.014533] FAULT_INJECTION: forcing a failure.
[ 1243.014533] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1243.014592] CPU: 0 PID: 6267 Comm: syz-executor.2 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1243.014610] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1243.014619] Call Trace:
[ 1243.014623]  <TASK>
[ 1243.014628]  dump_stack_lvl+0x8b/0xb3
[ 1243.014651]  should_fail.cold+0x5/0xa
[ 1243.014679]  _copy_from_user+0x2a/0x170
[ 1243.014718]  io_uring_setup+0x86/0x150
[ 1243.014771]  ? lock_is_held_type+0xd7/0x130
[ 1243.014825]  ? io_sqe_files_register+0x230/0x230
[ 1243.014876]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 1243.014934]  ? vfs_write+0x422/0xac0
[ 1243.014994]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1243.015058]  do_syscall_64+0x3b/0x90
[ 1243.015101]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1243.015150] RIP: 0033:0x7f4ea96a2b19
[ 1243.015174] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1243.015209] RSP: 002b:00007f4ea6c18108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1243.015242] RAX: ffffffffffffffda RBX: 00007f4ea97b5f60 RCX: 00007f4ea96a2b19
[ 1243.015285] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1243.015294] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1243.015303] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1243.015311] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1243.015331]  </TASK>
[ 1255.756534] kmemleak: 4 new suspected memory leaks (see /sys/kernel/debug/kmemleak)
19:31:18 executing program 3:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)=<r2=>0x0)
r3 = creat(&(0x7f0000000380)='./file1\x00', 0x0)
r4 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140))
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
r6 = syz_io_uring_setup(0x76e7, &(0x7f0000000340), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000280), &(0x7f00000003c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0xa, 0x0, r5)
syz_io_uring_submit(0x0, r2, &(0x7f00000003c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x4, 0x0, @fd=r3, 0xfffffffffffffff9, 0x0, 0xf690, 0x0, 0x0, {0x0, r5}}, 0x1000)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
fchmodat(r7, &(0x7f0000000180)='./file0\x00', 0x4)
r8 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r9 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r9, r8, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r7, 0x5206, &(0x7f0000000480))

19:31:18 executing program 1:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, 0x0, &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x2, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240))

19:31:18 executing program 2:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 2)

19:31:18 executing program 0:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, 0x0, &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x2, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240))

19:31:18 executing program 6:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 2)

19:31:18 executing program 4:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000080)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r1 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[])
r2 = openat(r1, &(0x7f0000000180)='./file0\x00', 0x101042, 0x2500)
write(r2, &(0x7f0000000080)="01", 0xffff8000)
r3 = openat$full(0xffffffffffffff9c, 0x0, 0x0, 0x0)
io_submit(0x0, 0x1, &(0x7f0000001340)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x2}])
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f00000006c0)={<r4=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r3, 0xc0182101, &(0x7f0000000740)={r4, 0x37, 0x9})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000000)={r4, 0x0, r0, 0xffffff80, 0x80000})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000200)={0x0, 0x0, 0xffffffffffffffff, 0x0, 0xfe7})

19:31:18 executing program 5:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0x5312)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x149802, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'rose0\x00'})
pwritev2(r1, &(0x7f0000000600)=[{&(0x7f00000000c0)="7d6d540c10037b9b35480d310900", 0xe}, {0x0}], 0x2, 0x0, 0x0, 0x0)
r2 = fsmount(r0, 0x1, 0x9)
ioctl$TUNATTACHFILTER(r2, 0x401054d5, &(0x7f0000000140)={0x4, &(0x7f0000000100)=[{0x3, 0x3, 0x2, 0x9}, {0x8, 0x7f, 0x9d, 0x1}, {0xd9a, 0x0, 0x7, 0x4}, {0x81, 0x40, 0x3f, 0x1}]})
r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r3, 0x8010671f, &(0x7f0000000200)={&(0x7f0000000640)=""/4096, 0x1000})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x149802, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000000)={'rose0\x00'})
pwritev2(r4, &(0x7f0000000600)=[{&(0x7f00000000c0)="7d6d540c10037b9b35480d310900", 0xe}, {0x0}], 0x2, 0x0, 0x0, 0x0)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x149802, 0x0)
syz_open_dev$vcsa(&(0x7f0000000180), 0x1, 0x20000)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000000)={'rose0\x00'})
pwritev2(r5, &(0x7f0000000600)=[{&(0x7f00000000c0)="7d6d540c10037b9b35480d310900", 0xe}, {0x0}], 0x2, 0x0, 0x0, 0x0)
ioctl$FIDEDUPERANGE(r1, 0xc0189436, &(0x7f0000000040)={0x9dfc, 0x0, 0x2, 0x0, 0x0, [{{r4}, 0x7}, {{r5}, 0x84}]})

19:31:18 executing program 7:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0x5321)

[ 1262.594448] FAULT_INJECTION: forcing a failure.
[ 1262.594448] name failslab, interval 1, probability 0, space 0, times 1
[ 1262.594473] CPU: 0 PID: 6281 Comm: syz-executor.2 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1262.594492] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1262.594503] Call Trace:
[ 1262.594508]  <TASK>
[ 1262.594513]  dump_stack_lvl+0x8b/0xb3
[ 1262.594538]  should_fail.cold+0x5/0xa
[ 1262.594555]  ? io_uring_setup.cold+0x15b/0x271c
[ 1262.594580]  should_failslab+0x5/0x10
[ 1262.594604]  __kmalloc+0x72/0x440
[ 1262.594624]  io_uring_setup.cold+0x15b/0x271c
19:31:18 executing program 2:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 3)

[ 1262.594648]  ? lock_is_held_type+0xd7/0x130
[ 1262.594674]  ? io_sqe_files_register+0x230/0x230
[ 1262.594715]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1262.594750]  do_syscall_64+0x3b/0x90
[ 1262.594768]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1262.594790] RIP: 0033:0x7f4ea96a2b19
[ 1262.594801] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
19:31:18 executing program 0:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), 0x0)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x2, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240))

19:31:18 executing program 1:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, 0x0, &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x2, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240))

[ 1262.594817] RSP: 002b:00007f4ea6c18108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1262.594833] RAX: ffffffffffffffda RBX: 00007f4ea97b5f60 RCX: 00007f4ea96a2b19
[ 1262.594843] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1262.594853] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1262.594863] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1262.594872] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
19:31:18 executing program 3:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)=<r2=>0x0)
r3 = creat(&(0x7f0000000380)='./file1\x00', 0x0)
r4 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140))
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
r6 = syz_io_uring_setup(0x76e7, &(0x7f0000000340), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000280), &(0x7f00000003c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0xa, 0x0, r5)
syz_io_uring_submit(0x0, r2, &(0x7f00000003c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x4, 0x0, @fd=r3, 0xfffffffffffffff9, 0x0, 0xf690, 0x0, 0x0, {0x0, r5}}, 0x1000)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
fchmodat(r7, &(0x7f0000000180)='./file0\x00', 0x4)
r8 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r9 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r9, r8, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r7, 0x5206, &(0x7f0000000480))

[ 1262.594899]  </TASK>
[ 1262.661279] FAULT_INJECTION: forcing a failure.
[ 1262.661279] name failslab, interval 1, probability 0, space 0, times 0
[ 1262.661329] CPU: 1 PID: 6287 Comm: syz-executor.6 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1262.661372] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
19:31:18 executing program 7:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0x2)

[ 1262.661397] Call Trace:
[ 1262.661407]  <TASK>
[ 1262.661420]  dump_stack_lvl+0x8b/0xb3
[ 1262.661475]  should_fail.cold+0x5/0xa
[ 1262.661515]  ? io_uring_setup.cold+0x15b/0x271c
[ 1262.661577]  should_failslab+0x5/0x10
[ 1262.661632]  __kmalloc+0x72/0x440
[ 1262.661678]  io_uring_setup.cold+0x15b/0x271c
[ 1262.661739]  ? lock_is_held_type+0xd7/0x130
[ 1262.661801]  ? io_sqe_files_register+0x230/0x230
[ 1262.661891]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1262.661963]  do_syscall_64+0x3b/0x90
[ 1262.662009]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1262.662068] RIP: 0033:0x7f011e7ddb19
19:31:18 executing program 1:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, 0x0, &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x2, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240))

[ 1262.662095] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1262.662134] RSP: 002b:00007f011bd53108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1262.662172] RAX: ffffffffffffffda RBX: 00007f011e8f0f60 RCX: 00007f011e7ddb19
[ 1262.662199] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1262.662217] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1262.662231] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1262.662245] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1262.662284]  </TASK>
19:31:18 executing program 4:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000080)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r1 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[])
r2 = openat(r1, &(0x7f0000000180)='./file0\x00', 0x101042, 0x2500)
write(r2, &(0x7f0000000080)="01", 0xffff8000)
r3 = openat$full(0xffffffffffffff9c, 0x0, 0x0, 0x0)
io_submit(0x0, 0x1, &(0x7f0000001340)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x2}])
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f00000006c0)={<r4=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r3, 0xc0182101, &(0x7f0000000740)={r4, 0x37, 0x9})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000000)={r4, 0x0, r0, 0xffffff80, 0x80000})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000200)={0x0, 0x0, 0xffffffffffffffff, 0x0, 0xfe7})

19:31:18 executing program 0:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), 0x0)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x2, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240))

19:31:18 executing program 1:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), 0x0)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x2, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240))

