076860]  do_syscall_64+0x3b/0x90
[  761.077700]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  761.078841] RIP: 0033:0x7fa70862cb19
[  761.079672] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  761.083631] RSP: 002b:00007fa705ba2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  761.085254] RAX: ffffffffffffffda RBX: 00007fa70873ff60 RCX: 00007fa70862cb19
[  761.086848] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  761.088390] RBP: 00007fa705ba21d0 R08: 0000000000000000 R09: 0000000000000000
[  761.089905] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  761.091403] R13: 00007ffd6adb49ef R14: 00007fa705ba2300 R15: 0000000000022000
[  761.093007]  </TASK>
[  761.130782] FAULT_INJECTION: forcing a failure.
[  761.130782] name failslab, interval 1, probability 0, space 0, times 0
[  761.133050] CPU: 0 PID: 6096 Comm: syz-executor.1 Not tainted 5.17.0-rc8-next-20220318 #1
[  761.134666] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  761.136842] Call Trace:
[  761.137373]  <TASK>
[  761.137815]  dump_stack_lvl+0x8b/0xb3
[  761.138578]  should_fail.cold+0x5/0xa
[  761.139337]  should_failslab+0x5/0x10
[  761.140084]  kmem_cache_alloc_lru+0x60/0x7c0
[  761.140961]  ? mqueue_alloc_inode+0x23/0x40
[  761.141816]  mqueue_alloc_inode+0x23/0x40
[  761.142631]  ? mqueue_free_inode+0x20/0x20
[  761.143450]  alloc_inode+0x63/0x240
[  761.144165]  new_inode+0x23/0x240
[  761.144853]  mqueue_get_inode+0x31/0xe20
[  761.145643]  ? sget_fc+0x156/0x7a0
[  761.146338]  ? mqueue_get_tree+0x130/0x130
[  761.147146]  mqueue_fill_super+0x10f/0x200
[  761.147963]  get_tree_nodev+0xce/0x1d0
[  761.148730]  mqueue_get_tree+0xee/0x130
[  761.149516]  vfs_get_tree+0x8e/0x2f0
[  761.150275]  fc_mount+0x13/0xc0
[  761.150915]  mq_init_ns+0x43e/0x630
[  761.151627]  copy_ipcs+0x35e/0x5d0
[  761.152312]  ? copy_utsname+0xa9/0x4a0
[  761.153069]  create_new_namespaces+0x210/0xb30
[  761.153987]  copy_namespaces+0x391/0x450
[  761.154780]  copy_process+0x2ba5/0x6d10
[  761.155594]  ? __cleanup_sighand+0xb0/0xb0
[  761.156403]  ? lock_is_held_type+0xd7/0x130
[  761.157262]  ? find_held_lock+0x2c/0x110
[  761.158074]  ? kernel_clone+0xc4/0xa60
[  761.158831]  kernel_clone+0xe7/0xa60
[  761.159560]  ? create_io_thread+0xf0/0xf0
[  761.160359]  ? find_held_lock+0x2c/0x110
[  761.161159]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  761.162119]  ? bit_wait_io_timeout+0x160/0x160
[  761.163008]  __do_sys_clone+0xc8/0x110
[  761.163763]  ? __do_sys_vfork+0xd0/0xd0
[  761.164537]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  761.165639]  ? vfs_write+0x428/0xad0
[  761.166386]  ? syscall_enter_from_user_mode+0x1d/0x50
[  761.167403]  do_syscall_64+0x3b/0x90
[  761.168124]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  761.169140] RIP: 0033:0x7f71bf82bb19
[  761.169859] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  761.173509] RSP: 002b:00007f71bcda1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  761.174970] RAX: ffffffffffffffda RBX: 00007f71bf93ef60 RCX: 00007f71bf82bb19
[  761.176322] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  761.177675] RBP: 00007f71bcda11d0 R08: 0000000000000000 R09: 0000000000000000
[  761.179022] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  761.180367] R13: 00007ffdc313072f R14: 00007f71bcda1300 R15: 0000000000022000
[  761.181736]  </TASK>
12:46:36 executing program 0:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:46:36 executing program 5:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000be000000000000be252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022", 0x9d, 0x8800}, {&(0x7f0000000040)="22df1d0000000000000d00080005e20008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000011e00))
mkdirat(r0, &(0x7f0000000300)='./file0\x00', 0x8)

[  774.216813] FAULT_INJECTION: forcing a failure.
[  774.216813] name failslab, interval 1, probability 0, space 0, times 0
[  774.219159] CPU: 0 PID: 6111 Comm: syz-executor.6 Not tainted 5.17.0-rc8-next-20220318 #1
[  774.220809] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  774.223100] Call Trace:
[  774.223618]  <TASK>
[  774.224065]  dump_stack_lvl+0x8b/0xb3
[  774.224853]  should_fail.cold+0x5/0xa
[  774.225646]  ? memcg_list_lru_alloc+0x514/0xb10
[  774.226597]  should_failslab+0x5/0x10
[  774.226721] FAULT_INJECTION: forcing a failure.
[  774.226721] name failslab, interval 1, probability 0, space 0, times 0
[  774.227361]  __kmalloc+0x72/0x440
[  774.229307]  memcg_list_lru_alloc+0x514/0xb10
[  774.230239]  ? memcg_reparent_list_lrus+0x8f0/0x8f0
[  774.231237]  ? kmem_cache_alloc_lru+0xe8/0x7c0
[  774.232175]  kmem_cache_alloc_lru+0x10e/0x7c0
[  774.233074]  ? mqueue_alloc_inode+0x23/0x40
[  774.233953]  mqueue_alloc_inode+0x23/0x40
[  774.234779]  ? mqueue_free_inode+0x20/0x20
[  774.235623]  alloc_inode+0x63/0x240
[  774.236358]  new_inode+0x23/0x240
[  774.237071]  mqueue_get_inode+0x31/0xe20
[  774.237895]  ? sget_fc+0x156/0x7a0
[  774.238620]  ? mqueue_get_tree+0x130/0x130
[  774.239465]  mqueue_fill_super+0x10f/0x200
[  774.240321]  get_tree_nodev+0xce/0x1d0
[  774.241117]  mqueue_get_tree+0xee/0x130
[  774.241935]  vfs_get_tree+0x8e/0x2f0
[  774.242701]  fc_mount+0x13/0xc0
[  774.243373]  mq_init_ns+0x43e/0x630
[  774.244122]  copy_ipcs+0x35e/0x5d0
[  774.244841]  ? copy_utsname+0xa9/0x4a0
[  774.245640]  create_new_namespaces+0x210/0xb30
[  774.246590]  copy_namespaces+0x391/0x450
[  774.247416]  copy_process+0x2ba5/0x6d10
[  774.248250]  ? __cleanup_sighand+0xb0/0xb0
[  774.249108]  ? lock_is_held_type+0xd7/0x130
[  774.249990]  ? find_held_lock+0x2c/0x110
[  774.250817]  ? kernel_clone+0xc4/0xa60
[  774.251620]  kernel_clone+0xe7/0xa60
[  774.252387]  ? create_io_thread+0xf0/0xf0
[  774.253220]  ? find_held_lock+0x2c/0x110
[  774.254046]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  774.255033]  ? bit_wait_io_timeout+0x160/0x160
[  774.255960]  __do_sys_clone+0xc8/0x110
[  774.256744]  ? __do_sys_vfork+0xd0/0xd0
[  774.257552]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  774.258654]  ? vfs_write+0x428/0xad0
[  774.259423]  ? syscall_enter_from_user_mode+0x1d/0x50
[  774.260457]  do_syscall_64+0x3b/0x90
[  774.261211]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  774.262265] RIP: 0033:0x7fa70862cb19
[  774.263008] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  774.266681] RSP: 002b:00007fa705ba2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  774.268192] RAX: ffffffffffffffda RBX: 00007fa70873ff60 RCX: 00007fa70862cb19
[  774.269627] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  774.271043] RBP: 00007fa705ba21d0 R08: 0000000000000000 R09: 0000000000000000
[  774.272458] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  774.273881] R13: 00007ffd6adb49ef R14: 00007fa705ba2300 R15: 0000000000022000
[  774.275325]  </TASK>
[  774.275786] CPU: 1 PID: 6115 Comm: syz-executor.2 Not tainted 5.17.0-rc8-next-20220318 #1
[  774.276704] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  774.277964] Call Trace:
[  774.278254]  <TASK>
[  774.278495]  dump_stack_lvl+0x8b/0xb3
[  774.278931]  should_fail.cold+0x5/0xa
[  774.279361]  ? create_object.isra.0+0x3a/0xa20
[  774.279868]  should_failslab+0x5/0x10
[  774.280284]  kmem_cache_alloc+0x5b/0x480
[  774.280740]  ? mark_held_locks+0x9e/0xe0
[  774.281195]  create_object.isra.0+0x3a/0xa20
[  774.281702]  ? kasan_unpoison+0x23/0x50
[  774.282141]  kmem_cache_alloc_bulk+0x3fa/0x780
[  774.282651]  io_submit_sqes.cold+0x1b6/0x3eb
[  774.283130]  ? find_held_lock+0x2c/0x110
[  774.283574]  ? io_apoll_task_func+0x230/0x230
[  774.284085]  ? __do_sys_io_uring_enter+0xa17/0x1520
[  774.284642]  __do_sys_io_uring_enter+0xa17/0x1520
[  774.285178]  ? bit_wait_io_timeout+0x160/0x160
[  774.285689]  ? lock_is_held_type+0xd7/0x130
[  774.286163]  ? io_submit_sqes+0x9690/0x9690
[  774.286638]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  774.287236]  ? vfs_write+0x428/0xad0
[  774.287650]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  774.288262]  ? fput+0x2a/0x50
[  774.288628]  ? syscall_enter_from_user_mode+0x1d/0x50
[  774.289203]  do_syscall_64+0x3b/0x90
[  774.289619]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  774.290193] RIP: 0033:0x7fb6c8047b19
[  774.290596] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  774.292624] RSP: 002b:00007fb6c55bd188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[  774.293458] RAX: ffffffffffffffda RBX: 00007fb6c815af60 RCX: 00007fb6c8047b19
[  774.294249] RDX: 0000000000000000 RSI: 0000000000004059 RDI: 0000000000000003
[  774.295024] RBP: 00007fb6c55bd1d0 R08: 0000000000000000 R09: 0000000000000000
[  774.295808] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  774.296557] R13: 00007fff02802d3f R14: 00007fb6c55bd300 R15: 0000000000022000
[  774.297347]  </TASK>
12:46:36 executing program 7:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff000000000000000007"], 0x1c}], 0x1}, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0)
sendmsg$IPVS_CMD_DEL_SERVICE(r0, &(0x7f0000001200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000001180)={&(0x7f0000001340)=ANY=[@ANYBLOB="f954b225", @ANYRES16=0x0, @ANYBLOB="01002dbd7000fddbdf2503000000140002800800030000000000080004002400000008000500ffffffff"], 0x30}, 0x1, 0x0, 0x0, 0x24008805}, 0x20000000)
preadv(r1, &(0x7f00000011c0)=[{&(0x7f0000000180)=""/4096, 0x1000}], 0x1, 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r2, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0)
r3 = fork()
r4 = pidfd_open(r3, 0x0)
process_madvise(r4, 0x0, 0x0, 0x14, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='uid_map\x00')

12:46:36 executing program 4:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)}, 0x0)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
read(r0, &(0x7f00000001c0)=""/133, 0x85)

12:46:36 executing program 1:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 55)

12:46:36 executing program 6:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 57)

12:46:36 executing program 3:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0) (fail_nth: 9)

12:46:36 executing program 2:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0) (fail_nth: 7)

[  774.301796] FAULT_INJECTION: forcing a failure.
[  774.301796] name failslab, interval 1, probability 0, space 0, times 0
[  774.303733] loop5: detected capacity change from 0 to 240
[  774.304415] CPU: 0 PID: 6113 Comm: syz-executor.3 Not tainted 5.17.0-rc8-next-20220318 #1
[  774.306554] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  774.308808] Call Trace:
[  774.309317]  <TASK>
[  774.309769]  dump_stack_lvl+0x8b/0xb3
[  774.310543]  should_fail.cold+0x5/0xa
[  774.311316]  ? create_object.isra.0+0x3a/0xa20
[  774.312216]  should_failslab+0x5/0x10
[  774.312972]  kmem_cache_alloc+0x5b/0x480
[  774.313795]  ? mark_held_locks+0x9e/0xe0
[  774.314601]  create_object.isra.0+0x3a/0xa20
[  774.315469]  ? kasan_unpoison+0x23/0x50
[  774.316269]  kmem_cache_alloc_bulk+0x3fa/0x780
[  774.317174]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  774.318299]  ? percpu_counter_add_batch+0xb4/0x170
[  774.319291]  io_submit_sqes.cold+0x1b6/0x3eb
[  774.320197]  ? find_held_lock+0x2c/0x110
[  774.321013]  ? io_apoll_task_func+0x230/0x230
[  774.321955]  ? __do_sys_io_uring_enter+0xa17/0x1520
[  774.322973]  __do_sys_io_uring_enter+0xa17/0x1520
[  774.323961]  ? bit_wait_io_timeout+0x160/0x160
[  774.324894]  ? lock_is_held_type+0xd7/0x130
[  774.325766]  ? io_submit_sqes+0x9690/0x9690
[  774.326642]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  774.327744]  ? vfs_write+0x428/0xad0
[  774.328498]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  774.329610]  ? fput+0x2a/0x50
[  774.330256]  ? syscall_enter_from_user_mode+0x1d/0x50
[  774.331298]  do_syscall_64+0x3b/0x90
[  774.332053]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  774.333106] RIP: 0033:0x7f9f5db0bb19
[  774.333853] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  774.337547] RSP: 002b:00007f9f5b081188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[  774.339062] RAX: ffffffffffffffda RBX: 00007f9f5dc1ef60 RCX: 00007f9f5db0bb19
[  774.340493] RDX: 0000000000000000 RSI: 0000000000004059 RDI: 0000000000000003
[  774.341920] RBP: 00007f9f5b0811d0 R08: 0000000000000000 R09: 0000000000000000
[  774.343352] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  774.344741] R13: 00007ffd1170c0ff R14: 00007f9f5b081300 R15: 0000000000022000
[  774.346214]  </TASK>
[  774.358728] isofs_fill_super: get root inode failed
[  774.364707] FAULT_INJECTION: forcing a failure.
[  774.364707] name failslab, interval 1, probability 0, space 0, times 0
[  774.365937] CPU: 1 PID: 6122 Comm: syz-executor.1 Not tainted 5.17.0-rc8-next-20220318 #1
[  774.366853] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  774.368057] Call Trace:
[  774.368342]  <TASK>
[  774.368592]  dump_stack_lvl+0x8b/0xb3
[  774.369016]  should_fail.cold+0x5/0xa
[  774.369437]  ? memcg_list_lru_alloc+0x23f/0xb10
[  774.369978]  should_failslab+0x5/0x10
[  774.370403]  __kmalloc+0x72/0x440
[  774.370808]  memcg_list_lru_alloc+0x23f/0xb10
[  774.371286]  ? lock_is_held_type+0xd7/0x130
[  774.371763]  ? memcg_reparent_list_lrus+0x8f0/0x8f0
[  774.372301]  ? kmem_cache_alloc_lru+0xe8/0x7c0
[  774.372818]  kmem_cache_alloc_lru+0x10e/0x7c0
[  774.373295]  ? mqueue_alloc_inode+0x23/0x40
[  774.373780]  mqueue_alloc_inode+0x23/0x40
[  774.374230]  ? mqueue_free_inode+0x20/0x20
[  774.374697]  alloc_inode+0x63/0x240
[  774.375101]  new_inode+0x23/0x240
[  774.375495]  mqueue_get_inode+0x31/0xe20
[  774.375930]  ? sget_fc+0x156/0x7a0
[  774.376326]  ? mqueue_get_tree+0x130/0x130
[  774.376779]  mqueue_fill_super+0x10f/0x200
[  774.377236]  get_tree_nodev+0xce/0x1d0
[  774.377684]  mqueue_get_tree+0xee/0x130
[  774.378119]  vfs_get_tree+0x8e/0x2f0
[  774.378527]  fc_mount+0x13/0xc0
[  774.378887]  mq_init_ns+0x43e/0x630
[  774.379283]  copy_ipcs+0x35e/0x5d0
[  774.379683]  ? copy_utsname+0xa9/0x4a0
[  774.380109]  create_new_namespaces+0x210/0xb30
[  774.380633]  copy_namespaces+0x391/0x450
[  774.381077]  copy_process+0x2ba5/0x6d10
[  774.381539]  ? __cleanup_sighand+0xb0/0xb0
[  774.382013]  ? lock_is_held_type+0xd7/0x130
[  774.382486]  ? find_held_lock+0x2c/0x110
[  774.382941]  ? kernel_clone+0xc4/0xa60
[  774.383364]  kernel_clone+0xe7/0xa60
[  774.383795]  ? create_io_thread+0xf0/0xf0
[  774.384257]  ? find_held_lock+0x2c/0x110
[  774.384708]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  774.385232]  ? bit_wait_io_timeout+0x160/0x160
[  774.385758]  __do_sys_clone+0xc8/0x110
[  774.386188]  ? __do_sys_vfork+0xd0/0xd0
[  774.386629]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  774.387233]  ? vfs_write+0x428/0xad0
[  774.387655]  ? syscall_enter_from_user_mode+0x1d/0x50
[  774.388218]  do_syscall_64+0x3b/0x90
[  774.388632]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  774.389199] RIP: 0033:0x7f71bf82bb19
[  774.389621] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  774.391609] RSP: 002b:00007f71bcda1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  774.392434] RAX: ffffffffffffffda RBX: 00007f71bf93ef60 RCX: 00007f71bf82bb19
[  774.393206] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  774.393988] RBP: 00007f71bcda11d0 R08: 0000000000000000 R09: 0000000000000000
[  774.394764] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  774.395540] R13: 00007ffdc313072f R14: 00007f71bcda1300 R15: 0000000000022000
[  774.396322]  </TASK>
12:46:36 executing program 2:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0) (fail_nth: 8)

12:46:36 executing program 6:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 58)

12:46:36 executing program 0:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

[  774.432515] FAULT_INJECTION: forcing a failure.
[  774.432515] name failslab, interval 1, probability 0, space 0, times 0
[  774.434844] CPU: 0 PID: 6129 Comm: syz-executor.6 Not tainted 5.17.0-rc8-next-20220318 #1
[  774.436496] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  774.438796] Call Trace:
[  774.439315]  <TASK>
[  774.439766]  dump_stack_lvl+0x8b/0xb3
[  774.440561]  should_fail.cold+0x5/0xa
[  774.441341]  ? create_object.isra.0+0x3a/0xa20
[  774.442293]  should_failslab+0x5/0x10
[  774.443065]  kmem_cache_alloc+0x5b/0x480
[  774.443898]  create_object.isra.0+0x3a/0xa20
[  774.444787]  ? kasan_unpoison+0x23/0x50
[  774.445623]  __kmalloc+0x25b/0x440
[  774.446352]  memcg_list_lru_alloc+0x514/0xb10
[  774.447268]  ? memcg_reparent_list_lrus+0x8f0/0x8f0
[  774.448248]  ? kmem_cache_alloc_lru+0xe8/0x7c0
[  774.449192]  kmem_cache_alloc_lru+0x10e/0x7c0
[  774.450094]  ? mqueue_alloc_inode+0x23/0x40
[  774.450971]  mqueue_alloc_inode+0x23/0x40
[  774.451804]  ? mqueue_free_inode+0x20/0x20
[  774.452652]  alloc_inode+0x63/0x240
[  774.453402]  new_inode+0x23/0x240
[  774.454124]  mqueue_get_inode+0x31/0xe20
[  774.454941]  ? sget_fc+0x156/0x7a0
[  774.455668]  ? mqueue_get_tree+0x130/0x130
[  774.456522]  mqueue_fill_super+0x10f/0x200
[  774.457373]  get_tree_nodev+0xce/0x1d0
[  774.458178]  mqueue_get_tree+0xee/0x130
[  774.458987]  vfs_get_tree+0x8e/0x2f0
[  774.459747]  fc_mount+0x13/0xc0
[  774.460424]  mq_init_ns+0x43e/0x630
[  774.461164]  copy_ipcs+0x35e/0x5d0
[  774.461891]  ? copy_utsname+0xa9/0x4a0
[  774.462682]  create_new_namespaces+0x210/0xb30
[  774.463620]  copy_namespaces+0x391/0x450
[  774.464446]  copy_process+0x2ba5/0x6d10
[  774.465285]  ? __cleanup_sighand+0xb0/0xb0
[  774.466160]  ? lock_is_held_type+0xd7/0x130
[  774.467025]  ? find_held_lock+0x2c/0x110
[  774.467846]  ? kernel_clone+0xc4/0xa60
[  774.468640]  kernel_clone+0xe7/0xa60
[  774.469390]  ? create_io_thread+0xf0/0xf0
[  774.470248]  ? find_held_lock+0x2c/0x110
[  774.471071]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  774.472070]  ? bit_wait_io_timeout+0x160/0x160
[  774.472999]  __do_sys_clone+0xc8/0x110
[  774.473799]  ? __do_sys_vfork+0xd0/0xd0
[  774.474606]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  774.475713]  ? vfs_write+0x428/0xad0
[  774.476486]  ? syscall_enter_from_user_mode+0x1d/0x50
[  774.477528]  do_syscall_64+0x3b/0x90
[  774.478290]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  774.479317] RIP: 0033:0x7fa70862cb19
[  774.480059] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  774.483674] RSP: 002b:00007fa705ba2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  774.485199] RAX: ffffffffffffffda RBX: 00007fa70873ff60 RCX: 00007fa70862cb19
[  774.486646] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  774.488068] RBP: 00007fa705ba21d0 R08: 0000000000000000 R09: 0000000000000000
[  774.489603] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  774.491203] R13: 00007ffd6adb49ef R14: 00007fa705ba2300 R15: 0000000000022000
[  774.492690]  </TASK>
12:46:36 executing program 5:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000be000000000000be252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022", 0x9d, 0x8800}, {&(0x7f0000000040)="22df1d0000000000000d00080005e20008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000011e00))
mkdirat(r0, &(0x7f0000000300)='./file0\x00', 0x8)

12:46:36 executing program 3:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0) (fail_nth: 10)

12:46:36 executing program 7:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff000000000000000007"], 0x1c}], 0x1}, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0)
sendmsg$IPVS_CMD_DEL_SERVICE(r0, &(0x7f0000001200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000001180)={&(0x7f0000001340)=ANY=[@ANYBLOB="f954b225", @ANYRES16=0x0, @ANYBLOB="01002dbd7000fddbdf2503000000140002800800030000000000080004002400000008000500ffffffff"], 0x30}, 0x1, 0x0, 0x0, 0x24008805}, 0x20000000)
preadv(r1, &(0x7f00000011c0)=[{&(0x7f0000000180)=""/4096, 0x1000}], 0x1, 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r2, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0)
r3 = fork()
r4 = pidfd_open(r3, 0x0)
process_madvise(r4, 0x0, 0x0, 0x14, 0x0)

12:46:36 executing program 0:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

[  774.538523] FAULT_INJECTION: forcing a failure.
[  774.538523] name failslab, interval 1, probability 0, space 0, times 0
[  774.540939] CPU: 0 PID: 6135 Comm: syz-executor.3 Not tainted 5.17.0-rc8-next-20220318 #1
[  774.542632] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  774.544841] Call Trace:
[  774.545354]  <TASK>
[  774.545810]  dump_stack_lvl+0x8b/0xb3
[  774.546597]  should_fail.cold+0x5/0xa
[  774.547375]  ? io_setup_async_rw+0x196/0x5d0
[  774.548276]  should_failslab+0x5/0x10
[  774.549046]  __kmalloc+0x72/0x440
[  774.549773]  io_setup_async_rw+0x196/0x5d0
[  774.550607]  ? iov_iter_restore+0x172/0x3a0
[  774.551489]  io_write+0x9f3/0xce0
[  774.552179]  ? __lock_acquire+0xbac/0x6120
[  774.553154]  ? io_read+0x12a0/0x12a0
[  774.553966]  ? __lock_acquire+0xbac/0x6120
[  774.554832]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[  774.555888]  ? lock_is_held_type+0xd7/0x130
[  774.556773]  io_issue_sqe+0x116b/0x7900
[  774.557582]  ? lock_is_held_type+0xd7/0x130
[  774.558446]  ? find_held_lock+0x2c/0x110
[  774.559247]  ? io_openat2+0xbc0/0xbc0
[  774.560027]  ? __sanitizer_cov_trace_switch+0x63/0xf0
[  774.561047]  ? lock_is_held_type+0xd7/0x130
[  774.561945]  io_submit_sqes+0xd1d/0x9690
[  774.562777]  ? find_held_lock+0x2c/0x110
[  774.563600]  ? io_apoll_task_func+0x230/0x230
[  774.564515]  ? __do_sys_io_uring_enter+0xa17/0x1520
[  774.565532]  __do_sys_io_uring_enter+0xa17/0x1520
[  774.566495]  ? bit_wait_io_timeout+0x160/0x160
[  774.567423]  ? lock_is_held_type+0xd7/0x130
[  774.568273]  ? io_submit_sqes+0x9690/0x9690
[  774.569158]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  774.570258]  ? vfs_write+0x428/0xad0
[  774.571017]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  774.572099]  ? fput+0x2a/0x50
[  774.572748]  ? syscall_enter_from_user_mode+0x1d/0x50
[  774.573812]  do_syscall_64+0x3b/0x90
[  774.574556]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  774.575597] RIP: 0033:0x7f9f5db0bb19
[  774.576320] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  774.580020] RSP: 002b:00007f9f5b081188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[  774.581569] RAX: ffffffffffffffda RBX: 00007f9f5dc1ef60 RCX: 00007f9f5db0bb19
[  774.583018] RDX: 0000000000000000 RSI: 0000000000004059 RDI: 0000000000000003
[  774.584461] RBP: 00007f9f5b0811d0 R08: 0000000000000000 R09: 0000000000000000
[  774.585919] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  774.587366] R13: 00007ffd1170c0ff R14: 00007f9f5b081300 R15: 0000000000022000
[  774.588836]  </TASK>
12:46:36 executing program 2:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

[  774.730150] loop5: detected capacity change from 0 to 240
[  774.734372] isofs_fill_super: get root inode failed
12:46:52 executing program 4:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{0x0, 0x1c}], 0x1}, 0x0)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
read(r0, &(0x7f00000001c0)=""/133, 0x85)

12:46:52 executing program 7:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff000000000000000007"], 0x1c}], 0x1}, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0)
sendmsg$IPVS_CMD_DEL_SERVICE(r0, &(0x7f0000001200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000001180)={&(0x7f0000001340)=ANY=[@ANYBLOB="f954b225", @ANYRES16=0x0, @ANYBLOB="01002dbd7000fddbdf2503000000140002800800030000000000080004002400000008000500ffffffff"], 0x30}, 0x1, 0x0, 0x0, 0x24008805}, 0x20000000)
preadv(r1, &(0x7f00000011c0)=[{&(0x7f0000000180)=""/4096, 0x1000}], 0x1, 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r2, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0)
fork()
process_madvise(0xffffffffffffffff, 0x0, 0x0, 0x14, 0x0)

12:46:52 executing program 5:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000be000000000000be252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a000000002200", 0x9e, 0x8800}, {&(0x7f0000000040)="22df1d0000000000000d00080005e20008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000011e00))
mkdirat(r0, &(0x7f0000000300)='./file0\x00', 0x8)

12:46:52 executing program 3:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0) (fail_nth: 11)

12:46:52 executing program 0:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000380)=<r1=>0x0)
r2 = epoll_create(0x1)
syz_io_uring_submit(0x0, r1, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r2, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:46:52 executing program 1:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 56)

12:46:52 executing program 6:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 59)

12:46:52 executing program 2:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

[  790.255489] FAULT_INJECTION: forcing a failure.
[  790.255489] name failslab, interval 1, probability 0, space 0, times 0
[  790.256868] CPU: 0 PID: 6160 Comm: syz-executor.1 Not tainted 5.17.0-rc8-next-20220318 #1
[  790.257790] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  790.258994] Call Trace:
[  790.259284]  <TASK>
[  790.259535]  dump_stack_lvl+0x8b/0xb3
[  790.259972]  should_fail.cold+0x5/0xa
[  790.260402]  ? create_object.isra.0+0x3a/0xa20
[  790.260915]  should_failslab+0x5/0x10
[  790.261341]  kmem_cache_alloc+0x5b/0x480
[  790.261783]  create_object.isra.0+0x3a/0xa20
[  790.262283]  ? kasan_unpoison+0x23/0x50
[  790.262739]  __kmalloc+0x25b/0x440
[  790.263144]  memcg_list_lru_alloc+0x23f/0xb10
[  790.263638]  ? lock_is_held_type+0xd7/0x130
[  790.264126]  ? memcg_reparent_list_lrus+0x8f0/0x8f0
[  790.264674]  ? kmem_cache_alloc_lru+0xe8/0x7c0
[  790.265202]  kmem_cache_alloc_lru+0x10e/0x7c0
[  790.265677]  ? mqueue_alloc_inode+0x23/0x40
[  790.266180]  mqueue_alloc_inode+0x23/0x40
[  790.266634]  ? mqueue_free_inode+0x20/0x20
[  790.267091]  alloc_inode+0x63/0x240
[  790.267494]  new_inode+0x23/0x240
[  790.267874]  mqueue_get_inode+0x31/0xe20
[  790.268314]  ? sget_fc+0x156/0x7a0
[  790.268706]  ? mqueue_get_tree+0x130/0x130
[  790.269176]  mqueue_fill_super+0x10f/0x200
[  790.269625]  get_tree_nodev+0xce/0x1d0
[  790.270073]  mqueue_get_tree+0xee/0x130
[  790.270507]  vfs_get_tree+0x8e/0x2f0
[  790.270923]  fc_mount+0x13/0xc0
[  790.271282]  mq_init_ns+0x43e/0x630
[  790.271682]  copy_ipcs+0x35e/0x5d0
[  790.272065]  ? copy_utsname+0xa9/0x4a0
[  790.272493]  create_new_namespaces+0x210/0xb30
[  790.273006]  copy_namespaces+0x391/0x450
[  790.273458]  copy_process+0x2ba5/0x6d10
[  790.273929]  ? __cleanup_sighand+0xb0/0xb0
[  790.274400]  ? lock_is_held_type+0xd7/0x130
[  790.274873]  ? find_held_lock+0x2c/0x110
[  790.275333]  ? kernel_clone+0xc4/0xa60
[  790.275776]  kernel_clone+0xe7/0xa60
[  790.276195]  ? create_io_thread+0xf0/0xf0
[  790.276649]  ? find_held_lock+0x2c/0x110
[  790.277097]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  790.277649]  ? bit_wait_io_timeout+0x160/0x160
[  790.278140]  __do_sys_clone+0xc8/0x110
[  790.278571]  ? __do_sys_vfork+0xd0/0xd0
[  790.279010]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  790.279612]  ? vfs_write+0x428/0xad0
[  790.280035]  ? syscall_enter_from_user_mode+0x1d/0x50
[  790.280618]  do_syscall_64+0x3b/0x90
[  790.281028]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  790.281603] RIP: 0033:0x7f71bf82bb19
[  790.282024] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  790.284047] RSP: 002b:00007f71bcda1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  790.284880] RAX: ffffffffffffffda RBX: 00007f71bf93ef60 RCX: 00007f71bf82bb19
[  790.285645] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  790.286438] RBP: 00007f71bcda11d0 R08: 0000000000000000 R09: 0000000000000000
[  790.287208] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  790.287994] R13: 00007ffdc313072f R14: 00007f71bcda1300 R15: 0000000000022000
[  790.288769]  </TASK>
[  790.290922] loop5: detected capacity change from 0 to 240
[  790.293146] FAULT_INJECTION: forcing a failure.
[  790.293146] name failslab, interval 1, probability 0, space 0, times 0
[  790.294436] CPU: 0 PID: 6166 Comm: syz-executor.3 Not tainted 5.17.0-rc8-next-20220318 #1
[  790.295341] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  790.295542] FAULT_INJECTION: forcing a failure.
[  790.295542] name failslab, interval 1, probability 0, space 0, times 0
[  790.296577] Call Trace:
[  790.296584]  <TASK>
[  790.296589]  dump_stack_lvl+0x8b/0xb3
[  790.296610]  should_fail.cold+0x5/0xa
[  790.296627]  ? create_object.isra.0+0x3a/0xa20
[  790.300864]  should_failslab+0x5/0x10
[  790.301275]  kmem_cache_alloc+0x5b/0x480
[  790.301721]  create_object.isra.0+0x3a/0xa20
[  790.302210]  ? kasan_unpoison+0x23/0x50
[  790.302646]  __kmalloc+0x25b/0x440
[  790.303037]  io_setup_async_rw+0x196/0x5d0
[  790.303495]  ? iov_iter_restore+0x172/0x3a0
[  790.303967]  io_write+0x9f3/0xce0
[  790.304343]  ? __lock_acquire+0xbac/0x6120
[  790.304800]  ? io_read+0x12a0/0x12a0
[  790.305214]  ? __lock_acquire+0xbac/0x6120
[  790.305671]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[  790.306254]  ? lock_is_held_type+0xd7/0x130
[  790.306726]  io_issue_sqe+0x116b/0x7900
[  790.307168]  ? lock_is_held_type+0xd7/0x130
[  790.307635]  ? find_held_lock+0x2c/0x110
[  790.308071]  ? io_openat2+0xbc0/0xbc0
[  790.308487]  ? __sanitizer_cov_trace_switch+0x63/0xf0
[  790.309047]  ? lock_is_held_type+0xd7/0x130
[  790.309517]  io_submit_sqes+0xd1d/0x9690
[  790.309994]  ? find_held_lock+0x2c/0x110
[  790.310429]  ? io_apoll_task_func+0x230/0x230
[  790.310943]  ? __do_sys_io_uring_enter+0xa17/0x1520
[  790.311484]  __do_sys_io_uring_enter+0xa17/0x1520
[  790.312027]  ? bit_wait_io_timeout+0x160/0x160
[  790.312525]  ? lock_is_held_type+0xd7/0x130
[  790.312999]  ? io_submit_sqes+0x9690/0x9690
[  790.313475]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  790.314078]  ? vfs_write+0x428/0xad0
[  790.314485]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  790.315080]  ? fput+0x2a/0x50
[  790.315432]  ? syscall_enter_from_user_mode+0x1d/0x50
[  790.315986]  do_syscall_64+0x3b/0x90
[  790.316396]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  790.316962] RIP: 0033:0x7f9f5db0bb19
[  790.317345] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  790.319337] RSP: 002b:00007f9f5b081188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[  790.320154] RAX: ffffffffffffffda RBX: 00007f9f5dc1ef60 RCX: 00007f9f5db0bb19
[  790.320926] RDX: 0000000000000000 RSI: 0000000000004059 RDI: 0000000000000003
[  790.321694] RBP: 00007f9f5b0811d0 R08: 0000000000000000 R09: 0000000000000000
[  790.322469] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  790.323236] R13: 00007ffd1170c0ff R14: 00007f9f5b081300 R15: 0000000000022000
[  790.324017]  </TASK>
[  790.324267] CPU: 1 PID: 6164 Comm: syz-executor.6 Not tainted 5.17.0-rc8-next-20220318 #1
[  790.325911] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  790.328170] Call Trace:
[  790.328683]  <TASK>
[  790.329133]  dump_stack_lvl+0x8b/0xb3
[  790.329919]  should_fail.cold+0x5/0xa
12:46:52 executing program 0:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000380)=<r1=>0x0)
r2 = epoll_create(0x1)
syz_io_uring_submit(0x0, r1, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r2, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

[  790.330699]  should_failslab+0x5/0x10
[  790.331662]  kmem_cache_alloc_lru+0x60/0x7c0
[  790.332543]  ? xas_alloc+0x35d/0x480
[  790.333287]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[  790.334337]  ? create_new_namespaces+0x210/0xb30
[  790.335288]  xas_alloc+0x35d/0x480
[  790.336007]  xas_create+0x35b/0x1030
[  790.336762]  ? lock_acquire+0x1b2/0x4d0
[  790.337570]  xas_store+0x90/0x1c40
[  790.338297]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  790.339387]  ? xas_start+0x156/0x520
[  790.340152]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  790.341252]  ? xas_load+0x66/0x2c0
[  790.342004]  memcg_list_lru_alloc+0x3c7/0xb10
[  790.342909]  ? memcg_reparent_list_lrus+0x8f0/0x8f0
[  790.343921]  ? kmem_cache_alloc_lru+0xe8/0x7c0
[  790.344854]  kmem_cache_alloc_lru+0x10e/0x7c0
[  790.345740]  ? mqueue_alloc_inode+0x23/0x40
[  790.346628]  mqueue_alloc_inode+0x23/0x40
[  790.347453]  ? mqueue_free_inode+0x20/0x20
[  790.348309]  alloc_inode+0x63/0x240
[  790.349039]  new_inode+0x23/0x240
[  790.349768]  mqueue_get_inode+0x31/0xe20
[  790.350574]  ? sget_fc+0x156/0x7a0
[  790.351306]  ? mqueue_get_tree+0x130/0x130
[  790.352143]  mqueue_fill_super+0x10f/0x200
[  790.353002]  get_tree_nodev+0xce/0x1d0
[  790.353794]  mqueue_get_tree+0xee/0x130
[  790.354583]  vfs_get_tree+0x8e/0x2f0
[  790.355326]  fc_mount+0x13/0xc0
[  790.355987]  mq_init_ns+0x43e/0x630
[  790.356725]  copy_ipcs+0x35e/0x5d0
[  790.357438]  ? copy_utsname+0xa9/0x4a0
[  790.358232]  create_new_namespaces+0x210/0xb30
[  790.359174]  copy_namespaces+0x391/0x450
[  790.359991]  copy_process+0x2ba5/0x6d10
[  790.360832]  ? __cleanup_sighand+0xb0/0xb0
[  790.361683]  ? lock_is_held_type+0xd7/0x130
[  790.362566]  ? find_held_lock+0x2c/0x110
[  790.363378]  ? kernel_clone+0xc4/0xa60
[  790.364181]  kernel_clone+0xe7/0xa60
[  790.364929]  ? create_io_thread+0xf0/0xf0
[  790.365769]  ? find_held_lock+0x2c/0x110
[  790.366600]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  790.367578]  ? bit_wait_io_timeout+0x160/0x160
[  790.368516]  __do_sys_clone+0xc8/0x110
[  790.369297]  ? __do_sys_vfork+0xd0/0xd0
[  790.370136]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  790.371219]  ? vfs_write+0x428/0xad0
[  790.371982]  ? syscall_enter_from_user_mode+0x1d/0x50
[  790.373026]  do_syscall_64+0x3b/0x90
[  790.373778]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  790.374827] RIP: 0033:0x7fa70862cb19
12:46:52 executing program 3:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0) (fail_nth: 12)

[  790.375575] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  790.379335] RSP: 002b:00007fa705ba2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  790.380846] RAX: ffffffffffffffda RBX: 00007fa70873ff60 RCX: 00007fa70862cb19
[  790.382276] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  790.383687] RBP: 00007fa705ba21d0 R08: 0000000000000000 R09: 0000000000000000
[  790.385101] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  790.386529] R13: 00007ffd6adb49ef R14: 00007fa705ba2300 R15: 0000000000022000
[  790.387974]  </TASK>
12:46:52 executing program 0:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140), &(0x7f0000000380)=<r1=>0x0)
r2 = epoll_create(0x1)
syz_io_uring_submit(0x0, r1, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r2, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:46:52 executing program 1:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 57)

[  790.414973] isofs_fill_super: get root inode failed
[  790.431205] FAULT_INJECTION: forcing a failure.
[  790.431205] name failslab, interval 1, probability 0, space 0, times 0
[  790.432464] CPU: 0 PID: 6176 Comm: syz-executor.3 Not tainted 5.17.0-rc8-next-20220318 #1
[  790.433318] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  790.434515] Call Trace:
[  790.434781]  <TASK>
[  790.435032]  dump_stack_lvl+0x8b/0xb3
[  790.435450]  should_fail.cold+0x5/0xa
[  790.435857]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  790.436439]  ? io_arm_poll_handler+0x49c/0x850
[  790.436936]  should_failslab+0x5/0x10
[  790.437340]  kmem_cache_alloc_trace+0x55/0x3c0
[  790.437835]  io_arm_poll_handler+0x49c/0x850
[  790.438318]  ? io_cqring_wait+0x16b0/0x16b0
[  790.438774]  ? __sanitizer_cov_trace_switch+0x63/0xf0
[  790.439326]  io_queue_sqe_arm_apoll+0x6d/0x430
[  790.439810]  io_submit_sqes+0x80cc/0x9690
[  790.440281]  ? find_held_lock+0x2c/0x110
[  790.440741]  ? io_apoll_task_func+0x230/0x230
[  790.441253]  ? __do_sys_io_uring_enter+0xa17/0x1520
[  790.441822]  __do_sys_io_uring_enter+0xa17/0x1520
[  790.442353]  ? bit_wait_io_timeout+0x160/0x160
[  790.442875]  ? lock_is_held_type+0xd7/0x130
[  790.443356]  ? io_submit_sqes+0x9690/0x9690
[  790.443849]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  790.444449]  ? vfs_write+0x428/0xad0
[  790.444863]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  790.445478]  ? fput+0x2a/0x50
[  790.445841]  ? syscall_enter_from_user_mode+0x1d/0x50
[  790.446410]  do_syscall_64+0x3b/0x90
[  790.446828]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  790.447403] RIP: 0033:0x7f9f5db0bb19
[  790.447812] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  790.449866] RSP: 002b:00007f9f5b081188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[  790.450658] RAX: ffffffffffffffda RBX: 00007f9f5dc1ef60 RCX: 00007f9f5db0bb19
[  790.451447] RDX: 0000000000000000 RSI: 0000000000004059 RDI: 0000000000000003
[  790.452206] RBP: 00007f9f5b0811d0 R08: 0000000000000000 R09: 0000000000000000
[  790.452959] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  790.453705] R13: 00007ffd1170c0ff R14: 00007f9f5b081300 R15: 0000000000022000
[  790.454476]  </TASK>
12:46:52 executing program 5:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000be000000000000be252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a000000002200", 0x9e, 0x8800}, {&(0x7f0000000040)="22df1d0000000000000d00080005e20008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000011e00))
mkdirat(r0, &(0x7f0000000300)='./file0\x00', 0x8)

12:46:52 executing program 2:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x2, 0x0, 0x0, 0x0)

[  790.499975] FAULT_INJECTION: forcing a failure.
[  790.499975] name failslab, interval 1, probability 0, space 0, times 0
[  790.501181] CPU: 0 PID: 6180 Comm: syz-executor.1 Not tainted 5.17.0-rc8-next-20220318 #1
[  790.502050] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  790.503226] Call Trace:
[  790.503501]  <TASK>
[  790.503738]  dump_stack_lvl+0x8b/0xb3
[  790.504161]  should_fail.cold+0x5/0xa
[  790.504567]  ? memcg_list_lru_alloc+0x514/0xb10
[  790.505065]  should_failslab+0x5/0x10
[  790.505470]  __kmalloc+0x72/0x440
[  790.505856]  memcg_list_lru_alloc+0x514/0xb10
[  790.506343]  ? memcg_reparent_list_lrus+0x8f0/0x8f0
[  790.506863]  ? kmem_cache_alloc_lru+0xe8/0x7c0
[  790.507367]  kmem_cache_alloc_lru+0x10e/0x7c0
[  790.507842]  ? mqueue_alloc_inode+0x23/0x40
[  790.508309]  mqueue_alloc_inode+0x23/0x40
[  790.508741]  ? mqueue_free_inode+0x20/0x20
[  790.509187]  alloc_inode+0x63/0x240
[  790.509576]  new_inode+0x23/0x240
[  790.509971]  mqueue_get_inode+0x31/0xe20
[  790.510398]  ? sget_fc+0x156/0x7a0
[  790.510784]  ? mqueue_get_tree+0x130/0x130
[  790.511220]  mqueue_fill_super+0x10f/0x200
[  790.511673]  get_tree_nodev+0xce/0x1d0
[  790.512087]  mqueue_get_tree+0xee/0x130
[  790.512505]  vfs_get_tree+0x8e/0x2f0
[  790.512900]  fc_mount+0x13/0xc0
[  790.513248]  mq_init_ns+0x43e/0x630
[  790.513665]  copy_ipcs+0x35e/0x5d0
[  790.514049]  ? copy_utsname+0xa9/0x4a0
[  790.514488]  create_new_namespaces+0x210/0xb30
[  790.514985]  copy_namespaces+0x391/0x450
[  790.515445]  copy_process+0x2ba5/0x6d10
[  790.515902]  ? __cleanup_sighand+0xb0/0xb0
[  790.516377]  ? lock_is_held_type+0xd7/0x130
[  790.516855]  ? find_held_lock+0x2c/0x110
[  790.517314]  ? kernel_clone+0xc4/0xa60
[  790.517764]  kernel_clone+0xe7/0xa60
[  790.518159]  ? create_io_thread+0xf0/0xf0
[  790.518622]  ? find_held_lock+0x2c/0x110
[  790.519050]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  790.519613]  ? bit_wait_io_timeout+0x160/0x160
[  790.520123]  __do_sys_clone+0xc8/0x110
[  790.520556]  ? __do_sys_vfork+0xd0/0xd0
[  790.521000]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  790.521605]  ? vfs_write+0x428/0xad0
[  790.522017]  ? syscall_enter_from_user_mode+0x1d/0x50
[  790.522595]  do_syscall_64+0x3b/0x90
[  790.522991]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  790.523566] RIP: 0033:0x7f71bf82bb19
[  790.523950] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  790.526017] RSP: 002b:00007f71bcda1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  790.526849] RAX: ffffffffffffffda RBX: 00007f71bf93ef60 RCX: 00007f71bf82bb19
[  790.527635] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  790.528446] RBP: 00007f71bcda11d0 R08: 0000000000000000 R09: 0000000000000000
[  790.529234] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  790.530035] R13: 00007ffdc313072f R14: 00007f71bcda1300 R15: 0000000000022000
[  790.530833]  </TASK>
12:46:52 executing program 7:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff000000000000000007"], 0x1c}], 0x1}, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0)
sendmsg$IPVS_CMD_DEL_SERVICE(r0, &(0x7f0000001200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000001180)={&(0x7f0000001340)=ANY=[@ANYBLOB="f954b225", @ANYRES16=0x0, @ANYBLOB="01002dbd7000fddbdf2503000000140002800800030000000000080004002400000008000500ffffffff"], 0x30}, 0x1, 0x0, 0x0, 0x24008805}, 0x20000000)
preadv(r1, &(0x7f00000011c0)=[{&(0x7f0000000180)=""/4096, 0x1000}], 0x1, 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r2, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0)
fork()
process_madvise(0xffffffffffffffff, 0x0, 0x0, 0x14, 0x0)

12:46:52 executing program 0:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380))
r2 = epoll_create(0x1)
syz_io_uring_submit(r1, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r2, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:47:05 executing program 4:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{0x0, 0x1c}], 0x1}, 0x0)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
read(r0, &(0x7f00000001c0)=""/133, 0x85)

12:47:05 executing program 6:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 60)

12:47:05 executing program 7:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff000000000000000007"], 0x1c}], 0x1}, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0)
sendmsg$IPVS_CMD_DEL_SERVICE(r0, &(0x7f0000001200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000001180)={&(0x7f0000001340)=ANY=[@ANYBLOB="f954b225", @ANYRES16=0x0, @ANYBLOB="01002dbd7000fddbdf2503000000140002800800030000000000080004002400000008000500ffffffff"], 0x30}, 0x1, 0x0, 0x0, 0x24008805}, 0x20000000)
preadv(r1, &(0x7f00000011c0)=[{&(0x7f0000000180)=""/4096, 0x1000}], 0x1, 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r2, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0)
fork()
process_madvise(0xffffffffffffffff, 0x0, 0x0, 0x14, 0x0)

12:47:05 executing program 2:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x10, 0x0, 0x0, 0x0)

12:47:05 executing program 0:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380))
r2 = epoll_create(0x1)
syz_io_uring_submit(r1, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r2, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:47:05 executing program 1:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 58)

12:47:05 executing program 3:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0) (fail_nth: 13)

[  803.521659] FAULT_INJECTION: forcing a failure.
[  803.521659] name failslab, interval 1, probability 0, space 0, times 0
[  803.523217] loop5: detected capacity change from 0 to 240
12:47:05 executing program 5:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000be000000000000be252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a000000002200", 0x9e, 0x8800}, {&(0x7f0000000040)="22df1d0000000000000d00080005e20008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000011e00))
mkdirat(r0, &(0x7f0000000300)='./file0\x00', 0x8)

[  803.523932] CPU: 0 PID: 6205 Comm: syz-executor.1 Not tainted 5.17.0-rc8-next-20220318 #1
[  803.526206] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  803.528432] Call Trace:
[  803.528948]  <TASK>
[  803.529390]  dump_stack_lvl+0x8b/0xb3
[  803.530196]  should_fail.cold+0x5/0xa
[  803.530962]  ? create_object.isra.0+0x3a/0xa20
[  803.531899]  should_failslab+0x5/0x10
[  803.532658]  kmem_cache_alloc+0x5b/0x480
[  803.533489]  create_object.isra.0+0x3a/0xa20
[  803.534391]  ? kasan_unpoison+0x23/0x50
[  803.535195]  __kmalloc+0x25b/0x440
[  803.535910]  memcg_list_lru_alloc+0x514/0xb10
[  803.536817]  ? memcg_reparent_list_lrus+0x8f0/0x8f0
[  803.537812]  ? kmem_cache_alloc_lru+0xe8/0x7c0
[  803.538749]  kmem_cache_alloc_lru+0x10e/0x7c0
[  803.539666]  ? mqueue_alloc_inode+0x23/0x40
[  803.540531]  mqueue_alloc_inode+0x23/0x40
[  803.541348]  ? mqueue_free_inode+0x20/0x20
[  803.542191]  alloc_inode+0x63/0x240
[  803.542926]  new_inode+0x23/0x240
[  803.543629]  mqueue_get_inode+0x31/0xe20
[  803.544434]  ? sget_fc+0x156/0x7a0
[  803.545151]  ? mqueue_get_tree+0x130/0x130
[  803.546000]  mqueue_fill_super+0x10f/0x200
[  803.546738] FAULT_INJECTION: forcing a failure.
[  803.546738] name failslab, interval 1, probability 0, space 0, times 0
[  803.546838]  get_tree_nodev+0xce/0x1d0
[  803.548717]  mqueue_get_tree+0xee/0x130
[  803.549507]  vfs_get_tree+0x8e/0x2f0
[  803.550267]  fc_mount+0x13/0xc0
[  803.550929]  mq_init_ns+0x43e/0x630
[  803.551659]  copy_ipcs+0x35e/0x5d0
[  803.552365]  ? copy_utsname+0xa9/0x4a0
[  803.553155]  create_new_namespaces+0x210/0xb30
[  803.554097]  copy_namespaces+0x391/0x450
[  803.554911]  copy_process+0x2ba5/0x6d10
[  803.555738]  ? __cleanup_sighand+0xb0/0xb0
[  803.556594]  ? lock_is_held_type+0xd7/0x130
[  803.557459]  ? find_held_lock+0x2c/0x110
[  803.558287]  ? kernel_clone+0xc4/0xa60
[  803.559074]  kernel_clone+0xe7/0xa60
[  803.559826]  ? create_io_thread+0xf0/0xf0
[  803.560661]  ? find_held_lock+0x2c/0x110
[  803.561474]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  803.562620]  ? bit_wait_io_timeout+0x160/0x160
[  803.563707]  __do_sys_clone+0xc8/0x110
[  803.564709]  ? __do_sys_vfork+0xd0/0xd0
[  803.565683]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  803.566956]  ? vfs_write+0x428/0xad0
[  803.567836]  ? syscall_enter_from_user_mode+0x1d/0x50
[  803.569004]  do_syscall_64+0x3b/0x90
[  803.569857]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  803.571031] RIP: 0033:0x7f71bf82bb19
[  803.571851] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  803.575998] RSP: 002b:00007f71bcda1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  803.577678] RAX: ffffffffffffffda RBX: 00007f71bf93ef60 RCX: 00007f71bf82bb19
[  803.579282] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  803.580851] RBP: 00007f71bcda11d0 R08: 0000000000000000 R09: 0000000000000000
[  803.582452] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  803.584021] R13: 00007ffdc313072f R14: 00007f71bcda1300 R15: 0000000000022000
[  803.585646]  </TASK>
[  803.586192] CPU: 1 PID: 6211 Comm: syz-executor.3 Not tainted 5.17.0-rc8-next-20220318 #1
[  803.587043] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  803.588221] Call Trace:
[  803.588477]  <TASK>
[  803.588721]  dump_stack_lvl+0x8b/0xb3
[  803.589112]  should_fail.cold+0x5/0xa
[  803.589525]  ? create_object.isra.0+0x3a/0xa20
[  803.590011]  should_failslab+0x5/0x10
[  803.590386]  kmem_cache_alloc+0x5b/0x480
[  803.590845]  create_object.isra.0+0x3a/0xa20
[  803.591280]  ? kasan_unpoison+0x23/0x50
[  803.591730]  kmem_cache_alloc_trace+0x22e/0x3c0
[  803.592226]  io_arm_poll_handler+0x49c/0x850
[  803.592718]  ? io_cqring_wait+0x16b0/0x16b0
[  803.593174]  ? __sanitizer_cov_trace_switch+0x63/0xf0
[  803.593749]  io_queue_sqe_arm_apoll+0x6d/0x430
[  803.594235]  io_submit_sqes+0x80cc/0x9690
[  803.594702]  ? find_held_lock+0x2c/0x110
[  803.595137]  ? io_apoll_task_func+0x230/0x230
[  803.595647]  ? __do_sys_io_uring_enter+0xa17/0x1520
[  803.596170]  __do_sys_io_uring_enter+0xa17/0x1520
[  803.596702]  ? bit_wait_io_timeout+0x160/0x160
[  803.597189]  ? lock_is_held_type+0xd7/0x130
[  803.597662]  ? io_submit_sqes+0x9690/0x9690
[  803.598136]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  803.598708]  ? vfs_write+0x428/0xad0
[  803.599119]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[  803.599699]  ? fput+0x2a/0x50
[  803.600054]  ? syscall_enter_from_user_mode+0x1d/0x50
[  803.600591]  do_syscall_64+0x3b/0x90
[  803.601002]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  803.601546] RIP: 0033:0x7f9f5db0bb19
[  803.601956] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  803.603805] RSP: 002b:00007f9f5b081188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[  803.604626] RAX: ffffffffffffffda RBX: 00007f9f5dc1ef60 RCX: 00007f9f5db0bb19
[  803.605393] RDX: 0000000000000000 RSI: 0000000000004059 RDI: 0000000000000003
[  803.606169] RBP: 00007f9f5b0811d0 R08: 0000000000000000 R09: 0000000000000000
[  803.606938] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  803.607714] R13: 00007ffd1170c0ff R14: 00007f9f5b081300 R15: 0000000000022000
[  803.608495]  </TASK>
[  803.614317] isofs_fill_super: get root inode failed
12:47:05 executing program 0:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380))
r2 = epoll_create(0x1)
syz_io_uring_submit(r1, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r2, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

[  803.637442] FAULT_INJECTION: forcing a failure.
[  803.637442] name failslab, interval 1, probability 0, space 0, times 0
[  803.640017] CPU: 0 PID: 6214 Comm: syz-executor.6 Not tainted 5.17.0-rc8-next-20220318 #1
[  803.641847] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  803.644401] Call Trace:
[  803.644973]  <TASK>
[  803.645467]  dump_stack_lvl+0x8b/0xb3
[  803.646365]  should_fail.cold+0x5/0xa
[  803.647217]  ? create_object.isra.0+0x3a/0xa20
[  803.648258]  should_failslab+0x5/0x10
12:47:05 executing program 1:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 59)

[  803.649100]  kmem_cache_alloc+0x5b/0x480
[  803.650098]  create_object.isra.0+0x3a/0xa20
[  803.651076]  ? kasan_unpoison+0x23/0x50
[  803.651972]  kmem_cache_alloc_lru+0x2d3/0x7c0
[  803.652970]  ? xas_alloc+0x35d/0x480
[  803.653801]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[  803.655003]  xas_alloc+0x35d/0x480
[  803.655800]  xas_create+0x35b/0x1030
[  803.656640]  ? lock_acquire+0x1b2/0x4d0
[  803.657543]  xas_store+0x90/0x1c40
[  803.658363]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  803.659596]  ? xas_start+0x156/0x520
[  803.660435]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  803.661663]  ? xas_load+0x66/0x2c0
[  803.662470]  memcg_list_lru_alloc+0x3c7/0xb10
[  803.663480]  ? memcg_reparent_list_lrus+0x8f0/0x8f0
[  803.664614]  ? kmem_cache_alloc_lru+0xe8/0x7c0
[  803.665844]  kmem_cache_alloc_lru+0x10e/0x7c0
[  803.667049]  ? mqueue_alloc_inode+0x23/0x40
[  803.668169]  mqueue_alloc_inode+0x23/0x40
[  803.669099]  ? mqueue_free_inode+0x20/0x20
[  803.670050]  alloc_inode+0x63/0x240
[  803.670889]  new_inode+0x23/0x240
[  803.671693]  mqueue_get_inode+0x31/0xe20
[  803.672616]  ? sget_fc+0x156/0x7a0
[  803.673548]  ? mqueue_get_tree+0x130/0x130
[  803.674666]  mqueue_fill_super+0x10f/0x200
[  803.675790]  get_tree_nodev+0xce/0x1d0
[  803.675982] FAULT_INJECTION: forcing a failure.
[  803.675982] name failslab, interval 1, probability 0, space 0, times 0
[  803.676775]  mqueue_get_tree+0xee/0x130
[  803.678901]  vfs_get_tree+0x8e/0x2f0
[  803.679883]  fc_mount+0x13/0xc0
[  803.680629]  mq_init_ns+0x43e/0x630
[  803.681453]  copy_ipcs+0x35e/0x5d0
[  803.682256]  ? copy_utsname+0xa9/0x4a0
[  803.683140]  create_new_namespaces+0x210/0xb30
[  803.684187]  copy_namespaces+0x391/0x450
[  803.685112]  copy_process+0x2ba5/0x6d10
[  803.686053]  ? __cleanup_sighand+0xb0/0xb0
[  803.687013]  ? lock_is_held_type+0xd7/0x130
[  803.687988]  ? find_held_lock+0x2c/0x110
[  803.688903]  ? kernel_clone+0xc4/0xa60
[  803.689785]  kernel_clone+0xe7/0xa60
[  803.690661]  ? create_io_thread+0xf0/0xf0
[  803.691600]  ? find_held_lock+0x2c/0x110
[  803.692541]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  803.693650]  ? bit_wait_io_timeout+0x160/0x160
[  803.694694]  __do_sys_clone+0xc8/0x110
[  803.695580]  ? __do_sys_vfork+0xd0/0xd0
[  803.696515]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  803.697775]  ? vfs_write+0x428/0xad0
[  803.698675]  ? syscall_enter_from_user_mode+0x1d/0x50
[  803.699877]  do_syscall_64+0x3b/0x90
[  803.700752]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  803.701972] RIP: 0033:0x7fa70862cb19
[  803.702833] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  803.707010] RSP: 002b:00007fa705ba2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  803.708679] RAX: ffffffffffffffda RBX: 00007fa70873ff60 RCX: 00007fa70862cb19
[  803.710254] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  803.711821] RBP: 00007fa705ba21d0 R08: 0000000000000000 R09: 0000000000000000
[  803.713378] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  803.714949] R13: 00007ffd6adb49ef R14: 00007fa705ba2300 R15: 0000000000022000
[  803.716542]  </TASK>
[  803.717053] CPU: 1 PID: 6218 Comm: syz-executor.1 Not tainted 5.17.0-rc8-next-20220318 #1
[  803.717941] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  803.719107] Call Trace:
[  803.719372]  <TASK>
[  803.719604]  dump_stack_lvl+0x8b/0xb3
[  803.720057]  should_fail.cold+0x5/0xa
[  803.720462]  should_failslab+0x5/0x10
[  803.720855]  kmem_cache_alloc_lru+0x60/0x7c0
[  803.721314]  ? xas_alloc+0x35d/0x480
[  803.721699]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[  803.722266]  ? create_new_namespaces+0x210/0xb30
[  803.722761]  xas_alloc+0x35d/0x480
[  803.723128]  xas_create+0x35b/0x1030
[  803.723514]  ? lock_acquire+0x1b2/0x4d0
[  803.723930]  xas_store+0x90/0x1c40
[  803.724301]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  803.724861]  ? xas_start+0x156/0x520
[  803.725249]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  803.725807]  ? xas_load+0x66/0x2c0
[  803.726195]  memcg_list_lru_alloc+0x3c7/0xb10
[  803.726667]  ? memcg_reparent_list_lrus+0x8f0/0x8f0
[  803.727180]  ? kmem_cache_alloc_lru+0xe8/0x7c0
[  803.727664]  kmem_cache_alloc_lru+0x10e/0x7c0
[  803.728123]  ? mqueue_alloc_inode+0x23/0x40
[  803.728574]  mqueue_alloc_inode+0x23/0x40
[  803.729002]  ? mqueue_free_inode+0x20/0x20
[  803.729440]  alloc_inode+0x63/0x240
[  803.729825]  new_inode+0x23/0x240
[  803.730201]  mqueue_get_inode+0x31/0xe20
[  803.730619]  ? sget_fc+0x156/0x7a0
[  803.730993]  ? mqueue_get_tree+0x130/0x130
[  803.731426]  mqueue_fill_super+0x10f/0x200
[  803.731859]  get_tree_nodev+0xce/0x1d0
[  803.732272]  mqueue_get_tree+0xee/0x130
[  803.732680]  vfs_get_tree+0x8e/0x2f0
[  803.733066]  fc_mount+0x13/0xc0
[  803.733412]  mq_init_ns+0x43e/0x630
[  803.733790]  copy_ipcs+0x35e/0x5d0
[  803.734185]  ? copy_utsname+0xa9/0x4a0
[  803.734591]  create_new_namespaces+0x210/0xb30
[  803.735067]  copy_namespaces+0x391/0x450
[  803.735490]  copy_process+0x2ba5/0x6d10
[  803.735915]  ? __cleanup_sighand+0xb0/0xb0
[  803.736356]  ? lock_is_held_type+0xd7/0x130
[  803.736798]  ? find_held_lock+0x2c/0x110
[  803.737215]  ? kernel_clone+0xc4/0xa60
[  803.737628]  kernel_clone+0xe7/0xa60
[  803.738034]  ? create_io_thread+0xf0/0xf0
[  803.738460]  ? find_held_lock+0x2c/0x110
[  803.738879]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  803.739386]  ? bit_wait_io_timeout+0x160/0x160
[  803.739861]  __do_sys_clone+0xc8/0x110
[  803.740261]  ? __do_sys_vfork+0xd0/0xd0
[  803.740674]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  803.741234]  ? vfs_write+0x428/0xad0
[  803.741630]  ? syscall_enter_from_user_mode+0x1d/0x50
[  803.742195]  do_syscall_64+0x3b/0x90
[  803.742583]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  803.743113] RIP: 0033:0x7f71bf82bb19
[  803.743491] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  803.745349] RSP: 002b:00007f71bcda1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  803.746120] RAX: ffffffffffffffda RBX: 00007f71bf93ef60 RCX: 00007f71bf82bb19
[  803.746840] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  803.747560] RBP: 00007f71bcda11d0 R08: 0000000000000000 R09: 0000000000000000
[  803.748425] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  803.749265] R13: 00007ffdc313072f R14: 00007f71bcda1300 R15: 0000000000022000
[  803.750014]  </TASK>
12:47:06 executing program 5:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000be000000000000be252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f}, {&(0x7f0000000040)="22df1d0000000000000d00080005e20008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000011e00))
mkdirat(r0, &(0x7f0000000300)='./file0\x00', 0x8)

12:47:06 executing program 2:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x60, 0x0, 0x0, 0x0)

12:47:06 executing program 3:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0) (fail_nth: 14)

[  803.829539] FAULT_INJECTION: forcing a failure.
[  803.829539] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  803.831409] CPU: 1 PID: 6226 Comm: syz-executor.3 Not tainted 5.17.0-rc8-next-20220318 #1
[  803.832407] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  803.833050] loop5: detected capacity change from 0 to 240
[  803.833754] Call Trace:
[  803.833773]  <TASK>
[  803.833779]  dump_stack_lvl+0x8b/0xb3
[  803.836086]  should_fail.cold+0x5/0xa
[  803.836563]  _copy_to_user+0x2a/0x140
[  803.837032]  simple_read_from_buffer+0xcc/0x160
[  803.837602]  proc_fail_nth_read+0x194/0x220
[  803.838148]  ? proc_exe_link+0x1d0/0x1d0
[  803.838645]  ? security_file_permission+0xb1/0xd0
[  803.839277]  ? proc_exe_link+0x1d0/0x1d0
[  803.839813]  vfs_read+0x1f0/0x5e0
[  803.840240]  ksys_read+0x12d/0x250
[  803.840699]  ? __ia32_sys_pwrite64+0x230/0x230
[  803.841319]  ? syscall_enter_from_user_mode+0x1d/0x50
[  803.841978]  do_syscall_64+0x3b/0x90
[  803.842497]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  803.843134] RIP: 0033:0x7f9f5dabe69c
[  803.843622] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48
[  803.845933] RSP: 002b:00007f9f5b081170 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  803.846906] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007f9f5dabe69c
[  803.847759] RDX: 000000000000000f RSI: 00007f9f5b0811e0 RDI: 0000000000000005
[  803.848637] RBP: 00007f9f5b0811d0 R08: 0000000000000000 R09: 0000000000000000
[  803.849510] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  803.850382] R13: 00007ffd1170c0ff R14: 00007f9f5b081300 R15: 0000000000022000
[  803.851271]  </TASK>
12:47:06 executing program 0:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
epoll_create(0x1)
syz_io_uring_submit(r1, r2, 0x0, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

[  803.904936] isofs_fill_super: bread failed, dev=loop5, iso_blknum=60, block=120
12:47:06 executing program 3:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:47:06 executing program 1:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 60)

[  803.991754] FAULT_INJECTION: forcing a failure.
[  803.991754] name failslab, interval 1, probability 0, space 0, times 0
[  803.992896] CPU: 1 PID: 6235 Comm: syz-executor.1 Not tainted 5.17.0-rc8-next-20220318 #1
[  803.993783] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  803.994943] Call Trace:
[  803.995232]  <TASK>
[  803.995477]  dump_stack_lvl+0x8b/0xb3
[  803.995913]  should_fail.cold+0x5/0xa
[  803.996336]  should_failslab+0x5/0x10
[  803.996750]  kmem_cache_alloc_lru+0x60/0x7c0
[  803.997224]  ? xas_alloc+0x35d/0x480
[  803.997632]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[  803.998206]  ? create_new_namespaces+0x210/0xb30
[  803.998727]  xas_alloc+0x35d/0x480
[  803.999117]  xas_create+0x35b/0x1030
[  803.999496]  ? lock_acquire+0x1b2/0x4d0
[  803.999937]  xas_store+0x90/0x1c40
[  804.000300]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  804.000899]  ? xas_start+0x156/0x520
[  804.001273]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  804.001870]  ? xas_load+0x66/0x2c0
[  804.002247]  memcg_list_lru_alloc+0x3c7/0xb10
[  804.002743]  ? memcg_reparent_list_lrus+0x8f0/0x8f0
[  804.003239]  ? kmem_cache_alloc_lru+0xe8/0x7c0
[  804.003772]  kmem_cache_alloc_lru+0x10e/0x7c0
[  804.004214]  ? mqueue_alloc_inode+0x23/0x40
[  804.004697]  mqueue_alloc_inode+0x23/0x40
[  804.005104]  ? mqueue_free_inode+0x20/0x20
[  804.005566]  alloc_inode+0x63/0x240
[  804.005936]  new_inode+0x23/0x240
[  804.006330]  mqueue_get_inode+0x31/0xe20
[  804.006732]  ? sget_fc+0x156/0x7a0
[  804.007128]  ? mqueue_get_tree+0x130/0x130
[  804.007578]  mqueue_fill_super+0x10f/0x200
[  804.008018]  get_tree_nodev+0xce/0x1d0
[  804.008449]  mqueue_get_tree+0xee/0x130
[  804.008857]  vfs_get_tree+0x8e/0x2f0
[  804.009268]  fc_mount+0x13/0xc0
[  804.009615]  mq_init_ns+0x43e/0x630
[  804.010032]  copy_ipcs+0x35e/0x5d0
[  804.010413]  ? copy_utsname+0xa9/0x4a0
[  804.010847]  create_new_namespaces+0x210/0xb30
[  804.011325]  copy_namespaces+0x391/0x450
[  804.011747]  copy_process+0x2ba5/0x6d10
[  804.012186]  ? __cleanup_sighand+0xb0/0xb0
[  804.012639]  ? lock_is_held_type+0xd7/0x130
[  804.013086]  ? find_held_lock+0x2c/0x110
[  804.013509]  ? kernel_clone+0xc4/0xa60
[  804.013923]  kernel_clone+0xe7/0xa60
[  804.014336]  ? create_io_thread+0xf0/0xf0
[  804.014768]  ? find_held_lock+0x2c/0x110
[  804.015221]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  804.015738]  ? bit_wait_io_timeout+0x160/0x160
[  804.016236]  __do_sys_clone+0xc8/0x110
[  804.016643]  ? __do_sys_vfork+0xd0/0xd0
[  804.017092]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  804.017650]  ? vfs_write+0x428/0xad0
[  804.018064]  ? syscall_enter_from_user_mode+0x1d/0x50
[  804.018640]  do_syscall_64+0x3b/0x90
[  804.019029]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  804.019587] RIP: 0033:0x7f71bf82bb19
[  804.019968] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  804.021930] RSP: 002b:00007f71bcda1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  804.022724] RAX: ffffffffffffffda RBX: 00007f71bf93ef60 RCX: 00007f71bf82bb19
[  804.023450] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  804.024176] RBP: 00007f71bcda11d0 R08: 0000000000000000 R09: 0000000000000000
[  804.024907] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  804.025628] R13: 00007ffdc313072f R14: 00007f71bcda1300 R15: 0000000000022000
[  804.026377]  </TASK>
12:47:19 executing program 2:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0xf0, 0x0, 0x0, 0x0)

[  817.147781] loop5: detected capacity change from 0 to 240
12:47:19 executing program 4:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{0x0, 0x1c}], 0x1}, 0x0)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
read(r0, &(0x7f00000001c0)=""/133, 0x85)

12:47:19 executing program 1:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 61)

12:47:19 executing program 0:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
epoll_create(0x1)
syz_io_uring_submit(r1, r2, 0x0, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:47:19 executing program 6:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 61)

12:47:19 executing program 7:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff000000000000000007"], 0x1c}], 0x1}, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0)
sendmsg$IPVS_CMD_DEL_SERVICE(r0, &(0x7f0000001200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000001180)={&(0x7f0000001340)=ANY=[@ANYBLOB="f954b225", @ANYRES16=0x0, @ANYBLOB="01002dbd7000fddbdf2503000000140002800800030000000000080004002400000008000500ffffffff"], 0x30}, 0x1, 0x0, 0x0, 0x24008805}, 0x20000000)
preadv(r1, &(0x7f00000011c0)=[{&(0x7f0000000180)=""/4096, 0x1000}], 0x1, 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r2, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0)
r3 = pidfd_open(0x0, 0x0)
process_madvise(r3, 0x0, 0x0, 0x14, 0x0)