19:31:18 executing program 5:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x149802, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'rose0\x00'})
pwritev2(r1, &(0x7f0000000600)=[{&(0x7f00000000c0)="7d6d540c10037b9b35480d310900", 0xe}, {0x0}], 0x2, 0x0, 0x0, 0x0)
pwritev(r1, &(0x7f00000023c0)=[{&(0x7f0000000040)="10fcf071c3c8f1247bb31f8ffa9558bdc1ffd0148366de8063096bbb0c3d70281ed77bb0038231306ec09d90bc3eadba34b111cc670602b9f5c32618bbd7483e87a9fc1b12d44fb63d3be83028fa218798b7be051c3bcf8a0ee48f1b61652105fd26530c328a517720fa783a3747046b74b675e5b4b716d178b5942983dcfd701909c0e0efe042c8082faa961fc0165b5fb1f65d12f0e0faec55e9f2767816607a23e0d02249e08b15865f54ea9c4ab4540664285b9cc8bc03987ae5ba9c732b5d5badf319d662a1e59eb13c9a2443c9862645b068b424ae733668b4b4322f4fa674c9868c48652bf8db3c63d8ead457fbce3e65e2b34ed9ff05c2aa513c3bcc42e989b4e74ad6d3fe0e716396f8d3bde34ac3cf48d256c9cd86bbfcfd96f2b80c000f403bc14980dcd8bc08f1f510d02183557698d3e8ac1461215f2e1aaff369eaa8e74fbb7be5ba62e4a91105f3d3c7705fa06d068033929a67d0096744a99d3402b789b8e37b31b8dd56239636111e64ac3b1b7206bf8e817e888c2d00f456dacd66bd593bf9a9be58e82c58ce400a1c826cc7faff9014eeabef5f03abf38880d18d7ada396b0e072f8570014131d273059c9521a195ebdb3a1a79585cc4f8bd1f6b15b4bc2005c0563fa2af3fe2f709613a21f263826436f76e2a515a4c39edf2178521a948fd05ed4379e17580d3a65b9d390c43f065204290e988d82b1e04ad8ef9a2a5e42f59e87a801f008cb0a80f2e5109f13826d09c46d7778734f774c7088972df1bd260a517fda7fa3e7f5e986d1213652e23dc2fd2857b6c3b96e89298c0117bcf4d1632309ae1a9739387957b6b72ca152e9b774718591204d0b8e222685e2afce7b22a6166622505a96e49851d683846859c74ea9393bf54e89a14b0bd4da275802c123bc639e835a667a6346dbf1230bcd0d713bf759756ea0638944117b03dccfc1ed4ea808a44ab4785edc8496548509e2291eb91073f57267f3827e699c190631671617dc4d17b6da3d3232b8635d599eada1c9f1f59ecb8e9501a64ba6cb10fcd172e40adbafe2f4a0408651b959de7f763bb9041f0a3b4767ee619985977c4742d2c343d2c32822c082bc15fa87daa3ea317f44b5ee75d9b2805b4aad6d6d70c376a1a400e5a3d2430bcae2053523a1459492df6a0b349e525b5783f5d0a603f08bc59d36709d44e754b0eeb7ad510c1836dd5aeec5d1d3b7dc54146c9239fff0d3feb16f54f94872af5bf28f882a3ae27f7591a3205b9ae844666e8151f42a566e0a463e0d83d10ad83a6fab7d6a18b4056762d51204f4ff6efe8a5cd93a179e919b3485ec649a7a69bc24b42d833cd283c2f2a2778adfe0fa5abc596012ef4462721a326a303629baa2ea627430feca29e62721aab48d4602d5e252ff42d811733ebe029756f24b14a1af5ce5b5dff2c1ada34353acfbcc5df41d12a9ccd6d6865fdc11464a9510b9f87af8335b1deed8688f836e952ee42bce7e16469d4eae15257d742674898bd1b68360f0dce463788c5677afb4c54aa5165f61e583f7e8e3abfadca460fe61f31f969a47d4df028909585f16cb6634717f0f31bd3bd8a41a26d625f946c4c8d87b7796c99c0e5d684c71f0e6a169c119dd4dafa5827baaccef29799919e26c198ab950cf14e152be24cdff9c96ad6d0befe7547cd08d2252200eac0d8b5cabb68bafed3680ae892422cb71917a86b1005c5be32f50294338a6134d396c2321b78def24b33751888dae6768cc0b8b320e84da32653554bb3db87971882527d41203f8fe1ffcb41418cca41ca30ad0366c9fa58c1cb7931e9ada41ee07cbfbd850f448922c8bf5e58fa6c3c193ae4e179f239493fe74b23406b4a5a74a38d26116e421db7fe53ae068171b0c3fa5099b321d6d5e71edae57577367f65a946515c106cfb930550a2391f7caf517ebd8dcc38c952e069f27b1c5ccec1b87498bf8f09779971c51261a236edcb4abd2f955141318d5044a5f850f0c5d57a4b8f4658bfbd282c346d8003dac5924be376c3dc39d809a06d3157d184b5b4e9ce18df21dfaa784a588e8c3ffbd0ec47de143390fcaf8322736818287d592206ad9ed360cf2dbd41d5a42a8c8ca4943a8c4446798261f3118dd8dbf82c3ec74ecad16537c6e30579c8df95a12908d8b768d2496d2ac50c238379b45bf4d5290813d7539e29143d30f498a26e18d7cc978d7bcf6330d4db8b50bd0685799e93e01c9c7f8ca799618c4ed3eec1a2dd6505bc78ee5370937211e57f6be2f2619b25321f02e4ce17a530451d07ff50ac6bb935660b319ee196976073b90836e09014fad0c92d53e84d889248e001a55504aa0a63da7b77eadc0346b0f3b3f90d30339355edb0ba77419a1e8add8116573fd0c7a03997bdb6db816cb3fbbbc28790d95ac996f5d5a37c87ed5e5ae8660aa620a0325ff712d3c54c08e2d02fad5d3081b32aa1ba47761b1ce3593e9cef9d678c1d49b07035a92716688f50f87e243e25d9b206df24176de460a203be450c3791b8a0a224363b2ad3829a05b7a113c9b16d338db2272999752d6c0bf687abee40b17fe75864e746333389cb2cd04dab6259c0974741221f0e006945e06bef2a5498d0bd68da4abfb5e19987c94839f6e7583aba0e92007571dc26c0f7ac332bcbd33686cbdf26d870aa7707b5a36e8ce879f3eb1a7627035f57becbb37473f9cbf8dc49bb679c2734d3b5884b4cffc9a838307448be94a2da56f4b77425a9d12b842c080f878f5f5f7503ff54b795bde91719fc4904b849e1d10fec1a3872d90f97e895cfbf2884e679697ab7b628c21bb95fc1696eac458b5e6a84071d78a7edb1487ce2ecd5c75fc2dba92f62c518b31b63a1702e5dd65c83e9932abe116f219c9c8f40b72eb7da16b7748873faf506a998c181ceaf8682620fd900888d5aa7c5a0c38a61ab4b0ddd4594894fa9b29cdf85e0b78622291cd75e1658d1648837a7a03a19a83534ade6dc61721e323ef425fe08834bdfc48794773bb0d221f05eb9a2a7e4d49f23f8eb9082b5cdd63c3fa327d5afdf1c57cd094ce5208c70061a6449561bef51b2541c5e444551085316687768f054c8297608c1772a29b10586202684e5dc30a5875ac2d6a9d6c0cf044a8610d7262cc0a47d7d035000234ff24f224a9a2b9a50aa548a1723fbc986d3df6015e9b70cb0162e596b200cbbd3cd7e94db38534baf8b3b511d7e154dac3b429ef936592d70e6e99f5cc087a196df5355fb5f2609df430f7fa556b24eebcaea329264e334b5a539709fdb931a1a95380990d45593fb8f65333e865eb90f0ed2675a0b007cc72e661ce28426b736cfe58ff51561ad3892ac2857947c108a61eaae7f5e3016199450ea9aa77e56c4f794c7223ebf76b34622992fdcc49cd35e914654cf0d6e145064f6860960bc16edbe8b803a9726508b56d578b56d37d360dafb90973e0f5fb3bd623eb0357c5cebe725e0423a147d0a108f8bc06320995ec0da3516e551a281ae1bba83dd018ca33ad151effdfe9d6a1b8432a6bf8c0bc9e63a3dc1c22ffaa869203e8c96f5947eaf281b7c86df4084ccb6a5b71fd6640bfdf3dc99ccf626067ff3c64328e67930674bad80c6b88ce6e9e9f41455448aadf94f9eff1870ebb052fb9addc98b5d82b28002518d671a2e0fb32756035535d3f4fa72ff809a1e59f9ea3a5bff05a6c0564e4946e1c8dc8a0a104c45493e6a5132870023733709bc7b3f5315a6ec3227fd79ee368ce8f12f4cc4720da1735c6d8f5649f0ed45f91556fb99b86a1f4498fe55d0b67a597bf196f97fd6b31358f6739e42065cc04227e96c2d4a1af56f7b00141439cc72bc46901fd45ce3747082e9efa82c22fe9c11824c3f5ee2547f520068bf09b5084a8d1230d08759194030ca1081300c55cca6b601a5bf17c5a66f123c562d1275831606ad669094ea0cfdf618187045af56484644e0cf69255c843282d8b9ca727d81c8569c9c03f8eac4b67823d3ad865d0a63ec3af537a537dad043eaca9a691a403b691f95a64f5f3ce2c86ab95d3e7e48887ad43412d622b467d032c64a2f255aab17684fa9ac41e95e5085a37351aec62a67d0d3e6e01ebda62ee7262d527a183b2195066491b61d5a90ded16a428e2aa0eba00528bc0895761f2b9f84e8d55f489482f771792d17ff5861d1324287e10e797da68ee9e23d8668b4a3b39552ee504001aa5aa4575a298073454fe6060d302ac652b3a76b05490c2e67a3d545beabb12803fbb5b310995537cd78c959ae84993a31437007ffbb4b4a18575de1237b2eb612f7ea25816ba3d4943c71294078455d9c0cf1d5f323d75b5285c2ba66d8d20444ef02831d5f6798bd0a6df42b9c82da799e909b2595076820d24af0798f9593f982436e1d150e04adf9941284607af5b68a3bce0e64fe44f0989ec24bff2d32f30a76e220a74469ffbc7036a54e715a913622dca8350bd04c5c003798b01f7b2618718d170d452dff971903cd14d6fe5f91c114699d5ce16c3985709ddec742a35b5e8ffd8fe91eab39a342cf4983f082fd173a8466499f429a0fcc92f15abec7e5f83b15c5868c28dbbc52ce2ea356a7968ccc55d317b7002e401652d1a33868c50f14fa5c93fc1bad9ceb9bba45699323404eb1666a0bb126f3bbf0a7046fed449b677a9dfe51a7d99985ca8fa979d0086665269680dca107f9b8b95f4ca140107c73bfe3cb037d5122d43cb31730e6996e5483851f714ec654fb065c6d093493dec06636163875769ef0a77a3454abbe29b3815a6b3b17227cab1932c70a8aa09739c5277c6f8aa0eee7098fdffd9b1866fa14a280fe34713af1fefcea0e5e8921e6922158df7dd3b90a9a85ea15b3cb504b5e5bf80fc869b2593f36336ba5aef1fef73107153eaab8cdf917b2fb547a7e12f7cdc2af69db5ffdede6b2d2992e3e0098d4ecec139348d5f7f9c22da5a704b6e243acadba7b56d58defc4aaba394caa26e5b2e82242bd6ab63e71a96124cea58b1a8733810483fb34303d3dda0d50574e0ac73b3df3aed4c96a25abfdd727d9ede352a2053c2c88d50b9153d4755fc08ea60ac52c870d06e8e4269e54e77b82bdcc1233a75397e17feedc1b2c9b4c7feed8bcede9181f037f9f969f4da59add7cb1802f8fd257c16cd530464c95e4ab1e252e0078894bbd235e8f63177b758b5c9d82cff54c5a55bfdb9424ec9d9c845a7b3b3e08a166658e80d664acee24467c9a8979b1c8c332993018e397f63a6e616c60a5095c7b36b9b92ce9f6e07d0062f576f8aedd6d03cc2749a606ca5c9fba3c37c26cda12054c5f404309bc0be736a4a5384813cae1851774e84617351cc42771ab44d37f23e964ee233c7c4eb54783c61e22a7b35a497e811505bfb4cc357439336c24465245b720c03af247d5bd97a909d64dc040c62328ec90f6123c9e73707a7dc28efbb6796239e96042b494a65d0bf46d9e60d88c1d8e6464fc76de50c82de1433f339cc4576f3e6ceafee558e36d14dcd310aa840f84e4e90c157b7a02270929572251154f014fb2fb0a429e02cf077141051d7000d07394ee356e28a1002117219708d60b7bbe5bf21f097aec89045d9c6cc2fc8a0bf78baf8a7c93d3ffef4fb96aacce85c4a1c1aabcc8cca777c88507946880c4b6898d194327df6500989cc47693ac24e5bf6cc571423a3a6c34a6cb1001366d9fcd2aa39d098e83220b021e65666f2c27b396639477bc373915f62cbe5a1dcf93d22d7a45e74f9905c9da75ac72fb7ad59083d1ac9a", 0x1000}, {&(0x7f0000001040)="0fcc223438f88ab9ef79f3e0aaa984bd9d1f22b83a8951ce9495adf4804a212af5d4971ceb7b231c73360b6899468e7f4eb1d8559f4a357eb2320a879066844932653f7363da01317d8fc33808ad942161c2b19d7ad02f0d5b0cc2f9f8cd1c086436b22d2ee2682377af7389b04c642e5715782ae9430f54b8ee16ab01805c4853b8f8a085e4f238170bdbe0f8c667d6a224601c0b599cd8b092692b3cfdc363d14711", 0xa3}, {&(0x7f0000001100)="15d159856cc8e1f6cd1f0114432bf3f8e3db31ff1875e1a9af5a4cf3f2835127d111835bf120ed7d79430d9a0b5a91d89b1a8ef1711f38920734ebcf34b8967f52c31eee04c400d8624096902ce6788606c674502ddd3b5d4747e236dd42d4bca180a0ed238be8d1b9907d21d16e93793c9376fa6129844fe2cdd06800a7cfae7197e6cab1711cf1f665fd75f78080d99e5f99c1ec53ec6065b126010c21d320603b3d66fe3ffcca9af06e78b7842a839a3c23c46581cfb2b66a6e210378c1a3bcc0036e48616d69479acaf33169a6901c5284b963082f0e58599cf575", 0xdd}, {&(0x7f0000001200)="d273b9b464f5fccaae3d8b92eb9565dd5431a40109c039dc337bb275350ba01bdd80c1bca8e4a53f25cd8d2969623b90df64845490ae67e4c6d4914219609cf3c8576f1f35879e82a9d0716d8bfa5a5da3906d767bfa9ad9077da0aa06ce561ce393a53e7cedb30c92f784a43ae1861c43f484c8aacd91a8502bc69e2595673c3c90538d9354bca05de0e4a6ad70eff8a160ed665e65c6233dee364932d2a5011909bd19986ab70772edcfefcd6617fbd6252d495e292e542b0c5c2a33519e506c708c1306d3a285652e8b9bae7e1c4ef6f0bf0e129837206da9bd90acf07db43d8ab617a40f2a536f538991da3d0112715155b063c9ab8e933d6e61101ce4c9ad8f888f22fd4fbe8da60a744b159bec8585a6c33cf55c8014e0a2cb064e6f670fd1c16839126ecdfe953e6413afdbcf28398c83b5a1b1c2478a033f569745a4b35613f7de40fbcc131dea0a6c03a4ab48814586ca3708facafd886a0e10df4d95ba9b485673c001b0a9a201c61227f3f494260e69b9eb766f643e96c97bbf9bed9d7af1918cc35ec8513f09ca188d4b186d906c0374fd6bfbaad3d62afe98c00a25bbde864be33f674b8842a3c3ab401ba7fb2f38d1fdbf3c5dbd04a764e66abff413320d5e019195c29d8910abd8a416e0c1baf04230eacd476468de833bbdce97dee29afb6af1b0eacb8efe406ab948b4841740295e0c2040bb8938a9ec72aa571b06227fbba2f491b266e290f68329465074e20e5db46fb4a816951e35fb27c2eca50339c0f67182595a4f30d209a4339626e909c524376cb742dcd452988f2ba8d5e4230af95c117d35a8fc2862f6370f77000e4e5325af135f5b230a771f0136aa7bc702b737569073ff74ee337e3abba5098f50f47c631fd80c672d0573b550cef30ff81043fd8da8f9050b9e0071f10a9ff9708a335a94596a660b56a2878dc5f4a1f7a73c6d185ed1845c3b50779b37d82125ebbd08f58e10fadf8fd4c1e5771cecdd8fb6c101f7e62d80295f44bdbeff9f0751bc5b60c21e77e814356a6e550eade38ecbb1ee11d9cd7bdd1ebbfd3d48601fa8dfe734fd61a34183c206cd1d82f830d0faf02f89f050a5c398d8a1792f50d4e7ae50bbe6b780e162f3b65a57478594c2e3fa505795b16d2cece6d1ff3e3a592ea02e13064acce510935a4a3b35135d3578c0fd917fdde7c4e9e5dc0b9f90b19d37ca738d528dc6d5f17ec731754fcddcf930235e75f61090fcc6c573a0d7471697da2196c26fdcfd043fa2f5b8775d4e89bbc73387e837563f0039066fa5d2409b473ce33f3fa9bff41469d04b9ac583a81d64005d0f1153d7e70d58fdfc9cc2a4c4d7276fb0d1f2f6ecbff2aa9922d6956009bca138edd423fad04f3008624df3f557cb73a5c96dc6d9354e4ac3fdcfa3fb652adbabc20082c5d672c90c19de399f881810728e8502da9984892ba087f36729d7c10de45d2abe3506ee7fb76d2eb8f4d7edd6bb65b8ac0bafd731e169a94bd9cc929025f743b5704b997870620a48632edad06f3bc3cbc96bfba92c0a196bbd1247b4862ec418728a6494207d75344a363a6c50921c05ebfe8b5a33a52fea30551e4810f01c42f2a940d2043d90a147b97daaf23752e86bc9ac61cdb899f13571c7957880309b658bfe7d9c94bb41fda307da81c781e7d61e29799f2e51187ce5e067a19ff6048b6ade9aedeb32bb7dc024678631550d92891fffb3d3183438d79b5de4502cb292c982fb8e9f39b4381623cf3e618973c8c35f2919a64a819d51d07f43cadfb8e4d547ba4d30293755d090e70165880f8bca14c1b3554b51fe599d6daedefc9d1172a6af175d8fe9f63ad2a09cb81f103552f2cb0f6e2f2fb0da056e001aa9756a0a4edf829dc5090ef7447aa45a61b20a7ef87c073b14f95a3dfb55ae8ef7c10811cc1a510bf14d691fb5883749349135f58295651b6ea5be3a87e02fe96abd7e1b4e5f41e1f6ead1e8d600ab04a676993a2fd595e738e0f9dd6bead7df1e24e8aa04068f6ee7adf77f3eaca50cdb7ad69b9f5bb31454b9d27c81ef9e6bac5ef275afdb17d6f8c5a6cf73a73d921dbe3600b9ac77e71c5619f2b734f782f71b80336067164bae3acafb46785be88fcfa74a40df49175a00e7bfff5a257d61c37938683169b4ed8764dd90793e38de498830700d3ef54d8e38b2dfa23bd94d966788c7b083581a23796d0a6f5fa4cbbc8fbc0cc885acbd99a59872c074bfb2ef5f665a5518026487fb2380cedcc6f3dfc4b5ce4cae26992b34e9a3077b26203824d48b125b40da9c116aaf89dbb0689145913d6ca145731b252a2c9ae662076a9823743a0293d4637cab104245e795756d564c30c8ea2dd0b76378fcf7eeb916c133b39f37a02f9b0ed3adda259aaae890e3533010a8daa5bf3e34c4db6a254e053a2fc0d928499ef00de9d281ba70985c7ecfe28146c1291bc517839759d4106776d3bde90789630f979ca96c4a6b63e42c942e1fb03ce3ab9190bff88b84f55aa6c8dc73045957a4ef998021a76438e1a3b2085fbbcc6a6c45443119353d6ab467cb5ef970b1ca4e5c1a65d491e6df1f86877a849c8c53fb15cbeebf8c575d8511b79a68be61f5afc967b021fe327bb3be9073fb628301d8cba2c398bc7fd8b40c701c7cd85deefbc5d1a56c0436ab0339953f67a692d8f6afd75e68d84d7903eb4054ca312e6955f7cbc85205733dbd8aee83a932c3843d811a115cee5d0080bb35cfce8ef43bc7fcde1d5759a1c395bab0bada4b9989d90a295c691d5bb2f95cfda53c02f543c475c76c0e0ffc5a4387cf94dc47ce07d977ed18bbeb78efb3abdd11c377319311f1c5c3883dd06e4b974c69a521e782407a8174898b6e530de933239c075d3463ea3e36ccd4065a91fa027bf1c8be2bd426de38ebce0557ad907ec9df58807339e0ed82c337f3736b6d14424515c6cbbc059112e8cbac671280ed9ec633d6574e428d26d74f5bffa7c6f100b2c3bf49b5af248d2d83c1acb31ceff928e8e9e8de6845e0fc77060808241aae11ca6695a0db670c7eb99a9d34cae9189782c90c46011e37023395dd360fb4c50187cad402c7b8408805f5d3a417df07860db9bea8be50f6d850ce21b54e07e4f567b928256b035a437792c59720cc0bfbb4e8abf48993040cd1aea14437c99feaaf1d1a6ef10faecf157a947eb8c2d227b0ab4ab3eaba32005161e54500dba6fcf047e9f68aedbdb2425391a1ff368309d4bdf655ee55a70e3373fe37601944cb77ac1c7397af19a0f2220b94c0badba43a67ae38bef860f35c6662d57d72ff10a0819b38516484db98475bea3e2bfd49ce79d66259affd5c542f9194a6af0d4e031682e9df0285b25b44b5a570a264050b1b63384f2f463592bba34f66244fb5f452562e239a5e1539e1ba70d382131ec395b5f1ba413c9d6599ba24bc456eb424d5c52111efddc35a911aefedaa1d84627d7a9e6a78d93ebb80a992348bdb6a0a0f918a4a82e9b25729822d256a84bc5256b5edf6106f5e792395ff2d5f34b18e8cde5acbe7fcdd5a4bb28d858c93d01919731239ba62b44252371f6d3b6b04ea34e9cccdfb16215d51e1a17bcfa934f02c0fe5d5a744175305e94c52ba10cea35e96007e4abec46ae66d5b34055646c1ba71913b04bd299c4d6693645496237241402525d6b44c6b4b1a0db38f36764233938dfe14ecc2ac0693f236a8d11f3151ba50e3cd3989cba83c7ac7ca4c15ab387a6c2815ce59b8b5d5b0a8eb942cc436ef8917871b143bea6934ce2f03a735688b371ba65d9509ac4c288415c829e58e52bb82cd29084accac3a115a0ba18b7b2307ae38c72c1e5939e0e0ee5ce043ab3329c2f7a65d006734c5812eb3c354f3eefacf2b7e60b85f31a747d37c4e22e7f79055028f29f9175760e946f7b67b9ad3df7802ea30723781c1424a8d1b9aee1c3aca794267aa15f64fff74c279bea9dca71cc3d367ef7e0630a85fc511ee19517be82febbca9199d09185db5c5b64e521f94835790720c2aa525d4f00664dc2862a1ead3d2a431cb1e55377c47cfbdf42be058d705ad50911ae9598b27be2b2a1e7bbbc62e163da89228b9b2a5dc27a6a9a58bdc6cfdcadf9d940b96c3c2c7ab121c42b6c17cc44a966a848fce94726ead82777b777a9dc0e6a7cd40a429d1a0dd9ba082f6dd64978b54815f97a3bbf0ac6a80297e37db6053e91fa80eb80d64030934eb2271d4ffa98344f467fca6e48359082d3819a4b79aead1e3a816aa2112942e41b84273cf052a5bf23fe3d8d9b2d292a0f4c2b33b13a557fb1b8c40bbe5cf56c644c18c266f6b60cfef99148c86b2a4b8fde853a72bdbdadfcd895033272906762b9072ac2c9a2d1b1867a407478b588e65df3f18cb694c0f435295a91e079160b1dc249aaf31b8a4091fd7ef621d039e1625db50395ac13c677bb889c226f67935568ff20cea928e7c53ce1000c5c0d21934ff8afa4c38885504732825f4644f47536a2614a3eb52577d3359e716d96b520ee257afeb01a80110d598948436c4e6c394ab7475dd4482d8bc5e9ef188622efd7156cd3425a190e85d0cd47aa309f5277356281d35345346327a8d18d88ea4d84784a7941771b89deb30fb0b741d682382d886caed781910a2e13db8f2c44a658f9b531bf284d8cd36935c7ffc9aeac06eed4d6eb1f88696af486a1e9682e49dfb6d065dc841129acc3e4e7e5801b9651c1829598e9e33c0774a0253a8662f8bc219f3ff167b3e005f355d491a81877c379f011160038bde25752121f1c1d2e85ee6ddfabed43ff73b12b9db5f6a482b1c2a50ad1c3bfa10585fa686fa5e68b35dbf9a6cafa47d96a449f92fb17c7c32d209a25802fe3fa45693bda84bf4c2547e0f4be893f1b733a696fad1e9ac1084d900ade6674977be050078ec5c3b713754af94cd010502ad03dbd95ab8b7796ba5047e87e6cb7db88e06b15f561006bf0611eb33b3f8f61bf24496cfce990a6823ddef2b23e6062a0c99b27386ec9706e4697f530b92a2eab17f7ddd3ae8a2aefc1aefd57b892793bee2fedda87ad1c621c1d76c16bfb194fbb3519e09b9f4b89da4f14b512f3db97f509757ab911b5d1db703fa3d37b4dee289df319560a8a35ac7444ef2565f17d91107efe90f443ab84b45580c7b8fcb9a0a4477e736835f0fcd523dcaad6d5484c2c55e945d529bd347062a8de9c44a438088acfc25eeda60895ac788c80c219debd451bd165cbb4b9e72ef674650d44d749a4e09fcd0e7ee2e40048d9d118e2308b3fd70ffd1ecd5125a6f22cec42f48c7266f65919201296199275c7d58d1be03a0992cd1eb78f69f51b70f3ccff1e1b4fb15af9e6471e51bb4d7850b762a74da5a703b21a7edc0d2c9f1d325f6dbc3a11ee9376caf2cb158df5d978d6a5f495070054068e61405c94f14760c7185a0925ca1e79ea1451d49df0ca16906e30f88cb2a2cad913b3d443908bd0acd29e97a5b0b7413b59d35a382f073564856bf1f42d2f6dfc5373eaee336d3ca2495aa3690038ad3cfb32805b9f65193123f140428dbfacbd37ecd162b1a7fdc483a92d3401e5f4dc36fb4fda194c9c0aa3c9546d330132cb0b0f453897143c7c86b56fb35efd34593935b4cafd3f2f22475496f958c0fdce52fcecb28ffd8cd944da1dce31368b82bed1725c077ab1ddf1d8eef4d21cdce45f0c1c4cd49cbd914fd1ab7325216a904be8298f753b54ee025859f5d460a71f2e281310347c83c3f1cc16fab441c4ba681ed6eb8303a4be4fbdb3b8e7a25a9a403", 0x1000}, {&(0x7f0000002200)="e0629a3b6d3a22ab29bcbad48b18835035dff4c4008c51f2b2b2ee5ea856087d93059885f928", 0x26}, {&(0x7f0000002240)="c43716b4192c705defc334dac39ceee1f80c1a9906b4f78d831641fad63dfd7dbb988ec1522d845ec0fb5ee378a813397e5b9af175ff72cfb602270df266a23294ee847123be627d4abc96c78a292aebb07baae026b7f8decc7d9e8cc675776891bbcf0b7838a27cc7a3dea27c5eeb1ffe187f4cdea1a5bb4f82bebe808ee77cc2933cf4fc2109f3ac4621180f673a7870ba54ff351d504d616f", 0x9a}, {&(0x7f0000002300)="179c4a47bba9a5791b8c5511d8fbb2e9ef09f0687264505cf4885f9a05232e9920ed6642db59e010c23591e4dacb6225756d1c44ee377b9448dddbffff7a2dc302aaf40cb7abcd64756d825ebb6bf971dbbcd7fba832ca2b693b6071aee6a6b48767a151165f44c30be0029e7cc3f9d3821693bc6b24d687e21d4482e59ef77be185264da739cbf1e6128f1aee758a4a47423ee5a1ac938ba142fb6b32", 0x9d}], 0x7, 0x510b, 0x6)
ioctl$CDROMRESET(r0, 0x5312)

[ 1262.815386] FAULT_INJECTION: forcing a failure.
[ 1262.815386] name failslab, interval 1, probability 0, space 0, times 0
[ 1262.815426] CPU: 0 PID: 6306 Comm: syz-executor.2 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1262.815444] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1262.815453] Call Trace:
[ 1262.815456]  <TASK>
[ 1262.815461]  dump_stack_lvl+0x8b/0xb3
[ 1262.815482]  should_fail.cold+0x5/0xa
[ 1262.815497]  ? create_object.isra.0+0x3a/0xa20
[ 1262.815535]  should_failslab+0x5/0x10
[ 1262.815584]  kmem_cache_alloc+0x5b/0x480
[ 1262.815611]  create_object.isra.0+0x3a/0xa20
[ 1262.815650]  ? kasan_unpoison+0x23/0x50
[ 1262.815689]  __kmalloc+0x25b/0x440
[ 1262.815718]  io_uring_setup.cold+0x15b/0x271c
[ 1262.815758]  ? lock_is_held_type+0xd7/0x130
[ 1262.815805]  ? io_sqe_files_register+0x230/0x230
[ 1262.815865]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1262.815910]  do_syscall_64+0x3b/0x90
[ 1262.815942]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1262.815968] RIP: 0033:0x7f4ea96a2b19
[ 1262.815976] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1262.815988] RSP: 002b:00007f4ea6c18108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1262.815999] RAX: ffffffffffffffda RBX: 00007f4ea97b5f60 RCX: 00007f4ea96a2b19
[ 1262.816010] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1262.816017] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1262.816024] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1262.816031] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1262.816051]  </TASK>
[ 1274.192898] kmemleak: 4 new suspected memory leaks (see /sys/kernel/debug/kmemleak)
19:31:37 executing program 6:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 3)

19:31:37 executing program 2:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 4)

19:31:37 executing program 1:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), 0x0)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x2, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240))

19:31:37 executing program 5:
openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/fscaps', 0x200000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x4042, 0x0)
r2 = fcntl$dupfd(r0, 0x0, r1)
r3 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000080), 0x101000, 0x0)
ioctl$CDROMRESET(r3, 0x5312)
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/fscaps', 0x200000, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x4042, 0x0)
r6 = openat$incfs(r2, &(0x7f00000000c0)='.log\x00', 0x2000, 0x181)
ioctl$CDROMREADAUDIO(r6, 0x530e, &(0x7f0000000140)={@msf={0x9, 0x8, 0x7}, 0x3, 0xd, &(0x7f0000000100)=""/13})
fcntl$dupfd(r4, 0x0, r5)
openat(r5, &(0x7f0000000040)='./file0\x00', 0x20000, 0x10a)

19:31:37 executing program 7:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0x301)

19:31:37 executing program 3:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, 0x0, &(0x7f0000000340)=<r2=>0x0)
r3 = creat(&(0x7f0000000380)='./file1\x00', 0x0)
r4 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140))
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
r6 = syz_io_uring_setup(0x76e7, &(0x7f0000000340), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000280), &(0x7f00000003c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0xa, 0x0, r5)
syz_io_uring_submit(0x0, r2, &(0x7f00000003c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x4, 0x0, @fd=r3, 0xfffffffffffffff9, 0x0, 0xf690, 0x0, 0x0, {0x0, r5}}, 0x1000)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
fchmodat(r7, &(0x7f0000000180)='./file0\x00', 0x4)
r8 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r9 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r9, r8, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r7, 0x5206, &(0x7f0000000480))

19:31:37 executing program 0:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), 0x0)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x2, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240))

19:31:37 executing program 4:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000080)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r1 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[])
r2 = openat(r1, &(0x7f0000000180)='./file0\x00', 0x101042, 0x2500)
write(r2, &(0x7f0000000080)="01", 0xffff8000)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
io_submit(0x0, 0x0, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f00000006c0)={<r4=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r3, 0xc0182101, &(0x7f0000000740)={r4, 0x37, 0x9})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000000)={r4, 0x0, r0, 0xffffff80, 0x80000})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000200)={0x0, 0x0, 0xffffffffffffffff, 0x0, 0xfe7})

[ 1281.506889] FAULT_INJECTION: forcing a failure.
[ 1281.506889] name failslab, interval 1, probability 0, space 0, times 0
[ 1281.506935] CPU: 1 PID: 6328 Comm: syz-executor.6 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1281.506963] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1281.506978] Call Trace:
[ 1281.506984]  <TASK>
[ 1281.506992]  dump_stack_lvl+0x8b/0xb3
[ 1281.507031]  should_fail.cold+0x5/0xa
[ 1281.507061]  ? create_object.isra.0+0x3a/0xa20
[ 1281.507120]  should_failslab+0x5/0x10
[ 1281.507172]  kmem_cache_alloc+0x5b/0x480
[ 1281.507219]  create_object.isra.0+0x3a/0xa20
[ 1281.507272]  ? kasan_unpoison+0x23/0x50
[ 1281.507329]  __kmalloc+0x25b/0x440
[ 1281.507373]  io_uring_setup.cold+0x15b/0x271c
[ 1281.507431]  ? lock_is_held_type+0xd7/0x130
[ 1281.507489]  ? io_sqe_files_register+0x230/0x230
[ 1281.507576]  ? syscall_enter_from_user_mode+0x1d/0x50
19:31:37 executing program 0:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x0, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x2, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240))

19:31:37 executing program 3:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, 0x0, &(0x7f0000000340)=<r2=>0x0)
r3 = creat(&(0x7f0000000380)='./file1\x00', 0x0)
r4 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140))
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
r6 = syz_io_uring_setup(0x76e7, &(0x7f0000000340), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000280), &(0x7f00000003c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0xa, 0x0, r5)
syz_io_uring_submit(0x0, r2, &(0x7f00000003c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x4, 0x0, @fd=r3, 0xfffffffffffffff9, 0x0, 0xf690, 0x0, 0x0, {0x0, r5}}, 0x1000)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
fchmodat(r7, &(0x7f0000000180)='./file0\x00', 0x4)
r8 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r9 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r9, r8, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r7, 0x5206, &(0x7f0000000480))

[ 1281.507645]  do_syscall_64+0x3b/0x90
[ 1281.507688]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1281.507733] RIP: 0033:0x7f011e7ddb19
[ 1281.507749] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1281.507770] RSP: 002b:00007f011bd53108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1281.507792] RAX: ffffffffffffffda RBX: 00007f011e8f0f60 RCX: 00007f011e7ddb19
[ 1281.507818] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1281.507832] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1281.507845] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1281.507858] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1281.507897]  </TASK>
[ 1281.524451] FAULT_INJECTION: forcing a failure.
[ 1281.524451] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[ 1281.524510] CPU: 0 PID: 6333 Comm: syz-executor.2 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1281.524524] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
19:31:37 executing program 7:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0x125d)