12:47:19 executing program 3:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:47:19 executing program 5:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000be000000000000be252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f}, {&(0x7f0000000040)="22df1d0000000000000d00080005e20008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000011e00))
mkdirat(r0, &(0x7f0000000300)='./file0\x00', 0x8)

[  817.162641] FAULT_INJECTION: forcing a failure.
[  817.162641] name failslab, interval 1, probability 0, space 0, times 0
[  817.163898] CPU: 0 PID: 6246 Comm: syz-executor.1 Not tainted 5.17.0-rc8-next-20220318 #1
[  817.164783] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  817.166037] Call Trace:
[  817.166325]  <TASK>
[  817.166577]  dump_stack_lvl+0x8b/0xb3
[  817.167007]  should_fail.cold+0x5/0xa
[  817.167429]  ? create_object.isra.0+0x3a/0xa20
[  817.167949]  should_failslab+0x5/0x10
[  817.168370]  kmem_cache_alloc+0x5b/0x480
[  817.168820]  create_object.isra.0+0x3a/0xa20
[  817.169307]  ? kasan_unpoison+0x23/0x50
[  817.169759]  kmem_cache_alloc_lru+0x2d3/0x7c0
[  817.170260]  ? mqueue_alloc_inode+0x23/0x40
[  817.170738]  mqueue_alloc_inode+0x23/0x40
[  817.171188]  ? mqueue_free_inode+0x20/0x20
[  817.171655]  alloc_inode+0x63/0x240
[  817.172063]  new_inode+0x23/0x240
[  817.172452]  mqueue_get_inode+0x31/0xe20
[  817.172897]  ? sget_fc+0x156/0x7a0
[  817.173295]  ? mqueue_get_tree+0x130/0x130
[  817.173763]  mqueue_fill_super+0x10f/0x200
[  817.174234]  get_tree_nodev+0xce/0x1d0
[  817.174669]  mqueue_get_tree+0xee/0x130
[  817.175108]  vfs_get_tree+0x8e/0x2f0
[  817.175532]  fc_mount+0x13/0xc0
[  817.175899]  mq_init_ns+0x43e/0x630
[  817.176309]  copy_ipcs+0x35e/0x5d0
[  817.176709]  ? copy_utsname+0xa9/0x4a0
[  817.177140]  create_new_namespaces+0x210/0xb30
[  817.177660]  copy_namespaces+0x391/0x450
[  817.178111]  copy_process+0x2ba5/0x6d10
[  817.178579]  ? __cleanup_sighand+0xb0/0xb0
[  817.179050]  ? lock_is_held_type+0xd7/0x130
[  817.179531]  ? find_held_lock+0x2c/0x110
[  817.179985]  ? kernel_clone+0xc4/0xa60
[  817.180420]  kernel_clone+0xe7/0xa60
[  817.180830]  ? create_io_thread+0xf0/0xf0
[  817.181293]  ? find_held_lock+0x2c/0x110
[  817.181743]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  817.182300]  ? bit_wait_io_timeout+0x160/0x160
[  817.182811]  __do_sys_clone+0xc8/0x110
[  817.183245]  ? __do_sys_vfork+0xd0/0xd0
[  817.183690]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  817.184305]  ? vfs_write+0x428/0xad0
[  817.184731]  ? syscall_enter_from_user_mode+0x1d/0x50
[  817.185310]  do_syscall_64+0x3b/0x90
[  817.185729]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  817.186312] RIP: 0033:0x7f71bf82bb19
[  817.186718] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  817.188752] RSP: 002b:00007f71bcda1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  817.189603] RAX: ffffffffffffffda RBX: 00007f71bf93ef60 RCX: 00007f71bf82bb19
[  817.190394] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  817.191182] RBP: 00007f71bcda11d0 R08: 0000000000000000 R09: 0000000000000000
[  817.191965] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  817.192746] R13: 00007ffdc313072f R14: 00007f71bcda1300 R15: 0000000000022000
[  817.193547]  </TASK>
[  817.211148] isofs_fill_super: bread failed, dev=loop5, iso_blknum=60, block=120
[  817.211418] FAULT_INJECTION: forcing a failure.
[  817.211418] name failslab, interval 1, probability 0, space 0, times 0
[  817.214300] CPU: 1 PID: 6260 Comm: syz-executor.6 Not tainted 5.17.0-rc8-next-20220318 #1
[  817.215941] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  817.218217] Call Trace:
[  817.218739]  <TASK>
[  817.219189]  dump_stack_lvl+0x8b/0xb3
[  817.219963]  should_fail.cold+0x5/0xa
[  817.220730]  ? create_object.isra.0+0x3a/0xa20
[  817.221652]  should_failslab+0x5/0x10
[  817.222423]  kmem_cache_alloc+0x5b/0x480
[  817.223228]  ? obj_cgroup_charge+0x247/0x740
[  817.224106]  create_object.isra.0+0x3a/0xa20
[  817.224999]  ? kasan_unpoison+0x23/0x50
[  817.225842]  kmem_cache_alloc_lru+0x2d3/0x7c0
[  817.226853]  ? mqueue_alloc_inode+0x23/0x40
[  817.227824]  mqueue_alloc_inode+0x23/0x40
[  817.228732]  ? mqueue_free_inode+0x20/0x20
[  817.229671]  alloc_inode+0x63/0x240
[  817.230506]  new_inode+0x23/0x240
[  817.231299]  mqueue_get_inode+0x31/0xe20
[  817.232194]  ? sget_fc+0x156/0x7a0
[  817.232999]  ? mqueue_get_tree+0x130/0x130
[  817.233882]  mqueue_fill_super+0x10f/0x200
[  817.234739]  get_tree_nodev+0xce/0x1d0
[  817.235520]  mqueue_get_tree+0xee/0x130
[  817.236322]  vfs_get_tree+0x8e/0x2f0
[  817.237063]  fc_mount+0x13/0xc0
[  817.237734]  mq_init_ns+0x43e/0x630
[  817.238474]  copy_ipcs+0x35e/0x5d0
[  817.239196]  ? copy_utsname+0xa9/0x4a0
[  817.239974]  create_new_namespaces+0x210/0xb30
[  817.240918]  copy_namespaces+0x391/0x450
[  817.241731]  copy_process+0x2ba5/0x6d10
[  817.242584]  ? __cleanup_sighand+0xb0/0xb0
[  817.243432]  ? lock_is_held_type+0xd7/0x130
[  817.244300]  ? find_held_lock+0x2c/0x110
[  817.245105]  ? kernel_clone+0xc4/0xa60
[  817.245894]  kernel_clone+0xe7/0xa60
[  817.246652]  ? create_io_thread+0xf0/0xf0
[  817.247497]  ? find_held_lock+0x2c/0x110
[  817.248306]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  817.249301]  ? bit_wait_io_timeout+0x160/0x160
[  817.250234]  __do_sys_clone+0xc8/0x110
[  817.251027]  ? __do_sys_vfork+0xd0/0xd0
[  817.251823]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  817.252933]  ? vfs_write+0x428/0xad0
[  817.253691]  ? syscall_enter_from_user_mode+0x1d/0x50
[  817.254745]  do_syscall_64+0x3b/0x90
[  817.255490]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  817.256536] RIP: 0033:0x7fa70862cb19
[  817.257266] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  817.260935] RSP: 002b:00007fa705ba2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  817.262447] RAX: ffffffffffffffda RBX: 00007fa70873ff60 RCX: 00007fa70862cb19
[  817.263870] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  817.265267] RBP: 00007fa705ba21d0 R08: 0000000000000000 R09: 0000000000000000
[  817.266690] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  817.268081] R13: 00007ffd6adb49ef R14: 00007fa705ba2300 R15: 0000000000022000
[  817.269522]  </TASK>
[  817.294306] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
12:47:19 executing program 0:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
epoll_create(0x1)
syz_io_uring_submit(r1, r2, 0x0, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:47:19 executing program 1:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 62)

[  817.346434] FAULT_INJECTION: forcing a failure.
[  817.346434] name failslab, interval 1, probability 0, space 0, times 0
[  817.347699] CPU: 0 PID: 6270 Comm: syz-executor.1 Not tainted 5.17.0-rc8-next-20220318 #1
[  817.348586] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  817.349789] Call Trace:
[  817.350068]  <TASK>
[  817.350319]  dump_stack_lvl+0x8b/0xb3
[  817.350735]  should_fail.cold+0x5/0xa
[  817.351141]  ? security_inode_alloc+0x34/0x160
[  817.351639]  should_failslab+0x5/0x10
[  817.352075]  kmem_cache_alloc+0x5b/0x480
[  817.352541]  security_inode_alloc+0x34/0x160
[  817.353039]  inode_init_always+0x52e/0xc50
[  817.353558]  alloc_inode+0x84/0x240
[  817.353981]  new_inode+0x23/0x240
[  817.354385]  mqueue_get_inode+0x31/0xe20
[  817.354858]  ? sget_fc+0x156/0x7a0
[  817.355273]  ? mqueue_get_tree+0x130/0x130
[  817.355769]  mqueue_fill_super+0x10f/0x200
[  817.356232]  get_tree_nodev+0xce/0x1d0
[  817.356686]  mqueue_get_tree+0xee/0x130
[  817.357128]  vfs_get_tree+0x8e/0x2f0
[  817.357567]  fc_mount+0x13/0xc0
[  817.357942]  mq_init_ns+0x43e/0x630
[  817.358361]  copy_ipcs+0x35e/0x5d0
[  817.358750]  ? copy_utsname+0xa9/0x4a0
[  817.359196]  create_new_namespaces+0x210/0xb30
[  817.359719]  copy_namespaces+0x391/0x450
[  817.360183]  copy_process+0x2ba5/0x6d10
[  817.360646]  ? __cleanup_sighand+0xb0/0xb0
[  817.361119]  ? lock_is_held_type+0xd7/0x130
[  817.361601]  ? find_held_lock+0x2c/0x110
[  817.362068]  ? kernel_clone+0xc4/0xa60
[  817.362525]  kernel_clone+0xe7/0xa60
[  817.362940]  ? create_io_thread+0xf0/0xf0
[  817.363401]  ? find_held_lock+0x2c/0x110
[  817.363862]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  817.364412]  ? bit_wait_io_timeout+0x160/0x160
[  817.364920]  __do_sys_clone+0xc8/0x110
[  817.365360]  ? __do_sys_vfork+0xd0/0xd0
[  817.365800]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  817.366428]  ? vfs_write+0x428/0xad0
[  817.366855]  ? syscall_enter_from_user_mode+0x1d/0x50
[  817.367427]  do_syscall_64+0x3b/0x90
[  817.367850]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  817.368434] RIP: 0033:0x7f71bf82bb19
[  817.368839] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  817.370891] RSP: 002b:00007f71bcda1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  817.371734] RAX: ffffffffffffffda RBX: 00007f71bf93ef60 RCX: 00007f71bf82bb19
[  817.372527] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  817.373307] RBP: 00007f71bcda11d0 R08: 0000000000000000 R09: 0000000000000000
[  817.374101] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  817.374887] R13: 00007ffdc313072f R14: 00007f71bcda1300 R15: 0000000000022000
[  817.375707]  </TASK>
12:47:19 executing program 5:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000be000000000000be252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f}, {&(0x7f0000000040)="22df1d0000000000000d00080005e20008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000011e00))
mkdirat(r0, &(0x7f0000000300)='./file0\x00', 0x8)

12:47:19 executing program 2:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x2000, 0x0, 0x0, 0x0)

12:47:19 executing program 0:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:47:19 executing program 3:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x2, 0x0, 0x0, 0x0)

[  817.422899] loop5: detected capacity change from 0 to 240
[  817.444607] isofs_fill_super: bread failed, dev=loop5, iso_blknum=60, block=120
12:47:19 executing program 7:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff000000000000000007"], 0x1c}], 0x1}, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0)
sendmsg$IPVS_CMD_DEL_SERVICE(r0, &(0x7f0000001200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000001180)={&(0x7f0000001340)=ANY=[@ANYBLOB="f954b225", @ANYRES16=0x0, @ANYBLOB="01002dbd7000fddbdf2503000000140002800800030000000000080004002400000008000500ffffffff"], 0x30}, 0x1, 0x0, 0x0, 0x24008805}, 0x20000000)
preadv(r1, &(0x7f00000011c0)=[{&(0x7f0000000180)=""/4096, 0x1000}], 0x1, 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r2, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0)
r3 = pidfd_open(0x0, 0x0)
process_madvise(r3, 0x0, 0x0, 0x14, 0x0)

12:47:19 executing program 1:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 63)

12:47:19 executing program 2:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x6000, 0x0, 0x0, 0x0)

[  817.572065] FAULT_INJECTION: forcing a failure.
[  817.572065] name failslab, interval 1, probability 0, space 0, times 0
[  817.573340] CPU: 0 PID: 6289 Comm: syz-executor.1 Not tainted 5.17.0-rc8-next-20220318 #1
[  817.574228] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  817.575447] Call Trace:
[  817.575729]  <TASK>
[  817.575972]  dump_stack_lvl+0x8b/0xb3
[  817.576402]  should_fail.cold+0x5/0xa
[  817.576811]  ? create_object.isra.0+0x3a/0xa20
[  817.577328]  should_failslab+0x5/0x10
[  817.577745]  kmem_cache_alloc+0x5b/0x480
[  817.578209]  create_object.isra.0+0x3a/0xa20
[  817.578690]  ? kasan_unpoison+0x23/0x50
[  817.579146]  kmem_cache_alloc+0x239/0x480
[  817.579599]  security_inode_alloc+0x34/0x160
[  817.580102]  inode_init_always+0x52e/0xc50
[  817.580564]  alloc_inode+0x84/0x240
[  817.580967]  new_inode+0x23/0x240
[  817.581350]  mqueue_get_inode+0x31/0xe20
[  817.581791]  ? sget_fc+0x156/0x7a0
[  817.582193]  ? mqueue_get_tree+0x130/0x130
[  817.582653]  mqueue_fill_super+0x10f/0x200
[  817.583117]  get_tree_nodev+0xce/0x1d0
[  817.583549]  mqueue_get_tree+0xee/0x130
[  817.583980]  vfs_get_tree+0x8e/0x2f0
[  817.584393]  fc_mount+0x13/0xc0
[  817.584757]  mq_init_ns+0x43e/0x630
[  817.585163]  copy_ipcs+0x35e/0x5d0
[  817.585542]  ? copy_utsname+0xa9/0x4a0
[  817.585973]  create_new_namespaces+0x210/0xb30
[  817.586497]  copy_namespaces+0x391/0x450
[  817.586947]  copy_process+0x2ba5/0x6d10
[  817.587407]  ? __cleanup_sighand+0xb0/0xb0
[  817.587880]  ? lock_is_held_type+0xd7/0x130
[  817.588353]  ? find_held_lock+0x2c/0x110
[  817.588803]  ? kernel_clone+0xc4/0xa60
[  817.589236]  kernel_clone+0xe7/0xa60
[  817.589652]  ? create_io_thread+0xf0/0xf0
[  817.590108]  ? find_held_lock+0x2c/0x110
[  817.590558]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  817.591102]  ? bit_wait_io_timeout+0x160/0x160
[  817.591603]  __do_sys_clone+0xc8/0x110
[  817.592038]  ? __do_sys_vfork+0xd0/0xd0
[  817.592483]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  817.593089]  ? vfs_write+0x428/0xad0
[  817.593512]  ? syscall_enter_from_user_mode+0x1d/0x50
[  817.594083]  do_syscall_64+0x3b/0x90
[  817.594499]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  817.595066] RIP: 0033:0x7f71bf82bb19
[  817.595470] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  817.597479] RSP: 002b:00007f71bcda1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  817.598318] RAX: ffffffffffffffda RBX: 00007f71bf93ef60 RCX: 00007f71bf82bb19
[  817.599082] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  817.599848] RBP: 00007f71bcda11d0 R08: 0000000000000000 R09: 0000000000000000
[  817.600614] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  817.601376] R13: 00007ffdc313072f R14: 00007f71bcda1300 R15: 0000000000022000
[  817.602183]  </TASK>
12:47:35 executing program 1:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 64)

12:47:35 executing program 4:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[], 0x1c}], 0x1}, 0x0)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
read(r0, &(0x7f00000001c0)=""/133, 0x85)

12:47:35 executing program 5:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000be000000000000be252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000000040)="22df1d0000000000000d00080005e20008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, 0x0)
mkdirat(r0, &(0x7f0000000300)='./file0\x00', 0x8)

12:47:35 executing program 6:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 62)

12:47:35 executing program 0:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

[  832.789605] FAULT_INJECTION: forcing a failure.
[  832.789605] name failslab, interval 1, probability 0, space 0, times 0
[  832.790880] CPU: 1 PID: 6301 Comm: syz-executor.6 Not tainted 5.17.0-rc8-next-20220318 #1
[  832.791750] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  832.792931] Call Trace:
[  832.793201]  <TASK>
[  832.793438]  dump_stack_lvl+0x8b/0xb3
[  832.793851]  should_fail.cold+0x5/0xa
[  832.794250]  ? security_inode_alloc+0x34/0x160
[  832.794750]  should_failslab+0x5/0x10
[  832.795150]  kmem_cache_alloc+0x5b/0x480
[  832.795582]  security_inode_alloc+0x34/0x160
[  832.796040]  inode_init_always+0x52e/0xc50
[  832.796493]  alloc_inode+0x84/0x240
[  832.796881]  new_inode+0x23/0x240
[  832.797252]  mqueue_get_inode+0x31/0xe20
[  832.797691]  ? sget_fc+0x156/0x7a0
[  832.798066]  ? mqueue_get_tree+0x130/0x130
[  832.798516]  mqueue_fill_super+0x10f/0x200
[  832.798955]  get_tree_nodev+0xce/0x1d0
[  832.799370]  mqueue_get_tree+0xee/0x130
12:47:35 executing program 2:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0xf000, 0x0, 0x0, 0x0)

12:47:35 executing program 7:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff000000000000000007"], 0x1c}], 0x1}, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0)
sendmsg$IPVS_CMD_DEL_SERVICE(r0, &(0x7f0000001200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000001180)={&(0x7f0000001340)=ANY=[@ANYBLOB="f954b225", @ANYRES16=0x0, @ANYBLOB="01002dbd7000fddbdf2503000000140002800800030000000000080004002400000008000500ffffffff"], 0x30}, 0x1, 0x0, 0x0, 0x24008805}, 0x20000000)
preadv(r1, &(0x7f00000011c0)=[{&(0x7f0000000180)=""/4096, 0x1000}], 0x1, 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r2, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0)
r3 = pidfd_open(0x0, 0x0)
process_madvise(r3, 0x0, 0x0, 0x14, 0x0)

[  832.799799]  vfs_get_tree+0x8e/0x2f0
[  832.800486]  fc_mount+0x13/0xc0
[  832.800852]  mq_init_ns+0x43e/0x630
[  832.801271]  copy_ipcs+0x35e/0x5d0
[  832.801669]  ? copy_utsname+0xa9/0x4a0
[  832.802114]  create_new_namespaces+0x210/0xb30
[  832.802653]  copy_namespaces+0x391/0x450
[  832.803102]  copy_process+0x2ba5/0x6d10
[  832.803559]  ? __cleanup_sighand+0xb0/0xb0
[  832.804038]  ? lock_is_held_type+0xd7/0x130
[  832.804512]  ? find_held_lock+0x2c/0x110
[  832.804960]  ? kernel_clone+0xc4/0xa60
[  832.805395]  kernel_clone+0xe7/0xa60
[  832.805804]  ? create_io_thread+0xf0/0xf0
[  832.806266]  ? find_held_lock+0x2c/0x110
[  832.806700]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  832.807243]  ? bit_wait_io_timeout+0x160/0x160
[  832.807745]  __do_sys_clone+0xc8/0x110
[  832.808173]  ? __do_sys_vfork+0xd0/0xd0
[  832.808611]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  832.809221]  ? vfs_write+0x428/0xad0
[  832.809634]  ? syscall_enter_from_user_mode+0x1d/0x50
[  832.810214]  do_syscall_64+0x3b/0x90
[  832.810621]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  832.811190] RIP: 0033:0x7fa70862cb19
[  832.811579] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  832.813577] RSP: 002b:00007fa705ba2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  832.814389] RAX: ffffffffffffffda RBX: 00007fa70873ff60 RCX: 00007fa70862cb19
[  832.815170] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  832.815934] RBP: 00007fa705ba21d0 R08: 0000000000000000 R09: 0000000000000000
[  832.816688] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  832.817437] R13: 00007ffd6adb49ef R14: 00007fa705ba2300 R15: 0000000000022000
[  832.818196]  </TASK>
[  832.825249] FAULT_INJECTION: forcing a failure.
[  832.825249] name failslab, interval 1, probability 0, space 0, times 0
[  832.826597] CPU: 1 PID: 6308 Comm: syz-executor.1 Not tainted 5.17.0-rc8-next-20220318 #1
[  832.827473] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  832.828666] Call Trace:
[  832.828937]  <TASK>
[  832.829173]  dump_stack_lvl+0x8b/0xb3
[  832.829394] loop5: detected capacity change from 0 to 240
[  832.829581]  should_fail.cold+0x5/0xa
[  832.831193]  should_failslab+0x5/0x10
[  832.831600]  kmem_cache_alloc_lru+0x60/0x7c0
[  832.832069]  ? __d_alloc+0x31/0x990
[  832.832459]  ? mqueue_get_tree+0x130/0x130
[  832.832901]  __d_alloc+0x31/0x990
[  832.833273]  ? mqueue_get_inode+0x27f/0xe20
[  832.833732]  ? mqueue_get_tree+0x130/0x130
[  832.834180]  d_make_root+0x45/0x110
[  832.834587]  mqueue_fill_super+0x137/0x200
[  832.835033]  get_tree_nodev+0xce/0x1d0
[  832.835458]  mqueue_get_tree+0xee/0x130
[  832.835882]  vfs_get_tree+0x8e/0x2f0
[  832.836290]  fc_mount+0x13/0xc0
[  832.836646]  mq_init_ns+0x43e/0x630
[  832.837044]  copy_ipcs+0x35e/0x5d0
[  832.837432]  ? copy_utsname+0xa9/0x4a0
[  832.837854]  create_new_namespaces+0x210/0xb30
[  832.838347]  copy_namespaces+0x391/0x450
[  832.838797]  copy_process+0x2ba5/0x6d10
[  832.839241]  ? __cleanup_sighand+0xb0/0xb0
[  832.839708]  ? lock_is_held_type+0xd7/0x130
[  832.840166]  ? find_held_lock+0x2c/0x110
[  832.840593]  ? kernel_clone+0xc4/0xa60
[  832.841020]  kernel_clone+0xe7/0xa60
[  832.841422]  ? create_io_thread+0xf0/0xf0
[  832.841869]  ? find_held_lock+0x2c/0x110
[  832.842311]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  832.842851]  ? bit_wait_io_timeout+0x160/0x160
[  832.843346]  __do_sys_clone+0xc8/0x110
[  832.843771]  ? __do_sys_vfork+0xd0/0xd0
[  832.844201]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  832.844790]  ? vfs_write+0x428/0xad0
[  832.845197]  ? syscall_enter_from_user_mode+0x1d/0x50
[  832.845754]  do_syscall_64+0x3b/0x90
[  832.846146]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  832.846714] RIP: 0033:0x7f71bf82bb19
[  832.847112] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  832.849068] RSP: 002b:00007f71bcda1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  832.849888] RAX: ffffffffffffffda RBX: 00007f71bf93ef60 RCX: 00007f71bf82bb19
[  832.850656] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  832.851416] RBP: 00007f71bcda11d0 R08: 0000000000000000 R09: 0000000000000000
[  832.852172] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  832.852926] R13: 00007ffdc313072f R14: 00007f71bcda1300 R15: 0000000000022000
[  832.853699]  </TASK>
12:47:35 executing program 3:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x10, 0x0, 0x0, 0x0)

12:47:35 executing program 0:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:47:35 executing program 1:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 65)

12:47:35 executing program 6:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 63)

12:47:35 executing program 3:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x60, 0x0, 0x0, 0x0)

[  832.948502] FAULT_INJECTION: forcing a failure.
[  832.948502] name failslab, interval 1, probability 0, space 0, times 0
[  832.949747] CPU: 1 PID: 6317 Comm: syz-executor.1 Not tainted 5.17.0-rc8-next-20220318 #1
[  832.950636] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  832.951828] Call Trace:
[  832.952101]  <TASK>
[  832.952351]  dump_stack_lvl+0x8b/0xb3
[  832.952765]  should_fail.cold+0x5/0xa
[  832.953171]  ? memcg_list_lru_alloc+0x23f/0xb10
[  832.953672]  should_failslab+0x5/0x10
[  832.954075]  __kmalloc+0x72/0x440
[  832.954479]  memcg_list_lru_alloc+0x23f/0xb10
[  832.954955]  ? lock_is_held_type+0xd7/0x130
[  832.955411]  ? memcg_reparent_list_lrus+0x8f0/0x8f0
[  832.955937]  ? kmem_cache_alloc_lru+0xe8/0x7c0
[  832.956433]  kmem_cache_alloc_lru+0x10e/0x7c0
[  832.956905]  ? __d_alloc+0x31/0x990
[  832.957294]  ? mqueue_get_tree+0x130/0x130
[  832.957787]  __d_alloc+0x31/0x990
[  832.958158]  ? mqueue_get_inode+0x27f/0xe20
[  832.958621]  ? mqueue_get_tree+0x130/0x130
[  832.959065]  d_make_root+0x45/0x110
[  832.959455]  mqueue_fill_super+0x137/0x200
[  832.959904]  get_tree_nodev+0xce/0x1d0
[  832.960329]  mqueue_get_tree+0xee/0x130
[  832.960757]  vfs_get_tree+0x8e/0x2f0
[  832.961157]  fc_mount+0x13/0xc0
[  832.961514]  mq_init_ns+0x43e/0x630
[  832.961907]  copy_ipcs+0x35e/0x5d0
[  832.962287]  ? copy_utsname+0xa9/0x4a0
[  832.962714]  create_new_namespaces+0x210/0xb30
[  832.963208]  copy_namespaces+0x391/0x450
[  832.963651]  copy_process+0x2ba5/0x6d10
[  832.964089]  ? __cleanup_sighand+0xb0/0xb0
[  832.964544]  ? lock_is_held_type+0xd7/0x130
[  832.964992]  ? find_held_lock+0x2c/0x110
[  832.965429]  ? kernel_clone+0xc4/0xa60
[  832.965842]  kernel_clone+0xe7/0xa60
[  832.966245]  ? create_io_thread+0xf0/0xf0
[  832.966706]  ? find_held_lock+0x2c/0x110
[  832.967144]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  832.967673]  ? bit_wait_io_timeout+0x160/0x160
[  832.968153]  __do_sys_clone+0xc8/0x110
[  832.968570]  ? __do_sys_vfork+0xd0/0xd0
[  832.969001]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  832.969587]  ? vfs_write+0x428/0xad0
[  832.969999]  ? syscall_enter_from_user_mode+0x1d/0x50
[  832.970561]  do_syscall_64+0x3b/0x90
[  832.970969]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  832.971529] RIP: 0033:0x7f71bf82bb19
[  832.971925] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  832.973886] RSP: 002b:00007f71bcda1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  832.974700] RAX: ffffffffffffffda RBX: 00007f71bf93ef60 RCX: 00007f71bf82bb19
[  832.975460] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  832.976209] RBP: 00007f71bcda11d0 R08: 0000000000000000 R09: 0000000000000000
[  832.976968] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  832.977722] R13: 00007ffdc313072f R14: 00007f71bcda1300 R15: 0000000000022000
[  832.978510]  </TASK>
12:47:35 executing program 5:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000be000000000000be252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000000040)="22df1d0000000000000d00080005e20008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, 0x0)
mkdirat(r0, &(0x7f0000000300)='./file0\x00', 0x8)

12:47:35 executing program 2:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x100000, 0x0, 0x0, 0x0)

12:47:35 executing program 7:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff000000000000000007"], 0x1c}], 0x1}, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0)
sendmsg$IPVS_CMD_DEL_SERVICE(r0, &(0x7f0000001200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000001180)={&(0x7f0000001340)=ANY=[@ANYBLOB="f954b225", @ANYRES16=0x0, @ANYBLOB="01002dbd7000fddbdf2503000000140002800800030000000000080004002400000008000500ffffffff"], 0x30}, 0x1, 0x0, 0x0, 0x24008805}, 0x20000000)
preadv(r1, &(0x7f00000011c0)=[{&(0x7f0000000180)=""/4096, 0x1000}], 0x1, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
r2 = fork()
r3 = pidfd_open(r2, 0x0)
process_madvise(r3, 0x0, 0x0, 0x14, 0x0)

12:47:35 executing program 0:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:47:35 executing program 3:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0xf0, 0x0, 0x0, 0x0)

[  833.057454] FAULT_INJECTION: forcing a failure.
[  833.057454] name failslab, interval 1, probability 0, space 0, times 0
[  833.058665] CPU: 1 PID: 6327 Comm: syz-executor.6 Not tainted 5.17.0-rc8-next-20220318 #1
[  833.059519] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  833.060699] Call Trace:
[  833.060975]  <TASK>
[  833.061207]  dump_stack_lvl+0x8b/0xb3
[  833.061623]  should_fail.cold+0x5/0xa
[  833.062028]  ? create_object.isra.0+0x3a/0xa20
[  833.062538]  should_failslab+0x5/0x10
[  833.062939]  kmem_cache_alloc+0x5b/0x480
[  833.063379]  create_object.isra.0+0x3a/0xa20
[  833.063844]  ? kasan_unpoison+0x23/0x50
[  833.064273]  kmem_cache_alloc+0x239/0x480
[  833.064710]  security_inode_alloc+0x34/0x160
[  833.065175]  inode_init_always+0x52e/0xc50
[  833.065631]  alloc_inode+0x84/0x240
[  833.066015]  new_inode+0x23/0x240
[  833.066391]  mqueue_get_inode+0x31/0xe20
[  833.066828]  ? sget_fc+0x156/0x7a0
[  833.067211]  ? mqueue_get_tree+0x130/0x130
[  833.067669]  mqueue_fill_super+0x10f/0x200
[  833.068136]  get_tree_nodev+0xce/0x1d0
[  833.068568]  mqueue_get_tree+0xee/0x130
[  833.069005]  vfs_get_tree+0x8e/0x2f0
[  833.069414]  fc_mount+0x13/0xc0
[  833.069770]  mq_init_ns+0x43e/0x630
[  833.070176]  copy_ipcs+0x35e/0x5d0
[  833.070569]  ? copy_utsname+0xa9/0x4a0
[  833.070993]  create_new_namespaces+0x210/0xb30
[  833.071511]  copy_namespaces+0x391/0x450
[  833.071959]  copy_process+0x2ba5/0x6d10
[  833.072413]  ? __cleanup_sighand+0xb0/0xb0
[  833.072883]  ? lock_is_held_type+0xd7/0x130
[  833.073359]  ? find_held_lock+0x2c/0x110
[  833.073803]  ? kernel_clone+0xc4/0xa60
[  833.074234]  kernel_clone+0xe7/0xa60
[  833.074668]  ? create_io_thread+0xf0/0xf0
[  833.075128]  ? find_held_lock+0x2c/0x110
[  833.075577]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  833.076118]  ? bit_wait_io_timeout+0x160/0x160
[  833.076630]  __do_sys_clone+0xc8/0x110
[  833.077060]  ? __do_sys_vfork+0xd0/0xd0
[  833.077505]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  833.078115]  ? vfs_write+0x428/0xad0
[  833.078536]  ? syscall_enter_from_user_mode+0x1d/0x50
[  833.079105]  do_syscall_64+0x3b/0x90
[  833.079520]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  833.080096] RIP: 0033:0x7fa70862cb19
[  833.080495] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  833.082521] RSP: 002b:00007fa705ba2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  833.083325] RAX: ffffffffffffffda RBX: 00007fa70873ff60 RCX: 00007fa70862cb19
[  833.084096] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  833.084860] RBP: 00007fa705ba21d0 R08: 0000000000000000 R09: 0000000000000000
[  833.085593] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  833.086072] loop5: detected capacity change from 0 to 240
[  833.086336] R13: 00007ffd6adb49ef R14: 00007fa705ba2300 R15: 0000000000022000
[  833.086361]  </TASK>
12:47:48 executing program 7:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff000000000000000007"], 0x1c}], 0x1}, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0)
sendmsg$IPVS_CMD_DEL_SERVICE(r0, &(0x7f0000001200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000001180)={&(0x7f0000001340)=ANY=[@ANYBLOB="f954b225", @ANYRES16=0x0, @ANYBLOB="01002dbd7000fddbdf2503000000140002800800030000000000080004002400000008000500ffffffff"], 0x30}, 0x1, 0x0, 0x0, 0x24008805}, 0x20000000)
preadv(r1, &(0x7f00000011c0)=[{&(0x7f0000000180)=""/4096, 0x1000}], 0x1, 0x0, 0x0)
r2 = fork()
r3 = pidfd_open(r2, 0x0)
process_madvise(r3, 0x0, 0x0, 0x14, 0x0)

12:47:48 executing program 5:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000be000000000000be252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000000040)="22df1d0000000000000d00080005e20008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, 0x0)
mkdirat(r0, &(0x7f0000000300)='./file0\x00', 0x8)

12:47:48 executing program 3:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x2000, 0x0, 0x0, 0x0)

12:47:48 executing program 1:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 66)

12:47:48 executing program 0:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:47:48 executing program 2:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x600000, 0x0, 0x0, 0x0)

12:47:48 executing program 4:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[], 0x1c}], 0x1}, 0x0)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
read(r0, &(0x7f00000001c0)=""/133, 0x85)

12:47:48 executing program 6:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 64)

12:47:48 executing program 0:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:47:48 executing program 3:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x6000, 0x0, 0x0, 0x0)

[  846.216389] loop5: detected capacity change from 0 to 240
[  846.217231] FAULT_INJECTION: forcing a failure.
[  846.217231] name failslab, interval 1, probability 0, space 0, times 0
[  846.219630] CPU: 1 PID: 6366 Comm: syz-executor.6 Not tainted 5.17.0-rc8-next-20220318 #1
[  846.221300] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  846.223648] Call Trace:
[  846.224172]  <TASK>
[  846.224628]  dump_stack_lvl+0x8b/0xb3
[  846.225412]  should_fail.cold+0x5/0xa
[  846.226207]  should_failslab+0x5/0x10
[  846.226996]  kmem_cache_alloc_lru+0x60/0x7c0
[  846.227900]  ? __d_alloc+0x31/0x990
[  846.228670]  ? mqueue_get_tree+0x130/0x130
[  846.229534]  __d_alloc+0x31/0x990
[  846.230236]  ? mqueue_get_inode+0x27f/0xe20
[  846.231137]  ? mqueue_get_tree+0x130/0x130
[  846.231989]  d_make_root+0x45/0x110
[  846.232737]  mqueue_fill_super+0x137/0x200
[  846.233613]  get_tree_nodev+0xce/0x1d0
[  846.234402]  mqueue_get_tree+0xee/0x130
[  846.235217]  vfs_get_tree+0x8e/0x2f0
[  846.235982]  fc_mount+0x13/0xc0
[  846.236661]  mq_init_ns+0x43e/0x630
[  846.237405]  copy_ipcs+0x35e/0x5d0
[  846.238143]  ? copy_utsname+0xa9/0x4a0
[  846.238954]  create_new_namespaces+0x210/0xb30
[  846.239898]  copy_namespaces+0x391/0x450
[  846.240734]  copy_process+0x2ba5/0x6d10
[  846.241588]  ? __cleanup_sighand+0xb0/0xb0
[  846.242458]  ? lock_is_held_type+0xd7/0x130
[  846.243371]  ? find_held_lock+0x2c/0x110
[  846.244199]  ? kernel_clone+0xc4/0xa60
[  846.245006]  kernel_clone+0xe7/0xa60
[  846.245778]  ? create_io_thread+0xf0/0xf0
[  846.246633]  ? find_held_lock+0x2c/0x110
[  846.247466]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  846.248497]  ? bit_wait_io_timeout+0x160/0x160
[  846.249422]  __do_sys_clone+0xc8/0x110
[  846.250226]  ? __do_sys_vfork+0xd0/0xd0
[  846.251048]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  846.252167]  ? vfs_write+0x428/0xad0
[  846.252965]  ? syscall_enter_from_user_mode+0x1d/0x50
[  846.254017]  do_syscall_64+0x3b/0x90
[  846.254812]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  846.255863] RIP: 0033:0x7fa70862cb19
[  846.256625] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  846.260316] RSP: 002b:00007fa705ba2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  846.261855] RAX: ffffffffffffffda RBX: 00007fa70873ff60 RCX: 00007fa70862cb19
[  846.263309] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  846.264749] RBP: 00007fa705ba21d0 R08: 0000000000000000 R09: 0000000000000000
[  846.266183] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  846.267637] R13: 00007ffd6adb49ef R14: 00007fa705ba2300 R15: 0000000000022000
[  846.269091]  </TASK>
[  846.284593] FAULT_INJECTION: forcing a failure.
[  846.284593] name failslab, interval 1, probability 0, space 0, times 0
[  846.287456] CPU: 1 PID: 6365 Comm: syz-executor.1 Not tainted 5.17.0-rc8-next-20220318 #1
[  846.289477] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  846.292302] Call Trace:
[  846.292940]  <TASK>
[  846.293496]  dump_stack_lvl+0x8b/0xb3
[  846.294458]  should_fail.cold+0x5/0xa
[  846.295254]  ? create_object.isra.0+0x3a/0xa20
[  846.296191]  should_failslab+0x5/0x10
[  846.296964]  kmem_cache_alloc+0x5b/0x480
[  846.297818]  create_object.isra.0+0x3a/0xa20
[  846.298735]  ? kasan_unpoison+0x23/0x50
[  846.299567]  __kmalloc+0x25b/0x440
[  846.300289]  memcg_list_lru_alloc+0x23f/0xb10
[  846.301197]  ? lock_is_held_type+0xd7/0x130
[  846.302094]  ? memcg_reparent_list_lrus+0x8f0/0x8f0
[  846.303130]  ? kmem_cache_alloc_lru+0xe8/0x7c0
[  846.304083]  kmem_cache_alloc_lru+0x10e/0x7c0
[  846.304992]  ? __d_alloc+0x31/0x990
[  846.305765]  ? mqueue_get_tree+0x130/0x130
[  846.306633]  __d_alloc+0x31/0x990
[  846.307333]  ? mqueue_get_inode+0x27f/0xe20
[  846.308207]  ? mqueue_get_tree+0x130/0x130
[  846.309072]  d_make_root+0x45/0x110
[  846.309819]  mqueue_fill_super+0x137/0x200
[  846.310714]  get_tree_nodev+0xce/0x1d0
[  846.311526]  mqueue_get_tree+0xee/0x130
[  846.312323]  vfs_get_tree+0x8e/0x2f0
12:47:48 executing program 7:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff000000000000000007"], 0x1c}], 0x1}, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0)
sendmsg$IPVS_CMD_DEL_SERVICE(r0, &(0x7f0000001200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000001180)={&(0x7f0000001340)=ANY=[@ANYBLOB="f954b225", @ANYRES16=0x0, @ANYBLOB="01002dbd7000fddbdf2503000000140002800800030000000000080004002400000008000500ffffffff"], 0x30}, 0x1, 0x0, 0x0, 0x24008805}, 0x20000000)
r1 = fork()
r2 = pidfd_open(r1, 0x0)
process_madvise(r2, 0x0, 0x0, 0x14, 0x0)

12:47:48 executing program 0:
syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r0=>0x0, &(0x7f0000000380)=<r1=>0x0)
r2 = epoll_create(0x1)
syz_io_uring_submit(r0, r1, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r2, 0x0, 0x0}, 0x0)
io_uring_enter(0xffffffffffffffff, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:47:48 executing program 3:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0xf000, 0x0, 0x0, 0x0)

[  846.313102]  fc_mount+0x13/0xc0
[  846.313988]  mq_init_ns+0x43e/0x630
[  846.314809]  copy_ipcs+0x35e/0x5d0
[  846.315536]  ? copy_utsname+0xa9/0x4a0
[  846.316323]  create_new_namespaces+0x210/0xb30
[  846.317282]  copy_namespaces+0x391/0x450
[  846.318173]  copy_process+0x2ba5/0x6d10
[  846.319152]  ? __cleanup_sighand+0xb0/0xb0
[  846.320022]  ? lock_is_held_type+0xd7/0x130
[  846.320882]  ? find_held_lock+0x2c/0x110
[  846.321693]  ? kernel_clone+0xc4/0xa60
[  846.322489]  kernel_clone+0xe7/0xa60
[  846.323268]  ? create_io_thread+0xf0/0xf0
[  846.324105]  ? find_held_lock+0x2c/0x110
[  846.324929]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  846.325913]  ? bit_wait_io_timeout+0x160/0x160
[  846.326841]  __do_sys_clone+0xc8/0x110
[  846.327623]  ? __do_sys_vfork+0xd0/0xd0
[  846.328427]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  846.329518]  ? vfs_write+0x428/0xad0
[  846.330288]  ? syscall_enter_from_user_mode+0x1d/0x50
[  846.331327]  do_syscall_64+0x3b/0x90
[  846.332081]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  846.333117] RIP: 0033:0x7f71bf82bb19
[  846.333868] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  846.337541] RSP: 002b:00007f71bcda1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  846.339053] RAX: ffffffffffffffda RBX: 00007f71bf93ef60 RCX: 00007f71bf82bb19
[  846.340466] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  846.341882] RBP: 00007f71bcda11d0 R08: 0000000000000000 R09: 0000000000000000
[  846.343324] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  846.344740] R13: 00007ffdc313072f R14: 00007f71bcda1300 R15: 0000000000022000
[  846.346181]  </TASK>
[  861.641819] FAULT_INJECTION: forcing a failure.
[  861.641819] name failslab, interval 1, probability 0, space 0, times 0
[  861.643176] CPU: 1 PID: 6387 Comm: syz-executor.1 Not tainted 5.17.0-rc8-next-20220318 #1
[  861.644072] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  861.645333] Call Trace:
[  861.645624]  <TASK>
[  861.645874]  dump_stack_lvl+0x8b/0xb3
[  861.646324]  should_fail.cold+0x5/0xa
[  861.646747]  ? memcg_list_lru_alloc+0x514/0xb10
[  861.647290]  should_failslab+0x5/0x10
[  861.647706]  __kmalloc+0x72/0x440
[  861.648089]  memcg_list_lru_alloc+0x514/0xb10
[  861.648593]  ? memcg_reparent_list_lrus+0x8f0/0x8f0
[  861.649141]  ? kmem_cache_alloc_lru+0xe8/0x7c0
[  861.649670]  kmem_cache_alloc_lru+0x10e/0x7c0
[  861.650168]  ? __d_alloc+0x31/0x990
[  861.650592]  ? mqueue_get_tree+0x130/0x130
[  861.651079]  __d_alloc+0x31/0x990
[  861.651464]  ? mqueue_get_inode+0x27f/0xe20
[  861.651944]  ? mqueue_get_tree+0x130/0x130
[  861.652420]  d_make_root+0x45/0x110
[  861.652827]  mqueue_fill_super+0x137/0x200
[  861.653298]  get_tree_nodev+0xce/0x1d0
[  861.653745]  mqueue_get_tree+0xee/0x130
[  861.654194]  vfs_get_tree+0x8e/0x2f0
[  861.654615]  fc_mount+0x13/0xc0
[  861.654996]  mq_init_ns+0x43e/0x630
[  861.655408]  copy_ipcs+0x35e/0x5d0
[  861.655806]  ? copy_utsname+0xa9/0x4a0
[  861.656250]  create_new_namespaces+0x210/0xb30
[  861.656773]  copy_namespaces+0x391/0x450
[  861.657232]  copy_process+0x2ba5/0x6d10
[  861.657700]  ? __cleanup_sighand+0xb0/0xb0
[  861.658176]  ? lock_is_held_type+0xd7/0x130
[  861.658658]  ? find_held_lock+0x2c/0x110
[  861.659126]  ? kernel_clone+0xc4/0xa60
[  861.659575]  kernel_clone+0xe7/0xa60
[  861.660001]  ? create_io_thread+0xf0/0xf0
[  861.660463]  ? find_held_lock+0x2c/0x110
[  861.660926]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  861.661470]  ? bit_wait_io_timeout+0x160/0x160
[  861.661994]  __do_sys_clone+0xc8/0x110
[  861.662433]  ? __do_sys_vfork+0xd0/0xd0
[  861.662898]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  861.663504]  ? vfs_write+0x428/0xad0
[  861.663936]  ? syscall_enter_from_user_mode+0x1d/0x50
[  861.664518]  do_syscall_64+0x3b/0x90
[  861.664944]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  861.665533] RIP: 0033:0x7f71bf82bb19
[  861.665947] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  861.667999] RSP: 002b:00007f71bcda1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  861.668844] RAX: ffffffffffffffda RBX: 00007f71bf93ef60 RCX: 00007f71bf82bb19
[  861.669641] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  861.670441] RBP: 00007f71bcda11d0 R08: 0000000000000000 R09: 0000000000000000
[  861.671243] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  861.672029] R13: 00007ffdc313072f R14: 00007f71bcda1300 R15: 0000000000022000
[  861.672840]  </TASK>
[  861.685628] FAULT_INJECTION: forcing a failure.
[  861.685628] name failslab, interval 1, probability 0, space 0, times 0
[  861.686932] CPU: 1 PID: 6391 Comm: syz-executor.6 Not tainted 5.17.0-rc8-next-20220318 #1
[  861.687822] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  861.689017] Call Trace:
[  861.689291]  <TASK>
[  861.689522]  dump_stack_lvl+0x8b/0xb3
[  861.689923]  should_fail.cold+0x5/0xa
[  861.690332]  ? memcg_list_lru_alloc+0x23f/0xb10
[  861.690838]  should_failslab+0x5/0x10
[  861.691248]  __kmalloc+0x72/0x440
[  861.691621]  memcg_list_lru_alloc+0x23f/0xb10
[  861.692094]  ? lock_is_held_type+0xd7/0x130
[  861.692555]  ? memcg_reparent_list_lrus+0x8f0/0x8f0
[  861.693081]  ? kmem_cache_alloc_lru+0xe8/0x7c0
[  861.693587]  kmem_cache_alloc_lru+0x10e/0x7c0
[  861.694062]  ? __d_alloc+0x31/0x990
[  861.694457]  ? mqueue_get_tree+0x130/0x130
[  861.694909]  __d_alloc+0x31/0x990
[  861.695276]  ? mqueue_get_inode+0x27f/0xe20
[  861.695762]  ? mqueue_get_tree+0x130/0x130
[  861.695967] loop5: detected capacity change from 0 to 240
[  861.696237]  d_make_root+0x45/0x110
[  861.696255]  mqueue_fill_super+0x137/0x200
[  861.696271]  get_tree_nodev+0xce/0x1d0
[  861.698916]  mqueue_get_tree+0xee/0x130
[  861.699366]  vfs_get_tree+0x8e/0x2f0
[  861.699794]  fc_mount+0x13/0xc0
[  861.700164]  mq_init_ns+0x43e/0x630
[  861.700579]  copy_ipcs+0x35e/0x5d0
[  861.700980]  ? copy_utsname+0xa9/0x4a0
[  861.701427]  create_new_namespaces+0x210/0xb30
[  861.701952]  copy_namespaces+0x391/0x450
[  861.702414]  copy_process+0x2ba5/0x6d10
[  861.702898]  ? __cleanup_sighand+0xb0/0xb0
[  861.703387]  ? lock_is_held_type+0xd7/0x130
[  861.703864]  ? find_held_lock+0x2c/0x110
[  861.704310]  ? kernel_clone+0xc4/0xa60
[  861.704745]  kernel_clone+0xe7/0xa60
[  861.705163]  ? create_io_thread+0xf0/0xf0
[  861.705628]  ? find_held_lock+0x2c/0x110
[  861.706083]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  861.706628]  ? bit_wait_io_timeout+0x160/0x160
[  861.707146]  __do_sys_clone+0xc8/0x110
[  861.707583]  ? __do_sys_vfork+0xd0/0xd0
[  861.708028]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  861.708637]  ? vfs_write+0x428/0xad0
[  861.709064]  ? syscall_enter_from_user_mode+0x1d/0x50
[  861.709644]  do_syscall_64+0x3b/0x90
[  861.710055]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  861.710635] RIP: 0033:0x7fa70862cb19
[  861.711060] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  861.713135] RSP: 002b:00007fa705ba2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  861.714001] RAX: ffffffffffffffda RBX: 00007fa70873ff60 RCX: 00007fa70862cb19
[  861.714817] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  861.715629] RBP: 00007fa705ba21d0 R08: 0000000000000000 R09: 0000000000000000
[  861.716435] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  861.717236] R13: 00007ffd6adb49ef R14: 00007fa705ba2300 R15: 0000000000022000
[  861.718052]  </TASK>
12:48:03 executing program 0:
syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r0=>0x0, &(0x7f0000000380)=<r1=>0x0)
r2 = epoll_create(0x1)
syz_io_uring_submit(r0, r1, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r2, 0x0, 0x0}, 0x0)
io_uring_enter(0xffffffffffffffff, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:48:03 executing program 1:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 67)

12:48:03 executing program 2:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x80ffff, 0x0, 0x0, 0x0)

12:48:03 executing program 6:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 65)

12:48:03 executing program 7:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff000000000000000007"], 0x1c}], 0x1}, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0)
r1 = fork()
r2 = pidfd_open(r1, 0x0)
process_madvise(r2, 0x0, 0x0, 0x14, 0x0)

12:48:03 executing program 5:
syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000be000000000000be252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000000040)="22df1d0000000000000d00080005e20008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000011e00))
mkdirat(0xffffffffffffffff, &(0x7f0000000300)='./file0\x00', 0x8)

12:48:03 executing program 4:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[], 0x1c}], 0x1}, 0x0)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
read(r0, &(0x7f00000001c0)=""/133, 0x85)

12:48:03 executing program 3:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x100000, 0x0, 0x0, 0x0)

12:48:04 executing program 7:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff000000000000000007"], 0x1c}], 0x1}, 0x0)
r1 = fork()
r2 = pidfd_open(r1, 0x0)
process_madvise(r2, 0x0, 0x0, 0x14, 0x0)

12:48:04 executing program 3:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x600000, 0x0, 0x0, 0x0)

12:48:04 executing program 1:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 68)

12:48:04 executing program 5:
syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000be000000000000be252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000000040)="22df1d0000000000000d00080005e20008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000011e00))
mkdirat(0xffffffffffffffff, &(0x7f0000000300)='./file0\x00', 0x8)

12:48:04 executing program 2:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0xc0ffff, 0x0, 0x0, 0x0)

12:48:04 executing program 0:
syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r0=>0x0, &(0x7f0000000380)=<r1=>0x0)
r2 = epoll_create(0x1)
syz_io_uring_submit(r0, r1, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r2, 0x0, 0x0}, 0x0)
io_uring_enter(0xffffffffffffffff, 0x4059, 0x0, 0x0, 0x0, 0x0)

[  861.854217] FAULT_INJECTION: forcing a failure.
[  861.854217] name failslab, interval 1, probability 0, space 0, times 0
[  861.856131] CPU: 1 PID: 6415 Comm: syz-executor.1 Not tainted 5.17.0-rc8-next-20220318 #1
[  861.857008] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  861.858192] Call Trace:
[  861.858462]  <TASK>
[  861.858700]  dump_stack_lvl+0x8b/0xb3
[  861.859130]  should_fail.cold+0x5/0xa
[  861.859537]  ? create_object.isra.0+0x3a/0xa20
[  861.860030]  should_failslab+0x5/0x10
[  861.860433]  kmem_cache_alloc+0x5b/0x480
[  861.860864]  create_object.isra.0+0x3a/0xa20
[  861.861330]  ? kasan_unpoison+0x23/0x50
[  861.861759]  __kmalloc+0x25b/0x440
[  861.862139]  memcg_list_lru_alloc+0x514/0xb10
[  861.862616]  ? memcg_reparent_list_lrus+0x8f0/0x8f0
[  861.863158]  ? kmem_cache_alloc_lru+0xe8/0x7c0
[  861.863655]  kmem_cache_alloc_lru+0x10e/0x7c0
[  861.864124]  ? __d_alloc+0x31/0x990
[  861.864510]  ? mqueue_get_tree+0x130/0x130
[  861.864956]  __d_alloc+0x31/0x990
[  861.865321]  ? mqueue_get_inode+0x27f/0xe20
[  861.865780]  ? mqueue_get_tree+0x130/0x130
[  861.866246]  d_make_root+0x45/0x110
[  861.866629]  mqueue_fill_super+0x137/0x200
[  861.867108]  get_tree_nodev+0xce/0x1d0
[  861.867523]  mqueue_get_tree+0xee/0x130
[  861.867959]  vfs_get_tree+0x8e/0x2f0
[  861.868384]  fc_mount+0x13/0xc0
[  861.868758]  mq_init_ns+0x43e/0x630
[  861.869176]  copy_ipcs+0x35e/0x5d0
[  861.869582]  ? copy_utsname+0xa9/0x4a0
[  861.870030]  create_new_namespaces+0x210/0xb30
[  861.870567]  copy_namespaces+0x391/0x450
[  861.871059]  copy_process+0x2ba5/0x6d10
[  861.871535]  ? __cleanup_sighand+0xb0/0xb0
[  861.872018]  ? lock_is_held_type+0xd7/0x130
[  861.872506]  ? find_held_lock+0x2c/0x110
[  861.872957]  ? kernel_clone+0xc4/0xa60
[  861.873400]  kernel_clone+0xe7/0xa60
[  861.873826]  ? create_io_thread+0xf0/0xf0
[  861.874284]  ? find_held_lock+0x2c/0x110
[  861.874754]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  861.875321]  ? bit_wait_io_timeout+0x160/0x160
[  861.875845]  __do_sys_clone+0xc8/0x110
[  861.876280]  ? __do_sys_vfork+0xd0/0xd0
[  861.876735]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  861.877361]  ? vfs_write+0x428/0xad0
[  861.877813]  ? syscall_enter_from_user_mode+0x1d/0x50
[  861.878397]  do_syscall_64+0x3b/0x90
[  861.878834]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  861.879431] RIP: 0033:0x7f71bf82bb19
[  861.879851] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  861.881953] RSP: 002b:00007f71bcda1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  861.882814] RAX: ffffffffffffffda RBX: 00007f71bf93ef60 RCX: 00007f71bf82bb19
[  861.883622] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  861.884433] RBP: 00007f71bcda11d0 R08: 0000000000000000 R09: 0000000000000000
[  861.885231] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  861.886025] R13: 00007ffdc313072f R14: 00007f71bcda1300 R15: 0000000000022000
[  861.886841]  </TASK>
[  861.903593] loop5: detected capacity change from 0 to 240
12:48:04 executing program 6:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 66)

12:48:04 executing program 3:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x80ffff, 0x0, 0x0, 0x0)

[  861.966825] FAULT_INJECTION: forcing a failure.
[  861.966825] name failslab, interval 1, probability 0, space 0, times 0
[  861.968188] CPU: 1 PID: 6426 Comm: syz-executor.6 Not tainted 5.17.0-rc8-next-20220318 #1
[  861.969052] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  861.970251] Call Trace:
[  861.970518]  <TASK>
[  861.970755]  dump_stack_lvl+0x8b/0xb3
[  861.971191]  should_fail.cold+0x5/0xa
[  861.971611]  ? create_object.isra.0+0x3a/0xa20
[  861.972103]  should_failslab+0x5/0x10
[  861.972503]  kmem_cache_alloc+0x5b/0x480
[  861.972933]  create_object.isra.0+0x3a/0xa20
[  861.973401]  ? kasan_unpoison+0x23/0x50
[  861.973852]  __kmalloc+0x25b/0x440
[  861.974227]  memcg_list_lru_alloc+0x23f/0xb10
[  861.974709]  ? lock_is_held_type+0xd7/0x130
[  861.975169]  ? memcg_reparent_list_lrus+0x8f0/0x8f0
[  861.975702]  ? kmem_cache_alloc_lru+0xe8/0x7c0
[  861.976224]  kmem_cache_alloc_lru+0x10e/0x7c0
[  861.976729]  ? __d_alloc+0x31/0x990
[  861.977147]  ? mqueue_get_tree+0x130/0x130
[  861.977626]  __d_alloc+0x31/0x990
[  861.978018]  ? mqueue_get_inode+0x27f/0xe20
[  861.978509]  ? mqueue_get_tree+0x130/0x130
[  861.978992]  d_make_root+0x45/0x110
[  861.979410]  mqueue_fill_super+0x137/0x200
[  861.979888]  get_tree_nodev+0xce/0x1d0
[  861.980338]  mqueue_get_tree+0xee/0x130
[  861.980787]  vfs_get_tree+0x8e/0x2f0
[  861.981217]  fc_mount+0x13/0xc0
[  861.981598]  mq_init_ns+0x43e/0x630
[  861.982016]  copy_ipcs+0x35e/0x5d0
[  861.982421]  ? copy_utsname+0xa9/0x4a0
[  861.982886]  create_new_namespaces+0x210/0xb30
[  861.983419]  copy_namespaces+0x391/0x450
[  861.983883]  copy_process+0x2ba5/0x6d10
[  861.984354]  ? __cleanup_sighand+0xb0/0xb0
[  861.984844]  ? lock_is_held_type+0xd7/0x130
[  861.985347]  ? find_held_lock+0x2c/0x110
[  861.985820]  ? kernel_clone+0xc4/0xa60
[  861.986282]  kernel_clone+0xe7/0xa60
[  861.986760]  ? create_io_thread+0xf0/0xf0
[  861.987277]  ? find_held_lock+0x2c/0x110
[  861.987784]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  861.988414]  ? bit_wait_io_timeout+0x160/0x160
[  861.988990]  __do_sys_clone+0xc8/0x110
[  861.989476]  ? __do_sys_vfork+0xd0/0xd0
[  861.989956]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  861.990622]  ? vfs_write+0x428/0xad0
[  861.991110]  ? syscall_enter_from_user_mode+0x1d/0x50
[  861.991762]  do_syscall_64+0x3b/0x90
[  861.992218]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  861.992868] RIP: 0033:0x7fa70862cb19
[  861.993317] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  861.995646] RSP: 002b:00007fa705ba2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  861.996566] RAX: ffffffffffffffda RBX: 00007fa70873ff60 RCX: 00007fa70862cb19
[  861.997462] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  861.998326] RBP: 00007fa705ba21d0 R08: 0000000000000000 R09: 0000000000000000
[  861.999229] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  862.000135] R13: 00007ffd6adb49ef R14: 00007fa705ba2300 R15: 0000000000022000
[  862.001037]  </TASK>
12:48:17 executing program 6:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 67)

12:48:17 executing program 4:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB], 0x1c}], 0x1}, 0x0)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
read(r0, &(0x7f00000001c0)=""/133, 0x85)

12:48:17 executing program 2:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0xf0ffff, 0x0, 0x0, 0x0)

12:48:17 executing program 1:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 69)

12:48:17 executing program 5:
syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000be000000000000be252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000000040)="22df1d0000000000000d00080005e20008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000011e00))
mkdirat(0xffffffffffffffff, &(0x7f0000000300)='./file0\x00', 0x8)

12:48:17 executing program 7:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r0 = fork()
r1 = pidfd_open(r0, 0x0)
process_madvise(r1, 0x0, 0x0, 0x14, 0x0)

12:48:17 executing program 0:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x0, 0x0, 0x0, 0x0, 0x0)

12:48:17 executing program 3:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0xc0ffff, 0x0, 0x0, 0x0)

[  875.659930] FAULT_INJECTION: forcing a failure.
[  875.659930] name failslab, interval 1, probability 0, space 0, times 0
[  875.662517] CPU: 0 PID: 6437 Comm: syz-executor.1 Not tainted 5.17.0-rc8-next-20220318 #1
[  875.664421] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  875.666972] Call Trace:
[  875.667589]  <TASK>
[  875.668105]  dump_stack_lvl+0x8b/0xb3
[  875.668997]  should_fail.cold+0x5/0xa
[  875.669896]  should_failslab+0x5/0x10
[  875.670775]  kmem_cache_alloc_lru+0x60/0x7c0
[  875.671823]  ? xas_alloc+0x35d/0x480
[  875.672695]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[  875.673890]  ? copy_process+0x2ba5/0x6d10
[  875.674858]  xas_alloc+0x35d/0x480
[  875.675716]  xas_create+0x35b/0x1030
[  875.676587]  ? lock_acquire+0x1b2/0x4d0
[  875.677515]  xas_store+0x90/0x1c40
[  875.678340]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  875.679631]  ? xas_start+0x156/0x520
[  875.680497]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  875.681752]  ? xas_load+0x66/0x2c0
[  875.682580]  memcg_list_lru_alloc+0x3c7/0xb10
[  875.683630]  ? memcg_reparent_list_lrus+0x8f0/0x8f0
[  875.684780]  ? kmem_cache_alloc_lru+0xe8/0x7c0
[  875.685850]  kmem_cache_alloc_lru+0x10e/0x7c0
[  875.686868]  ? __d_alloc+0x31/0x990
[  875.687723]  ? mqueue_get_tree+0x130/0x130
[  875.688696]  __d_alloc+0x31/0x990
[  875.689493]  ? mqueue_get_inode+0x27f/0xe20
[  875.690466]  ? mqueue_get_tree+0x130/0x130
[  875.691566]  d_make_root+0x45/0x110
[  875.692608]  mqueue_fill_super+0x137/0x200
[  875.693742]  get_tree_nodev+0xce/0x1d0
[  875.694813]  mqueue_get_tree+0xee/0x130
[  875.695904]  vfs_get_tree+0x8e/0x2f0
[  875.696927]  fc_mount+0x13/0xc0
[  875.697831]  mq_init_ns+0x43e/0x630
[  875.698830]  copy_ipcs+0x35e/0x5d0
[  875.699828]  ? copy_utsname+0xa9/0x4a0
[  875.700895]  create_new_namespaces+0x210/0xb30
[  875.702159]  copy_namespaces+0x391/0x450
[  875.703283]  copy_process+0x2ba5/0x6d10
[  875.704437]  ? __cleanup_sighand+0xb0/0xb0
[  875.705605]  ? lock_is_held_type+0xd7/0x130
[  875.706781]  ? find_held_lock+0x2c/0x110
[  875.707819]  ? kernel_clone+0xc4/0xa60
[  875.708721]  kernel_clone+0xe7/0xa60
[  875.709585]  ? create_io_thread+0xf0/0xf0
[  875.710530]  ? find_held_lock+0x2c/0x110
[  875.711484]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  875.712600]  ? bit_wait_io_timeout+0x160/0x160
[  875.713638]  __do_sys_clone+0xc8/0x110
[  875.714536]  ? __do_sys_vfork+0xd0/0xd0
[  875.715452]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  875.716703]  ? vfs_write+0x428/0xad0
12:48:17 executing program 0:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x0, 0x0, 0x0, 0x0, 0x0)

12:48:17 executing program 3:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0xf0ffff, 0x0, 0x0, 0x0)

12:48:17 executing program 0:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x0, 0x0, 0x0, 0x0, 0x0)

12:48:17 executing program 3:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x1000000, 0x0, 0x0, 0x0)

[  875.717573]  ? syscall_enter_from_user_mode+0x1d/0x50
[  875.718920]  do_syscall_64+0x3b/0x90
[  875.719789]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  875.720955] RIP: 0033:0x7f71bf82bb19
[  875.721798] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  875.725895] RSP: 002b:00007f71bcda1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  875.727617] RAX: ffffffffffffffda RBX: 00007f71bf93ef60 RCX: 00007f71bf82bb19
[  875.729220] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  875.730799] RBP: 00007f71bcda11d0 R08: 0000000000000000 R09: 0000000000000000
[  875.732397] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  875.733974] R13: 00007ffdc313072f R14: 00007f71bcda1300 R15: 0000000000022000
[  875.735587]  </TASK>
[  875.775911] FAULT_INJECTION: forcing a failure.
[  875.775911] name failslab, interval 1, probability 0, space 0, times 0
[  875.777224] CPU: 1 PID: 6458 Comm: syz-executor.6 Not tainted 5.17.0-rc8-next-20220318 #1
[  875.778120] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  875.779379] Call Trace:
[  875.779651]  <TASK>
[  875.779903]  dump_stack_lvl+0x8b/0xb3
[  875.780338]  should_fail.cold+0x5/0xa
[  875.780757]  ? memcg_list_lru_alloc+0x514/0xb10
[  875.781277]  should_failslab+0x5/0x10
[  875.781695]  __kmalloc+0x72/0x440
[  875.782083]  memcg_list_lru_alloc+0x514/0xb10
[  875.782589]  ? memcg_reparent_list_lrus+0x8f0/0x8f0
[  875.783160]  ? kmem_cache_alloc_lru+0xe8/0x7c0
[  875.783680]  kmem_cache_alloc_lru+0x10e/0x7c0
[  875.784174]  ? __d_alloc+0x31/0x990
[  875.784587]  ? mqueue_get_tree+0x130/0x130
[  875.785041]  __d_alloc+0x31/0x990
[  875.785429]  ? mqueue_get_inode+0x27f/0xe20
[  875.785905]  ? mqueue_get_tree+0x130/0x130
[  875.786380]  d_make_root+0x45/0x110
[  875.786785]  mqueue_fill_super+0x137/0x200
[  875.787258]  get_tree_nodev+0xce/0x1d0
[  875.787696]  mqueue_get_tree+0xee/0x130
[  875.788150]  vfs_get_tree+0x8e/0x2f0
[  875.788569]  fc_mount+0x13/0xc0
[  875.788943]  mq_init_ns+0x43e/0x630
[  875.789350]  copy_ipcs+0x35e/0x5d0
[  875.789728]  ? copy_utsname+0xa9/0x4a0
[  875.790171]  create_new_namespaces+0x210/0xb30
[  875.790696]  copy_namespaces+0x391/0x450
[  875.791159]  copy_process+0x2ba5/0x6d10
[  875.791213] loop5: detected capacity change from 0 to 240
[  875.791622]  ? __cleanup_sighand+0xb0/0xb0
[  875.791646]  ? lock_is_held_type+0xd7/0x130
[  875.793827]  ? find_held_lock+0x2c/0x110
[  875.794287]  ? kernel_clone+0xc4/0xa60
[  875.794718]  kernel_clone+0xe7/0xa60
[  875.795138]  ? create_io_thread+0xf0/0xf0
[  875.795608]  ? find_held_lock+0x2c/0x110
[  875.796070]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  875.796620]  ? bit_wait_io_timeout+0x160/0x160
[  875.797132]  __do_sys_clone+0xc8/0x110
[  875.797562]  ? __do_sys_vfork+0xd0/0xd0
[  875.798012]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  875.798624]  ? vfs_write+0x428/0xad0
[  875.799065]  ? syscall_enter_from_user_mode+0x1d/0x50
[  875.799641]  do_syscall_64+0x3b/0x90
[  875.800051]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  875.800618] RIP: 0033:0x7fa70862cb19
[  875.801012] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  875.803047] RSP: 002b:00007fa705ba2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  875.803884] RAX: ffffffffffffffda RBX: 00007fa70873ff60 RCX: 00007fa70862cb19
[  875.804671] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  875.805458] RBP: 00007fa705ba21d0 R08: 0000000000000000 R09: 0000000000000000
[  875.806241] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  875.807049] R13: 00007ffd6adb49ef R14: 00007fa705ba2300 R15: 0000000000022000
[  875.807849]  </TASK>
12:48:18 executing program 3:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x2000000, 0x0, 0x0, 0x0)

12:48:18 executing program 0:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0xf0ffff, 0x0, 0x0, 0x0)

12:48:18 executing program 2:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x1000000, 0x0, 0x0, 0x0)

12:48:18 executing program 3:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x20000000, 0x0, 0x0, 0x0)

12:48:32 executing program 2:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x2000000, 0x0, 0x0, 0x0)

12:48:32 executing program 4:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB], 0x1c}], 0x1}, 0x0)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
read(r0, &(0x7f00000001c0)=""/133, 0x85)

12:48:32 executing program 1:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 70)

12:48:32 executing program 0:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r0 = fork()
r1 = pidfd_open(r0, 0x0)
process_madvise(r1, 0x0, 0x0, 0x14, 0x0)

12:48:32 executing program 7:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = fork()
r1 = pidfd_open(r0, 0x0)
process_madvise(r1, 0x0, 0x0, 0x14, 0x0)

12:48:32 executing program 5:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000be000000000000be252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000000040)="22df1d0000000000000d00080005e20008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000011e00))
mkdirat(r0, 0x0, 0x8)

12:48:32 executing program 3:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0xffff8000, 0x0, 0x0, 0x0)

12:48:32 executing program 6:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 68)