[ 1281.524533] Call Trace:
[ 1281.524537]  <TASK>
[ 1281.524541]  dump_stack_lvl+0x8b/0xb3
[ 1281.524566]  should_fail.cold+0x5/0xa
[ 1281.524582]  prepare_alloc_pages+0x17b/0x500
[ 1281.524623]  __alloc_pages+0x131/0x4e0
[ 1281.524646]  ? __alloc_pages_slowpath.constprop.0+0x1f10/0x1f10
[ 1281.524670]  ? find_held_lock+0x2c/0x110
[ 1281.524707]  ? lock_downgrade+0x6d0/0x6d0
[ 1281.524734]  alloc_pages+0x1a0/0x2f0
[ 1281.524756]  kmalloc_order+0x30/0xd0
[ 1281.524778]  kmalloc_order_trace+0x14/0xf0
[ 1281.524799]  io_uring_setup.cold+0x1e8/0x271c
[ 1281.524827]  ? lock_is_held_type+0xd7/0x130
[ 1281.524852]  ? io_sqe_files_register+0x230/0x230
[ 1281.524888]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1281.524910]  do_syscall_64+0x3b/0x90
[ 1281.524924]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1281.524941] RIP: 0033:0x7f4ea96a2b19
[ 1281.524950] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1281.524962] RSP: 002b:00007f4ea6c18108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1281.524974] RAX: ffffffffffffffda RBX: 00007f4ea97b5f60 RCX: 00007f4ea96a2b19
[ 1281.524983] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1281.524990] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1281.525000] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
19:31:37 executing program 2:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 5)

19:31:37 executing program 6:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 4)

19:31:37 executing program 4:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000080)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r1 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[])
r2 = openat(r1, &(0x7f0000000180)='./file0\x00', 0x101042, 0x2500)
write(r2, &(0x7f0000000080)="01", 0xffff8000)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
io_submit(0x0, 0x0, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f00000006c0)={<r4=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r3, 0xc0182101, &(0x7f0000000740)={r4, 0x37, 0x9})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000000)={r4, 0x0, r0, 0xffffff80, 0x80000})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000200)={0x0, 0x0, 0xffffffffffffffff, 0x0, 0xfe7})

[ 1281.525008] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1281.525028]  </TASK>
[ 1281.692745] FAULT_INJECTION: forcing a failure.
[ 1281.692745] name failslab, interval 1, probability 0, space 0, times 0
[ 1281.692764] CPU: 0 PID: 6353 Comm: syz-executor.2 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1281.692778] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1281.692786] Call Trace:
[ 1281.692789]  <TASK>
[ 1281.692794]  dump_stack_lvl+0x8b/0xb3
[ 1281.692814]  should_fail.cold+0x5/0xa
[ 1281.692826]  ? create_object.isra.0+0x3a/0xa20
[ 1281.692846]  should_failslab+0x5/0x10
[ 1281.692862]  kmem_cache_alloc+0x5b/0x480
[ 1281.692878]  create_object.isra.0+0x3a/0xa20
[ 1281.692898]  kmalloc_order+0x9c/0xd0
[ 1281.692916]  kmalloc_order_trace+0x14/0xf0
[ 1281.692934]  io_uring_setup.cold+0x1e8/0x271c
[ 1281.692952]  ? lock_is_held_type+0xd7/0x130
[ 1281.692972]  ? io_sqe_files_register+0x230/0x230
[ 1281.693004]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1281.693026]  do_syscall_64+0x3b/0x90
[ 1281.693039]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1281.693055] RIP: 0033:0x7f4ea96a2b19
[ 1281.693064] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1281.693075] RSP: 002b:00007f4ea6c18108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1281.693087] RAX: ffffffffffffffda RBX: 00007f4ea97b5f60 RCX: 00007f4ea96a2b19
[ 1281.693094] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1281.693101] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1281.693108] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1281.693115] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1281.693135]  </TASK>
[ 1281.695492] FAULT_INJECTION: forcing a failure.
[ 1281.695492] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1281.695525] CPU: 1 PID: 6352 Comm: syz-executor.6 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1281.695548] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1281.695563] Call Trace:
[ 1281.695568]  <TASK>
[ 1281.695577]  dump_stack_lvl+0x8b/0xb3
[ 1281.695616]  should_fail.cold+0x5/0xa
[ 1281.695643]  prepare_alloc_pages+0x17b/0x500
[ 1281.695688]  __alloc_pages+0x131/0x4e0
[ 1281.695713]  ? __alloc_pages_slowpath.constprop.0+0x1f10/0x1f10
[ 1281.695740]  ? find_held_lock+0x2c/0x110
[ 1281.695776]  ? lock_downgrade+0x6d0/0x6d0
[ 1281.695843]  alloc_pages+0x1a0/0x2f0
[ 1281.695876]  kmalloc_order+0x30/0xd0
[ 1281.695910]  kmalloc_order_trace+0x14/0xf0
[ 1281.695944]  io_uring_setup.cold+0x1e8/0x271c
[ 1281.695976]  ? lock_is_held_type+0xd7/0x130
[ 1281.696009]  ? io_sqe_files_register+0x230/0x230
[ 1281.696062]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1281.696102]  do_syscall_64+0x3b/0x90
[ 1281.696126]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1281.696155] RIP: 0033:0x7f011e7ddb19
[ 1281.696171] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1281.696191] RSP: 002b:00007f011bd53108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1281.696214] RAX: ffffffffffffffda RBX: 00007f011e8f0f60 RCX: 00007f011e7ddb19
[ 1281.696229] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1281.696243] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1281.696256] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1281.696268] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1281.696305]  </TASK>
[ 1293.678522] kmemleak: 4 new suspected memory leaks (see /sys/kernel/debug/kmemleak)
19:31:57 executing program 3:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, 0x0, &(0x7f0000000340)=<r2=>0x0)
r3 = creat(&(0x7f0000000380)='./file1\x00', 0x0)
r4 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140))
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
r6 = syz_io_uring_setup(0x76e7, &(0x7f0000000340), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000280), &(0x7f00000003c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0xa, 0x0, r5)
syz_io_uring_submit(0x0, r2, &(0x7f00000003c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x4, 0x0, @fd=r3, 0xfffffffffffffff9, 0x0, 0xf690, 0x0, 0x0, {0x0, r5}}, 0x1000)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
fchmodat(r7, &(0x7f0000000180)='./file0\x00', 0x4)
r8 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r9 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r9, r8, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r7, 0x5206, &(0x7f0000000480))

19:31:57 executing program 1:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), 0x0)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x2, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240))

19:31:57 executing program 0:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x0, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x2, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240))

19:31:57 executing program 6:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 5)

19:31:57 executing program 2:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 6)

19:31:57 executing program 4:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000080)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r1 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[])
r2 = openat(r1, &(0x7f0000000180)='./file0\x00', 0x101042, 0x2500)
write(r2, &(0x7f0000000080)="01", 0xffff8000)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
io_submit(0x0, 0x0, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f00000006c0)={<r4=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r3, 0xc0182101, &(0x7f0000000740)={r4, 0x37, 0x9})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000000)={r4, 0x0, r0, 0xffffff80, 0x80000})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000200)={0x0, 0x0, 0xffffffffffffffff, 0x0, 0xfe7})

19:31:57 executing program 5:
r0 = getuid()
r1 = getegid()
r2 = getegid()
lsetxattr$system_posix_acl(&(0x7f00000006c0)='./file0\x00', &(0x7f0000000700)='system.posix_acl_access\x00', &(0x7f0000000800)={{}, {0x1, 0x4}, [{0x2, 0x5}], {}, [{0x8, 0x0, r1}, {0x8, 0x0, r2}], {0x10, 0x2}}, 0x3c, 0x3)
r3 = getegid()
r4 = getegid()
lsetxattr$system_posix_acl(&(0x7f00000006c0)='./file0\x00', &(0x7f0000000700)='system.posix_acl_access\x00', &(0x7f0000000800)={{}, {0x1, 0x4}, [{0x2, 0x5}], {}, [{0x8, 0x0, r3}, {0x8, 0x0, r4}], {0x10, 0x2}}, 0x3c, 0x3)
syz_mount_image$tmpfs(&(0x7f0000000a80), &(0x7f0000000ac0)='./file0\x00', 0x6, 0x3, &(0x7f0000000d00)=[{&(0x7f0000000b00)="64e8bbe9859e998b75e872a79c2848d80969f510bdbbb127baeb967059ed4745d7bd1d36857d8fae40afd80a8f2745e6bcf33b5bd2d3a604853f9359487a478b427cb63653f023cfa4016de66211c745781b5d8513bde178ada06b2c67d9fb196fab22298ddf50c2", 0x68}, {0x0}, {&(0x7f0000000bc0)="25217da12ab5b69d81cc9c037fc37e403d02dc8b2942e7908909b254648ab545e3ab8b64e8b1865b2c0eab6ec8b02e1bd49a255b1fb666a75c6afb1414febf866ff1d4f2ce091143b54bdadc8cb1613f7fd846761f9d6c834959b9e06ecb3a93e951dba84f76524f5acb7ad45841604746e3bdc26c1377d3456ab47408fdd1bc18bff96018f584ec65bbf05299407521f94eb914be33f560668fec8d", 0x9c}], 0x4001b, &(0x7f0000000d80)={[{@gid={'gid', 0x3d, r4}}, {@huge_always}, {@nr_inodes={'nr_inodes', 0x3d, [0x6b, 0x35, 0x0]}}], [{@dont_hash}]})
getegid()
lsetxattr$system_posix_acl(&(0x7f00000002c0)='./file0\x00', &(0x7f0000000300)='system.posix_acl_access\x00', &(0x7f0000000340)={{}, {0x1, 0x7}, [{0x2, 0x4, 0xee01}, {0x2, 0x6, r0}], {0x4, 0x1}, [{0x8, 0x1, r1}, {0x8, 0x8, r4}, {0x8, 0x2, 0xffffffffffffffff}, {0x8, 0x2, 0xee01}, {}], {0x10, 0x1}, {0x20, 0x2}}, 0x5c, 0x0)
mount$tmpfs(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x24, &(0x7f00000001c0)={[{@mode={'mode', 0x3d, 0xc4}}, {@huge_advise}], [{@appraise_type}, {@pcr={'pcr', 0x3d, 0x2c}}]})
r5 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$BLKTRACESETUP(r5, 0xc0481273, &(0x7f0000000240)={'\x00', 0xa4d9, 0x8, 0x0, 0x5, 0x9960, 0xffffffffffffffff})
recvfrom(r5, &(0x7f0000000040)=""/119, 0x77, 0x22, &(0x7f00000000c0)=@un=@file={0x0, './file0\x00'}, 0x80)
ioctl$CDROMRESET(r5, 0x5312)

19:31:57 executing program 7:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0x125e)

[ 1300.924209] FAULT_INJECTION: forcing a failure.
[ 1300.924209] name failslab, interval 1, probability 0, space 0, times 0
[ 1300.924229] CPU: 0 PID: 6370 Comm: syz-executor.6 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1300.924242] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1300.924250] Call Trace:
[ 1300.924253]  <TASK>
[ 1300.924258]  dump_stack_lvl+0x8b/0xb3
[ 1300.924278]  should_fail.cold+0x5/0xa
[ 1300.924290]  ? create_object.isra.0+0x3a/0xa20
[ 1300.924310]  should_failslab+0x5/0x10
[ 1300.924326]  kmem_cache_alloc+0x5b/0x480
[ 1300.924342]  create_object.isra.0+0x3a/0xa20
[ 1300.924362]  kmalloc_order+0x9c/0xd0
[ 1300.924380]  kmalloc_order_trace+0x14/0xf0
[ 1300.924398]  io_uring_setup.cold+0x1e8/0x271c
[ 1300.924416]  ? lock_is_held_type+0xd7/0x130
[ 1300.924436]  ? io_sqe_files_register+0x230/0x230
[ 1300.924465]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1300.924486]  do_syscall_64+0x3b/0x90
[ 1300.924499]  entry_SYSCALL_64_after_hwframe+0x44/0xae
19:31:57 executing program 1:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x0, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x2, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240))

19:31:57 executing program 6:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 6)

[ 1300.924515] RIP: 0033:0x7f011e7ddb19
[ 1300.924524] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1300.924535] RSP: 002b:00007f011bd53108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1300.924547] RAX: ffffffffffffffda RBX: 00007f011e8f0f60 RCX: 00007f011e7ddb19
[ 1300.924554] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1300.924561] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1300.924568] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
19:31:57 executing program 7:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0x125f)

[ 1300.924575] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
19:31:57 executing program 0:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x0, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x2, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240))

[ 1300.924595]  </TASK>
[ 1300.972509] FAULT_INJECTION: forcing a failure.
[ 1300.972509] name failslab, interval 1, probability 0, space 0, times 0
[ 1300.972545] CPU: 1 PID: 6374 Comm: syz-executor.2 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1300.972571] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
19:31:57 executing program 4:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000080)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r1 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[])
r2 = openat(r1, &(0x7f0000000180)='./file0\x00', 0x101042, 0x2500)
write(r2, &(0x7f0000000080)="01", 0xffff8000)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
io_submit(0x0, 0x0, &(0x7f0000001340))
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f00000006c0)={<r4=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r3, 0xc0182101, &(0x7f0000000740)={r4, 0x37, 0x9})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000000)={r4, 0x0, r0, 0xffffff80, 0x80000})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000200)={0x0, 0x0, 0xffffffffffffffff, 0x0, 0xfe7})