[  890.749602] loop5: detected capacity change from 0 to 240
[  890.752906] FAULT_INJECTION: forcing a failure.
[  890.752906] name failslab, interval 1, probability 0, space 0, times 0
[  890.755180] CPU: 1 PID: 6496 Comm: syz-executor.1 Not tainted 5.17.0-rc8-next-20220318 #1
[  890.756828] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  890.759081] Call Trace:
[  890.759607]  <TASK>
[  890.760054]  dump_stack_lvl+0x8b/0xb3
[  890.760835]  should_fail.cold+0x5/0xa
[  890.761600]  ? create_object.isra.0+0x3a/0xa20
[  890.762521]  should_failslab+0x5/0x10
[  890.763286]  kmem_cache_alloc+0x5b/0x480
[  890.763736] FAULT_INJECTION: forcing a failure.
[  890.763736] name failslab, interval 1, probability 0, space 0, times 0
[  890.764112]  create_object.isra.0+0x3a/0xa20
[  890.767131]  ? kasan_unpoison+0x23/0x50
[  890.767958]  kmem_cache_alloc_lru+0x2d3/0x7c0
[  890.768853]  ? xas_alloc+0x35d/0x480
[  890.769605]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[  890.770654]  xas_alloc+0x35d/0x480
[  890.771391]  xas_create+0x35b/0x1030
[  890.772147]  ? lock_acquire+0x1b2/0x4d0
[  890.772958]  xas_store+0x90/0x1c40
[  890.773676]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  890.774768]  ? xas_start+0x156/0x520
[  890.775544]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  890.776640]  ? xas_load+0x66/0x2c0
[  890.777359]  memcg_list_lru_alloc+0x3c7/0xb10
[  890.778268]  ? memcg_reparent_list_lrus+0x8f0/0x8f0
[  890.779271]  ? kmem_cache_alloc_lru+0xe8/0x7c0
[  890.780203]  kmem_cache_alloc_lru+0x10e/0x7c0
[  890.781096]  ? __d_alloc+0x31/0x990
[  890.781831]  ? mqueue_get_tree+0x130/0x130
[  890.782681]  __d_alloc+0x31/0x990
[  890.783398]  ? mqueue_get_inode+0x27f/0xe20
[  890.784261]  ? mqueue_get_tree+0x130/0x130
[  890.785096]  d_make_root+0x45/0x110
[  890.785830]  mqueue_fill_super+0x137/0x200
[  890.786676]  get_tree_nodev+0xce/0x1d0
[  890.787486]  mqueue_get_tree+0xee/0x130
[  890.788287]  vfs_get_tree+0x8e/0x2f0
[  890.789044]  fc_mount+0x13/0xc0
[  890.789712]  mq_init_ns+0x43e/0x630
[  890.790452]  copy_ipcs+0x35e/0x5d0
[  890.791159]  ? copy_utsname+0xa9/0x4a0
[  890.791968]  create_new_namespaces+0x210/0xb30
[  890.792911]  copy_namespaces+0x391/0x450
[  890.793740]  copy_process+0x2ba5/0x6d10
[  890.794578]  ? __cleanup_sighand+0xb0/0xb0
[  890.795449]  ? lock_is_held_type+0xd7/0x130
[  890.796310]  ? find_held_lock+0x2c/0x110
[  890.797124]  ? kernel_clone+0xc4/0xa60
[  890.797908]  kernel_clone+0xe7/0xa60
[  890.798674]  ? create_io_thread+0xf0/0xf0
[  890.799511]  ? find_held_lock+0x2c/0x110
[  890.800333]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  890.801330]  ? bit_wait_io_timeout+0x160/0x160
[  890.802257]  __do_sys_clone+0xc8/0x110
[  890.803042]  ? __do_sys_vfork+0xd0/0xd0
[  890.803861]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  890.804969]  ? vfs_write+0x428/0xad0
[  890.805740]  ? syscall_enter_from_user_mode+0x1d/0x50
[  890.806778]  do_syscall_64+0x3b/0x90
[  890.807539]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  890.808580] RIP: 0033:0x7f71bf82bb19
[  890.809318] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  890.812886] RSP: 002b:00007f71bcda1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  890.814347] RAX: ffffffffffffffda RBX: 00007f71bf93ef60 RCX: 00007f71bf82bb19
[  890.815720] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  890.817094] RBP: 00007f71bcda11d0 R08: 0000000000000000 R09: 0000000000000000
[  890.818474] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  890.819850] R13: 00007ffdc313072f R14: 00007f71bcda1300 R15: 0000000000022000
[  890.821253]  </TASK>
[  890.821701] CPU: 0 PID: 6497 Comm: syz-executor.6 Not tainted 5.17.0-rc8-next-20220318 #1
[  890.823343] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  890.825531] Call Trace:
[  890.826029]  <TASK>
[  890.826467]  dump_stack_lvl+0x8b/0xb3
[  890.827247]  should_fail.cold+0x5/0xa
[  890.828015]  ? create_object.isra.0+0x3a/0xa20
[  890.828915]  should_failslab+0x5/0x10
[  890.829652]  kmem_cache_alloc+0x5b/0x480
[  890.830466]  create_object.isra.0+0x3a/0xa20
[  890.831360]  ? kasan_unpoison+0x23/0x50
[  890.832145]  __kmalloc+0x25b/0x440
[  890.832847]  memcg_list_lru_alloc+0x514/0xb10
[  890.833743]  ? memcg_reparent_list_lrus+0x8f0/0x8f0
[  890.834739]  ? kmem_cache_alloc_lru+0xe8/0x7c0
[  890.835681]  kmem_cache_alloc_lru+0x10e/0x7c0
[  890.836578]  ? __d_alloc+0x31/0x990
[  890.837314]  ? mqueue_get_tree+0x130/0x130
[  890.838153]  __d_alloc+0x31/0x990
[  890.838844]  ? mqueue_get_inode+0x27f/0xe20
[  890.839714]  ? mqueue_get_tree+0x130/0x130
[  890.840551]  d_make_root+0x45/0x110
[  890.841280]  mqueue_fill_super+0x137/0x200
[  890.842121]  get_tree_nodev+0xce/0x1d0
[  890.842906]  mqueue_get_tree+0xee/0x130
[  890.843717]  vfs_get_tree+0x8e/0x2f0
[  890.844470]  fc_mount+0x13/0xc0
[  890.845134]  mq_init_ns+0x43e/0x630
[  890.845866]  copy_ipcs+0x35e/0x5d0
[  890.846571]  ? copy_utsname+0xa9/0x4a0
[  890.847362]  create_new_namespaces+0x210/0xb30
[  890.848288]  copy_namespaces+0x391/0x450
[  890.849110]  copy_process+0x2ba5/0x6d10
[  890.849945]  ? __cleanup_sighand+0xb0/0xb0
[  890.850805]  ? lock_is_held_type+0xd7/0x130
[  890.851665]  ? find_held_lock+0x2c/0x110
[  890.852479]  ? kernel_clone+0xc4/0xa60
[  890.853269]  kernel_clone+0xe7/0xa60
[  890.854020]  ? create_io_thread+0xf0/0xf0
[  890.854834]  ? find_held_lock+0x2c/0x110
[  890.855664]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  890.856651]  ? bit_wait_io_timeout+0x160/0x160
[  890.857569]  __do_sys_clone+0xc8/0x110
[  890.858353]  ? __do_sys_vfork+0xd0/0xd0
[  890.859140]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  890.860246]  ? vfs_write+0x428/0xad0
[  890.861009]  ? syscall_enter_from_user_mode+0x1d/0x50
[  890.862017]  do_syscall_64+0x3b/0x90
[  890.862765]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  890.863809] RIP: 0033:0x7fa70862cb19
[  890.864546] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  890.868172] RSP: 002b:00007fa705ba2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  890.869676] RAX: ffffffffffffffda RBX: 00007fa70873ff60 RCX: 00007fa70862cb19
[  890.871082] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  890.872493] RBP: 00007fa705ba21d0 R08: 0000000000000000 R09: 0000000000000000
[  890.873896] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  890.875311] R13: 00007ffd6adb49ef R14: 00007fa705ba2300 R15: 0000000000022000
[  890.876740]  </TASK>
12:48:33 executing program 7:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = fork()
r1 = pidfd_open(r0, 0x0)
process_madvise(r1, 0x0, 0x0, 0x14, 0x0)

12:48:33 executing program 3:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0xffffc000, 0x0, 0x0, 0x0)

12:48:33 executing program 2:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x20000000, 0x0, 0x0, 0x0)

12:48:33 executing program 5:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000be000000000000be252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000000040)="22df1d0000000000000d00080005e20008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000011e00))
mkdirat(r0, 0x0, 0x8)

12:48:33 executing program 0:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = fork()
r1 = pidfd_open(r0, 0x0)
process_madvise(r1, 0x0, 0x0, 0x14, 0x0)

12:48:33 executing program 2:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0xffff8000, 0x0, 0x0, 0x0)

12:48:33 executing program 7:
r0 = fork()
r1 = pidfd_open(r0, 0x0)
process_madvise(r1, 0x0, 0x0, 0x14, 0x0)

12:48:33 executing program 3:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0xfffff000, 0x0, 0x0, 0x0)

12:48:33 executing program 1:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 71)

[  891.270963] FAULT_INJECTION: forcing a failure.
[  891.270963] name failslab, interval 1, probability 0, space 0, times 0
[  891.273536] CPU: 0 PID: 6534 Comm: syz-executor.1 Not tainted 5.17.0-rc8-next-20220318 #1
[  891.275211] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  891.277517] Call Trace:
[  891.278041]  <TASK>
[  891.278488]  dump_stack_lvl+0x8b/0xb3
[  891.279307]  should_fail.cold+0x5/0xa
[  891.280076]  ? create_object.isra.0+0x3a/0xa20
[  891.281005]  should_failslab+0x5/0x10
[  891.281765]  kmem_cache_alloc+0x5b/0x480
[  891.282593]  ? obj_cgroup_charge+0x247/0x740
[  891.283495]  create_object.isra.0+0x3a/0xa20
[  891.284384]  ? kasan_unpoison+0x23/0x50
[  891.285205]  kmem_cache_alloc_lru+0x2d3/0x7c0
[  891.286113]  ? __d_alloc+0x31/0x990
[  891.286849]  ? mqueue_get_tree+0x130/0x130
[  891.287725]  __d_alloc+0x31/0x990
[  891.288429]  ? mqueue_get_inode+0x27f/0xe20
[  891.289316]  ? mqueue_get_tree+0x130/0x130
[  891.290195]  d_make_root+0x45/0x110
[  891.290974]  mqueue_fill_super+0x137/0x200
[  891.291856]  get_tree_nodev+0xce/0x1d0
[  891.292678]  mqueue_get_tree+0xee/0x130
[  891.293494]  vfs_get_tree+0x8e/0x2f0
[  891.294243]  fc_mount+0x13/0xc0
[  891.294927]  mq_init_ns+0x43e/0x630
[  891.295676]  copy_ipcs+0x35e/0x5d0
[  891.296384]  ? copy_utsname+0xa9/0x4a0
[  891.297170]  create_new_namespaces+0x210/0xb30
[  891.298108]  copy_namespaces+0x391/0x450
[  891.298925]  copy_process+0x2ba5/0x6d10
[  891.299765]  ? __cleanup_sighand+0xb0/0xb0
[  891.300618]  ? lock_is_held_type+0xd7/0x130
[  891.301481]  ? find_held_lock+0x2c/0x110
[  891.302296]  ? kernel_clone+0xc4/0xa60
[  891.303088]  kernel_clone+0xe7/0xa60
[  891.303849]  ? create_io_thread+0xf0/0xf0
[  891.304685]  ? find_held_lock+0x2c/0x110
[  891.305501]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  891.306482]  ? bit_wait_io_timeout+0x160/0x160
[  891.307421]  __do_sys_clone+0xc8/0x110
[  891.308211]  ? __do_sys_vfork+0xd0/0xd0
[  891.309012]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  891.310110]  ? vfs_write+0x428/0xad0
[  891.310887]  ? syscall_enter_from_user_mode+0x1d/0x50
[  891.311929]  do_syscall_64+0x3b/0x90
[  891.312697]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  891.313729] RIP: 0033:0x7f71bf82bb19
[  891.314460] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  891.318113] RSP: 002b:00007f71bcda1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  891.319619] RAX: ffffffffffffffda RBX: 00007f71bf93ef60 RCX: 00007f71bf82bb19
[  891.321032] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  891.322437] RBP: 00007f71bcda11d0 R08: 0000000000000000 R09: 0000000000000000
[  891.323856] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  891.325259] R13: 00007ffdc313072f R14: 00007f71bcda1300 R15: 0000000000022000
[  891.326690]  </TASK>
12:48:48 executing program 6:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 69)

12:48:48 executing program 1:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 72)

12:48:48 executing program 3:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0xffffffff, 0x0, 0x0, 0x0)

12:48:48 executing program 5:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000be000000000000be252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000000040)="22df1d0000000000000d00080005e20008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000011e00))
mkdirat(r0, 0x0, 0x8)

12:48:48 executing program 2:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0xffffc000, 0x0, 0x0, 0x0)

12:48:48 executing program 0:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x2000000, 0x0, 0x0, 0x0)

12:48:48 executing program 4:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB], 0x1c}], 0x1}, 0x0)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
read(r0, &(0x7f00000001c0)=""/133, 0x85)

12:48:48 executing program 7:
fork()
r0 = pidfd_open(0x0, 0x0)
process_madvise(r0, 0x0, 0x0, 0x14, 0x0)

[  905.829072] FAULT_INJECTION: forcing a failure.
[  905.829072] name failslab, interval 1, probability 0, space 0, times 0
[  905.831409] CPU: 1 PID: 6551 Comm: syz-executor.1 Not tainted 5.17.0-rc8-next-20220318 #1
[  905.833061] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  905.835304] Call Trace:
[  905.835823]  <TASK>
[  905.836269]  dump_stack_lvl+0x8b/0xb3
[  905.837044]  should_fail.cold+0x5/0xa
[  905.837809]  ? alloc_vfsmnt+0x23/0x6b0
[  905.838592]  should_failslab+0x5/0x10
[  905.839349]  kmem_cache_alloc+0x5b/0x480
[  905.840185]  alloc_vfsmnt+0x23/0x6b0
[  905.840937]  vfs_create_mount+0x8b/0x5d0
[  905.841224] FAULT_INJECTION: forcing a failure.
[  905.841224] name failslab, interval 1, probability 0, space 0, times 0
[  905.841754]  fc_mount+0x98/0xc0
[  905.843600]  mq_init_ns+0x43e/0x630
[  905.844335]  copy_ipcs+0x35e/0x5d0
[  905.845047]  ? copy_utsname+0xa9/0x4a0
[  905.845833]  create_new_namespaces+0x210/0xb30
[  905.846758]  copy_namespaces+0x391/0x450
[  905.847583]  copy_process+0x2ba5/0x6d10
[  905.848411]  ? __cleanup_sighand+0xb0/0xb0
[  905.849265]  ? lock_is_held_type+0xd7/0x130
[  905.850122]  ? find_held_lock+0x2c/0x110
[  905.850938]  ? kernel_clone+0xc4/0xa60
[  905.851740]  kernel_clone+0xe7/0xa60
[  905.852493]  ? create_io_thread+0xf0/0xf0
[  905.853323]  ? find_held_lock+0x2c/0x110
[  905.854137]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  905.855121]  ? bit_wait_io_timeout+0x160/0x160
[  905.856053]  __do_sys_clone+0xc8/0x110
[  905.856839]  ? __do_sys_vfork+0xd0/0xd0
[  905.857640]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  905.858740]  ? vfs_write+0x428/0xad0
[  905.859528]  ? syscall_enter_from_user_mode+0x1d/0x50
[  905.860563]  do_syscall_64+0x3b/0x90
[  905.861314]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  905.862345] RIP: 0033:0x7f71bf82bb19
[  905.863090] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  905.866733] RSP: 002b:00007f71bcda1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  905.868241] RAX: ffffffffffffffda RBX: 00007f71bf93ef60 RCX: 00007f71bf82bb19
[  905.869646] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  905.871049] RBP: 00007f71bcda11d0 R08: 0000000000000000 R09: 0000000000000000
[  905.872479] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  905.873883] R13: 00007ffdc313072f R14: 00007f71bcda1300 R15: 0000000000022000
[  905.875314]  </TASK>
[  905.875780] CPU: 0 PID: 6557 Comm: syz-executor.6 Not tainted 5.17.0-rc8-next-20220318 #1
[  905.876668] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  905.877885] Call Trace:
[  905.878164]  <TASK>
[  905.878403]  dump_stack_lvl+0x8b/0xb3
[  905.878830]  should_fail.cold+0x5/0xa
[  905.879252]  should_failslab+0x5/0x10
[  905.879681]  kmem_cache_alloc_lru+0x60/0x7c0
[  905.880162]  ? xas_alloc+0x35d/0x480
[  905.880582]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[  905.881155]  ? copy_process+0x2ba5/0x6d10
[  905.881619]  xas_alloc+0x35d/0x480
[  905.881657] loop5: detected capacity change from 0 to 240
[  905.882011]  xas_create+0x35b/0x1030
[  905.883499]  ? lock_acquire+0x1b2/0x4d0
[  905.883932]  xas_store+0x90/0x1c40
[  905.884318]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  905.884910]  ? xas_start+0x156/0x520
[  905.885319]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  905.885911]  ? xas_load+0x66/0x2c0
[  905.886307]  memcg_list_lru_alloc+0x3c7/0xb10
[  905.886803]  ? memcg_reparent_list_lrus+0x8f0/0x8f0
[  905.887340]  ? kmem_cache_alloc_lru+0xe8/0x7c0
[  905.887850]  kmem_cache_alloc_lru+0x10e/0x7c0
[  905.888336]  ? __d_alloc+0x31/0x990
[  905.888739]  ? mqueue_get_tree+0x130/0x130
[  905.889203]  __d_alloc+0x31/0x990
[  905.889579]  ? mqueue_get_inode+0x27f/0xe20
[  905.890038]  ? mqueue_get_tree+0x130/0x130
[  905.890495]  d_make_root+0x45/0x110
[  905.890883]  mqueue_fill_super+0x137/0x200
[  905.891344]  get_tree_nodev+0xce/0x1d0
[  905.891788]  mqueue_get_tree+0xee/0x130
[  905.892224]  vfs_get_tree+0x8e/0x2f0
[  905.892635]  fc_mount+0x13/0xc0
[  905.892993]  mq_init_ns+0x43e/0x630
[  905.893391]  copy_ipcs+0x35e/0x5d0
[  905.893771]  ? copy_utsname+0xa9/0x4a0
[  905.894201]  create_new_namespaces+0x210/0xb30
[  905.894719]  copy_namespaces+0x391/0x450
[  905.895166]  copy_process+0x2ba5/0x6d10
[  905.895625]  ? __cleanup_sighand+0xb0/0xb0
[  905.896083]  ? lock_is_held_type+0xd7/0x130
[  905.896550]  ? find_held_lock+0x2c/0x110
[  905.896990]  ? kernel_clone+0xc4/0xa60
[  905.897424]  kernel_clone+0xe7/0xa60
[  905.897833]  ? create_io_thread+0xf0/0xf0
[  905.898282]  ? find_held_lock+0x2c/0x110
[  905.898721]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  905.899258]  ? bit_wait_io_timeout+0x160/0x160
[  905.899762]  __do_sys_clone+0xc8/0x110
[  905.900182]  ? __do_sys_vfork+0xd0/0xd0
[  905.900619]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  905.901212]  ? vfs_write+0x428/0xad0
[  905.901631]  ? syscall_enter_from_user_mode+0x1d/0x50
[  905.902190]  do_syscall_64+0x3b/0x90
[  905.902602]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  905.903166] RIP: 0033:0x7fa70862cb19
[  905.903579] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  905.905557] RSP: 002b:00007fa705ba2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  905.906362] RAX: ffffffffffffffda RBX: 00007fa70873ff60 RCX: 00007fa70862cb19
[  905.907104] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  905.907872] RBP: 00007fa705ba21d0 R08: 0000000000000000 R09: 0000000000000000
[  905.908623] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  905.909381] R13: 00007ffd6adb49ef R14: 00007fa705ba2300 R15: 0000000000022000
[  905.910145]  </TASK>
12:48:48 executing program 6:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 70)

[  905.965175] FAULT_INJECTION: forcing a failure.
[  905.965175] name failslab, interval 1, probability 0, space 0, times 0
[  905.966347] CPU: 0 PID: 6564 Comm: syz-executor.6 Not tainted 5.17.0-rc8-next-20220318 #1
[  905.967206] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  905.968415] Call Trace:
[  905.968681]  <TASK>
[  905.968918]  dump_stack_lvl+0x8b/0xb3
[  905.969335]  should_fail.cold+0x5/0xa
[  905.969733]  ? create_object.isra.0+0x3a/0xa20
[  905.970224]  should_failslab+0x5/0x10
[  905.970625]  kmem_cache_alloc+0x5b/0x480
[  905.971057]  create_object.isra.0+0x3a/0xa20
[  905.971529]  ? kasan_unpoison+0x23/0x50
[  905.971951]  kmem_cache_alloc_lru+0x2d3/0x7c0
[  905.972420]  ? xas_alloc+0x35d/0x480
[  905.972815]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[  905.973376]  xas_alloc+0x35d/0x480
[  905.973755]  xas_create+0x35b/0x1030
[  905.974147]  ? lock_acquire+0x1b2/0x4d0
[  905.974578]  xas_store+0x90/0x1c40
[  905.974955]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  905.975561]  ? xas_start+0x156/0x520
[  905.975974]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[  905.976553]  ? xas_load+0x66/0x2c0
[  905.976948]  memcg_list_lru_alloc+0x3c7/0xb10
[  905.977441]  ? memcg_reparent_list_lrus+0x8f0/0x8f0
[  905.977967]  ? kmem_cache_alloc_lru+0xe8/0x7c0
[  905.978477]  kmem_cache_alloc_lru+0x10e/0x7c0
[  905.978943]  ? __d_alloc+0x31/0x990
[  905.979340]  ? mqueue_get_tree+0x130/0x130
[  905.979806]  __d_alloc+0x31/0x990
[  905.980187]  ? mqueue_get_inode+0x27f/0xe20
[  905.980652]  ? mqueue_get_tree+0x130/0x130
[  905.981101]  d_make_root+0x45/0x110
[  905.981501]  mqueue_fill_super+0x137/0x200
[  905.981950]  get_tree_nodev+0xce/0x1d0
[  905.982386]  mqueue_get_tree+0xee/0x130
[  905.982813]  vfs_get_tree+0x8e/0x2f0
[  905.983219]  fc_mount+0x13/0xc0
[  905.983590]  mq_init_ns+0x43e/0x630
[  905.983985]  copy_ipcs+0x35e/0x5d0
[  905.984365]  ? copy_utsname+0xa9/0x4a0
[  905.984795]  create_new_namespaces+0x210/0xb30
[  905.985298]  copy_namespaces+0x391/0x450
[  905.985743]  copy_process+0x2ba5/0x6d10
[  905.986180]  ? __cleanup_sighand+0xb0/0xb0
[  905.986647]  ? lock_is_held_type+0xd7/0x130
[  905.987095]  ? find_held_lock+0x2c/0x110
[  905.987552]  ? kernel_clone+0xc4/0xa60
[  905.987976]  kernel_clone+0xe7/0xa60
[  905.988378]  ? create_io_thread+0xf0/0xf0
[  905.988830]  ? find_held_lock+0x2c/0x110
[  905.989271]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  905.989803]  ? bit_wait_io_timeout+0x160/0x160
[  905.990297]  __do_sys_clone+0xc8/0x110
[  905.990725]  ? __do_sys_vfork+0xd0/0xd0
[  905.991152]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  905.991762]  ? vfs_write+0x428/0xad0
[  905.992177]  ? syscall_enter_from_user_mode+0x1d/0x50
[  905.992736]  do_syscall_64+0x3b/0x90
[  905.993138]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  905.993699] RIP: 0033:0x7fa70862cb19
[  905.994097] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  905.996075] RSP: 002b:00007fa705ba2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  905.996882] RAX: ffffffffffffffda RBX: 00007fa70873ff60 RCX: 00007fa70862cb19
[  905.997643] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  905.998399] RBP: 00007fa705ba21d0 R08: 0000000000000000 R09: 0000000000000000
[  905.999154] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  905.999919] R13: 00007ffd6adb49ef R14: 00007fa705ba2300 R15: 0000000000022000
[  906.000693]  </TASK>
12:48:48 executing program 0:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB], 0x1c}], 0x1}, 0x0)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
read(r0, &(0x7f00000001c0)=""/133, 0x85)

12:48:48 executing program 5:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000be000000000000be252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000000040)="22df1d0000000000000d00080005e20008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000011e00))
mkdirat(r0, &(0x7f0000000300)='./file0\x00', 0x0)

12:48:48 executing program 3:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x2, 0x0, 0x0)

12:48:48 executing program 2:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0xfffff000, 0x0, 0x0, 0x0)

12:48:48 executing program 7:
fork()
r0 = pidfd_open(0x0, 0x0)
process_madvise(r0, 0x0, 0x0, 0x14, 0x0)

12:48:48 executing program 1:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 73)

[  906.116081] loop5: detected capacity change from 0 to 240
[  906.121830] FAULT_INJECTION: forcing a failure.
[  906.121830] name failslab, interval 1, probability 0, space 0, times 0
[  906.123057] CPU: 0 PID: 6576 Comm: syz-executor.1 Not tainted 5.17.0-rc8-next-20220318 #1
[  906.123928] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  906.125124] Call Trace:
[  906.125399]  <TASK>
[  906.125642]  dump_stack_lvl+0x8b/0xb3
[  906.126052]  should_fail.cold+0x5/0xa
[  906.126457]  ? create_object.isra.0+0x3a/0xa20
[  906.126941]  should_failslab+0x5/0x10
[  906.127352]  kmem_cache_alloc+0x5b/0x480
[  906.127793]  ? obj_cgroup_charge+0x247/0x740
[  906.128263]  create_object.isra.0+0x3a/0xa20
[  906.128723]  ? kasan_unpoison+0x23/0x50
[  906.129148]  kmem_cache_alloc+0x239/0x480
[  906.129596]  alloc_vfsmnt+0x23/0x6b0
[  906.129992]  vfs_create_mount+0x8b/0x5d0
[  906.130428]  fc_mount+0x98/0xc0
[  906.130785]  mq_init_ns+0x43e/0x630
[  906.131172]  copy_ipcs+0x35e/0x5d0
[  906.131561]  ? copy_utsname+0xa9/0x4a0
[  906.131977]  create_new_namespaces+0x210/0xb30
[  906.132476]  copy_namespaces+0x391/0x450
[  906.132912]  copy_process+0x2ba5/0x6d10
[  906.133358]  ? __cleanup_sighand+0xb0/0xb0
[  906.133810]  ? lock_is_held_type+0xd7/0x130
[  906.134277]  ? find_held_lock+0x2c/0x110
[  906.134721]  ? kernel_clone+0xc4/0xa60
[  906.135157]  kernel_clone+0xe7/0xa60
[  906.135584]  ? create_io_thread+0xf0/0xf0
[  906.136035]  ? find_held_lock+0x2c/0x110
[  906.136488]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  906.137032]  ? bit_wait_io_timeout+0x160/0x160
[  906.137538]  __do_sys_clone+0xc8/0x110
[  906.137965]  ? __do_sys_vfork+0xd0/0xd0
[  906.138405]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  906.139001]  ? vfs_write+0x428/0xad0
[  906.139415]  ? syscall_enter_from_user_mode+0x1d/0x50
[  906.139976]  do_syscall_64+0x3b/0x90
[  906.140389]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  906.140956] RIP: 0033:0x7f71bf82bb19
[  906.141358] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  906.143355] RSP: 002b:00007f71bcda1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  906.144191] RAX: ffffffffffffffda RBX: 00007f71bf93ef60 RCX: 00007f71bf82bb19
[  906.144981] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  906.145753] RBP: 00007f71bcda11d0 R08: 0000000000000000 R09: 0000000000000000
[  906.146534] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  906.147316] R13: 00007ffdc313072f R14: 00007f71bcda1300 R15: 0000000000022000
[  906.148113]  </TASK>
12:48:48 executing program 6:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 71)

[  906.188225] FAULT_INJECTION: forcing a failure.
[  906.188225] name failslab, interval 1, probability 0, space 0, times 0
[  906.189693] CPU: 0 PID: 6583 Comm: syz-executor.6 Not tainted 5.17.0-rc8-next-20220318 #1
[  906.190574] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  906.191811] Call Trace:
[  906.192088]  <TASK>
[  906.192327]  dump_stack_lvl+0x8b/0xb3
[  906.192749]  should_fail.cold+0x5/0xa
[  906.193160]  ? create_object.isra.0+0x3a/0xa20
[  906.193665]  should_failslab+0x5/0x10
[  906.194078]  kmem_cache_alloc+0x5b/0x480
[  906.194525]  create_object.isra.0+0x3a/0xa20
[  906.195005]  ? kasan_unpoison+0x23/0x50
[  906.195444]  __kmalloc+0x25b/0x440
[  906.195859]  memcg_list_lru_alloc+0x514/0xb10
[  906.196358]  ? memcg_reparent_list_lrus+0x8f0/0x8f0
[  906.196894]  ? kmem_cache_alloc_lru+0xe8/0x7c0
[  906.197405]  kmem_cache_alloc_lru+0x10e/0x7c0
[  906.197887]  ? __d_alloc+0x31/0x990
[  906.198291]  ? mqueue_get_tree+0x130/0x130
[  906.198751]  __d_alloc+0x31/0x990
[  906.199128]  ? mqueue_get_inode+0x27f/0xe20
[  906.199588]  ? mqueue_get_tree+0x130/0x130
[  906.200047]  d_make_root+0x45/0x110
[  906.200443]  mqueue_fill_super+0x137/0x200
[  906.200899]  get_tree_nodev+0xce/0x1d0
[  906.201327]  mqueue_get_tree+0xee/0x130
[  906.201753]  vfs_get_tree+0x8e/0x2f0
[  906.202162]  fc_mount+0x13/0xc0
[  906.202521]  mq_init_ns+0x43e/0x630
[  906.202916]  copy_ipcs+0x35e/0x5d0
[  906.203304]  ? copy_utsname+0xa9/0x4a0
[  906.203726]  create_new_namespaces+0x210/0xb30
[  906.204227]  copy_namespaces+0x391/0x450
[  906.204659]  copy_process+0x2ba5/0x6d10
[  906.205111]  ? __cleanup_sighand+0xb0/0xb0
[  906.205560]  ? lock_is_held_type+0xd7/0x130
[  906.206017]  ? find_held_lock+0x2c/0x110
[  906.206460]  ? kernel_clone+0xc4/0xa60
[  906.206882]  kernel_clone+0xe7/0xa60
[  906.207287]  ? create_io_thread+0xf0/0xf0
[  906.207744]  ? find_held_lock+0x2c/0x110
[  906.208192]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  906.208705]  ? bit_wait_io_timeout+0x160/0x160
[  906.209206]  __do_sys_clone+0xc8/0x110
[  906.209617]  ? __do_sys_vfork+0xd0/0xd0
[  906.210050]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  906.210626]  ? vfs_write+0x428/0xad0
[  906.211041]  ? syscall_enter_from_user_mode+0x1d/0x50
[  906.211592]  do_syscall_64+0x3b/0x90
[  906.212004]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  906.212549] RIP: 0033:0x7fa70862cb19
[  906.212952] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  906.214958] RSP: 002b:00007fa705ba2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  906.215774] RAX: ffffffffffffffda RBX: 00007fa70873ff60 RCX: 00007fa70862cb19
[  906.216514] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  906.217255] RBP: 00007fa705ba21d0 R08: 0000000000000000 R09: 0000000000000000
[  906.217987] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  906.218742] R13: 00007ffd6adb49ef R14: 00007fa705ba2300 R15: 0000000000022000
[  906.219511]  </TASK>
12:49:03 executing program 3:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x10, 0x0, 0x0)

12:49:03 executing program 7:
fork()
r0 = pidfd_open(0x0, 0x0)
process_madvise(r0, 0x0, 0x0, 0x14, 0x0)

12:49:03 executing program 2:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0xffffffff, 0x0, 0x0, 0x0)

12:49:03 executing program 5:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x2000000, 0x0, 0x0, 0x0)

12:49:03 executing program 1:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 74)

12:49:03 executing program 0:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff000000000000000007"], 0x1c}], 0x1}, 0x0)
r1 = fork()
r2 = pidfd_open(r1, 0x0)
process_madvise(r2, 0x0, 0x0, 0x14, 0x0)

[  920.782622] FAULT_INJECTION: forcing a failure.
[  920.782622] name failslab, interval 1, probability 0, space 0, times 0
12:49:03 executing program 4:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff00"], 0x1c}], 0x1}, 0x0)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
read(r0, &(0x7f00000001c0)=""/133, 0x85)

12:49:03 executing program 6:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 72)

[  920.785276] CPU: 1 PID: 6599 Comm: syz-executor.1 Not tainted 5.17.0-rc8-next-20220318 #1
[  920.787331] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  920.790149] Call Trace:
[  920.790678]  <TASK>
[  920.791211]  dump_stack_lvl+0x8b/0xb3
[  920.792104]  should_fail.cold+0x5/0xa
[  920.792958]  ? create_object.isra.0+0x3a/0xa20
[  920.794006]  should_failslab+0x5/0x10
[  920.794829]  kmem_cache_alloc+0x5b/0x480
[  920.794980] FAULT_INJECTION: forcing a failure.
[  920.794980] name failslab, interval 1, probability 0, space 0, times 0
[  920.795764]  create_object.isra.0+0x3a/0xa20
[  920.798967]  kmemleak_alloc_percpu+0xa0/0x100
[  920.799966]  pcpu_alloc+0x7bf/0x1060
[  920.800776]  alloc_vfsmnt+0xfd/0x6b0
[  920.801568]  vfs_create_mount+0x8b/0x5d0
[  920.802429]  fc_mount+0x98/0xc0
[  920.803118]  mq_init_ns+0x43e/0x630
[  920.803919]  copy_ipcs+0x35e/0x5d0
[  920.804644]  ? copy_utsname+0xa9/0x4a0
[  920.805485]  create_new_namespaces+0x210/0xb30
[  920.806449]  copy_namespaces+0x391/0x450
[  920.807316]  copy_process+0x2ba5/0x6d10
[  920.808193]  ? __cleanup_sighand+0xb0/0xb0
[  920.809087]  ? lock_is_held_type+0xd7/0x130
[  920.809973]  ? find_held_lock+0x2c/0x110
[  920.810814]  ? kernel_clone+0xc4/0xa60
[  920.811613]  kernel_clone+0xe7/0xa60
[  920.812400]  ? create_io_thread+0xf0/0xf0
[  920.813269]  ? find_held_lock+0x2c/0x110
[  920.814114]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  920.815269]  ? bit_wait_io_timeout+0x160/0x160
[  920.816538]  __do_sys_clone+0xc8/0x110
[  920.817589]  ? __do_sys_vfork+0xd0/0xd0
[  920.818659]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  920.820098]  ? vfs_write+0x428/0xad0
[  920.820871]  ? syscall_enter_from_user_mode+0x1d/0x50
[  920.821913]  do_syscall_64+0x3b/0x90
[  920.822678]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  920.823745] RIP: 0033:0x7f71bf82bb19
[  920.824509] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  920.828219] RSP: 002b:00007f71bcda1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  920.829731] RAX: ffffffffffffffda RBX: 00007f71bf93ef60 RCX: 00007f71bf82bb19
[  920.831172] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  920.832609] RBP: 00007f71bcda11d0 R08: 0000000000000000 R09: 0000000000000000
[  920.834034] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  920.835445] R13: 00007ffdc313072f R14: 00007f71bcda1300 R15: 0000000000022000
[  920.836890]  </TASK>
[  920.837373] CPU: 0 PID: 6608 Comm: syz-executor.6 Not tainted 5.17.0-rc8-next-20220318 #1
[  920.838982] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  920.841197] Call Trace:
[  920.841693]  <TASK>
[  920.842134]  dump_stack_lvl+0x8b/0xb3
[  920.842923]  should_fail.cold+0x5/0xa
[  920.843693]  ? alloc_vfsmnt+0x23/0x6b0
[  920.844479]  should_failslab+0x5/0x10
[  920.845239]  kmem_cache_alloc+0x5b/0x480
[  920.846064]  alloc_vfsmnt+0x23/0x6b0
[  920.846803]  vfs_create_mount+0x8b/0x5d0
[  920.847623]  fc_mount+0x98/0xc0
[  920.848299]  mq_init_ns+0x43e/0x630
[  920.849030]  copy_ipcs+0x35e/0x5d0
[  920.849730]  ? copy_utsname+0xa9/0x4a0
[  920.850514]  create_new_namespaces+0x210/0xb30
[  920.851437]  copy_namespaces+0x391/0x450
[  920.852256]  copy_process+0x2ba5/0x6d10
[  920.853085]  ? __cleanup_sighand+0xb0/0xb0
[  920.853975]  ? lock_is_held_type+0xd7/0x130
[  920.854842]  ? find_held_lock+0x2c/0x110
[  920.855659]  ? kernel_clone+0xc4/0xa60
[  920.856453]  kernel_clone+0xe7/0xa60
[  920.857219]  ? create_io_thread+0xf0/0xf0
[  920.858054]  ? find_held_lock+0x2c/0x110
[  920.858875]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  920.859891]  ? bit_wait_io_timeout+0x160/0x160
[  920.860816]  __do_sys_clone+0xc8/0x110
[  920.861617]  ? __do_sys_vfork+0xd0/0xd0
[  920.862423]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  920.863533]  ? vfs_write+0x428/0xad0
[  920.864306]  ? syscall_enter_from_user_mode+0x1d/0x50
[  920.865330]  do_syscall_64+0x3b/0x90
[  920.866077]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  920.867102] RIP: 0033:0x7fa70862cb19
[  920.867857] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  920.871481] RSP: 002b:00007fa705ba2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  920.872981] RAX: ffffffffffffffda RBX: 00007fa70873ff60 RCX: 00007fa70862cb19
[  920.874387] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  920.875797] RBP: 00007fa705ba21d0 R08: 0000000000000000 R09: 0000000000000000
[  920.877198] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  920.878600] R13: 00007ffd6adb49ef R14: 00007fa705ba2300 R15: 0000000000022000
[  920.880027]  </TASK>
12:49:03 executing program 0:
fork()
r0 = pidfd_open(0x0, 0x0)
process_madvise(r0, 0x0, 0x0, 0x14, 0x0)

12:49:03 executing program 2:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x2, 0x0, 0x0)

12:49:03 executing program 4:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff00"], 0x1c}], 0x1}, 0x0)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
read(r0, &(0x7f00000001c0)=""/133, 0x85)

12:49:03 executing program 5:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff00"], 0x1c}], 0x1}, 0x0)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
read(r0, &(0x7f00000001c0)=""/133, 0x85)

12:49:03 executing program 1:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 75)

12:49:03 executing program 6:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 73)

12:49:03 executing program 3:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x60, 0x0, 0x0)

12:49:03 executing program 7:
r0 = fork()
pidfd_open(r0, 0x0)
process_madvise(0xffffffffffffffff, 0x0, 0x0, 0x14, 0x0)

[  921.153611] FAULT_INJECTION: forcing a failure.
[  921.153611] name failslab, interval 1, probability 0, space 0, times 0
[  921.156272] CPU: 1 PID: 6632 Comm: syz-executor.6 Not tainted 5.17.0-rc8-next-20220318 #1
[  921.158124] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  921.160632] Call Trace:
[  921.161224]  <TASK>
[  921.161736]  dump_stack_lvl+0x8b/0xb3
[  921.162650]  should_fail.cold+0x5/0xa
[  921.163548]  ? create_object.isra.0+0x3a/0xa20
[  921.164629]  should_failslab+0x5/0x10
[  921.165499]  kmem_cache_alloc+0x5b/0x480
[  921.166443]  ? obj_cgroup_charge+0x247/0x740
[  921.167468]  create_object.isra.0+0x3a/0xa20
[  921.168491]  ? kasan_unpoison+0x23/0x50
[  921.169416]  kmem_cache_alloc+0x239/0x480
[  921.170384]  alloc_vfsmnt+0x23/0x6b0
[  921.171257]  vfs_create_mount+0x8b/0x5d0
[  921.172226]  fc_mount+0x98/0xc0
[  921.172999]  mq_init_ns+0x43e/0x630
[  921.173840]  copy_ipcs+0x35e/0x5d0
[  921.174678]  ? copy_utsname+0xa9/0x4a0
[  921.175779]  create_new_namespaces+0x210/0xb30
[  921.176856]  copy_namespaces+0x391/0x450
[  921.177809]  copy_process+0x2ba5/0x6d10
[  921.178777]  ? __cleanup_sighand+0xb0/0xb0
[  921.179781]  ? lock_is_held_type+0xd7/0x130
[  921.180771]  ? find_held_lock+0x2c/0x110
[  921.181696]  ? kernel_clone+0xc4/0xa60
[  921.182576]  kernel_clone+0xe7/0xa60
[  921.183458]  ? create_io_thread+0xf0/0xf0
[  921.184445]  ? find_held_lock+0x2c/0x110
[  921.185300]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  921.186293]  ? bit_wait_io_timeout+0x160/0x160
[  921.187240]  __do_sys_clone+0xc8/0x110
[  921.187256] FAULT_INJECTION: forcing a failure.
[  921.187256] name failslab, interval 1, probability 0, space 0, times 0
[  921.188058]  ? __do_sys_vfork+0xd0/0xd0
[  921.190708]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  921.191861]  ? vfs_write+0x428/0xad0
[  921.192651]  ? syscall_enter_from_user_mode+0x1d/0x50
[  921.193714]  do_syscall_64+0x3b/0x90
[  921.194482]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  921.195529] RIP: 0033:0x7fa70862cb19
[  921.196300] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  921.199937] RSP: 002b:00007fa705ba2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  921.201441] RAX: ffffffffffffffda RBX: 00007fa70873ff60 RCX: 00007fa70862cb19
[  921.202844] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  921.204283] RBP: 00007fa705ba21d0 R08: 0000000000000000 R09: 0000000000000000
[  921.205682] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  921.207091] R13: 00007ffd6adb49ef R14: 00007fa705ba2300 R15: 0000000000022000
[  921.208524]  </TASK>
[  921.208987] CPU: 0 PID: 6636 Comm: syz-executor.1 Not tainted 5.17.0-rc8-next-20220318 #1
[  921.210345] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  921.212200] Call Trace:
[  921.212621]  <TASK>
[  921.212971]  dump_stack_lvl+0x8b/0xb3
[  921.213609]  should_fail.cold+0x5/0xa
[  921.214234]  ? create_object.isra.0+0x3a/0xa20
[  921.214996]  should_failslab+0x5/0x10
[  921.215637]  kmem_cache_alloc+0x5b/0x480
[  921.216319]  create_object.isra.0+0x3a/0xa20
[  921.217039]  kmemleak_alloc_percpu+0xa0/0x100
[  921.217786]  pcpu_alloc+0x7bf/0x1060
[  921.218446]  alloc_vfsmnt+0xfd/0x6b0
[  921.219088]  vfs_create_mount+0x8b/0x5d0
[  921.219806]  fc_mount+0x98/0xc0
[  921.220366]  mq_init_ns+0x43e/0x630
[  921.220994]  copy_ipcs+0x35e/0x5d0
[  921.221599]  ? copy_utsname+0xa9/0x4a0
[  921.222265]  create_new_namespaces+0x210/0xb30
[  921.223052]  copy_namespaces+0x391/0x450
[  921.223759]  copy_process+0x2ba5/0x6d10
[  921.224473]  ? __cleanup_sighand+0xb0/0xb0
[  921.225196]  ? lock_is_held_type+0xd7/0x130
[  921.225923]  ? find_held_lock+0x2c/0x110
[  921.226611]  ? kernel_clone+0xc4/0xa60
[  921.227270]  kernel_clone+0xe7/0xa60
[  921.227927]  ? create_io_thread+0xf0/0xf0
[  921.228639]  ? find_held_lock+0x2c/0x110
[  921.229330]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  921.230174]  ? bit_wait_io_timeout+0x160/0x160
[  921.230960]  __do_sys_clone+0xc8/0x110
[  921.231616]  ? __do_sys_vfork+0xd0/0xd0
[  921.232306]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  921.233216]  ? vfs_write+0x428/0xad0
[  921.233849]  ? syscall_enter_from_user_mode+0x1d/0x50
[  921.234727]  do_syscall_64+0x3b/0x90
[  921.235350]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  921.236206] RIP: 0033:0x7f71bf82bb19
[  921.236817] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  921.239907] RSP: 002b:00007f71bcda1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  921.241178] RAX: ffffffffffffffda RBX: 00007f71bf93ef60 RCX: 00007f71bf82bb19
[  921.242373] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  921.243576] RBP: 00007f71bcda11d0 R08: 0000000000000000 R09: 0000000000000000
[  921.244773] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  921.245976] R13: 00007ffdc313072f R14: 00007f71bcda1300 R15: 0000000000022000
[  921.247166]  </TASK>
[  921.257119] cgroup: fork rejected by pids controller in /syz7
12:49:03 executing program 2:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x10, 0x0, 0x0)

12:49:03 executing program 5:
fork()
r0 = pidfd_open(0x0, 0x0)
process_madvise(r0, 0x0, 0x0, 0x14, 0x0)

12:49:03 executing program 4:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff00"], 0x1c}], 0x1}, 0x0)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
read(r0, &(0x7f00000001c0)=""/133, 0x85)

12:49:03 executing program 0:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff00"], 0x1c}], 0x1}, 0x0)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
read(r0, &(0x7f00000001c0)=""/133, 0x85)

12:49:03 executing program 3:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0xf0, 0x0, 0x0)

12:49:03 executing program 7:
r0 = fork()
pidfd_open(r0, 0x0)
process_madvise(0xffffffffffffffff, 0x0, 0x0, 0x14, 0x0)

12:49:03 executing program 2:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x60, 0x0, 0x0)

12:49:03 executing program 4:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff0000000000"], 0x1c}], 0x1}, 0x0)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
read(r0, &(0x7f00000001c0)=""/133, 0x85)

12:49:03 executing program 5:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[], 0x1c}], 0x1}, 0x0)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
read(r0, &(0x7f00000001c0)=""/133, 0x85)

12:49:03 executing program 0:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[], 0x1c}], 0x1}, 0x0)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
read(r0, &(0x7f00000001c0)=""/133, 0x85)

12:49:03 executing program 3:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x2000, 0x0, 0x0)

12:49:03 executing program 1:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 76)

[  921.650833] FAULT_INJECTION: forcing a failure.
[  921.650833] name failslab, interval 1, probability 0, space 0, times 0
[  921.652259] CPU: 1 PID: 6671 Comm: syz-executor.1 Not tainted 5.17.0-rc8-next-20220318 #1
[  921.653212] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  921.654510] Call Trace:
[  921.654808]  <TASK>
[  921.655060]  dump_stack_lvl+0x8b/0xb3
[  921.655511]  should_fail.cold+0x5/0xa
[  921.655975]  ? create_object.isra.0+0x3a/0xa20
[  921.656504]  should_failslab+0x5/0x10
[  921.656938]  kmem_cache_alloc+0x5b/0x480
[  921.657405]  ? obj_cgroup_charge+0x247/0x740
[  921.657919]  create_object.isra.0+0x3a/0xa20
[  921.658420]  ? kasan_unpoison+0x23/0x50
[  921.658887]  kmem_cache_alloc_lru+0x2d3/0x7c0
[  921.659396]  ? __d_alloc+0x31/0x990
[  921.659833]  ? mqueue_get_tree+0x130/0x130
[  921.660320]  __d_alloc+0x31/0x990
[  921.660742]  ? mqueue_get_inode+0x27f/0xe20
[  921.661268]  ? mqueue_get_tree+0x130/0x130
[  921.661774]  d_make_root+0x45/0x110
[  921.662216]  mqueue_fill_super+0x137/0x200
[  921.662724]  get_tree_nodev+0xce/0x1d0
[  921.663196]  mqueue_get_tree+0xee/0x130
[  921.663681]  vfs_get_tree+0x8e/0x2f0
[  921.664143]  fc_mount+0x13/0xc0
[  921.664553]  mq_init_ns+0x43e/0x630
[  921.664995]  copy_ipcs+0x35e/0x5d0
[  921.665421]  ? copy_utsname+0xa9/0x4a0
[  921.665891]  create_new_namespaces+0x210/0xb30
[  921.666454]  copy_namespaces+0x391/0x450
[  921.666951]  copy_process+0x2ba5/0x6d10
[  921.667462]  ? __cleanup_sighand+0xb0/0xb0
[  921.667973]  ? lock_is_held_type+0xd7/0x130
[  921.668492]  ? find_held_lock+0x2c/0x110
[  921.668981]  ? kernel_clone+0xc4/0xa60
[  921.669442]  kernel_clone+0xe7/0xa60
[  921.669896]  ? create_io_thread+0xf0/0xf0
[  921.670396]  ? find_held_lock+0x2c/0x110
[  921.670897]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  921.671491]  ? bit_wait_io_timeout+0x160/0x160
[  921.672052]  __do_sys_clone+0xc8/0x110
[  921.672527]  ? __do_sys_vfork+0xd0/0xd0
[  921.672979]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  921.673632]  ? vfs_write+0x428/0xad0
[  921.674089]  ? syscall_enter_from_user_mode+0x1d/0x50
[  921.674710]  do_syscall_64+0x3b/0x90
[  921.675156]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  921.675786] RIP: 0033:0x7f71bf82bb19
[  921.676228] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  921.678392] RSP: 002b:00007f71bcda1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  921.679287] RAX: ffffffffffffffda RBX: 00007f71bf93ef60 RCX: 00007f71bf82bb19
[  921.680149] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  921.680990] RBP: 00007f71bcda11d0 R08: 0000000000000000 R09: 0000000000000000
[  921.681831] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  921.682673] R13: 00007ffdc313072f R14: 00007f71bcda1300 R15: 0000000000022000
[  921.683539]  </TASK>
12:49:19 executing program 6:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 74)

12:49:19 executing program 5:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff000000000000000007"], 0x1c}], 0x1}, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0)
sendmsg$IPVS_CMD_DEL_SERVICE(r0, &(0x7f0000001200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000001180)={&(0x7f0000001340)=ANY=[@ANYBLOB="f954b225", @ANYRES16=0x0, @ANYBLOB="01002dbd7000fddbdf2503000000140002800800030000000000080004002400000008000500ffffffff"], 0x30}, 0x1, 0x0, 0x0, 0x24008805}, 0x20000000)
preadv(r1, &(0x7f00000011c0)=[{&(0x7f0000000180)=""/4096, 0x1000}], 0x1, 0x0, 0x0)
r2 = fork()
r3 = pidfd_open(r2, 0x0)
process_madvise(r3, 0x0, 0x0, 0x14, 0x0)

12:49:19 executing program 2:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0xf0, 0x0, 0x0)

12:49:19 executing program 0:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:49:19 executing program 4:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff0000000000"], 0x1c}], 0x1}, 0x0)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
read(r0, &(0x7f00000001c0)=""/133, 0x85)

12:49:19 executing program 7:
r0 = fork()
pidfd_open(r0, 0x0)
process_madvise(0xffffffffffffffff, 0x0, 0x0, 0x14, 0x0)

12:49:19 executing program 3:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x6000, 0x0, 0x0)

12:49:19 executing program 1:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 77)

[  936.948394] FAULT_INJECTION: forcing a failure.
[  936.948394] name failslab, interval 1, probability 0, space 0, times 0
[  936.949580] CPU: 0 PID: 6698 Comm: syz-executor.1 Not tainted 5.17.0-rc8-next-20220318 #1
[  936.950423] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  936.951530] Call Trace:
[  936.951792]  <TASK>
[  936.952024]  dump_stack_lvl+0x8b/0xb3
[  936.952435]  should_fail.cold+0x5/0xa
[  936.952830]  ? create_object.isra.0+0x3a/0xa20
[  936.953315]  should_failslab+0x5/0x10
[  936.953705]  kmem_cache_alloc+0x5b/0x480
[  936.954127]  create_object.isra.0+0x3a/0xa20
[  936.954579]  ? kasan_unpoison+0x23/0x50
[  936.954996]  __kmalloc_track_caller+0x25e/0x430
[  936.955450]  ? setup_mq_sysctls+0x59/0x230
[  936.955898]  kmemdup+0x23/0x50
[  936.956241]  setup_mq_sysctls+0x59/0x230
[  936.956663]  copy_ipcs+0x381/0x5d0
[  936.957025]  ? copy_utsname+0xa9/0x4a0
[  936.957434]  create_new_namespaces+0x210/0xb30
[  936.957914]  copy_namespaces+0x391/0x450
[  936.958334]  copy_process+0x2ba5/0x6d10
[  936.958758]  ? __cleanup_sighand+0xb0/0xb0
[  936.959199]  ? lock_is_held_type+0xd7/0x130
[  936.959625]  ? find_held_lock+0x2c/0x110
[  936.960050]  ? kernel_clone+0xc4/0xa60
[  936.960450]  kernel_clone+0xe7/0xa60
[  936.960832]  ? create_io_thread+0xf0/0xf0
[  936.961252]  ? find_held_lock+0x2c/0x110
[  936.961669]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  936.962170]  ? bit_wait_io_timeout+0x160/0x160
[  936.962637]  __do_sys_clone+0xc8/0x110
[  936.963034]  ? __do_sys_vfork+0xd0/0xd0
[  936.963446]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  936.963988]  ? vfs_write+0x428/0xad0
[  936.964372]  ? syscall_enter_from_user_mode+0x1d/0x50
[  936.964897]  do_syscall_64+0x3b/0x90
[  936.965287]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  936.965812] RIP: 0033:0x7f71bf82bb19
[  936.966190] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  936.968072] RSP: 002b:00007f71bcda1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  936.968844] RAX: ffffffffffffffda RBX: 00007f71bf93ef60 RCX: 00007f71bf82bb19
[  936.969536] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  936.970259] RBP: 00007f71bcda11d0 R08: 0000000000000000 R09: 0000000000000000
[  936.970985] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  936.971705] R13: 00007ffdc313072f R14: 00007f71bcda1300 R15: 0000000000022000
[  936.972448]  </TASK>
[  936.973785] FAULT_INJECTION: forcing a failure.
[  936.973785] name failslab, interval 1, probability 0, space 0, times 0
[  936.974945] CPU: 0 PID: 6699 Comm: syz-executor.6 Not tainted 5.17.0-rc8-next-20220318 #1
[  936.975781] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  936.976954] Call Trace:
[  936.977210]  <TASK>
[  936.977438]  dump_stack_lvl+0x8b/0xb3
[  936.977837]  should_fail.cold+0x5/0xa
[  936.978234]  ? create_object.isra.0+0x3a/0xa20
[  936.978711]  should_failslab+0x5/0x10
[  936.979107]  kmem_cache_alloc+0x5b/0x480
[  936.979532]  create_object.isra.0+0x3a/0xa20
[  936.979977]  kmemleak_alloc_percpu+0xa0/0x100
[  936.980448]  pcpu_alloc+0x7bf/0x1060
[  936.980849]  alloc_vfsmnt+0xfd/0x6b0
[  936.981234]  vfs_create_mount+0x8b/0x5d0
[  936.981666]  fc_mount+0x98/0xc0
[  936.982008]  mq_init_ns+0x43e/0x630
[  936.982383]  copy_ipcs+0x35e/0x5d0
[  936.982745]  ? copy_utsname+0xa9/0x4a0
[  936.983144]  create_new_namespaces+0x210/0xb30
[  936.983604]  copy_namespaces+0x391/0x450
[  936.984051]  copy_process+0x2ba5/0x6d10
[  936.984487]  ? __cleanup_sighand+0xb0/0xb0
[  936.984928]  ? lock_is_held_type+0xd7/0x130
[  936.985378]  ? find_held_lock+0x2c/0x110
[  936.985796]  ? kernel_clone+0xc4/0xa60
[  936.986200]  kernel_clone+0xe7/0xa60
[  936.986587]  ? create_io_thread+0xf0/0xf0
[  936.987013]  ? find_held_lock+0x2c/0x110
[  936.987438]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  936.987950]  ? bit_wait_io_timeout+0x160/0x160
[  936.988437]  __do_sys_clone+0xc8/0x110
[  936.988836]  ? __do_sys_vfork+0xd0/0xd0
[  936.989257]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  936.989816]  ? vfs_write+0x428/0xad0
[  936.990211]  ? syscall_enter_from_user_mode+0x1d/0x50
[  936.990744]  do_syscall_64+0x3b/0x90
[  936.991131]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  936.991643] RIP: 0033:0x7fa70862cb19
[  936.992019] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  936.993895] RSP: 002b:00007fa705ba2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  936.994672] RAX: ffffffffffffffda RBX: 00007fa70873ff60 RCX: 00007fa70862cb19
[  936.995409] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  936.996152] RBP: 00007fa705ba21d0 R08: 0000000000000000 R09: 0000000000000000
[  936.996851] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  936.997577] R13: 00007ffd6adb49ef R14: 00007fa705ba2300 R15: 0000000000022000
[  936.998320]  </TASK>
12:49:19 executing program 0:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000be000000000000be252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000000040)="22df1d0000000000000d00080005e20008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, 0x0)
mkdirat(r0, &(0x7f0000000300)='./file0\x00', 0x8)

12:49:19 executing program 7:
r0 = fork()
r1 = pidfd_open(r0, 0x0)
process_madvise(r1, 0x0, 0x0, 0x0, 0x0)

[  937.034322] loop0: detected capacity change from 0 to 240
12:49:19 executing program 3:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0xf000, 0x0, 0x0)

12:49:19 executing program 2:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x2000, 0x0, 0x0)

12:49:19 executing program 0:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0xf000, 0x0, 0x0, 0x0)

12:49:19 executing program 4:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff0000000000"], 0x1c}], 0x1}, 0x0)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
read(r0, &(0x7f00000001c0)=""/133, 0x85)

12:49:19 executing program 0:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff0000000000"], 0x1c}], 0x1}, 0x0)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
read(r0, &(0x7f00000001c0)=""/133, 0x85)

12:49:19 executing program 7:
r0 = fork()
r1 = pidfd_open(r0, 0x0)
process_madvise(r1, 0x0, 0x0, 0x0, 0x0)

12:49:32 executing program 5:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff0000000000"], 0x1c}], 0x1}, 0x0)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
read(r0, &(0x7f00000001c0)=""/133, 0x85)

12:49:32 executing program 7:
r0 = fork()
r1 = pidfd_open(r0, 0x0)
process_madvise(r1, 0x0, 0x0, 0x0, 0x0)

12:49:32 executing program 0:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff0000000000"], 0x1c}], 0x1}, 0x0)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
read(r0, &(0x7f00000001c0)=""/133, 0x85)

12:49:32 executing program 2:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x6000, 0x0, 0x0)

12:49:32 executing program 6:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 75)

12:49:32 executing program 4:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff00000000000000"], 0x1c}], 0x1}, 0x0)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
read(r0, &(0x7f00000001c0)=""/133, 0x85)

12:49:32 executing program 1:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 78)

12:49:32 executing program 3:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x100000, 0x0, 0x0)

[  950.068461] FAULT_INJECTION: forcing a failure.
[  950.068461] name failslab, interval 1, probability 0, space 0, times 0
[  950.071528] CPU: 1 PID: 6944 Comm: syz-executor.6 Not tainted 5.17.0-rc8-next-20220318 #1
[  950.073484] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  950.076409] Call Trace:
[  950.076968]  <TASK>
[  950.077547]  dump_stack_lvl+0x8b/0xb3
[  950.078384]  should_fail.cold+0x5/0xa
[  950.079208]  ? create_object.isra.0+0x3a/0xa20
[  950.080225]  should_failslab+0x5/0x10
[  950.081046]  kmem_cache_alloc+0x5b/0x480
[  950.081916] FAULT_INJECTION: forcing a failure.
[  950.081916] name failslab, interval 1, probability 0, space 0, times 0
[  950.081948]  create_object.isra.0+0x3a/0xa20
[  950.084252]  kmemleak_alloc_percpu+0xa0/0x100
[  950.085229]  pcpu_alloc+0x7bf/0x1060
[  950.086112]  alloc_vfsmnt+0xfd/0x6b0
[  950.086934]  vfs_create_mount+0x8b/0x5d0
[  950.087936]  fc_mount+0x98/0xc0
[  950.088807]  mq_init_ns+0x43e/0x630
[  950.089626]  copy_ipcs+0x35e/0x5d0
[  950.090404]  ? copy_utsname+0xa9/0x4a0
[  950.091278]  create_new_namespaces+0x210/0xb30
[  950.092343]  copy_namespaces+0x391/0x450
[  950.093257]  copy_process+0x2ba5/0x6d10
[  950.094213]  ? __cleanup_sighand+0xb0/0xb0
[  950.095165]  ? lock_is_held_type+0xd7/0x130
[  950.096114]  ? find_held_lock+0x2c/0x110
[  950.097032]  ? kernel_clone+0xc4/0xa60
[  950.097867]  kernel_clone+0xe7/0xa60
[  950.098688]  ? create_io_thread+0xf0/0xf0
[  950.099579]  ? find_held_lock+0x2c/0x110
[  950.100471]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  950.101536]  ? bit_wait_io_timeout+0x160/0x160
[  950.102558]  __do_sys_clone+0xc8/0x110
[  950.103427]  ? __do_sys_vfork+0xd0/0xd0
[  950.104330]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  950.105527]  ? vfs_write+0x428/0xad0
[  950.106388]  ? syscall_enter_from_user_mode+0x1d/0x50
[  950.107587]  do_syscall_64+0x3b/0x90
[  950.108501]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  950.109654] RIP: 0033:0x7fa70862cb19
[  950.110467] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  950.114456] RSP: 002b:00007fa705ba2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  950.116082] RAX: ffffffffffffffda RBX: 00007fa70873ff60 RCX: 00007fa70862cb19
[  950.117612] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  950.119156] RBP: 00007fa705ba21d0 R08: 0000000000000000 R09: 0000000000000000
[  950.120789] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  950.122345] R13: 00007ffd6adb49ef R14: 00007fa705ba2300 R15: 0000000000022000
[  950.123905]  </TASK>
[  950.124468] CPU: 0 PID: 6948 Comm: syz-executor.1 Not tainted 5.17.0-rc8-next-20220318 #1
[  950.125369] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  950.126570] Call Trace:
[  950.126841]  <TASK>
[  950.127082]  dump_stack_lvl+0x8b/0xb3
[  950.127511]  should_fail.cold+0x5/0xa
[  950.127928]  ? __register_sysctl_table+0x112/0x1090
[  950.128466]  should_failslab+0x5/0x10
[  950.128885]  __kmalloc+0x72/0x440
[  950.129266]  ? lock_downgrade+0x6d0/0x6d0
[  950.129735]  __register_sysctl_table+0x112/0x1090
[  950.130320]  ? proc_sys_evict_inode+0x180/0x180
[  950.130978]  ? trace_kmalloc+0x29/0xd0
[  950.131384]  ? __kmalloc_track_caller+0x213/0x430
[  950.131891]  ? setup_mq_sysctls+0x59/0x230
[  950.132359]  ? memcpy+0x39/0x60
[  950.132713]  setup_mq_sysctls+0x13c/0x230
[  950.133153]  copy_ipcs+0x381/0x5d0
[  950.133525]  ? copy_utsname+0xa9/0x4a0
[  950.133939]  create_new_namespaces+0x210/0xb30
[  950.134424]  copy_namespaces+0x391/0x450
[  950.134856]  copy_process+0x2ba5/0x6d10
[  950.135307]  ? __cleanup_sighand+0xb0/0xb0
[  950.135777]  ? lock_is_held_type+0xd7/0x130
[  950.136231]  ? find_held_lock+0x2c/0x110
[  950.136660]  ? kernel_clone+0xc4/0xa60
[  950.137087]  kernel_clone+0xe7/0xa60
[  950.137485]  ? create_io_thread+0xf0/0xf0
[  950.137945]  ? find_held_lock+0x2c/0x110
[  950.138392]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  950.138927]  ? bit_wait_io_timeout+0x160/0x160
[  950.139434]  __do_sys_clone+0xc8/0x110
[  950.139850]  ? __do_sys_vfork+0xd0/0xd0
[  950.140284]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  950.140849]  ? vfs_write+0x428/0xad0
[  950.141270]  ? syscall_enter_from_user_mode+0x1d/0x50
[  950.141824]  do_syscall_64+0x3b/0x90
[  950.142228]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  950.142764] RIP: 0033:0x7f71bf82bb19
[  950.143170] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  950.145088] RSP: 002b:00007f71bcda1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  950.145876] RAX: ffffffffffffffda RBX: 00007f71bf93ef60 RCX: 00007f71bf82bb19
[  950.146612] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  950.147369] RBP: 00007f71bcda11d0 R08: 0000000000000000 R09: 0000000000000000
[  950.148107] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  950.148845] R13: 00007ffdc313072f R14: 00007f71bcda1300 R15: 0000000000022000
[  950.149600]  </TASK>
[  963.010506] FAULT_INJECTION: forcing a failure.
[  963.010506] name failslab, interval 1, probability 0, space 0, times 0
[  963.011772] CPU: 0 PID: 6959 Comm: syz-executor.6 Not tainted 5.17.0-rc8-next-20220318 #1
[  963.012670] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  963.013902] Call Trace:
[  963.014183]  <TASK>
[  963.014425]  dump_stack_lvl+0x8b/0xb3
[  963.014852]  should_fail.cold+0x5/0xa
[  963.015279]  should_failslab+0x5/0x10
[  963.015707]  __kmalloc_track_caller+0x79/0x430
[  963.016213]  ? setup_mq_sysctls+0x59/0x230
[  963.016673]  kmemdup+0x23/0x50
[  963.017025]  setup_mq_sysctls+0x59/0x230
[  963.017485]  copy_ipcs+0x381/0x5d0
[  963.017877]  ? copy_utsname+0xa9/0x4a0
[  963.018313]  create_new_namespaces+0x210/0xb30
[  963.018828]  copy_namespaces+0x391/0x450
[  963.019277]  copy_process+0x2ba5/0x6d10
[  963.019733]  ? __cleanup_sighand+0xb0/0xb0
[  963.020199]  ? lock_is_held_type+0xd7/0x130
[  963.020683]  ? find_held_lock+0x2c/0x110
[  963.021130]  ? kernel_clone+0xc4/0xa60
[  963.021562]  kernel_clone+0xe7/0xa60
[  963.021976]  ? create_io_thread+0xf0/0xf0
[  963.022436]  ? find_held_lock+0x2c/0x110
[  963.022885]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  963.023435]  ? bit_wait_io_timeout+0x160/0x160
[  963.023947]  __do_sys_clone+0xc8/0x110
[  963.024383]  ? __do_sys_vfork+0xd0/0xd0
[  963.024803]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  963.025409]  ? vfs_write+0x428/0xad0
[  963.025829]  ? syscall_enter_from_user_mode+0x1d/0x50
[  963.026388]  do_syscall_64+0x3b/0x90
[  963.026796]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  963.027359] RIP: 0033:0x7fa70862cb19
[  963.027761] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  963.029375] loop0: detected capacity change from 0 to 240
[  963.029780] RSP: 002b:00007fa705ba2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  963.031742] RAX: ffffffffffffffda RBX: 00007fa70873ff60 RCX: 00007fa70862cb19
[  963.032526] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  963.033305] RBP: 00007fa705ba21d0 R08: 0000000000000000 R09: 0000000000000000
[  963.034081] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  963.034858] R13: 00007ffd6adb49ef R14: 00007fa705ba2300 R15: 0000000000022000
[  963.035658]  </TASK>
[  963.047774] FAULT_INJECTION: forcing a failure.
[  963.047774] name failslab, interval 1, probability 0, space 0, times 0
[  963.049023] CPU: 0 PID: 6964 Comm: syz-executor.1 Not tainted 5.17.0-rc8-next-20220318 #1
[  963.049891] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  963.051064] Call Trace:
[  963.051332]  <TASK>
[  963.051564]  dump_stack_lvl+0x8b/0xb3
[  963.051975]  should_fail.cold+0x5/0xa
[  963.052386]  ? create_object.isra.0+0x3a/0xa20
[  963.052878]  should_failslab+0x5/0x10
[  963.053273]  kmem_cache_alloc+0x5b/0x480
[  963.053718]  create_object.isra.0+0x3a/0xa20
[  963.054184]  ? kasan_unpoison+0x23/0x50
[  963.054616]  __kmalloc+0x25b/0x440
[  963.054992]  __register_sysctl_table+0x112/0x1090
[  963.055522]  ? proc_sys_evict_inode+0x180/0x180
[  963.056015]  ? trace_kmalloc+0x29/0xd0
[  963.056438]  ? __kmalloc_track_caller+0x213/0x430
[  963.056939]  ? setup_mq_sysctls+0x59/0x230
[  963.057394]  ? memcpy+0x39/0x60
[  963.057762]  setup_mq_sysctls+0x13c/0x230
[  963.058216]  copy_ipcs+0x381/0x5d0
[  963.058606]  ? copy_utsname+0xa9/0x4a0
[  963.059031]  create_new_namespaces+0x210/0xb30
[  963.059537]  copy_namespaces+0x391/0x450
[  963.059976]  copy_process+0x2ba5/0x6d10
[  963.060429]  ? __cleanup_sighand+0xb0/0xb0
[  963.060901]  ? lock_is_held_type+0xd7/0x130
[  963.061363]  ? find_held_lock+0x2c/0x110
[  963.061804]  ? kernel_clone+0xc4/0xa60
[  963.062224]  kernel_clone+0xe7/0xa60
[  963.062631]  ? create_io_thread+0xf0/0xf0
[  963.063080]  ? find_held_lock+0x2c/0x110
[  963.063530]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  963.064069]  ? bit_wait_io_timeout+0x160/0x160
[  963.064590]  __do_sys_clone+0xc8/0x110
[  963.065019]  ? __do_sys_vfork+0xd0/0xd0
[  963.065450]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  963.066024]  ? vfs_write+0x428/0xad0
[  963.066445]  ? syscall_enter_from_user_mode+0x1d/0x50
[  963.067012]  do_syscall_64+0x3b/0x90
[  963.067426]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  963.067998] RIP: 0033:0x7f71bf82bb19
[  963.068401] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  963.070410] RSP: 002b:00007f71bcda1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  963.071232] RAX: ffffffffffffffda RBX: 00007f71bf93ef60 RCX: 00007f71bf82bb19
[  963.072008] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  963.072785] RBP: 00007f71bcda11d0 R08: 0000000000000000 R09: 0000000000000000
[  963.073549] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  963.074329] R13: 00007ffdc313072f R14: 00007f71bcda1300 R15: 0000000000022000
[  963.075121]  </TASK>
12:49:45 executing program 6:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 76)

12:49:45 executing program 0:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000be000000000000be252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f, 0x8800}, {&(0x7f0000000040)="22df1d0000000000000d00080005e20008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, 0x0)
mkdirat(r0, &(0x7f0000000300)='./file0\x00', 0x8)

12:49:45 executing program 1:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 79)

12:49:45 executing program 4:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff00000000000000"], 0x1c}], 0x1}, 0x0)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
read(r0, &(0x7f00000001c0)=""/133, 0x85)

12:49:45 executing program 3:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x600000, 0x0, 0x0)

12:49:45 executing program 5:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{0x0, 0x1c}], 0x1}, 0x0)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
read(r0, &(0x7f00000001c0)=""/133, 0x85)

12:49:45 executing program 2:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0xf000, 0x0, 0x0)

12:49:45 executing program 7:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff000000000000000007"], 0x1c}], 0x1}, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0)
sendmsg$IPVS_CMD_DEL_SERVICE(r0, &(0x7f0000001200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000001180)={&(0x7f0000001340)=ANY=[@ANYBLOB="f954b225", @ANYRES16=0x0, @ANYBLOB="01002dbd7000fddbdf2503000000140002800800030000000000080004002400000008000500ffffffff"], 0x30}, 0x1, 0x0, 0x0, 0x24008805}, 0x20000000)
preadv(r1, &(0x7f00000011c0)=[{&(0x7f0000000180)=""/4096, 0x1000}], 0x1, 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r2, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0)
r3 = pidfd_open(0x0, 0x0)
process_madvise(r3, 0x0, 0x0, 0x14, 0x0)

12:49:45 executing program 6:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 77)