[ 1300.972585] Call Trace:
[ 1300.972591]  <TASK>
[ 1300.972599]  dump_stack_lvl+0x8b/0xb3
[ 1300.972633]  should_fail.cold+0x5/0xa
[ 1300.972657]  ? io_uring_setup.cold+0x35b/0x271c
[ 1300.972693]  should_failslab+0x5/0x10
[ 1300.972724]  __kmalloc+0x72/0x440
[ 1300.972753]  io_uring_setup.cold+0x35b/0x271c
[ 1300.972787]  ? lock_is_held_type+0xd7/0x130
[ 1300.972828]  ? io_sqe_files_register+0x230/0x230
[ 1300.972885]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1300.972928]  do_syscall_64+0x3b/0x90
[ 1300.972958]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1300.972989] RIP: 0033:0x7f4ea96a2b19
[ 1300.973011] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1300.973032] RSP: 002b:00007f4ea6c18108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1300.973055] RAX: ffffffffffffffda RBX: 00007f4ea97b5f60 RCX: 00007f4ea96a2b19
[ 1300.973070] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1300.973084] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1300.973098] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1300.973111] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1300.973150]  </TASK>
[ 1301.060316] FAULT_INJECTION: forcing a failure.
[ 1301.060316] name failslab, interval 1, probability 0, space 0, times 0
[ 1301.060335] CPU: 0 PID: 6388 Comm: syz-executor.6 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1301.060348] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1301.060356] Call Trace:
[ 1301.060360]  <TASK>
[ 1301.060364]  dump_stack_lvl+0x8b/0xb3
[ 1301.060384]  should_fail.cold+0x5/0xa
[ 1301.060396]  ? io_uring_setup.cold+0x35b/0x271c
[ 1301.060414]  should_failslab+0x5/0x10
[ 1301.060431]  __kmalloc+0x72/0x440
[ 1301.060447]  io_uring_setup.cold+0x35b/0x271c
[ 1301.060464]  ? lock_is_held_type+0xd7/0x130
[ 1301.060483]  ? io_sqe_files_register+0x230/0x230
[ 1301.060512]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1301.060534]  do_syscall_64+0x3b/0x90
[ 1301.060548]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1301.060563] RIP: 0033:0x7f011e7ddb19
[ 1301.060576] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1301.060587] RSP: 002b:00007f011bd53108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1301.060599] RAX: ffffffffffffffda RBX: 00007f011e8f0f60 RCX: 00007f011e7ddb19
[ 1301.060607] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1301.060614] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1301.060621] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1301.060628] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1301.060647]  </TASK>
[ 1315.089852] kmemleak: 4 new suspected memory leaks (see /sys/kernel/debug/kmemleak)
19:32:25 executing program 5:
mount$9p_unix(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x90000, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=unix,mmap,cache=none,access=user,mmap,loose,uname=,fsmagic=0x0000000000000401,pcr=00000000000000000053,fscontext=unconfined_u,pcr=00000000000000000014,funcMFILE_CHECK,obj_role=/dev/sr0\x00,func=FILE_MMAP,permit_directio,rootcontext=unconfined_u,appraise,\x00'])
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0x5312)

19:32:25 executing program 4:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000080)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r1 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[])
r2 = openat(r1, &(0x7f0000000180)='./file0\x00', 0x101042, 0x2500)
write(r2, &(0x7f0000000080)="01", 0xffff8000)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
io_submit(0x0, 0x0, &(0x7f0000001340))
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f00000006c0)={<r4=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r3, 0xc0182101, &(0x7f0000000740)={r4, 0x37, 0x9})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000000)={r4, 0x0, r0, 0xffffff80, 0x80000})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000200)={0x0, 0x0, 0xffffffffffffffff, 0x0, 0xfe7})

19:32:25 executing program 2:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 7)

19:32:25 executing program 6:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 7)

19:32:25 executing program 3:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100), 0x0)
r2 = creat(&(0x7f0000000380)='./file1\x00', 0x0)
r3 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140))
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r3, 0x9, 0x0, 0x0)
r5 = syz_io_uring_setup(0x76e7, &(0x7f0000000340), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000280), &(0x7f00000003c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r5, 0xa, 0x0, r4)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000003c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x4, 0x0, @fd=r2, 0xfffffffffffffff9, 0x0, 0xf690, 0x0, 0x0, {0x0, r4}}, 0x1000)
r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
fchmodat(r6, &(0x7f0000000180)='./file0\x00', 0x4)
r7 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r8 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r8, r7, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r6, 0x5206, &(0x7f0000000480))

19:32:25 executing program 0:
syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, 0x0, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240))

19:32:25 executing program 1:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x0, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x2, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240))

19:32:25 executing program 7:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0x1260)

[ 1329.744186] FAULT_INJECTION: forcing a failure.
[ 1329.744186] name failslab, interval 1, probability 0, space 0, times 0
[ 1329.744206] CPU: 1 PID: 6413 Comm: syz-executor.2 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1329.744218] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1329.744226] Call Trace:
[ 1329.744230]  <TASK>
[ 1329.744235]  dump_stack_lvl+0x8b/0xb3
[ 1329.744254]  should_fail.cold+0x5/0xa
[ 1329.744266]  ? create_object.isra.0+0x3a/0xa20
[ 1329.744286]  should_failslab+0x5/0x10
[ 1329.744303]  kmem_cache_alloc+0x5b/0x480
[ 1329.744319]  create_object.isra.0+0x3a/0xa20
[ 1329.744334]  ? kasan_unpoison+0x23/0x50
[ 1329.744352]  __kmalloc+0x25b/0x440
[ 1329.744366]  io_uring_setup.cold+0x35b/0x271c
[ 1329.744384]  ? lock_is_held_type+0xd7/0x130
[ 1329.744403]  ? io_sqe_files_register+0x230/0x230
19:32:25 executing program 3:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100), 0x0)
r2 = creat(&(0x7f0000000380)='./file1\x00', 0x0)
r3 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140))
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r3, 0x9, 0x0, 0x0)
r5 = syz_io_uring_setup(0x76e7, &(0x7f0000000340), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000280), &(0x7f00000003c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r5, 0xa, 0x0, r4)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000003c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x4, 0x0, @fd=r2, 0xfffffffffffffff9, 0x0, 0xf690, 0x0, 0x0, {0x0, r4}}, 0x1000)
r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
fchmodat(r6, &(0x7f0000000180)='./file0\x00', 0x4)
r7 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r8 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r8, r7, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r6, 0x5206, &(0x7f0000000480))

[ 1329.744432]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1329.744453]  do_syscall_64+0x3b/0x90
[ 1329.744466]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1329.744483] RIP: 0033:0x7f4ea96a2b19
[ 1329.744491] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1329.744523] RSP: 002b:00007f4ea6c18108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1329.744535] RAX: ffffffffffffffda RBX: 00007f4ea97b5f60 RCX: 00007f4ea96a2b19
[ 1329.744542] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1329.744549] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1329.744556] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1329.744563] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1329.744583]  </TASK>
[ 1329.780057] FAULT_INJECTION: forcing a failure.
[ 1329.780057] name failslab, interval 1, probability 0, space 0, times 0
[ 1329.780077] CPU: 1 PID: 6416 Comm: syz-executor.6 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1329.780089] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1329.780097] Call Trace:
[ 1329.780101]  <TASK>
[ 1329.780105]  dump_stack_lvl+0x8b/0xb3
[ 1329.780124]  should_fail.cold+0x5/0xa
[ 1329.780136]  ? create_object.isra.0+0x3a/0xa20
[ 1329.780155]  should_failslab+0x5/0x10
[ 1329.780171]  kmem_cache_alloc+0x5b/0x480
[ 1329.780187]  create_object.isra.0+0x3a/0xa20
[ 1329.780202]  ? kasan_unpoison+0x23/0x50
[ 1329.780221]  __kmalloc+0x25b/0x440
[ 1329.780235]  io_uring_setup.cold+0x35b/0x271c
[ 1329.780252]  ? lock_is_held_type+0xd7/0x130
[ 1329.780271]  ? io_sqe_files_register+0x230/0x230
[ 1329.780300]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1329.780322]  do_syscall_64+0x3b/0x90
[ 1329.780334]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1329.780350] RIP: 0033:0x7f011e7ddb19
[ 1329.780359] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1329.780370] RSP: 002b:00007f011bd53108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1329.780382] RAX: ffffffffffffffda RBX: 00007f011e8f0f60 RCX: 00007f011e7ddb19
[ 1329.780390] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1329.780397] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1329.780403] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1329.780410] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1329.780430]  </TASK>
[ 1346.400066] kmemleak: 4 new suspected memory leaks (see /sys/kernel/debug/kmemleak)
19:32:51 executing program 1:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x0, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x2, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240))

[ 1355.488749] FAULT_INJECTION: forcing a failure.
[ 1355.488749] name failslab, interval 1, probability 0, space 0, times 0
[ 1355.488769] CPU: 0 PID: 6427 Comm: syz-executor.6 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1355.488782] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1355.488790] Call Trace:
[ 1355.488793]  <TASK>
[ 1355.488798]  dump_stack_lvl+0x8b/0xb3
[ 1355.488817]  should_fail.cold+0x5/0xa
[ 1355.488830]  ? io_uring_setup.cold+0x3dd/0x271c
[ 1355.488848]  should_failslab+0x5/0x10
[ 1355.488872]  __kmalloc+0x72/0x440
[ 1355.488887]  io_uring_setup.cold+0x3dd/0x271c
[ 1355.488905]  ? lock_is_held_type+0xd7/0x130
[ 1355.488924]  ? io_sqe_files_register+0x230/0x230
[ 1355.488954]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1355.488978]  do_syscall_64+0x3b/0x90
[ 1355.488991]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1355.489008] RIP: 0033:0x7f011e7ddb19
[ 1355.489017] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
19:32:51 executing program 3:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100), 0x0)
r2 = creat(&(0x7f0000000380)='./file1\x00', 0x0)
r3 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140))
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r3, 0x9, 0x0, 0x0)
r5 = syz_io_uring_setup(0x76e7, &(0x7f0000000340), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000280), &(0x7f00000003c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r5, 0xa, 0x0, r4)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000003c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x4, 0x0, @fd=r2, 0xfffffffffffffff9, 0x0, 0xf690, 0x0, 0x0, {0x0, r4}}, 0x1000)
r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
fchmodat(r6, &(0x7f0000000180)='./file0\x00', 0x4)
r7 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r8 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r8, r7, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r6, 0x5206, &(0x7f0000000480))

19:32:51 executing program 7:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0x1261)

19:32:51 executing program 2:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 8)

19:32:51 executing program 5:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/fscaps', 0x200000, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x4042, 0x0)
fcntl$dupfd(r1, 0x0, r2)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x2000001, 0x810, r2, 0x0)
ioctl$CDROMRESET(r0, 0x5312)

19:32:51 executing program 4:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000080)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r1 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[])
r2 = openat(r1, &(0x7f0000000180)='./file0\x00', 0x101042, 0x2500)
write(r2, &(0x7f0000000080)="01", 0xffff8000)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
io_submit(0x0, 0x0, &(0x7f0000001340))
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f00000006c0)={<r4=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r3, 0xc0182101, &(0x7f0000000740)={r4, 0x37, 0x9})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000000)={r4, 0x0, r0, 0xffffff80, 0x80000})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000200)={0x0, 0x0, 0xffffffffffffffff, 0x0, 0xfe7})

19:32:51 executing program 0:
syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, 0x0, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240))

19:32:51 executing program 6:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 8)

19:32:51 executing program 1:
syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, 0x0, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240))

19:32:51 executing program 6:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 9)

[ 1355.489028] RSP: 002b:00007f011bd53108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1355.489040] RAX: ffffffffffffffda RBX: 00007f011e8f0f60 RCX: 00007f011e7ddb19
[ 1355.489048] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1355.489055] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1355.489062] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1355.489068] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1355.489088]  </TASK>
[ 1355.528725] FAULT_INJECTION: forcing a failure.
[ 1355.528725] name failslab, interval 1, probability 0, space 0, times 0
[ 1355.528744] CPU: 0 PID: 6431 Comm: syz-executor.2 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1355.528766] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
19:32:51 executing program 2:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 9)

[ 1355.528788] Call Trace:
[ 1355.528794]  <TASK>
[ 1355.528804]  dump_stack_lvl+0x8b/0xb3
19:32:51 executing program 0:
syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, 0x0, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240))

[ 1355.528838]  should_fail.cold+0x5/0xa
[ 1355.528888]  ? io_uring_setup.cold+0x3dd/0x271c
[ 1355.528935]  should_failslab+0x5/0x10
19:32:51 executing program 1:
syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, 0x0, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240))

[ 1355.528983]  __kmalloc+0x72/0x440
[ 1355.529018]  io_uring_setup.cold+0x3dd/0x271c
[ 1355.529061]  ? lock_is_held_type+0xd7/0x130
[ 1355.529101]  ? io_sqe_files_register+0x230/0x230
[ 1355.529161]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1355.529213]  do_syscall_64+0x3b/0x90
19:32:51 executing program 4:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000080)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r1 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[])
r2 = openat(r1, &(0x7f0000000180)='./file0\x00', 0x101042, 0x2500)
write(r2, &(0x7f0000000080)="01", 0xffff8000)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
io_submit(0x0, 0x1, &(0x7f0000001340)=[0x0])
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f00000006c0)={<r4=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r3, 0xc0182101, &(0x7f0000000740)={r4, 0x37, 0x9})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000000)={r4, 0x0, r0, 0xffffff80, 0x80000})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000200)={0x0, 0x0, 0xffffffffffffffff, 0x0, 0xfe7})

[ 1355.529246]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1355.529286] RIP: 0033:0x7f4ea96a2b19
[ 1355.529295] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1355.529306] RSP: 002b:00007f4ea6c18108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1355.529318] RAX: ffffffffffffffda RBX: 00007f4ea97b5f60 RCX: 00007f4ea96a2b19
[ 1355.529326] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1355.529333] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
19:32:51 executing program 7:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0x1262)