[  963.149866] FAULT_INJECTION: forcing a failure.
[  963.149866] name failslab, interval 1, probability 0, space 0, times 0
[  963.151195] CPU: 0 PID: 6978 Comm: syz-executor.6 Not tainted 5.17.0-rc8-next-20220318 #1
[  963.152098] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  963.153299] Call Trace:
[  963.153564]  <TASK>
[  963.153796]  dump_stack_lvl+0x8b/0xb3
[  963.154215]  should_fail.cold+0x5/0xa
[  963.154619]  ? create_object.isra.0+0x3a/0xa20
[  963.155105]  should_failslab+0x5/0x10
[  963.155505]  kmem_cache_alloc+0x5b/0x480
[  963.155932]  create_object.isra.0+0x3a/0xa20
[  963.156404]  kmemleak_alloc_percpu+0xa0/0x100
[  963.156875]  pcpu_alloc+0x7bf/0x1060
[  963.157278]  alloc_vfsmnt+0xfd/0x6b0
[  963.157669]  vfs_create_mount+0x8b/0x5d0
[  963.158095]  fc_mount+0x98/0xc0
[  963.158445]  mq_init_ns+0x43e/0x630
[  963.158827]  copy_ipcs+0x35e/0x5d0
[  963.159197]  ? copy_utsname+0xa9/0x4a0
[  963.159605]  create_new_namespaces+0x210/0xb30
[  963.160091]  copy_namespaces+0x391/0x450
[  963.160540]  copy_process+0x2ba5/0x6d10
[  963.160996]  ? __cleanup_sighand+0xb0/0xb0
[  963.161467]  ? lock_is_held_type+0xd7/0x130
[  963.161931]  ? find_held_lock+0x2c/0x110
[  963.162374]  ? kernel_clone+0xc4/0xa60
[  963.162806]  kernel_clone+0xe7/0xa60
[  963.163226]  ? create_io_thread+0xf0/0xf0
[  963.163683]  ? find_held_lock+0x2c/0x110
[  963.164127]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  963.164672]  ? bit_wait_io_timeout+0x160/0x160
[  963.165170]  __do_sys_clone+0xc8/0x110
[  963.165601]  ? __do_sys_vfork+0xd0/0xd0
[  963.166034]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  963.166639]  ? vfs_write+0x428/0xad0
[  963.167051]  ? syscall_enter_from_user_mode+0x1d/0x50
[  963.167621]  do_syscall_64+0x3b/0x90
[  963.168033]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  963.168592] RIP: 0033:0x7fa70862cb19
[  963.168990] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  963.170979] RSP: 002b:00007fa705ba2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  963.171800] RAX: ffffffffffffffda RBX: 00007fa70873ff60 RCX: 00007fa70862cb19
[  963.172586] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  963.173359] RBP: 00007fa705ba21d0 R08: 0000000000000000 R09: 0000000000000000
[  963.174135] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  963.174914] R13: 00007ffd6adb49ef R14: 00007fa705ba2300 R15: 0000000000022000
[  963.175707]  </TASK>
12:49:45 executing program 3:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x80ffff, 0x0, 0x0)

12:49:45 executing program 0:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff000000000000000007"], 0x1c}], 0x1}, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0)
sendmsg$IPVS_CMD_DEL_SERVICE(r0, &(0x7f0000001200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000001180)={&(0x7f0000001340)=ANY=[@ANYBLOB="f954b225", @ANYRES16=0x0, @ANYBLOB="01002dbd7000fddbdf2503000000140002800800030000000000080004002400000008000500ffffffff"], 0x30}, 0x1, 0x0, 0x0, 0x24008805}, 0x20000000)
preadv(r1, &(0x7f00000011c0)=[{&(0x7f0000000180)=""/4096, 0x1000}], 0x1, 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r2, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0)
r3 = pidfd_open(0x0, 0x0)
process_madvise(r3, 0x0, 0x0, 0x14, 0x0)

12:49:45 executing program 1:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 80)

12:49:45 executing program 4:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff00000000000000"], 0x1c}], 0x1}, 0x0)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
read(r0, &(0x7f00000001c0)=""/133, 0x85)

12:49:45 executing program 7:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000be000000000000be252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f}, {&(0x7f0000000040)="22df1d0000000000000d00080005e20008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000011e00))
mkdirat(r0, &(0x7f0000000300)='./file0\x00', 0x8)

12:49:45 executing program 2:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x100000, 0x0, 0x0)

[  963.248086] loop7: detected capacity change from 0 to 240
[  963.267529] FAULT_INJECTION: forcing a failure.
[  963.267529] name failslab, interval 1, probability 0, space 0, times 0
[  963.268827] CPU: 0 PID: 6989 Comm: syz-executor.1 Not tainted 5.17.0-rc8-next-20220318 #1
[  963.269691] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  963.270868] Call Trace:
[  963.271134]  <TASK>
[  963.271369]  dump_stack_lvl+0x8b/0xb3
[  963.271782]  should_fail.cold+0x5/0xa
[  963.272185]  ? __register_sysctl_table+0x9e2/0x1090
[  963.272730]  should_failslab+0x5/0x10
[  963.273128]  __kmalloc+0x72/0x440
[  963.273501]  __register_sysctl_table+0x9e2/0x1090
[  963.274020]  ? proc_sys_evict_inode+0x180/0x180
[  963.274509]  ? trace_kmalloc+0x29/0xd0
[  963.274921]  ? __kmalloc_track_caller+0x213/0x430
[  963.275431]  ? setup_mq_sysctls+0x59/0x230
[  963.275878]  ? memcpy+0x39/0x60
[  963.276238]  setup_mq_sysctls+0x13c/0x230
[  963.276684]  copy_ipcs+0x381/0x5d0
[  963.277057]  ? copy_utsname+0xa9/0x4a0
[  963.277477]  create_new_namespaces+0x210/0xb30
[  963.277969]  copy_namespaces+0x391/0x450
[  963.278405]  copy_process+0x2ba5/0x6d10
[  963.278845]  ? __cleanup_sighand+0xb0/0xb0
[  963.279299]  ? lock_is_held_type+0xd7/0x130
[  963.279754]  ? find_held_lock+0x2c/0x110
[  963.280187]  ? kernel_clone+0xc4/0xa60
[  963.280642]  kernel_clone+0xe7/0xa60
[  963.281041]  ? create_io_thread+0xf0/0xf0
[  963.281681]  ? find_held_lock+0x2c/0x110
[  963.282113]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  963.282631]  ? bit_wait_io_timeout+0x160/0x160
[  963.283122]  __do_sys_clone+0xc8/0x110
[  963.283536]  ? __do_sys_vfork+0xd0/0xd0
[  963.283961]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  963.284553]  ? vfs_write+0x428/0xad0
[  963.284958]  ? syscall_enter_from_user_mode+0x1d/0x50
[  963.285497]  do_syscall_64+0x3b/0x90
[  963.285898]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  963.286443] RIP: 0033:0x7f71bf82bb19
[  963.286834] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  963.288759] RSP: 002b:00007f71bcda1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  963.289548] RAX: ffffffffffffffda RBX: 00007f71bf93ef60 RCX: 00007f71bf82bb19
[  963.290299] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  963.291040] RBP: 00007f71bcda11d0 R08: 0000000000000000 R09: 0000000000000000
[  963.291785] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  963.292541] R13: 00007ffdc313072f R14: 00007f71bcda1300 R15: 0000000000022000
[  963.293298]  </TASK>
[  963.293655] sysctl could not get directory: /fs -12
[  963.294204] CPU: 0 PID: 6989 Comm: syz-executor.1 Not tainted 5.17.0-rc8-next-20220318 #1
[  963.295071] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  963.296249] Call Trace:
[  963.296523]  <TASK>
[  963.296757]  dump_stack_lvl+0x8b/0xb3
[  963.297159]  __register_sysctl_table+0xde7/0x1090
[  963.297672]  ? proc_sys_evict_inode+0x180/0x180
[  963.298160]  ? trace_kmalloc+0x29/0xd0
[  963.298566]  ? __kmalloc_track_caller+0x213/0x430
[  963.299073]  ? setup_mq_sysctls+0x59/0x230
[  963.299524]  ? memcpy+0x39/0x60
[  963.299875]  setup_mq_sysctls+0x13c/0x230
[  963.300331]  copy_ipcs+0x381/0x5d0
[  963.300704]  ? copy_utsname+0xa9/0x4a0
[  963.301117]  create_new_namespaces+0x210/0xb30
[  963.301608]  copy_namespaces+0x391/0x450
[  963.302037]  copy_process+0x2ba5/0x6d10
[  963.302474]  ? __cleanup_sighand+0xb0/0xb0
[  963.302929]  ? lock_is_held_type+0xd7/0x130
[  963.303384]  ? find_held_lock+0x2c/0x110
[  963.303813]  ? kernel_clone+0xc4/0xa60
[  963.304227]  kernel_clone+0xe7/0xa60
[  963.304640]  ? create_io_thread+0xf0/0xf0
[  963.305083]  ? find_held_lock+0x2c/0x110
[  963.305512]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  963.306028]  ? bit_wait_io_timeout+0x160/0x160
[  963.306511]  __do_sys_clone+0xc8/0x110
[  963.306925]  ? __do_sys_vfork+0xd0/0xd0
[  963.307351]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  963.307933]  ? vfs_write+0x428/0xad0
[  963.308342]  ? syscall_enter_from_user_mode+0x1d/0x50
[  963.308886]  do_syscall_64+0x3b/0x90
[  963.309286]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  963.309832] RIP: 0033:0x7f71bf82bb19
[  963.310221] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  963.312133] RSP: 002b:00007f71bcda1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  963.312937] RAX: ffffffffffffffda RBX: 00007f71bf93ef60 RCX: 00007f71bf82bb19
[  963.313684] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  963.314429] RBP: 00007f71bcda11d0 R08: 0000000000000000 R09: 0000000000000000
[  963.315162] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  963.315907] R13: 00007ffdc313072f R14: 00007f71bcda1300 R15: 0000000000022000
[  963.316664]  </TASK>
[  963.355052] isofs_fill_super: bread failed, dev=loop7, iso_blknum=60, block=120
12:49:58 executing program 5:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff000000000000000007"], 0x1c}], 0x1}, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0)
sendmsg$IPVS_CMD_DEL_SERVICE(r0, &(0x7f0000001200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000001180)={&(0x7f0000001340)=ANY=[@ANYBLOB="f954b225", @ANYRES16=0x0, @ANYBLOB="01002dbd7000fddbdf2503000000140002800800030000000000080004002400000008000500ffffffff"], 0x30}, 0x1, 0x0, 0x0, 0x24008805}, 0x20000000)
preadv(r1, &(0x7f00000011c0)=[{&(0x7f0000000180)=""/4096, 0x1000}], 0x1, 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r2, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0)
r3 = pidfd_open(0x0, 0x0)
process_madvise(r3, 0x0, 0x0, 0x14, 0x0)

12:49:58 executing program 6:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 78)

12:49:58 executing program 3:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0xc0ffff, 0x0, 0x0)

12:49:58 executing program 4:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff0000000000000000"], 0x1c}], 0x1}, 0x0)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
read(r0, &(0x7f00000001c0)=""/133, 0x85)

12:49:58 executing program 2:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x600000, 0x0, 0x0)

12:49:58 executing program 1:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 81)

12:49:58 executing program 7:
r0 = syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010600)="0243443030310100004c0049004e0055005800200020002000200020002000200020002000200020004300440052004f004d002000200020002000200020002000200020002000200000000000000000be000000000000be252f4500000000000000000000000000000000000000000000000000000000000100000101000001000808001c0000000000001c18000000000000000000001a0000000022001e", 0x9f}, {&(0x7f0000000040)="22df1d0000000000000d00080005e20008007809140b2a3a0802", 0x1a, 0xf000}], 0x0, &(0x7f0000011e00))
mkdirat(r0, &(0x7f0000000300)='./file0\x00', 0x8)

12:49:58 executing program 0:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff000000000000000007"], 0x1c}], 0x1}, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0)
sendmsg$IPVS_CMD_DEL_SERVICE(r0, &(0x7f0000001200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000001180)={&(0x7f0000001340)=ANY=[@ANYBLOB="f954b225", @ANYRES16=0x0, @ANYBLOB="01002dbd7000fddbdf2503000000140002800800030000000000080004002400000008000500ffffffff"], 0x30}, 0x1, 0x0, 0x0, 0x24008805}, 0x20000000)
preadv(r1, &(0x7f00000011c0)=[{&(0x7f0000000180)=""/4096, 0x1000}], 0x1, 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r2, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0)
r3 = pidfd_open(0x0, 0x0)
process_madvise(r3, 0x0, 0x0, 0x14, 0x0)

[  976.008598] FAULT_INJECTION: forcing a failure.
[  976.008598] name failslab, interval 1, probability 0, space 0, times 0
[  976.009858] CPU: 0 PID: 7106 Comm: syz-executor.6 Not tainted 5.17.0-rc8-next-20220318 #1
[  976.010740] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  976.011963] Call Trace:
[  976.012240]  <TASK>
[  976.012480]  dump_stack_lvl+0x8b/0xb3
[  976.012932]  should_fail.cold+0x5/0xa
[  976.013353]  ? __register_sysctl_table+0x112/0x1090
[  976.013898]  should_failslab+0x5/0x10
[  976.014312]  __kmalloc+0x72/0x440
[  976.014694]  ? lock_downgrade+0x6d0/0x6d0
[  976.015156]  __register_sysctl_table+0x112/0x1090
[  976.015686]  ? proc_sys_evict_inode+0x180/0x180
[  976.016196]  ? trace_kmalloc+0x29/0xd0
[  976.016629]  ? __kmalloc_track_caller+0x213/0x430
[  976.017153]  ? setup_mq_sysctls+0x59/0x230
[  976.017627]  ? memcpy+0x39/0x60
[  976.017991]  setup_mq_sysctls+0x13c/0x230
[  976.018449]  copy_ipcs+0x381/0x5d0
[  976.018838]  ? copy_utsname+0xa9/0x4a0
[  976.019266]  create_new_namespaces+0x210/0xb30
[  976.019777]  copy_namespaces+0x391/0x450
[  976.020224]  copy_process+0x2ba5/0x6d10
[  976.020695]  ? __cleanup_sighand+0xb0/0xb0
[  976.021162]  ? lock_is_held_type+0xd7/0x130
[  976.021633]  ? find_held_lock+0x2c/0x110
[  976.022075]  ? kernel_clone+0xc4/0xa60
[  976.022501]  kernel_clone+0xe7/0xa60
[  976.022912]  ? create_io_thread+0xf0/0xf0
[  976.023366]  ? find_held_lock+0x2c/0x110
[  976.023814]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  976.024354]  ? bit_wait_io_timeout+0x160/0x160
[  976.024873]  __do_sys_clone+0xc8/0x110
[  976.025299]  ? __do_sys_vfork+0xd0/0xd0
[  976.025738]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  976.026346]  ? vfs_write+0x428/0xad0
[  976.026756]  ? syscall_enter_from_user_mode+0x1d/0x50
[  976.027329]  do_syscall_64+0x3b/0x90
[  976.027733]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  976.028324] RIP: 0033:0x7fa70862cb19
[  976.028729] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  976.030739] RSP: 002b:00007fa705ba2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  976.031564] RAX: ffffffffffffffda RBX: 00007fa70873ff60 RCX: 00007fa70862cb19
[  976.032340] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  976.033141] RBP: 00007fa705ba21d0 R08: 0000000000000000 R09: 0000000000000000
[  976.033919] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  976.034699] R13: 00007ffd6adb49ef R14: 00007fa705ba2300 R15: 0000000000022000
[  976.035488]  </TASK>
12:49:58 executing program 4:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff0000000000000000"], 0x1c}], 0x1}, 0x0)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
read(r0, &(0x7f00000001c0)=""/133, 0x85)

[  976.072728] loop7: detected capacity change from 0 to 240
[  976.075709] FAULT_INJECTION: forcing a failure.
[  976.075709] name failslab, interval 1, probability 0, space 0, times 0
[  976.076908] CPU: 0 PID: 7117 Comm: syz-executor.1 Not tainted 5.17.0-rc8-next-20220318 #1
[  976.077780] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  976.078955] Call Trace:
[  976.079223]  <TASK>
[  976.079454]  dump_stack_lvl+0x8b/0xb3
[  976.079865]  should_fail.cold+0x5/0xa
[  976.080264]  ? create_object.isra.0+0x3a/0xa20
[  976.080766]  should_failslab+0x5/0x10
[  976.081159]  kmem_cache_alloc+0x5b/0x480
[  976.081597]  create_object.isra.0+0x3a/0xa20
[  976.082071]  ? kasan_unpoison+0x23/0x50
[  976.082496]  __kmalloc+0x25b/0x440
[  976.082880]  __register_sysctl_table+0x9e2/0x1090
[  976.083391]  ? proc_sys_evict_inode+0x180/0x180
[  976.083891]  ? trace_kmalloc+0x29/0xd0
[  976.084303]  ? __kmalloc_track_caller+0x213/0x430
[  976.084823]  ? setup_mq_sysctls+0x59/0x230
[  976.085289]  ? memcpy+0x39/0x60
[  976.085655]  setup_mq_sysctls+0x13c/0x230
[  976.086115]  copy_ipcs+0x381/0x5d0
[  976.086506]  ? copy_utsname+0xa9/0x4a0
[  976.086937]  create_new_namespaces+0x210/0xb30
[  976.087443]  copy_namespaces+0x391/0x450
[  976.087890]  copy_process+0x2ba5/0x6d10
[  976.088339]  ? __cleanup_sighand+0xb0/0xb0
[  976.088813]  ? lock_is_held_type+0xd7/0x130
[  976.089270]  ? find_held_lock+0x2c/0x110
[  976.089709]  ? kernel_clone+0xc4/0xa60
[  976.090145]  kernel_clone+0xe7/0xa60
[  976.090556]  ? create_io_thread+0xf0/0xf0
[  976.091009]  ? find_held_lock+0x2c/0x110
[  976.091453]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  976.091993]  ? bit_wait_io_timeout+0x160/0x160
[  976.092492]  __do_sys_clone+0xc8/0x110
[  976.092940]  ? __do_sys_vfork+0xd0/0xd0
[  976.093371]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  976.093975]  ? vfs_write+0x428/0xad0
[  976.094394]  ? syscall_enter_from_user_mode+0x1d/0x50
[  976.094963]  do_syscall_64+0x3b/0x90
[  976.095374]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  976.095938] RIP: 0033:0x7f71bf82bb19
[  976.096339] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  976.098329] RSP: 002b:00007f71bcda1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  976.099150] RAX: ffffffffffffffda RBX: 00007f71bf93ef60 RCX: 00007f71bf82bb19
[  976.099924] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  976.100714] RBP: 00007f71bcda11d0 R08: 0000000000000000 R09: 0000000000000000
[  976.101495] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  976.102277] R13: 00007ffdc313072f R14: 00007f71bcda1300 R15: 0000000000022000
[  976.103069]  </TASK>
12:49:58 executing program 6:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 79)

12:49:58 executing program 3:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0xf0ffff, 0x0, 0x0)

[  976.136319] isofs_fill_super: bread failed, dev=loop7, iso_blknum=60, block=120
[  976.150619] FAULT_INJECTION: forcing a failure.
[  976.150619] name failslab, interval 1, probability 0, space 0, times 0
[  976.151812] CPU: 0 PID: 7120 Comm: syz-executor.6 Not tainted 5.17.0-rc8-next-20220318 #1
[  976.152703] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  976.153885] Call Trace:
[  976.154161]  <TASK>
[  976.154392]  dump_stack_lvl+0x8b/0xb3
[  976.154797]  should_fail.cold+0x5/0xa
[  976.155198]  ? create_object.isra.0+0x3a/0xa20
[  976.155694]  should_failslab+0x5/0x10
[  976.156088]  kmem_cache_alloc+0x5b/0x480
[  976.156537]  create_object.isra.0+0x3a/0xa20
[  976.157001]  ? kasan_unpoison+0x23/0x50
[  976.157433]  __kmalloc+0x25b/0x440
[  976.157803]  __register_sysctl_table+0x112/0x1090
[  976.158327]  ? proc_sys_evict_inode+0x180/0x180
[  976.158813]  ? trace_kmalloc+0x29/0xd0
[  976.159229]  ? __kmalloc_track_caller+0x213/0x430
[  976.159729]  ? setup_mq_sysctls+0x59/0x230
[  976.160171]  ? memcpy+0x39/0x60
[  976.160552]  setup_mq_sysctls+0x13c/0x230
[  976.160996]  copy_ipcs+0x381/0x5d0
[  976.161384]  ? copy_utsname+0xa9/0x4a0
[  976.161813]  create_new_namespaces+0x210/0xb30
[  976.162313]  copy_namespaces+0x391/0x450
[  976.162751]  copy_process+0x2ba5/0x6d10
[  976.163199]  ? __cleanup_sighand+0xb0/0xb0
[  976.163654]  ? lock_is_held_type+0xd7/0x130
[  976.164119]  ? find_held_lock+0x2c/0x110
[  976.164568]  ? kernel_clone+0xc4/0xa60
[  976.164992]  kernel_clone+0xe7/0xa60
[  976.165403]  ? create_io_thread+0xf0/0xf0
[  976.165848]  ? find_held_lock+0x2c/0x110
[  976.166288]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  976.166819]  ? bit_wait_io_timeout+0x160/0x160
[  976.167315]  __do_sys_clone+0xc8/0x110
[  976.167733]  ? __do_sys_vfork+0xd0/0xd0
[  976.168168]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  976.168776]  ? vfs_write+0x428/0xad0
[  976.169191]  ? syscall_enter_from_user_mode+0x1d/0x50
[  976.169760]  do_syscall_64+0x3b/0x90
[  976.170172]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  976.170728] RIP: 0033:0x7fa70862cb19
[  976.171131] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  976.173106] RSP: 002b:00007fa705ba2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  976.173929] RAX: ffffffffffffffda RBX: 00007fa70873ff60 RCX: 00007fa70862cb19
[  976.174702] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  976.175477] RBP: 00007fa705ba21d0 R08: 0000000000000000 R09: 0000000000000000
[  976.176256] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  976.177027] R13: 00007ffd6adb49ef R14: 00007fa705ba2300 R15: 0000000000022000
[  976.177806]  </TASK>
12:50:12 executing program 3:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x1000000, 0x0, 0x0)

12:50:12 executing program 1:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 82)

12:50:12 executing program 4:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff0000000000000000"], 0x1c}], 0x1}, 0x0)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
read(r0, &(0x7f00000001c0)=""/133, 0x85)

12:50:12 executing program 0:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff0000000000000000"], 0x1c}], 0x1}, 0x0)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
read(r0, &(0x7f00000001c0)=""/133, 0x85)

12:50:12 executing program 2:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x80ffff, 0x0, 0x0)

12:50:12 executing program 6:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 80)

12:50:12 executing program 7:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:50:12 executing program 5:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{0x0, 0x1c}], 0x1}, 0x0)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
read(r0, &(0x7f00000001c0)=""/133, 0x85)

[  989.772267] FAULT_INJECTION: forcing a failure.
[  989.772267] name failslab, interval 1, probability 0, space 0, times 0
[  989.773531] CPU: 1 PID: 7138 Comm: syz-executor.1 Not tainted 5.17.0-rc8-next-20220318 #1
[  989.774392] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  989.775581] Call Trace:
[  989.775854]  <TASK>
[  989.776086]  dump_stack_lvl+0x8b/0xb3
[  989.776516]  should_fail.cold+0x5/0xa
[  989.776937]  ? __register_sysctl_table+0x9e2/0x1090
[  989.777485]  should_failslab+0x5/0x10
[  989.777900]  __kmalloc+0x72/0x440
[  989.778278]  __register_sysctl_table+0x9e2/0x1090
[  989.778800]  ? proc_sys_evict_inode+0x180/0x180
[  989.779300]  ? trace_kmalloc+0x29/0xd0
[  989.779710]  ? __kmalloc_track_caller+0x213/0x430
[  989.780216]  ? setup_mq_sysctls+0x59/0x230
[  989.780666]  ? memcpy+0x39/0x60
[  989.781028]  setup_mq_sysctls+0x13c/0x230
[  989.781478]  copy_ipcs+0x381/0x5d0
[  989.781850]  ? copy_utsname+0xa9/0x4a0
[  989.782279]  create_new_namespaces+0x210/0xb30
[  989.782775]  copy_namespaces+0x391/0x450
[  989.783223]  copy_process+0x2ba5/0x6d10
[  989.783674]  ? __cleanup_sighand+0xb0/0xb0
[  989.784140]  ? lock_is_held_type+0xd7/0x130
[  989.784610]  ? find_held_lock+0x2c/0x110
[  989.785074]  ? kernel_clone+0xc4/0xa60
[  989.785507]  kernel_clone+0xe7/0xa60
[  989.785917]  ? create_io_thread+0xf0/0xf0
[  989.786369]  ? find_held_lock+0x2c/0x110
[  989.786810]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  989.787348]  ? bit_wait_io_timeout+0x160/0x160
[  989.787846]  __do_sys_clone+0xc8/0x110
[  989.788272]  ? __do_sys_vfork+0xd0/0xd0
[  989.788704]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  989.789328]  ? vfs_write+0x428/0xad0
[  989.789745]  ? syscall_enter_from_user_mode+0x1d/0x50
[  989.790310]  do_syscall_64+0x3b/0x90
[  989.790719]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  989.791292] RIP: 0033:0x7f71bf82bb19
[  989.791694] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  989.793722] RSP: 002b:00007f71bcda1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  989.794544] RAX: ffffffffffffffda RBX: 00007f71bf93ef60 RCX: 00007f71bf82bb19
[  989.795315] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  989.796090] RBP: 00007f71bcda11d0 R08: 0000000000000000 R09: 0000000000000000
[  989.796879] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  989.797657] R13: 00007ffdc313072f R14: 00007f71bcda1300 R15: 0000000000022000
[  989.798441]  </TASK>
[  989.798746] sysctl could not get directory: /fs/mqueue -12
[  989.799780] CPU: 1 PID: 7138 Comm: syz-executor.1 Not tainted 5.17.0-rc8-next-20220318 #1
[  989.800701] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  989.801984] Call Trace:
[  989.802271]  <TASK>
[  989.802519]  dump_stack_lvl+0x8b/0xb3
[  989.802952]  __register_sysctl_table+0xde7/0x1090
[  989.803502]  ? proc_sys_evict_inode+0x180/0x180
[  989.804026]  ? trace_kmalloc+0x29/0xd0
[  989.804480]  ? __kmalloc_track_caller+0x213/0x430
[  989.805040]  ? setup_mq_sysctls+0x59/0x230
[  989.805516]  ? memcpy+0x39/0x60
[  989.805893]  setup_mq_sysctls+0x13c/0x230
[  989.806367]  copy_ipcs+0x381/0x5d0
[  989.806765]  ? copy_utsname+0xa9/0x4a0
[  989.807206]  create_new_namespaces+0x210/0xb30
[  989.807731]  copy_namespaces+0x391/0x450
[  989.808211]  copy_process+0x2ba5/0x6d10
[  989.808692]  ? __cleanup_sighand+0xb0/0xb0
[  989.809203]  ? lock_is_held_type+0xd7/0x130
[  989.809698]  ? find_held_lock+0x2c/0x110
[  989.810168]  ? kernel_clone+0xc4/0xa60
[  989.810626]  kernel_clone+0xe7/0xa60
[  989.811071]  ? create_io_thread+0xf0/0xf0
[  989.811553]  ? find_held_lock+0x2c/0x110
[  989.812030]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  989.812605]  ? bit_wait_io_timeout+0x160/0x160
[  989.813150]  __do_sys_clone+0xc8/0x110
[  989.813602]  ? __do_sys_vfork+0xd0/0xd0
[  989.814062]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  989.814696]  ? vfs_write+0x428/0xad0
[  989.815134]  ? syscall_enter_from_user_mode+0x1d/0x50
[  989.815721]  do_syscall_64+0x3b/0x90
[  989.816159]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  989.816790] RIP: 0033:0x7f71bf82bb19
[  989.817225] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  989.819387] RSP: 002b:00007f71bcda1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  989.820264] RAX: ffffffffffffffda RBX: 00007f71bf93ef60 RCX: 00007f71bf82bb19
[  989.821094] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  989.821931] RBP: 00007f71bcda11d0 R08: 0000000000000000 R09: 0000000000000000
[  989.822738] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  989.823533] R13: 00007ffdc313072f R14: 00007f71bcda1300 R15: 0000000000022000
[  989.824354]  </TASK>
[  989.830518] FAULT_INJECTION: forcing a failure.
[  989.830518] name failslab, interval 1, probability 0, space 0, times 0
[  989.832819] CPU: 0 PID: 7146 Comm: syz-executor.6 Not tainted 5.17.0-rc8-next-20220318 #1
[  989.834471] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  989.836749] Call Trace:
[  989.837257]  <TASK>
[  989.837703]  dump_stack_lvl+0x8b/0xb3
[  989.838476]  should_fail.cold+0x5/0xa
[  989.839227]  ? __register_sysctl_table+0x9e2/0x1090
[  989.840226]  should_failslab+0x5/0x10
[  989.840987]  __kmalloc+0x72/0x440
[  989.841687]  __register_sysctl_table+0x9e2/0x1090
[  989.842660]  ? proc_sys_evict_inode+0x180/0x180
[  989.843588]  ? trace_kmalloc+0x29/0xd0
[  989.844358]  ? __kmalloc_track_caller+0x213/0x430
[  989.845331]  ? setup_mq_sysctls+0x59/0x230
[  989.846180]  ? memcpy+0x39/0x60
[  989.846851]  setup_mq_sysctls+0x13c/0x230
[  989.847679]  copy_ipcs+0x381/0x5d0
[  989.848385]  ? copy_utsname+0xa9/0x4a0
[  989.849184]  create_new_namespaces+0x210/0xb30
[  989.850111]  copy_namespaces+0x391/0x450
[  989.850928]  copy_process+0x2ba5/0x6d10
[  989.851758]  ? __cleanup_sighand+0xb0/0xb0
[  989.852616]  ? lock_is_held_type+0xd7/0x130
[  989.853480]  ? find_held_lock+0x2c/0x110
[  989.854289]  ? kernel_clone+0xc4/0xa60
[  989.855074]  kernel_clone+0xe7/0xa60
[  989.855837]  ? create_io_thread+0xf0/0xf0
[  989.856671]  ? find_held_lock+0x2c/0x110
[  989.857500]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  989.858485]  ? bit_wait_io_timeout+0x160/0x160
[  989.859401]  __do_sys_clone+0xc8/0x110
[  989.860180]  ? __do_sys_vfork+0xd0/0xd0
[  989.860985]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  989.862089]  ? vfs_write+0x428/0xad0
[  989.862857]  ? syscall_enter_from_user_mode+0x1d/0x50
[  989.863884]  do_syscall_64+0x3b/0x90
[  989.864624]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  989.865671] RIP: 0033:0x7fa70862cb19
[  989.866409] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  989.870027] RSP: 002b:00007fa705ba2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  989.871537] RAX: ffffffffffffffda RBX: 00007fa70873ff60 RCX: 00007fa70862cb19
[  989.872950] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  989.874359] RBP: 00007fa705ba21d0 R08: 0000000000000000 R09: 0000000000000000
[  989.875764] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  989.877173] R13: 00007ffd6adb49ef R14: 00007fa705ba2300 R15: 0000000000022000
[  989.878595]  </TASK>
[  989.879164] sysctl could not get directory: /fs -12
[  989.880359] CPU: 0 PID: 7146 Comm: syz-executor.6 Not tainted 5.17.0-rc8-next-20220318 #1
[  989.881983] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  989.884202] Call Trace:
[  989.884703]  <TASK>
[  989.885168]  dump_stack_lvl+0x8b/0xb3
[  989.885927]  __register_sysctl_table+0xde7/0x1090
[  989.886897]  ? proc_sys_evict_inode+0x180/0x180
[  989.887824]  ? trace_kmalloc+0x29/0xd0
[  989.888592]  ? __kmalloc_track_caller+0x213/0x430
[  989.889552]  ? setup_mq_sysctls+0x59/0x230
[  989.890395]  ? memcpy+0x39/0x60
[  989.891072]  setup_mq_sysctls+0x13c/0x230
[  989.891900]  copy_ipcs+0x381/0x5d0
[  989.892589]  ? copy_utsname+0xa9/0x4a0
[  989.893376]  create_new_namespaces+0x210/0xb30
[  989.894293]  copy_namespaces+0x391/0x450
[  989.895110]  copy_process+0x2ba5/0x6d10
[  989.895935]  ? __cleanup_sighand+0xb0/0xb0
[  989.896803]  ? lock_is_held_type+0xd7/0x130
[  989.897654]  ? find_held_lock+0x2c/0x110
[  989.898462]  ? kernel_clone+0xc4/0xa60
[  989.899243]  kernel_clone+0xe7/0xa60
[  989.899980]  ? create_io_thread+0xf0/0xf0
[  989.900818]  ? find_held_lock+0x2c/0x110
[  989.901622]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  989.902598]  ? bit_wait_io_timeout+0x160/0x160
[  989.903516]  __do_sys_clone+0xc8/0x110
[  989.904294]  ? __do_sys_vfork+0xd0/0xd0
[  989.905097]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
12:50:12 executing program 3:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x2000000, 0x0, 0x0)

12:50:12 executing program 1:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 83)

12:50:12 executing program 2:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0xc0ffff, 0x0, 0x0)

12:50:12 executing program 7:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff000000000000000007"], 0x1c}], 0x1}, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0)
sendmsg$IPVS_CMD_DEL_SERVICE(r0, &(0x7f0000001200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000001180)={&(0x7f0000001340)=ANY=[@ANYBLOB="f954b225", @ANYRES16=0x0, @ANYBLOB="01002dbd7000fddbdf2503000000140002800800030000000000080004002400000008000500ffffffff"], 0x30}, 0x1, 0x0, 0x0, 0x24008805}, 0x20000000)
preadv(r1, &(0x7f00000011c0)=[{&(0x7f0000000180)=""/4096, 0x1000}], 0x1, 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r2, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0)
fork()
process_madvise(0xffffffffffffffff, 0x0, 0x0, 0x14, 0x0)

[  989.906188]  ? vfs_write+0x428/0xad0
[  989.907178]  ? syscall_enter_from_user_mode+0x1d/0x50
[  989.908219]  do_syscall_64+0x3b/0x90
[  989.908981]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  989.910025] RIP: 0033:0x7fa70862cb19
[  989.910760] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  989.914430] RSP: 002b:00007fa705ba2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  989.915946] RAX: ffffffffffffffda RBX: 00007fa70873ff60 RCX: 00007fa70862cb19
[  989.917383] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  989.918804] RBP: 00007fa705ba21d0 R08: 0000000000000000 R09: 0000000000000000
[  989.920224] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  989.921636] R13: 00007ffd6adb49ef R14: 00007fa705ba2300 R15: 0000000000022000
[  989.923065]  </TASK>
[  989.939686] FAULT_INJECTION: forcing a failure.
[  989.939686] name failslab, interval 1, probability 0, space 0, times 0
[  989.941920] CPU: 0 PID: 7156 Comm: syz-executor.1 Not tainted 5.17.0-rc8-next-20220318 #1
[  989.944219] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  989.946883] Call Trace:
[  989.947483]  <TASK>
[  989.948009]  dump_stack_lvl+0x8b/0xb3
[  989.948928]  should_fail.cold+0x5/0xa
[  989.949830]  ? create_object.isra.0+0x3a/0xa20
[  989.950923]  should_failslab+0x5/0x10
[  989.951817]  kmem_cache_alloc+0x5b/0x480
[  989.952809]  create_object.isra.0+0x3a/0xa20
[  989.953747]  ? kasan_unpoison+0x23/0x50
[  989.954558]  __kmalloc+0x25b/0x440
[  989.955281]  __register_sysctl_table+0x9e2/0x1090
[  989.956259]  ? proc_sys_evict_inode+0x180/0x180
[  989.957202]  ? trace_kmalloc+0x29/0xd0
[  989.957980]  ? __kmalloc_track_caller+0x213/0x430
[  989.958945]  ? setup_mq_sysctls+0x59/0x230
[  989.959795]  ? memcpy+0x39/0x60
[  989.960472]  setup_mq_sysctls+0x13c/0x230
[  989.961321]  copy_ipcs+0x381/0x5d0
[  989.962033]  ? copy_utsname+0xa9/0x4a0
[  989.962823]  create_new_namespaces+0x210/0xb30
[  989.963751]  copy_namespaces+0x391/0x450
[  989.964580]  copy_process+0x2ba5/0x6d10
[  989.965424]  ? __cleanup_sighand+0xb0/0xb0
[  989.966302]  ? lock_is_held_type+0xd7/0x130
[  989.967155]  ? find_held_lock+0x2c/0x110
[  989.967966]  ? kernel_clone+0xc4/0xa60
[  989.968764]  kernel_clone+0xe7/0xa60
[  989.969518]  ? create_io_thread+0xf0/0xf0
[  989.970352]  ? find_held_lock+0x2c/0x110
[  989.971161]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  989.972144]  ? bit_wait_io_timeout+0x160/0x160
[  989.973088]  __do_sys_clone+0xc8/0x110
12:50:12 executing program 2:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0xf0ffff, 0x0, 0x0)