[ 1355.529340] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1355.529347] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1355.529367]  </TASK>
[ 1355.626507] FAULT_INJECTION: forcing a failure.
[ 1355.626507] name failslab, interval 1, probability 0, space 0, times 0
19:32:51 executing program 5:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_RINGS_SET(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)={0x28, r2, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_RINGS_HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x4}]}]}, 0x28}}, 0x0)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f00000000c0)={'syztnl0\x00', &(0x7f0000000080)={'tunl0\x00', <r3=>0x0, 0x700, 0x10, 0x3ff, 0x8, {{0x7, 0x4, 0x1, 0x5, 0x1c, 0x67, 0x0, 0x1, 0x0, 0x0, @rand_addr=0x64010100, @empty, {[@generic={0x82, 0x7, "78c0e4cabb"}]}}}}})
r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r5 = socket$nl_audit(0x10, 0x3, 0x9)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000040)={'wlan1\x00', <r6=>0x0})
setsockopt$inet_mtu(r4, 0x0, 0xa, &(0x7f0000000140)=0x5, 0x4)
sendmsg$inet(r4, &(0x7f0000000780)={&(0x7f0000000000)={0x2, 0x0, @local}, 0x10, &(0x7f00000003c0)=[{&(0x7f0000000300)="6fb9", 0xffeb}], 0x1, &(0x7f0000000700)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r6, @remote, @broadcast}}}], 0x20}, 0x0)
r7 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r8 = socket$nl_audit(0x10, 0x3, 0x9)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000040)={'wlan1\x00', <r9=>0x0})
setsockopt$inet_mtu(r7, 0x0, 0xa, &(0x7f0000000140)=0x5, 0x4)
sendmsg$inet(r7, &(0x7f0000000780)={&(0x7f0000000000)={0x2, 0x0, @local}, 0x10, &(0x7f00000003c0)=[{&(0x7f0000000300)="6fb9", 0xffeb}], 0x1, &(0x7f0000000700)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r9, @remote, @broadcast}}}], 0x20}, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(r0, 0x89f8, &(0x7f0000000180)={'ip6tnl0\x00', &(0x7f0000000100)={'ip6_vti0\x00', <r10=>0x0, 0x2f, 0x4, 0x6, 0x46, 0x6a, @private0={0xfc, 0x0, '\x00', 0x1}, @loopback, 0x40, 0x8000, 0x22}})
sendto$inet(0xffffffffffffffff, &(0x7f00000008c0)="10019c3474eedcbf20704b892f23f4a250b8ac67d43610f36f608d298178a6840bc023a5862c3e5a64888ba6c0b7c8b56f2f96c08255f051523a684c4825c6f18954f88f07c06285fe", 0x49, 0x4810, &(0x7f0000000940)={0x2, 0x4e20, @local}, 0x10)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000240)={'ip6tnl0\x00', &(0x7f00000001c0)={'syztnl2\x00', <r11=>0x0, 0x2f, 0x4, 0x4, 0x10000000, 0x4, @mcast1, @empty, 0x8, 0x700, 0x2, 0x5}})
sendmsg$ETHTOOL_MSG_FEATURES_SET(r0, &(0x7f0000000880)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000840)={&(0x7f0000000280)={0x5c0, r2, 0x2, 0x70bd29, 0x25dfdbfe, {}, [@ETHTOOL_A_FEATURES_WANTED={0xc0, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x20, 0x3, 0x0, 0x1, [{0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x6}, @ETHTOOL_A_BITSET_BIT_NAME={0xd, 0x2, '/dev/sr0\x00'}]}]}, @ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_MASK={0x7c, 0x5, "5be8d9b96731184f2ca100134f30dba409aab73b4a99ef06d5975afc7637decb7fa6a02756303c6f7b8f8eddf1b52032ca562ab4cc8a66408fc6b849467e522eca4c7f74ab1ba2e172e9ac9edb14f4f6efe91f05263fa288b1562643898add78533073561e8b84504633a66165057b08890dad0033fa606d"}, @ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x7}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x1000}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x2}]}, @ETHTOOL_A_FEATURES_WANTED={0x150, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_MASK={0xf1, 0x5, "1ed4ba68cf6b21d4dab9f3fc5df58ba8fa4e7ab2743c574991ad50a8dacdfa7554538cfa549fa3f1e3214e32516b476ffddeb372b74ad2eabbd647eb5e68e09f24cc2b69d786c0914fb944ff23c1a06cafccc4893749741b67746b3f7035ad19876312e7d8cc3977c8c577de40d5b6c744844bac01cab3d5aceada93d1202b44ac88a0a6651faf7b58245349c3bb68f9a36b4c4bf0246090aee2d7eec6beea0f4a0f34650854d27555fb6384a31f37c24f36f901a42963d0868f6a58915b0ab06e880a5e23b6857c1b5fc86ac2115fe049223ecd1bbb1b61ebd9b7e7ceab052c897374176d85faa6e706e821bb"}, @ETHTOOL_A_BITSET_MASK={0x4e, 0x5, "05e13a4bf2f50efb70ccc754758d8477e20d89ec3d1d4517dd41963b170a66570144022db0be3a68e65447dff180d5f946beee1d1e5fd92b5fd1afe9f3315290a4b3cfefa8837454dd69"}, @ETHTOOL_A_BITSET_NOMASK={0x4}]}, @ETHTOOL_A_FEATURES_HEADER={0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_macvtap\x00'}]}, @ETHTOOL_A_FEATURES_HEADER={0x4c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wlan1\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r9}]}, @ETHTOOL_A_FEATURES_WANTED={0x4}, @ETHTOOL_A_FEATURES_WANTED={0x1fc, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x7}, @ETHTOOL_A_BITSET_BITS={0x54, 0x3, 0x0, 0x1, [{0x50, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x92}, @ETHTOOL_A_BITSET_BIT_NAME={0xd, 0x2, '/dev/sr0\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x6, 0x2, '.\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x1}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x8}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}]}, @ETHTOOL_A_BITSET_BITS={0x54, 0x3, 0x0, 0x1, [{0x48, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xf907}, @ETHTOOL_A_BITSET_BIT_NAME={0xd, 0x2, '/dev/sr0\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0xf, 0x2, ':.\\}\x98(-/e]\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x3}]}, {0x8, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}]}, @ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_VALUE={0xe9, 0x4, "88c4f1495940285386e1bf17fed0f29190ad7d2ee214abaeb25554fca1baca5338b0b37f3685623bf9dfd266c2afb2adadd7ac19a6a6e97560818f77ca0b6fcad59acf3bcdb1063ef5583ac8a43728756b00bc8b4ef0c3bf7f00807a2457fe0d1e331e71f5eec745fd1509c2d12e5b08e1a166dfe5228775087c7692b0b3d13297c68776f634cfc948a09298f431c4389105da395fbca0a4e6fb510e8f3365c04e4d6b48a8266a16642f7af0e9dc85c6ed47c02fbe90e7ca46d58b2b534ce514ee00136c8ce27d1870d2889e3abad56b4843cdb1ba0b866f4c8382379206bf47ad11207a3b"}, @ETHTOOL_A_BITSET_MASK={0x47, 0x5, "eab5a0df54dadb4a41ca0969b19bb11f5c5a2d19c159922d4f61b56f4f24f1b9eef88963cdab50d8aa62fef9a3a0f4bdcb1d762e557abd87ba4cc0e817d241594d8663"}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0xb6}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x80}]}, @ETHTOOL_A_FEATURES_WANTED={0xcc, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x10001}, @ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x3}, @ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_VALUE={0xaa, 0x4, "ab25a31914eddf0d9921ab7d4a2a90a0253ba7d201f24e08bbc52b60c0cb4d7252112002364084eaded6677c10643c56222fc14b78c35db0affa15e08e55f7a6e8215e48e5cfff644d02299f31f08f899cb2fdd920960e95776f069261d0d5d0e3cd230eea063bfccdb412115ac39d8290e7c31498a11900eb2b087ffe4ce4e638424e6894abeeb46af82808747bbb683e55a8edf30ffd8d2ce9eaca5ee3b0599170ea1a407f"}]}, @ETHTOOL_A_FEATURES_HEADER={0x5c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'gre0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6gretap0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r10}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r11}]}]}, 0x5c0}}, 0x4000084)
ioctl$CDROMRESET(r0, 0x5312)

[ 1355.626528] CPU: 0 PID: 6449 Comm: syz-executor.6 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1355.626546] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1355.626565] Call Trace:
[ 1355.626572]  <TASK>
[ 1355.626582]  dump_stack_lvl+0x8b/0xb3
[ 1355.626617]  should_fail.cold+0x5/0xa
[ 1355.626640]  ? create_object.isra.0+0x3a/0xa20
[ 1355.626680]  should_failslab+0x5/0x10
[ 1355.626724]  kmem_cache_alloc+0x5b/0x480
[ 1355.626758]  create_object.isra.0+0x3a/0xa20
19:32:51 executing program 1:
syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, 0x0, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240))

[ 1355.626800]  ? kasan_unpoison+0x23/0x50
[ 1355.626846]  __kmalloc+0x25b/0x440
[ 1355.626869]  io_uring_setup.cold+0x3dd/0x271c
[ 1355.626907]  ? lock_is_held_type+0xd7/0x130
[ 1355.626943]  ? io_sqe_files_register+0x230/0x230
[ 1355.626990]  ? syscall_enter_from_user_mode+0x1d/0x50
19:32:51 executing program 6:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 10)

[ 1355.627019]  do_syscall_64+0x3b/0x90
[ 1355.627033]  entry_SYSCALL_64_after_hwframe+0x44/0xae
19:32:51 executing program 3:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)=<r2=>0x0)
r3 = creat(0x0, 0x0)
r4 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140))
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
r6 = syz_io_uring_setup(0x76e7, &(0x7f0000000340), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000280), &(0x7f00000003c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0xa, 0x0, r5)
syz_io_uring_submit(0x0, r2, &(0x7f00000003c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x4, 0x0, @fd=r3, 0xfffffffffffffff9, 0x0, 0xf690, 0x0, 0x0, {0x0, r5}}, 0x1000)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
fchmodat(r7, &(0x7f0000000180)='./file0\x00', 0x4)
r8 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r9 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r9, r8, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r7, 0x5206, &(0x7f0000000480))

19:32:51 executing program 2:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 10)

[ 1355.627049] RIP: 0033:0x7f011e7ddb19
[ 1355.627058] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
19:32:51 executing program 0:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x2, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240))

[ 1355.627069] RSP: 002b:00007f011bd53108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1355.627081] RAX: ffffffffffffffda RBX: 00007f011e8f0f60 RCX: 00007f011e7ddb19
[ 1355.627088] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1355.627095] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1355.627102] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1355.627109] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1355.627129]  </TASK>
[ 1355.659804] FAULT_INJECTION: forcing a failure.
[ 1355.659804] name failslab, interval 1, probability 0, space 0, times 0
[ 1355.659824] CPU: 0 PID: 6452 Comm: syz-executor.2 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1355.659837] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1355.659845] Call Trace:
[ 1355.659848]  <TASK>
[ 1355.659853]  dump_stack_lvl+0x8b/0xb3
[ 1355.659873]  should_fail.cold+0x5/0xa
[ 1355.659890]  ? create_object.isra.0+0x3a/0xa20
[ 1355.659910]  should_failslab+0x5/0x10
[ 1355.659926]  kmem_cache_alloc+0x5b/0x480
[ 1355.659942]  create_object.isra.0+0x3a/0xa20
[ 1355.659957]  ? kasan_unpoison+0x23/0x50
[ 1355.659976]  __kmalloc+0x25b/0x440
[ 1355.659989]  io_uring_setup.cold+0x3dd/0x271c
19:32:52 executing program 1:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x2, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240))

[ 1355.660007]  ? lock_is_held_type+0xd7/0x130
[ 1355.660026]  ? io_sqe_files_register+0x230/0x230
[ 1355.660056]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1355.660077]  do_syscall_64+0x3b/0x90
[ 1355.660090]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1355.660106] RIP: 0033:0x7f4ea96a2b19
[ 1355.660115] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
19:32:52 executing program 6:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 11)

[ 1355.660126] RSP: 002b:00007f4ea6c18108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1355.660138] RAX: ffffffffffffffda RBX: 00007f4ea97b5f60 RCX: 00007f4ea96a2b19
19:32:52 executing program 4:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000080)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r1 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[])
r2 = openat(r1, &(0x7f0000000180)='./file0\x00', 0x101042, 0x2500)
write(r2, &(0x7f0000000080)="01", 0xffff8000)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
io_submit(0x0, 0x1, &(0x7f0000001340)=[0x0])
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f00000006c0)={<r4=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r3, 0xc0182101, &(0x7f0000000740)={r4, 0x37, 0x9})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000000)={r4, 0x0, r0, 0xffffff80, 0x80000})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000200)={0x0, 0x0, 0xffffffffffffffff, 0x0, 0xfe7})

19:32:52 executing program 2:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 11)

[ 1355.660146] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1355.660153] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1355.660160] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1355.660167] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1355.660186]  </TASK>
[ 1355.791642] FAULT_INJECTION: forcing a failure.
[ 1355.791642] name failslab, interval 1, probability 0, space 0, times 0
[ 1355.791662] CPU: 0 PID: 6468 Comm: syz-executor.6 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1355.791675] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1355.791683] Call Trace:
[ 1355.791687]  <TASK>
[ 1355.791692]  dump_stack_lvl+0x8b/0xb3
[ 1355.791712]  should_fail.cold+0x5/0xa
[ 1355.791724]  ? create_object.isra.0+0x3a/0xa20
[ 1355.791744]  should_failslab+0x5/0x10
[ 1355.791760]  kmem_cache_alloc+0x5b/0x480
[ 1355.791777]  create_object.isra.0+0x3a/0xa20
[ 1355.791797]  kmemleak_alloc_percpu+0xa0/0x100
[ 1355.791819]  pcpu_alloc+0x7bf/0x1060
[ 1355.791845]  ? io_sq_thread_unpark+0xba/0xba
[ 1355.791862]  percpu_ref_init+0x31/0x3d0
[ 1355.791884]  io_uring_setup.cold+0x49d/0x271c
[ 1355.791902]  ? lock_is_held_type+0xd7/0x130
[ 1355.791919]  ? io_sqe_files_register+0x230/0x230
[ 1355.791948]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1355.791972]  do_syscall_64+0x3b/0x90
[ 1355.791985]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1355.792002] RIP: 0033:0x7f011e7ddb19
[ 1355.792011] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1355.792022] RSP: 002b:00007f011bd53108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1355.792033] RAX: ffffffffffffffda RBX: 00007f011e8f0f60 RCX: 00007f011e7ddb19
[ 1355.792041] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1355.792049] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1355.792056] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1355.792063] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1355.792083]  </TASK>
[ 1355.800109] FAULT_INJECTION: forcing a failure.
[ 1355.800109] name failslab, interval 1, probability 0, space 0, times 0
[ 1355.800125] CPU: 0 PID: 6472 Comm: syz-executor.2 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1355.800137] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1355.800145] Call Trace:
[ 1355.800147]  <TASK>
[ 1355.800151]  dump_stack_lvl+0x8b/0xb3
[ 1355.800166]  should_fail.cold+0x5/0xa
[ 1355.800178]  ? create_object.isra.0+0x3a/0xa20
[ 1355.800196]  should_failslab+0x5/0x10
[ 1355.800211]  kmem_cache_alloc+0x5b/0x480
[ 1355.800226]  create_object.isra.0+0x3a/0xa20
[ 1355.800246]  kmemleak_alloc_percpu+0xa0/0x100
[ 1355.800267]  pcpu_alloc+0x7bf/0x1060
[ 1355.800288]  ? io_sq_thread_unpark+0xba/0xba
[ 1355.800304]  percpu_ref_init+0x31/0x3d0
[ 1355.800327]  io_uring_setup.cold+0x49d/0x271c
[ 1355.800344]  ? lock_is_held_type+0xd7/0x130
[ 1355.800362]  ? io_sqe_files_register+0x230/0x230
[ 1355.800390]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1355.800411]  do_syscall_64+0x3b/0x90
[ 1355.800424]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1355.800440] RIP: 0033:0x7f4ea96a2b19
[ 1355.800448] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1355.800458] RSP: 002b:00007f4ea6c18108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1355.800469] RAX: ffffffffffffffda RBX: 00007f4ea97b5f60 RCX: 00007f4ea96a2b19
[ 1355.800477] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1355.800484] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1355.800490] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1355.800497] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1355.800517]  </TASK>
[ 1355.937572] FAULT_INJECTION: forcing a failure.
[ 1355.937572] name failslab, interval 1, probability 0, space 0, times 0
[ 1355.937592] CPU: 0 PID: 6485 Comm: syz-executor.6 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1355.937606] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1355.937614] Call Trace:
[ 1355.937617]  <TASK>
[ 1355.937622]  dump_stack_lvl+0x8b/0xb3
[ 1355.937643]  should_fail.cold+0x5/0xa
[ 1355.937655]  ? create_object.isra.0+0x3a/0xa20
[ 1355.937677]  should_failslab+0x5/0x10
[ 1355.937693]  kmem_cache_alloc+0x5b/0x480
[ 1355.937710]  create_object.isra.0+0x3a/0xa20
[ 1355.937730]  kmemleak_alloc_percpu+0xa0/0x100
[ 1355.937751]  pcpu_alloc+0x7bf/0x1060
[ 1355.937773]  ? io_sq_thread_unpark+0xba/0xba
[ 1355.937789]  percpu_ref_init+0x31/0x3d0
[ 1355.937812]  io_uring_setup.cold+0x49d/0x271c
[ 1355.937829]  ? lock_is_held_type+0xd7/0x130
[ 1355.937847]  ? io_sqe_files_register+0x230/0x230
[ 1355.937876]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1355.937897]  do_syscall_64+0x3b/0x90
[ 1355.937911]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1355.937927] RIP: 0033:0x7f011e7ddb19
[ 1355.937935] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1355.937947] RSP: 002b:00007f011bd53108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1355.937958] RAX: ffffffffffffffda RBX: 00007f011e8f0f60 RCX: 00007f011e7ddb19
[ 1355.937970] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1355.937977] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1355.937984] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1355.937991] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1355.938011]  </TASK>
[ 1355.944961] FAULT_INJECTION: forcing a failure.
[ 1355.944961] name failslab, interval 1, probability 0, space 0, times 0
[ 1355.945056] CPU: 0 PID: 6487 Comm: syz-executor.2 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1355.945069] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1355.945076] Call Trace:
[ 1355.945079]  <TASK>
[ 1355.945083]  dump_stack_lvl+0x8b/0xb3
[ 1355.945098]  should_fail.cold+0x5/0xa
[ 1355.945110]  ? create_object.isra.0+0x3a/0xa20
[ 1355.945127]  should_failslab+0x5/0x10
[ 1355.945142]  kmem_cache_alloc+0x5b/0x480
[ 1355.945157]  create_object.isra.0+0x3a/0xa20
[ 1355.945178]  kmemleak_alloc_percpu+0xa0/0x100
[ 1355.945199]  pcpu_alloc+0x7bf/0x1060
[ 1355.945221]  ? io_sq_thread_unpark+0xba/0xba
[ 1355.945236]  percpu_ref_init+0x31/0x3d0
[ 1355.945257]  io_uring_setup.cold+0x49d/0x271c
[ 1355.945274]  ? lock_is_held_type+0xd7/0x130
[ 1355.945292]  ? io_sqe_files_register+0x230/0x230
[ 1355.945320]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1355.945342]  do_syscall_64+0x3b/0x90
[ 1355.945355]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1355.945370] RIP: 0033:0x7f4ea96a2b19
[ 1355.945379] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1355.945390] RSP: 002b:00007f4ea6c18108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1355.945401] RAX: ffffffffffffffda RBX: 00007f4ea97b5f60 RCX: 00007f4ea96a2b19
[ 1355.945409] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1355.945416] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1355.945423] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1355.945430] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1355.945450]  </TASK>
[ 1368.358862] kmemleak: 4 new suspected memory leaks (see /sys/kernel/debug/kmemleak)
19:33:11 executing program 5:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x9a620020824280f2, 0x0)
ioctl$CDROMRESET(r0, 0x5312)

19:33:11 executing program 7:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0x1263)

19:33:11 executing program 0:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x2, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240))

19:33:11 executing program 4:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000080)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r1 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[])
r2 = openat(r1, &(0x7f0000000180)='./file0\x00', 0x101042, 0x2500)
write(r2, &(0x7f0000000080)="01", 0xffff8000)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
io_submit(0x0, 0x1, &(0x7f0000001340)=[0x0])
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f00000006c0)={<r4=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r3, 0xc0182101, &(0x7f0000000740)={r4, 0x37, 0x9})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000000)={r4, 0x0, r0, 0xffffff80, 0x80000})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000200)={0x0, 0x0, 0xffffffffffffffff, 0x0, 0xfe7})

19:33:11 executing program 2:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 12)

19:33:11 executing program 3:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)=<r2=>0x0)
r3 = creat(0x0, 0x0)
r4 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140))
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
r6 = syz_io_uring_setup(0x76e7, &(0x7f0000000340), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000280), &(0x7f00000003c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0xa, 0x0, r5)
syz_io_uring_submit(0x0, r2, &(0x7f00000003c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x4, 0x0, @fd=r3, 0xfffffffffffffff9, 0x0, 0xf690, 0x0, 0x0, {0x0, r5}}, 0x1000)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
fchmodat(r7, &(0x7f0000000180)='./file0\x00', 0x4)
r8 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r9 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r9, r8, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r7, 0x5206, &(0x7f0000000480))

19:33:11 executing program 6:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 12)

19:33:11 executing program 1:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x2, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240))

[ 1375.657918] FAULT_INJECTION: forcing a failure.
[ 1375.657918] name failslab, interval 1, probability 0, space 0, times 0
[ 1375.657951] CPU: 1 PID: 6497 Comm: syz-executor.2 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1375.657992] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1375.658017] Call Trace:
[ 1375.658025]  <TASK>
[ 1375.658038]  dump_stack_lvl+0x8b/0xb3
[ 1375.658086]  should_fail.cold+0x5/0xa
[ 1375.658125]  ? percpu_ref_init+0xdb/0x3d0
[ 1375.658188]  should_failslab+0x5/0x10
[ 1375.658242]  kmem_cache_alloc_trace+0x55/0x3c0
[ 1375.658287]  ? io_sq_thread_unpark+0xba/0xba
[ 1375.658338]  percpu_ref_init+0xdb/0x3d0
[ 1375.658406]  io_uring_setup.cold+0x49d/0x271c
[ 1375.658464]  ? lock_is_held_type+0xd7/0x130
[ 1375.658523]  ? io_sqe_files_register+0x230/0x230
[ 1375.658609]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1375.658666]  do_syscall_64+0x3b/0x90
[ 1375.658690]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1375.658719] RIP: 0033:0x7f4ea96a2b19
[ 1375.658734] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
19:33:11 executing program 1:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x2, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240))

19:33:11 executing program 5:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
sendmsg$NL80211_CMD_DEL_TX_TS(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x78, 0x0, 0x10, 0x70bd2b, 0x25dfdbfc, {{}, {@val={0x8}, @val={0xc, 0x99, {0x8, 0x78}}}}, [@NL80211_ATTR_TSID={0x5, 0xd2, 0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_TSID={0x5, 0xd2, 0x7}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_TSID={0x5}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_TSID={0x5, 0xd2, 0xd}]}, 0x78}}, 0x4000880)
ioctl$CDROMRESET(r0, 0x5312)

[ 1375.658754] RSP: 002b:00007f4ea6c18108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1375.658775] RAX: ffffffffffffffda RBX: 00007f4ea97b5f60 RCX: 00007f4ea96a2b19
[ 1375.658789] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1375.658802] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1375.658814] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1375.658827] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1375.658863]  </TASK>
[ 1375.680125] FAULT_INJECTION: forcing a failure.
[ 1375.680125] name failslab, interval 1, probability 0, space 0, times 0
19:33:11 executing program 7:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0x1264)

[ 1375.680152] CPU: 1 PID: 6500 Comm: syz-executor.6 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1375.680185] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
19:33:11 executing program 4:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000080)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r1 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[])
r2 = openat(r1, &(0x7f0000000180)='./file0\x00', 0x101042, 0x2500)
write(r2, &(0x7f0000000080)="01", 0xffff8000)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
io_submit(0x0, 0x1, &(0x7f0000001340)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x2}])
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f00000006c0)={<r4=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r3, 0xc0182101, &(0x7f0000000740)={r4, 0x37, 0x9})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000000)={r4, 0x0, r0, 0xffffff80, 0x80000})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000200)={0x0, 0x0, 0xffffffffffffffff, 0x0, 0xfe7})

[ 1375.680209] Call Trace:
[ 1375.680217]  <TASK>
[ 1375.680229]  dump_stack_lvl+0x8b/0xb3
[ 1375.680272]  should_fail.cold+0x5/0xa
[ 1375.680311]  ? percpu_ref_init+0xdb/0x3d0
19:33:11 executing program 1:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240))

[ 1375.680371]  should_failslab+0x5/0x10
[ 1375.680418]  kmem_cache_alloc_trace+0x55/0x3c0
[ 1375.680459]  ? io_sq_thread_unpark+0xba/0xba
[ 1375.680506]  percpu_ref_init+0xdb/0x3d0
[ 1375.680570]  io_uring_setup.cold+0x49d/0x271c
[ 1375.680626]  ? lock_is_held_type+0xd7/0x130
[ 1375.680683]  ? io_sqe_files_register+0x230/0x230
[ 1375.680761]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1375.680812]  do_syscall_64+0x3b/0x90
[ 1375.680836]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1375.680864] RIP: 0033:0x7f011e7ddb19
[ 1375.680879] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1375.680903] RSP: 002b:00007f011bd53108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1375.680923] RAX: ffffffffffffffda RBX: 00007f011e8f0f60 RCX: 00007f011e7ddb19
[ 1375.680937] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1375.680950] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1375.680962] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1375.680975] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1375.681012]  </TASK>
[ 1387.286939] kmemleak: 4 new suspected memory leaks (see /sys/kernel/debug/kmemleak)
19:33:31 executing program 4:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000080)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r1 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[])
r2 = openat(r1, &(0x7f0000000180)='./file0\x00', 0x101042, 0x2500)
write(r2, &(0x7f0000000080)="01", 0xffff8000)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
io_submit(0x0, 0x1, &(0x7f0000001340)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x2}])
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f00000006c0)={<r4=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r3, 0xc0182101, &(0x7f0000000740)={r4, 0x37, 0x9})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000000)={r4, 0x0, r0, 0xffffff80, 0x80000})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000200)={0x0, 0x0, 0xffffffffffffffff, 0x0, 0xfe7})

19:33:31 executing program 1:
syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240))

19:33:31 executing program 3:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)=<r2=>0x0)
r3 = creat(0x0, 0x0)
r4 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140))
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
r6 = syz_io_uring_setup(0x76e7, &(0x7f0000000340), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000280), &(0x7f00000003c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0xa, 0x0, r5)
syz_io_uring_submit(0x0, r2, &(0x7f00000003c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x4, 0x0, @fd=r3, 0xfffffffffffffff9, 0x0, 0xf690, 0x0, 0x0, {0x0, r5}}, 0x1000)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
fchmodat(r7, &(0x7f0000000180)='./file0\x00', 0x4)
r8 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r9 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r9, r8, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r7, 0x5206, &(0x7f0000000480))

19:33:31 executing program 0:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x2, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240))

19:33:31 executing program 2:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 13)

19:33:31 executing program 6:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 13)

19:33:31 executing program 5:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0x5312)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x159801, 0x0)
r2 = syz_open_dev$hidraw(&(0x7f0000000040), 0x3, 0x100)
open_by_handle_at(r2, &(0x7f0000000100)=@orangefs={0x14, 0x1, {"678f11fc4aaed807212a0d65f4816a37", 0x40}}, 0x10200)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'rose0\x00'})
pwritev2(r1, &(0x7f0000000600)=[{&(0x7f0000000140)="7d6d540c10037b9b35480d310900", 0xe}, {0x0}], 0x2, 0x0, 0x0, 0x0)
write$binfmt_aout(r1, &(0x7f00000001c0)=ANY=[@ANYBLOB="0701800183020000370300000400000013020000f3000000000000000000000070c585038b758377a034f25f2397ca17ec71c15184792c0e0f2c7def506600000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000190a734f010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000055a8e384d800"/323], 0x13e)

19:33:31 executing program 7:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0x1265)

[ 1395.668296] FAULT_INJECTION: forcing a failure.
[ 1395.668296] name failslab, interval 1, probability 0, space 0, times 0
[ 1395.668316] CPU: 0 PID: 6543 Comm: syz-executor.6 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1395.668329] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1395.668337] Call Trace:
[ 1395.668340]  <TASK>
[ 1395.668345]  dump_stack_lvl+0x8b/0xb3
[ 1395.668364]  should_fail.cold+0x5/0xa
[ 1395.668377]  ? create_object.isra.0+0x3a/0xa20
[ 1395.668396]  should_failslab+0x5/0x10
[ 1395.668412]  kmem_cache_alloc+0x5b/0x480
[ 1395.668428]  create_object.isra.0+0x3a/0xa20
[ 1395.668443]  ? kasan_unpoison+0x23/0x50
[ 1395.668461]  kmem_cache_alloc_trace+0x22e/0x3c0
19:33:31 executing program 1:
syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240))

[ 1395.668475]  ? io_sq_thread_unpark+0xba/0xba
19:33:31 executing program 6:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 14)

[ 1395.668491]  percpu_ref_init+0xdb/0x3d0
[ 1395.668513]  io_uring_setup.cold+0x49d/0x271c
[ 1395.668531]  ? lock_is_held_type+0xd7/0x130
[ 1395.668549]  ? io_sqe_files_register+0x230/0x230
[ 1395.668578]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1395.668600]  do_syscall_64+0x3b/0x90
19:33:31 executing program 7:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0x1267)

[ 1395.668612]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1395.668628] RIP: 0033:0x7f011e7ddb19
[ 1395.668637] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1395.668648] RSP: 002b:00007f011bd53108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1395.668660] RAX: ffffffffffffffda RBX: 00007f011e8f0f60 RCX: 00007f011e7ddb19
[ 1395.668668] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1395.668675] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
19:33:31 executing program 0:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240))

[ 1395.668682] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1395.668689] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1395.668708]  </TASK>
[ 1395.692274] FAULT_INJECTION: forcing a failure.
[ 1395.692274] name failslab, interval 1, probability 0, space 0, times 0
[ 1395.692308] CPU: 1 PID: 6534 Comm: syz-executor.2 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1395.692332] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1395.692348] Call Trace:
[ 1395.692353]  <TASK>
[ 1395.692361]  dump_stack_lvl+0x8b/0xb3
[ 1395.692394]  should_fail.cold+0x5/0xa
[ 1395.692417]  ? create_object.isra.0+0x3a/0xa20
[ 1395.692452]  should_failslab+0x5/0x10
[ 1395.692483]  kmem_cache_alloc+0x5b/0x480
[ 1395.692512]  create_object.isra.0+0x3a/0xa20
[ 1395.692541]  ? kasan_unpoison+0x23/0x50
[ 1395.692574]  kmem_cache_alloc_trace+0x22e/0x3c0
[ 1395.692600]  ? io_sq_thread_unpark+0xba/0xba
[ 1395.692628]  percpu_ref_init+0xdb/0x3d0
19:33:32 executing program 3:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)=<r2=>0x0)
r3 = creat(&(0x7f0000000380)='./file1\x00', 0x0)
r4 = syz_io_uring_setup(0x0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140))
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
r6 = syz_io_uring_setup(0x76e7, &(0x7f0000000340), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000280), &(0x7f00000003c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0xa, 0x0, r5)
syz_io_uring_submit(0x0, r2, &(0x7f00000003c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x4, 0x0, @fd=r3, 0xfffffffffffffff9, 0x0, 0xf690, 0x0, 0x0, {0x0, r5}}, 0x1000)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
fchmodat(r7, &(0x7f0000000180)='./file0\x00', 0x4)
r8 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r9 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r9, r8, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r7, 0x5206, &(0x7f0000000480))