[  989.973870]  ? __do_sys_vfork+0xd0/0xd0
[  989.974829]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  989.975936]  ? vfs_write+0x428/0xad0
[  989.976709]  ? syscall_enter_from_user_mode+0x1d/0x50
[  989.977764]  do_syscall_64+0x3b/0x90
[  989.978527]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  989.979579] RIP: 0033:0x7f71bf82bb19
[  989.980326] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  989.983999] RSP: 002b:00007f71bcda1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  989.985509] RAX: ffffffffffffffda RBX: 00007f71bf93ef60 RCX: 00007f71bf82bb19
[  989.986926] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  989.988341] RBP: 00007f71bcda11d0 R08: 0000000000000000 R09: 0000000000000000
[  989.989761] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  989.991181] R13: 00007ffdc313072f R14: 00007f71bcda1300 R15: 0000000000022000
[  989.992622]  </TASK>
12:50:12 executing program 4:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff000000000000000007"], 0x1c}], 0x1}, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
read(r0, &(0x7f00000001c0)=""/133, 0x85)

12:50:12 executing program 2:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x1000000, 0x0, 0x0)

12:50:12 executing program 3:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x20000000, 0x0, 0x0)

12:50:12 executing program 6:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 81)

12:50:12 executing program 0:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff0000000000000000"], 0x1c}], 0x1}, 0x0)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
read(r0, &(0x7f00000001c0)=""/133, 0x85)

12:50:12 executing program 2:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x2000000, 0x0, 0x0)

12:50:12 executing program 4:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff000000000000000007"], 0x1c}], 0x1}, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
read(r0, &(0x7f00000001c0)=""/133, 0x85)

12:50:12 executing program 7:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff000000000000000007"], 0x1c}], 0x1}, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0)
sendmsg$IPVS_CMD_DEL_SERVICE(r0, &(0x7f0000001200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000001180)={&(0x7f0000001340)=ANY=[@ANYBLOB="f954b225", @ANYRES16=0x0, @ANYBLOB="01002dbd7000fddbdf2503000000140002800800030000000000080004002400000008000500ffffffff"], 0x30}, 0x1, 0x0, 0x0, 0x24008805}, 0x20000000)
preadv(r1, &(0x7f00000011c0)=[{&(0x7f0000000180)=""/4096, 0x1000}], 0x1, 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r2, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0)
fork()
process_madvise(0xffffffffffffffff, 0x0, 0x0, 0x14, 0x0)

[  990.226727] FAULT_INJECTION: forcing a failure.
[  990.226727] name failslab, interval 1, probability 0, space 0, times 0
[  990.229018] CPU: 1 PID: 7277 Comm: syz-executor.6 Not tainted 5.17.0-rc8-next-20220318 #1
[  990.230666] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[  990.232944] Call Trace:
[  990.233455]  <TASK>
[  990.233896]  dump_stack_lvl+0x8b/0xb3
[  990.234692]  should_fail.cold+0x5/0xa
[  990.235469]  ? create_object.isra.0+0x3a/0xa20
[  990.236419]  should_failslab+0x5/0x10
[  990.237186]  kmem_cache_alloc+0x5b/0x480
[  990.238001]  create_object.isra.0+0x3a/0xa20
[  990.238921]  ? kasan_unpoison+0x23/0x50
[  990.239740]  __kmalloc+0x25b/0x440
[  990.240463]  __register_sysctl_table+0x9e2/0x1090
[  990.241477]  ? proc_sys_evict_inode+0x180/0x180
[  990.242437]  ? trace_kmalloc+0x29/0xd0
[  990.243230]  ? __kmalloc_track_caller+0x213/0x430
[  990.244199]  ? setup_mq_sysctls+0x59/0x230
[  990.245073]  ? memcpy+0x39/0x60
[  990.245736]  setup_mq_sysctls+0x13c/0x230
[  990.246594]  copy_ipcs+0x381/0x5d0
[  990.247304]  ? copy_utsname+0xa9/0x4a0
[  990.248087]  create_new_namespaces+0x210/0xb30
[  990.249036]  copy_namespaces+0x391/0x450
[  990.249858]  copy_process+0x2ba5/0x6d10
[  990.250689]  ? __cleanup_sighand+0xb0/0xb0
[  990.251551]  ? lock_is_held_type+0xd7/0x130
[  990.252413]  ? find_held_lock+0x2c/0x110
[  990.253251]  ? kernel_clone+0xc4/0xa60
[  990.254043]  kernel_clone+0xe7/0xa60
[  990.254797]  ? create_io_thread+0xf0/0xf0
[  990.255627]  ? find_held_lock+0x2c/0x110
[  990.256441]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[  990.257434]  ? bit_wait_io_timeout+0x160/0x160
[  990.258351]  __do_sys_clone+0xc8/0x110
[  990.259132]  ? __do_sys_vfork+0xd0/0xd0
[  990.259935]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[  990.261036]  ? vfs_write+0x428/0xad0
[  990.261801]  ? syscall_enter_from_user_mode+0x1d/0x50
[  990.262833]  do_syscall_64+0x3b/0x90
[  990.263586]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  990.264618] RIP: 0033:0x7fa70862cb19
[  990.265367] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[  990.269009] RSP: 002b:00007fa705ba2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  990.270512] RAX: ffffffffffffffda RBX: 00007fa70873ff60 RCX: 00007fa70862cb19
[  990.271924] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[  990.273344] RBP: 00007fa705ba21d0 R08: 0000000000000000 R09: 0000000000000000
[  990.274756] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  990.276169] R13: 00007ffd6adb49ef R14: 00007fa705ba2300 R15: 0000000000022000
[  990.277618]  </TASK>
[ 1006.399023] FAULT_INJECTION: forcing a failure.
[ 1006.399023] name failslab, interval 1, probability 0, space 0, times 0
12:50:28 executing program 3:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0xffff8000, 0x0, 0x0)

12:50:28 executing program 0:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{0x0, 0x1c}], 0x1}, 0x0)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
read(r0, &(0x7f00000001c0)=""/133, 0x85)

12:50:28 executing program 5:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x2, 0x0, 0x0, 0x0)

12:50:28 executing program 1:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 84)

12:50:28 executing program 2:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x20000000, 0x0, 0x0)

12:50:28 executing program 4:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff000000000000000007"], 0x1c}], 0x1}, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
read(r0, &(0x7f00000001c0)=""/133, 0x85)

12:50:28 executing program 6:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 82)

[ 1006.400498] CPU: 1 PID: 7301 Comm: syz-executor.6 Not tainted 5.17.0-rc8-next-20220318 #1
[ 1006.401721] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1006.402918] Call Trace:
[ 1006.403195]  <TASK>
[ 1006.403436]  dump_stack_lvl+0x8b/0xb3
[ 1006.403849]  should_fail.cold+0x5/0xa
[ 1006.404259]  ? __register_sysctl_table+0x9e2/0x1090
[ 1006.404796]  should_failslab+0x5/0x10
[ 1006.405207]  __kmalloc+0x72/0x440
[ 1006.405581]  __register_sysctl_table+0x9e2/0x1090
[ 1006.406144]  ? proc_sys_evict_inode+0x180/0x180
[ 1006.406758]  ? trace_kmalloc+0x29/0xd0
[ 1006.407231]  ? __kmalloc_track_caller+0x213/0x430
[ 1006.407806]  ? setup_mq_sysctls+0x59/0x230
[ 1006.408345]  ? memcpy+0x39/0x60
[ 1006.408797]  setup_mq_sysctls+0x13c/0x230
[ 1006.409343]  copy_ipcs+0x381/0x5d0
[ 1006.409840]  ? copy_utsname+0xa9/0x4a0
[ 1006.410329]  create_new_namespaces+0x210/0xb30
[ 1006.410931]  copy_namespaces+0x391/0x450
[ 1006.411411]  copy_process+0x2ba5/0x6d10
[ 1006.411905]  ? __cleanup_sighand+0xb0/0xb0
[ 1006.412454]  ? lock_is_held_type+0xd7/0x130
[ 1006.412996]  ? find_held_lock+0x2c/0x110
[ 1006.413522]  ? kernel_clone+0xc4/0xa60
[ 1006.414011]  kernel_clone+0xe7/0xa60
[ 1006.414449]  ? create_io_thread+0xf0/0xf0
[ 1006.414895]  ? find_held_lock+0x2c/0x110
[ 1006.415326]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[ 1006.415857]  ? bit_wait_io_timeout+0x160/0x160
[ 1006.416344]  __do_sys_clone+0xc8/0x110
[ 1006.416759]  ? __do_sys_vfork+0xd0/0xd0
[ 1006.417198]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 1006.417783]  ? vfs_write+0x428/0xad0
[ 1006.418213]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1006.418765]  do_syscall_64+0x3b/0x90
12:50:28 executing program 7:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x10, 0x0, 0x0, 0x0)

[ 1006.419162]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1006.419962] RIP: 0033:0x7fa70862cb19
[ 1006.420434] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1006.422806] RSP: 002b:00007fa705ba2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 1006.423687] RAX: ffffffffffffffda RBX: 00007fa70873ff60 RCX: 00007fa70862cb19
[ 1006.424607] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[ 1006.425529] RBP: 00007fa705ba21d0 R08: 0000000000000000 R09: 0000000000000000
[ 1006.426361] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1006.427103] R13: 00007ffd6adb49ef R14: 00007fa705ba2300 R15: 0000000000022000
[ 1006.427828] FAULT_INJECTION: forcing a failure.
[ 1006.427828] name failslab, interval 1, probability 0, space 0, times 0
[ 1006.428063]  </TASK>
[ 1006.430577] CPU: 0 PID: 7302 Comm: syz-executor.1 Not tainted 5.17.0-rc8-next-20220318 #1
[ 1006.431029] sysctl could not get directory: 
[ 1006.432206] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1006.432227] Call Trace:
[ 1006.432236]  <TASK>
[ 1006.432247]  dump_stack_lvl+0x8b/0xb3
[ 1006.432293]  should_fail.cold+0x5/0xa
[ 1006.432330]  should_failslab+0x5/0x10
[ 1006.432886] /
[ 1006.435266]  __kmalloc_track_caller+0x79/0x430
[ 1006.435609] fs/mqueue -12
[ 1006.436185]  ? setup_ipc_sysctls+0x59/0x2f0
[ 1006.441329]  kmemdup+0x23/0x50
[ 1006.442079]  setup_ipc_sysctls+0x59/0x2f0
[ 1006.442913]  copy_ipcs+0x482/0x5d0
[ 1006.443627]  ? copy_utsname+0xa9/0x4a0
[ 1006.444416]  create_new_namespaces+0x210/0xb30
[ 1006.445369]  copy_namespaces+0x391/0x450
[ 1006.446198]  copy_process+0x2ba5/0x6d10
[ 1006.447029]  ? __cleanup_sighand+0xb0/0xb0
[ 1006.447915]  ? lock_is_held_type+0xd7/0x130
[ 1006.448778]  ? find_held_lock+0x2c/0x110
[ 1006.449678]  ? kernel_clone+0xc4/0xa60
[ 1006.450473]  kernel_clone+0xe7/0xa60
[ 1006.451255]  ? create_io_thread+0xf0/0xf0
[ 1006.452086]  ? find_held_lock+0x2c/0x110
[ 1006.453004]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[ 1006.453996]  ? bit_wait_io_timeout+0x160/0x160
[ 1006.454923]  __do_sys_clone+0xc8/0x110
[ 1006.455709]  ? __do_sys_vfork+0xd0/0xd0
[ 1006.456514]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 1006.457627]  ? vfs_write+0x428/0xad0
[ 1006.458392]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1006.459470]  do_syscall_64+0x3b/0x90
[ 1006.460230]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1006.461305] RIP: 0033:0x7f71bf82bb19
[ 1006.462042] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1006.465686] RSP: 002b:00007f71bcda1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 1006.467180] RAX: ffffffffffffffda RBX: 00007f71bf93ef60 RCX: 00007f71bf82bb19
[ 1006.468596] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[ 1006.470019] RBP: 00007f71bcda11d0 R08: 0000000000000000 R09: 0000000000000000
[ 1006.471434] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1006.472842] R13: 00007ffdc313072f R14: 00007f71bcda1300 R15: 0000000000022000
[ 1006.474287]  </TASK>
[ 1006.474752] CPU: 1 PID: 7301 Comm: syz-executor.6 Not tainted 5.17.0-rc8-next-20220318 #1
[ 1006.475667] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1006.476912] Call Trace:
[ 1006.477212]  <TASK>
[ 1006.477455]  dump_stack_lvl+0x8b/0xb3
[ 1006.477883]  __register_sysctl_table+0xde7/0x1090
[ 1006.478422]  ? proc_sys_evict_inode+0x180/0x180
[ 1006.478963]  ? trace_kmalloc+0x29/0xd0
[ 1006.479396]  ? __kmalloc_track_caller+0x213/0x430
[ 1006.479906]  ? setup_mq_sysctls+0x59/0x230
[ 1006.480388]  ? memcpy+0x39/0x60
[ 1006.480765]  setup_mq_sysctls+0x13c/0x230
[ 1006.481236]  copy_ipcs+0x381/0x5d0
[ 1006.481621]  ? copy_utsname+0xa9/0x4a0
[ 1006.482040]  create_new_namespaces+0x210/0xb30
[ 1006.482546]  copy_namespaces+0x391/0x450
[ 1006.482976]  copy_process+0x2ba5/0x6d10
[ 1006.483436]  ? __cleanup_sighand+0xb0/0xb0
[ 1006.483914]  ? lock_is_held_type+0xd7/0x130
[ 1006.484389]  ? find_held_lock+0x2c/0x110
[ 1006.484838]  ? kernel_clone+0xc4/0xa60
[ 1006.485286]  kernel_clone+0xe7/0xa60
[ 1006.485705]  ? create_io_thread+0xf0/0xf0
[ 1006.486163]  ? find_held_lock+0x2c/0x110
[ 1006.486612]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[ 1006.487157]  ? bit_wait_io_timeout+0x160/0x160
[ 1006.487649]  __do_sys_clone+0xc8/0x110
[ 1006.488081]  ? __do_sys_vfork+0xd0/0xd0
[ 1006.488510]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 1006.489134]  ? vfs_write+0x428/0xad0
[ 1006.489552]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1006.490114]  do_syscall_64+0x3b/0x90
[ 1006.490532]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1006.491110] RIP: 0033:0x7fa70862cb19
[ 1006.491514] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1006.493522] RSP: 002b:00007fa705ba2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 1006.494344] RAX: ffffffffffffffda RBX: 00007fa70873ff60 RCX: 00007fa70862cb19
[ 1006.495115] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[ 1006.495901] RBP: 00007fa705ba21d0 R08: 0000000000000000 R09: 0000000000000000
[ 1006.496671] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1006.497468] R13: 00007ffd6adb49ef R14: 00007fa705ba2300 R15: 0000000000022000
[ 1006.498261]  </TASK>
12:50:28 executing program 4:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff000000000000000007"], 0x1c}], 0x1}, 0x0)
syz_io_uring_setup(0x1, 0x0, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
read(r0, &(0x7f00000001c0)=""/133, 0x85)

12:50:28 executing program 7:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff000000000000000007"], 0x1c}], 0x1}, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0)
sendmsg$IPVS_CMD_DEL_SERVICE(r0, &(0x7f0000001200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000001180)={&(0x7f0000001340)=ANY=[@ANYBLOB="f954b225", @ANYRES16=0x0, @ANYBLOB="01002dbd7000fddbdf2503000000140002800800030000000000080004002400000008000500ffffffff"], 0x30}, 0x1, 0x0, 0x0, 0x24008805}, 0x20000000)
preadv(r1, &(0x7f00000011c0)=[{&(0x7f0000000180)=""/4096, 0x1000}], 0x1, 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x101042, 0x0)
pwritev(r2, &(0x7f0000000080)=[{&(0x7f0000000140)='\x00', 0x1a}], 0x1, 0x7fffffc, 0x0)
r3 = fork()
r4 = pidfd_open(r3, 0x0)
process_madvise(r4, 0x0, 0x0, 0x14, 0x0)

12:50:28 executing program 5:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0x0, 0x0, 0x0)

12:50:28 executing program 2:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0xffff8000, 0x0, 0x0)

12:50:28 executing program 4:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000007ec0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="1c0000001e0069ff000000000000000007"], 0x1c}], 0x1}, 0x0)
syz_io_uring_setup(0x1, 0x0, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000000))
read(r0, &(0x7f00000001c0)=""/133, 0x85)

12:50:28 executing program 3:
r0 = syz_io_uring_setup(0xeaf, &(0x7f0000000200), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000380)=<r2=>0x0)
r3 = epoll_create(0x1)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd=r3, 0x0, 0x0}, 0x0)
io_uring_enter(r0, 0x4059, 0x0, 0xffffc000, 0x0, 0x0)

12:50:28 executing program 1:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 85)

12:50:28 executing program 6:
clone(0x5d9809c9, 0x0, 0x0, 0x0, 0x0) (fail_nth: 83)

[ 1006.689758] FAULT_INJECTION: forcing a failure.
[ 1006.689758] name failslab, interval 1, probability 0, space 0, times 0
[ 1006.691041] CPU: 1 PID: 7372 Comm: syz-executor.1 Not tainted 5.17.0-rc8-next-20220318 #1
[ 1006.691913] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1006.693114] Call Trace:
[ 1006.693391]  <TASK>
[ 1006.693623]  dump_stack_lvl+0x8b/0xb3
[ 1006.694040]  should_fail.cold+0x5/0xa
[ 1006.694446]  ? __register_sysctl_table+0x9e2/0x1090
[ 1006.694979]  should_failslab+0x5/0x10
[ 1006.695379]  __kmalloc+0x72/0x440
[ 1006.695760]  __register_sysctl_table+0x9e2/0x1090
[ 1006.696276]  ? proc_sys_evict_inode+0x180/0x180
[ 1006.696774]  ? trace_kmalloc+0x29/0xd0
[ 1006.697197]  ? __kmalloc_track_caller+0x213/0x430
[ 1006.697697]  ? setup_mq_sysctls+0x59/0x230
[ 1006.698148]  ? memcpy+0x39/0x60
[ 1006.698520]  setup_mq_sysctls+0x13c/0x230
[ 1006.698975]  copy_ipcs+0x381/0x5d0
[ 1006.699348]  ? copy_utsname+0xa9/0x4a0
[ 1006.699771]  create_new_namespaces+0x210/0xb30
[ 1006.700271]  copy_namespaces+0x391/0x450
[ 1006.700707]  copy_process+0x2ba5/0x6d10
[ 1006.701154]  ? __cleanup_sighand+0xb0/0xb0
[ 1006.701607]  ? lock_is_held_type+0xd7/0x130
[ 1006.702056]  ? find_held_lock+0x2c/0x110
[ 1006.702485]  ? kernel_clone+0xc4/0xa60
[ 1006.702904]  kernel_clone+0xe7/0xa60
[ 1006.703299]  ? create_io_thread+0xf0/0xf0
[ 1006.703740]  ? find_held_lock+0x2c/0x110
[ 1006.704162]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[ 1006.704682]  ? bit_wait_io_timeout+0x160/0x160
[ 1006.705180]  __do_sys_clone+0xc8/0x110
[ 1006.705592]  ? __do_sys_vfork+0xd0/0xd0
[ 1006.706014]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 1006.706599]  ? vfs_write+0x428/0xad0
[ 1006.707001]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1006.707541]  do_syscall_64+0x3b/0x90
[ 1006.707934]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1006.708481] RIP: 0033:0x7f71bf82bb19
[ 1006.708866] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1006.710783] RSP: 002b:00007f71bcda1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 1006.711564] RAX: ffffffffffffffda RBX: 00007f71bf93ef60 RCX: 00007f71bf82bb19
[ 1006.712299] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[ 1006.713045] RBP: 00007f71bcda11d0 R08: 0000000000000000 R09: 0000000000000000
[ 1006.713781] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1006.714524] R13: 00007ffdc313072f R14: 00007f71bcda1300 R15: 0000000000022000
[ 1006.715271]  </TASK>
[ 1006.715578] sysctl could not get directory: /fs/mqueue -12
[ 1006.716327] CPU: 1 PID: 7372 Comm: syz-executor.1 Not tainted 5.17.0-rc8-next-20220318 #1
[ 1006.717210] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1006.718374] Call Trace:
[ 1006.718644]  <TASK>
[ 1006.718880]  dump_stack_lvl+0x8b/0xb3
[ 1006.719287]  __register_sysctl_table+0xde7/0x1090
[ 1006.719797]  ? proc_sys_evict_inode+0x180/0x180
[ 1006.720280]  ? trace_kmalloc+0x29/0xd0
[ 1006.720683]  ? __kmalloc_track_caller+0x213/0x430
[ 1006.721202]  ? setup_mq_sysctls+0x59/0x230
[ 1006.721640]  ? memcpy+0x39/0x60
[ 1006.721994]  setup_mq_sysctls+0x13c/0x230
[ 1006.722433]  copy_ipcs+0x381/0x5d0
[ 1006.722802]  ? copy_utsname+0xa9/0x4a0
[ 1006.723213]  create_new_namespaces+0x210/0xb30
[ 1006.723696]  copy_namespaces+0x391/0x450
[ 1006.724120]  copy_process+0x2ba5/0x6d10
[ 1006.724553]  ? __cleanup_sighand+0xb0/0xb0
[ 1006.725011]  ? lock_is_held_type+0xd7/0x130
[ 1006.725462]  ? find_held_lock+0x2c/0x110
[ 1006.725885]  ? kernel_clone+0xc4/0xa60
[ 1006.726298]  kernel_clone+0xe7/0xa60
[ 1006.726691]  ? create_io_thread+0xf0/0xf0
[ 1006.727129]  ? find_held_lock+0x2c/0x110
[ 1006.727562]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[ 1006.728075]  ? bit_wait_io_timeout+0x160/0x160
[ 1006.728557]  __do_sys_clone+0xc8/0x110
[ 1006.728979]  ? __do_sys_vfork+0xd0/0xd0
[ 1006.729410]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 1006.729981]  ? vfs_write+0x428/0xad0
[ 1006.730385]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1006.730921]  do_syscall_64+0x3b/0x90
[ 1006.731315]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1006.731862] RIP: 0033:0x7f71bf82bb19
[ 1006.732247] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1006.734164] RSP: 002b:00007f71bcda1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 1006.734955] RAX: ffffffffffffffda RBX: 00007f71bf93ef60 RCX: 00007f71bf82bb19
[ 1006.735700] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[ 1006.736451] RBP: 00007f71bcda11d0 R08: 0000000000000000 R09: 0000000000000000
[ 1006.737206] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1006.737943] R13: 00007ffdc313072f R14: 00007f71bcda1300 R15: 0000000000022000
[ 1006.738690]  </TASK>
[ 1006.775348] FAULT_INJECTION: forcing a failure.
[ 1006.775348] name failslab, interval 1, probability 0, space 0, times 0
[ 1006.777829] CPU: 0 PID: 7432 Comm: syz-executor.6 Not tainted 5.17.0-rc8-next-20220318 #1
[ 1006.779478] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1006.781759] Call Trace:
[ 1006.782275]  <TASK>
[ 1006.782730]  dump_stack_lvl+0x8b/0xb3
[ 1006.783521]  should_fail.cold+0x5/0xa
[ 1006.784309]  ? __register_sysctl_table+0x9e2/0x1090
[ 1006.785361]  should_failslab+0x5/0x10
[ 1006.786142]  __kmalloc+0x72/0x440
[ 1006.786873]  __register_sysctl_table+0x9e2/0x1090
[ 1006.787864]  ? proc_sys_evict_inode+0x180/0x180
[ 1006.788806]  ? trace_kmalloc+0x29/0xd0
[ 1006.789604]  ? __kmalloc_track_caller+0x213/0x430
[ 1006.790578]  ? setup_mq_sysctls+0x59/0x230
[ 1006.791442]  ? memcpy+0x39/0x60
[ 1006.792129]  setup_mq_sysctls+0x13c/0x230
[ 1006.793002]  copy_ipcs+0x381/0x5d0
[ 1006.793724]  ? copy_utsname+0xa9/0x4a0
[ 1006.794524]  create_new_namespaces+0x210/0xb30
[ 1006.795472]  copy_namespaces+0x391/0x450
[ 1006.796303]  copy_process+0x2ba5/0x6d10
[ 1006.797157]  ? __cleanup_sighand+0xb0/0xb0
[ 1006.798027]  ? lock_is_held_type+0xd7/0x130
[ 1006.798898]  ? find_held_lock+0x2c/0x110
[ 1006.799725]  ? kernel_clone+0xc4/0xa60
[ 1006.800528]  kernel_clone+0xe7/0xa60
[ 1006.801317]  ? create_io_thread+0xf0/0xf0
[ 1006.802163]  ? find_held_lock+0x2c/0x110
[ 1006.803020]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[ 1006.804026]  ? bit_wait_io_timeout+0x160/0x160
[ 1006.804982]  __do_sys_clone+0xc8/0x110
[ 1006.805925]  ? __do_sys_vfork+0xd0/0xd0
[ 1006.806891]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 1006.808005]  ? vfs_write+0x428/0xad0
[ 1006.808920]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1006.809989]  do_syscall_64+0x3b/0x90
[ 1006.810886]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1006.811956] RIP: 0033:0x7fa70862cb19
[ 1006.812708] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1006.816386] RSP: 002b:00007fa705ba2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 1006.817917] RAX: ffffffffffffffda RBX: 00007fa70873ff60 RCX: 00007fa70862cb19
[ 1006.819349] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[ 1006.820778] RBP: 00007fa705ba21d0 R08: 0000000000000000 R09: 0000000000000000
[ 1006.822223] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1006.823654] R13: 00007ffd6adb49ef R14: 00007fa705ba2300 R15: 0000000000022000
[ 1006.825132]  </TASK>
[ 1006.825687] sysctl could not get directory: /fs -12
[ 1006.826758] CPU: 0 PID: 7432 Comm: syz-executor.6 Not tainted 5.17.0-rc8-next-20220318 #1
[ 1006.828411] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1006.830723] Call Trace:
[ 1006.831258]  <TASK>
[ 1006.831721]  dump_stack_lvl+0x8b/0xb3
[ 1006.832516]  __register_sysctl_table+0xde7/0x1090
[ 1006.833539]  ? proc_sys_evict_inode+0x180/0x180
[ 1006.834511]  ? trace_kmalloc+0x29/0xd0
[ 1006.835320]  ? __kmalloc_track_caller+0x213/0x430
[ 1006.836329]  ? setup_mq_sysctls+0x59/0x230
[ 1006.837210]  ? memcpy+0x39/0x60
[ 1006.837896]  setup_mq_sysctls+0x13c/0x230
[ 1006.838756]  copy_ipcs+0x381/0x5d0
[ 1006.839483]  ? copy_utsname+0xa9/0x4a0
[ 1006.840332]  create_new_namespaces+0x210/0xb30
[ 1006.841290]  copy_namespaces+0x391/0x450
[ 1006.842119]  copy_process+0x2ba5/0x6d10
[ 1006.842966]  ? __cleanup_sighand+0xb0/0xb0
[ 1006.843835]  ? lock_is_held_type+0xd7/0x130
[ 1006.844703]  ? find_held_lock+0x2c/0x110
[ 1006.845551]  ? kernel_clone+0xc4/0xa60
[ 1006.846350]  kernel_clone+0xe7/0xa60
[ 1006.847116]  ? create_io_thread+0xf0/0xf0
[ 1006.847958]  ? find_held_lock+0x2c/0x110
[ 1006.848801]  ? __mutex_unlock_slowpath+0x15c/0x5e0
[ 1006.849809]  ? bit_wait_io_timeout+0x160/0x160
[ 1006.850753]  __do_sys_clone+0xc8/0x110
[ 1006.851555]  ? __do_sys_vfork+0xd0/0xd0
[ 1006.852372]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 1006.853510]  ? vfs_write+0x428/0xad0
[ 1006.854304]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1006.855362]  do_syscall_64+0x3b/0x90
[ 1006.856133]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1006.857211] RIP: 0033:0x7fa70862cb19
[ 1006.857968] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1006.861696] RSP: 002b:00007fa705ba2188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 1006.863234] RAX: ffffffffffffffda RBX: 00007fa70873ff60 RCX: 00007fa70862cb19
[ 1006.864670] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000005d9809c9
[ 1006.866123] RBP: 00007fa705ba21d0 R08: 0000000000000000 R09: 0000000000000000
[ 1006.867556] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1006.868996] R13: 00007ffd6adb49ef R14: 00007fa705ba2300 R15: 0000000000022000
[ 1006.870460]  </TASK>
[ 1020.544468] kmemleak: 4 new suspected memory leaks (see /sys/kernel/debug/kmemleak)
BUG: memory leak
unreferenced object 0xffff88800ea06400 (size 512):
  comm "syz-executor.1", pid 7302, jiffies 4295673269 (age 21.140s)
  hex dump (first 32 bytes):
    e0 d2 79 84 ff ff ff ff 8c 67 70 46 80 88 ff ff  ..y......gpF....
    04 00 00 00 a4 01 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<0000000074edb0d5>] kmemdup+0x23/0x50
    [<00000000e988187b>] setup_mq_sysctls+0x59/0x230
    [<00000000f8ee7dce>] copy_ipcs+0x381/0x5d0
    [<00000000cb1ed5c6>] create_new_namespaces+0x210/0xb30
    [<0000000016f2e97a>] copy_namespaces+0x391/0x450
    [<00000000cbd78e5d>] copy_process+0x2ba5/0x6d10
    [<00000000f2caf395>] kernel_clone+0xe7/0xa60
    [<000000003530ff10>] __do_sys_clone+0xc8/0x110
    [<00000000fe1e9180>] do_syscall_64+0x3b/0x90
    [<000000008c852daf>] entry_SYSCALL_64_after_hwframe+0x44/0xae

BUG: memory leak
unreferenced object 0xffff88800da53600 (size 256):
  comm "syz-executor.1", pid 7302, jiffies 4295673269 (age 21.140s)
  hex dump (first 32 bytes):
    00 64 a0 0e 80 88 ff ff 00 00 00 00 01 00 00 00  .d..............
    01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<0000000014c63b43>] __register_sysctl_table+0x112/0x1090
    [<00000000512c6c64>] setup_mq_sysctls+0x13c/0x230
    [<00000000f8ee7dce>] copy_ipcs+0x381/0x5d0
    [<00000000cb1ed5c6>] create_new_namespaces+0x210/0xb30
    [<0000000016f2e97a>] copy_namespaces+0x391/0x450
    [<00000000cbd78e5d>] copy_process+0x2ba5/0x6d10
    [<00000000f2caf395>] kernel_clone+0xe7/0xa60
    [<000000003530ff10>] __do_sys_clone+0xc8/0x110
    [<00000000fe1e9180>] do_syscall_64+0x3b/0x90
    [<000000008c852daf>] entry_SYSCALL_64_after_hwframe+0x44/0xae

BUG: memory leak
unreferenced object 0xffff88800da53200 (size 256):
  comm "syz-executor.1", pid 7302, jiffies 4295673269 (age 21.140s)
  hex dump (first 32 bytes):
    78 32 a5 0d 80 88 ff ff 00 00 00 00 01 00 00 00  x2..............
    01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<0000000026d07105>] __register_sysctl_table+0x9e2/0x1090
    [<00000000512c6c64>] setup_mq_sysctls+0x13c/0x230
    [<00000000f8ee7dce>] copy_ipcs+0x381/0x5d0
    [<00000000cb1ed5c6>] create_new_namespaces+0x210/0xb30
    [<0000000016f2e97a>] copy_namespaces+0x391/0x450
    [<00000000cbd78e5d>] copy_process+0x2ba5/0x6d10
    [<00000000f2caf395>] kernel_clone+0xe7/0xa60
    [<000000003530ff10>] __do_sys_clone+0xc8/0x110
    [<00000000fe1e9180>] do_syscall_64+0x3b/0x90
    [<000000008c852daf>] entry_SYSCALL_64_after_hwframe+0x44/0xae

BUG: memory leak
unreferenced object 0xffff88800da53c00 (size 256):
  comm "syz-executor.1", pid 7302, jiffies 4295673269 (age 21.140s)
  hex dump (first 32 bytes):
    78 3c a5 0d 80 88 ff ff 00 00 00 00 01 00 00 00  x<..............
    01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<0000000026d07105>] __register_sysctl_table+0x9e2/0x1090
    [<00000000512c6c64>] setup_mq_sysctls+0x13c/0x230
    [<00000000f8ee7dce>] copy_ipcs+0x381/0x5d0
    [<00000000cb1ed5c6>] create_new_namespaces+0x210/0xb30
    [<0000000016f2e97a>] copy_namespaces+0x391/0x450
    [<00000000cbd78e5d>] copy_process+0x2ba5/0x6d10
    [<00000000f2caf395>] kernel_clone+0xe7/0xa60
    [<000000003530ff10>] __do_sys_clone+0xc8/0x110
    [<00000000fe1e9180>] do_syscall_64+0x3b/0x90
    [<000000008c852daf>] entry_SYSCALL_64_after_hwframe+0x44/0xae

BUG: leak checking failed

VM DIAGNOSIS:
12:50:50  Registers:
info registers vcpu 0
RAX=ffffffff840d88b0 RBX=ffffffff85032800 RCX=ffffffff840bb1b1 RDX=0000000000000000
RSI=0000000000000001 RDI=0000000000000000 RBP=0000000000000000 RSP=ffffffff85007e40
R8 =0000000000000001 R9 =ffff88806ce38cd3 R10=ffffed100d9c719a R11=0000000000000001
R12=fffffbfff0a06500 R13=ffffffff858cc390 R14=0000000000000000 R15=dffffc0000000000
RIP=ffffffff840d88bb RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000000000000000 00000000 00000000
GS =0000 ffff88806ce00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007ffdab15c020 CR3=000000001d160000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM01=0000000000000000 0000000000000000 656a626f20646563 6e6572656665726e
YMM02=0000000000000000 0000000000000000 2932313520657a69 7328203030343630
YMM03=0000000000000000 0000000000000000 3720646970202c22 312e726f74756365
YMM04=0000000000000000 0000000000000000 2e2e2e2e2e792e2e 2020666620666620
YMM05=0000000000000000 0000000000000000 3820666620666620 6666206666203438
YMM06=0000000000000000 0000000000000000 7365747962203233 2074737269662820
YMM07=0000000000000000 0000000000000000 2e31322065676128 2039363233373635
YMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1
RAX=ffffffff840d88b0 RBX=ffff8880081cb580 RCX=ffffffff840bb1b1 RDX=0000000000000000
RSI=0000000000000001 RDI=0000000000000000 RBP=0000000000000001 RSP=ffff8880081ffe78
R8 =0000000000000001 R9 =ffff88806cf38cd3 R10=ffffed100d9e719a R11=0000000000000001
R12=ffffed10010396b0 R13=ffffffff858cc390 R14=0000000000000000 R15=dffffc0000000000
RIP=ffffffff840d88bb RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000000000000000 00000000 00000000
GS =0000 ffff88806cf00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f652d62b878 CR3=000000001d160000 CR4=00350ee0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM01=0000000000000000 0000000000000000 656a626f20646563 6e6572656665726e
YMM02=0000000000000000 0000000000000000 2932313520657a69 7328203030343630
YMM03=0000000000000000 0000000000000000 3720646970202c22 312e726f74756365
YMM04=0000000000000000 0000000000000000 2e2e2e2e2e792e2e 2020666620666620
YMM05=0000000000000000 0000000000000000 3820666620666620 6666206666203438
YMM06=0000000000000000 0000000000000000 7365747962203233 2074737269662820
YMM07=0000000000000000 0000000000000000 2e31322065676128 2039363233373635
YMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000