[ 1395.692668]  io_uring_setup.cold+0x49d/0x271c
[ 1395.692700]  ? lock_is_held_type+0xd7/0x130
[ 1395.692734]  ? io_sqe_files_register+0x230/0x230
[ 1395.692786]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1395.692825]  do_syscall_64+0x3b/0x90
[ 1395.692849]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1395.692878] RIP: 0033:0x7f4ea96a2b19
[ 1395.692895] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1395.692915] RSP: 002b:00007f4ea6c18108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1395.692937] RAX: ffffffffffffffda RBX: 00007f4ea97b5f60 RCX: 00007f4ea96a2b19
[ 1395.692951] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1395.692970] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1395.692983] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1395.692996] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1395.693032]  </TASK>
[ 1395.817052] FAULT_INJECTION: forcing a failure.
[ 1395.817052] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1395.817072] CPU: 0 PID: 6558 Comm: syz-executor.6 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1395.817103] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1395.817126] Call Trace:
[ 1395.817134]  <TASK>
[ 1395.817145]  dump_stack_lvl+0x8b/0xb3
[ 1395.817186]  should_fail.cold+0x5/0xa
[ 1395.817223]  prepare_alloc_pages+0x17b/0x500
[ 1395.817289]  __alloc_pages+0x131/0x4e0
[ 1395.817327]  ? __alloc_pages_slowpath.constprop.0+0x1f10/0x1f10
[ 1395.817385]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 1395.817451]  ? cap_capable+0x1eb/0x250
[ 1395.817514]  alloc_pages+0x1a0/0x2f0
[ 1395.817562]  __get_free_pages+0xc/0xa0
[ 1395.817616]  io_uring_setup.cold+0x11b4/0x271c
[ 1395.817673]  ? io_sqe_files_register+0x230/0x230
[ 1395.817708]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1395.817731]  do_syscall_64+0x3b/0x90
[ 1395.817744]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1395.817761] RIP: 0033:0x7f011e7ddb19
[ 1395.817770] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1395.817781] RSP: 002b:00007f011bd53108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1395.817793] RAX: ffffffffffffffda RBX: 00007f011e8f0f60 RCX: 00007f011e7ddb19
[ 1395.817801] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1395.817808] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1395.817815] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1395.817822] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1395.817841]  </TASK>
[ 1406.862664] kmemleak: 4 new suspected memory leaks (see /sys/kernel/debug/kmemleak)
19:33:50 executing program 1:
syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240))

19:33:50 executing program 0:
syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240))

19:33:50 executing program 3:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)=<r2=>0x0)
r3 = creat(&(0x7f0000000380)='./file1\x00', 0x0)
r4 = syz_io_uring_setup(0x0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140))
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
r6 = syz_io_uring_setup(0x76e7, &(0x7f0000000340), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000280), &(0x7f00000003c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0xa, 0x0, r5)
syz_io_uring_submit(0x0, r2, &(0x7f00000003c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x4, 0x0, @fd=r3, 0xfffffffffffffff9, 0x0, 0xf690, 0x0, 0x0, {0x0, r5}}, 0x1000)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
fchmodat(r7, &(0x7f0000000180)='./file0\x00', 0x4)
r8 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r9 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r9, r8, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r7, 0x5206, &(0x7f0000000480))

19:33:50 executing program 4:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000080)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r1 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[])
r2 = openat(r1, &(0x7f0000000180)='./file0\x00', 0x101042, 0x2500)
write(r2, &(0x7f0000000080)="01", 0xffff8000)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
io_submit(0x0, 0x1, &(0x7f0000001340)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x2}])
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f00000006c0)={<r4=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r3, 0xc0182101, &(0x7f0000000740)={r4, 0x37, 0x9})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000000)={r4, 0x0, r0, 0xffffff80, 0x80000})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000200)={0x0, 0x0, 0xffffffffffffffff, 0x0, 0xfe7})

19:33:50 executing program 5:
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_mreq(r0, 0x29, 0x15, &(0x7f0000000000)={@private2}, 0x14)
r1 = socket$nl_sock_diag(0x10, 0x3, 0x4)
dup3(r0, r1, 0x80000)
r2 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r2, 0x5312)
ioctl$FITRIM(0xffffffffffffffff, 0xc0185879, &(0x7f0000000040)={0x9, 0x1, 0x9})

19:33:50 executing program 2:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 14)

19:33:50 executing program 7:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0x1268)

19:33:50 executing program 6:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 15)

[ 1413.901349] FAULT_INJECTION: forcing a failure.
[ 1413.901349] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1413.901383] CPU: 1 PID: 6573 Comm: syz-executor.2 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1413.901407] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1413.901421] Call Trace:
[ 1413.901426]  <TASK>
[ 1413.901434]  dump_stack_lvl+0x8b/0xb3
[ 1413.901466]  should_fail.cold+0x5/0xa
[ 1413.901493]  prepare_alloc_pages+0x17b/0x500
[ 1413.901538]  __alloc_pages+0x131/0x4e0
19:33:50 executing program 4:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000080)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r1 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[])
r2 = openat(r1, &(0x7f0000000180)='./file0\x00', 0x101042, 0x2500)
write(r2, &(0x7f0000000080)="01", 0xffff8000)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
io_submit(0x0, 0x1, &(0x7f0000001340)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x2}])
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f00000006c0)={<r4=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r3, 0xc0182101, &(0x7f0000000740)={r4, 0x37, 0x9})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000000)={r4, 0x0, r0, 0xffffff80, 0x80000})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000200)={0x0, 0x0, 0xffffffffffffffff, 0x0, 0xfe7})

19:33:50 executing program 1:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, 0x0, &(0x7f0000000240))

[ 1413.901563]  ? __alloc_pages_slowpath.constprop.0+0x1f10/0x1f10
[ 1413.901605]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 1413.901641]  ? cap_capable+0x1eb/0x250
[ 1413.901684]  alloc_pages+0x1a0/0x2f0
[ 1413.901750]  __get_free_pages+0xc/0xa0
[ 1413.901783]  io_uring_setup.cold+0x11b4/0x271c
[ 1413.901821]  ? io_sqe_files_register+0x230/0x230
[ 1413.901874]  ? syscall_enter_from_user_mode+0x1d/0x50
19:33:50 executing program 7:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0x1269)

[ 1413.901914]  do_syscall_64+0x3b/0x90
[ 1413.901939]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1413.901972] RIP: 0033:0x7f4ea96a2b19
[ 1413.901989] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1413.902008] RSP: 002b:00007f4ea6c18108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
19:33:50 executing program 6:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 16)

[ 1413.902030] RAX: ffffffffffffffda RBX: 00007f4ea97b5f60 RCX: 00007f4ea96a2b19
[ 1413.902044] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
19:33:50 executing program 5:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x96380, 0x0)
r1 = openat$sr(0xffffffffffffff9c, &(0x7f0000000040), 0x1429f651499f3a55, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x149802, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={'rose0\x00'})
pwritev2(r2, &(0x7f0000000600)=[{&(0x7f00000000c0)="7d6d540c10037b9b35480d310900", 0xe}, {0x0}], 0x2, 0x0, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_READY(r1, 0xc0189376, &(0x7f0000000100)=ANY=[@ANYBLOB="014dc7e99f000000180000004403b96dc147da6c3ead3ea4e57d3b52de8d7402a2cf5fa7cff03aeffee03ed732cd094931b2cb182a1b65e46b379ea5714c20b3826d9c1ce338a030f978af93", @ANYRES32=r2, @ANYBLOB='V\x00\x00\x00\x00\x00\x00\x00./file0\x00'])
ioctl$CDROMRESET(r0, 0x5312)

[ 1413.902056] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1413.902069] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1413.902081] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1413.902118]  </TASK>
[ 1413.921292] FAULT_INJECTION: forcing a failure.
[ 1413.921292] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1413.921325] CPU: 1 PID: 6580 Comm: syz-executor.6 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1413.921348] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1413.921362] Call Trace:
19:33:50 executing program 0:
syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240))

[ 1413.921367]  <TASK>
[ 1413.921375]  dump_stack_lvl+0x8b/0xb3
[ 1413.921406]  should_fail.cold+0x5/0xa
[ 1413.921432]  prepare_alloc_pages+0x17b/0x500
[ 1413.921467]  ? lock_is_held_type+0xd7/0x130
[ 1413.921504]  __alloc_pages+0x131/0x4e0
[ 1413.921531]  ? __alloc_pages_slowpath.constprop.0+0x1f10/0x1f10
[ 1413.921576]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
19:33:50 executing program 4:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000080)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r1 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[])
r2 = openat(r1, &(0x7f0000000180)='./file0\x00', 0x101042, 0x2500)
write(r2, &(0x7f0000000080)="01", 0xffff8000)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
io_submit(0x0, 0x1, &(0x7f0000001340)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x2}])
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f00000006c0)={<r4=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r3, 0xc0182101, &(0x7f0000000740)={r4, 0x37, 0x9})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000000)={r4, 0x0, r0, 0xffffff80, 0x80000})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000200)={0x0, 0x0, 0xffffffffffffffff, 0x0, 0xfe7})

[ 1413.921610]  ? cap_capable+0x1eb/0x250
[ 1413.921653]  alloc_pages+0x1a0/0x2f0
[ 1413.921685]  __get_free_pages+0xc/0xa0
19:33:50 executing program 2:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 15)

19:33:50 executing program 1:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, 0x0, &(0x7f0000000240))

[ 1413.921733]  io_uring_setup.cold+0x13d4/0x271c
[ 1413.921772]  ? io_sqe_files_register+0x230/0x230
[ 1413.921824]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1413.921864]  do_syscall_64+0x3b/0x90
[ 1413.921887]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1413.921916] RIP: 0033:0x7f011e7ddb19
[ 1413.921932] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
19:33:50 executing program 3:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)=<r2=>0x0)
r3 = creat(&(0x7f0000000380)='./file1\x00', 0x0)
r4 = syz_io_uring_setup(0x0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140))
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
r6 = syz_io_uring_setup(0x76e7, &(0x7f0000000340), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000280), &(0x7f00000003c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0xa, 0x0, r5)
syz_io_uring_submit(0x0, r2, &(0x7f00000003c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x4, 0x0, @fd=r3, 0xfffffffffffffff9, 0x0, 0xf690, 0x0, 0x0, {0x0, r5}}, 0x1000)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
fchmodat(r7, &(0x7f0000000180)='./file0\x00', 0x4)
r8 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r9 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r9, r8, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r7, 0x5206, &(0x7f0000000480))

[ 1413.921957] RSP: 002b:00007f011bd53108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1413.921983] RAX: ffffffffffffffda RBX: 00007f011e8f0f60 RCX: 00007f011e7ddb19
[ 1413.921997] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1413.922009] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1413.922022] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1413.922035] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1413.922071]  </TASK>
[ 1414.073465] FAULT_INJECTION: forcing a failure.
[ 1414.073465] name failslab, interval 1, probability 0, space 0, times 0
[ 1414.073486] CPU: 0 PID: 6598 Comm: syz-executor.6 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1414.073499] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1414.073511] Call Trace:
[ 1414.073515]  <TASK>
[ 1414.073519]  dump_stack_lvl+0x8b/0xb3
[ 1414.073539]  should_fail.cold+0x5/0xa
[ 1414.073551]  ? io_rsrc_node_switch_start.part.0+0x43/0x240
19:33:50 executing program 7:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0x1274)

19:33:50 executing program 4:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000080)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r1 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[])
r2 = openat(r1, &(0x7f0000000180)='./file0\x00', 0x101042, 0x2500)
write(r2, &(0x7f0000000080)="01", 0xffff8000)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
io_submit(0x0, 0x1, &(0x7f0000001340)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x2}])
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f00000006c0)={<r4=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r3, 0xc0182101, &(0x7f0000000740)={r4, 0x37, 0x9})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000000)={r4, 0x0, r0, 0xffffff80, 0x80000})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000200)={0x0, 0x0, 0xffffffffffffffff, 0x0, 0xfe7})

[ 1414.073569]  should_failslab+0x5/0x10
[ 1414.073586]  kmem_cache_alloc_trace+0x55/0x3c0
[ 1414.073603]  io_rsrc_node_switch_start.part.0+0x43/0x240
[ 1414.073620]  io_uring_setup.cold+0x1daa/0x271c
[ 1414.073642]  ? io_sqe_files_register+0x230/0x230
[ 1414.073669]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1414.073692]  do_syscall_64+0x3b/0x90
[ 1414.073711]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1414.073727] RIP: 0033:0x7f011e7ddb19
[ 1414.073736] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1414.073748] RSP: 002b:00007f011bd53108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1414.073760] RAX: ffffffffffffffda RBX: 00007f011e8f0f60 RCX: 00007f011e7ddb19
[ 1414.073768] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1414.073775] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1414.073782] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1414.073789] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1414.073808]  </TASK>
[ 1414.159843] FAULT_INJECTION: forcing a failure.
[ 1414.159843] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1414.159876] CPU: 1 PID: 6612 Comm: syz-executor.2 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1414.159915] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1414.159939] Call Trace:
[ 1414.159954]  <TASK>
[ 1414.159967]  dump_stack_lvl+0x8b/0xb3
[ 1414.160015]  should_fail.cold+0x5/0xa
[ 1414.160059]  prepare_alloc_pages+0x17b/0x500
[ 1414.160122]  ? lock_is_held_type+0xd7/0x130
[ 1414.160185]  __alloc_pages+0x131/0x4e0
[ 1414.160230]  ? __alloc_pages_slowpath.constprop.0+0x1f10/0x1f10
[ 1414.160299]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 1414.160362]  ? cap_capable+0x1eb/0x250
[ 1414.160435]  alloc_pages+0x1a0/0x2f0
[ 1414.160491]  __get_free_pages+0xc/0xa0
[ 1414.160551]  io_uring_setup.cold+0x13d4/0x271c
[ 1414.160618]  ? io_sqe_files_register+0x230/0x230
[ 1414.160703]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1414.160752]  do_syscall_64+0x3b/0x90
[ 1414.160776]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1414.160805] RIP: 0033:0x7f4ea96a2b19
[ 1414.160821] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1414.160840] RSP: 002b:00007f4ea6c18108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1414.160861] RAX: ffffffffffffffda RBX: 00007f4ea97b5f60 RCX: 00007f4ea96a2b19
[ 1414.160875] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1414.160888] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1414.160901] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1414.160913] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1414.160949]  </TASK>
[ 1425.203728] kmemleak: 4 new suspected memory leaks (see /sys/kernel/debug/kmemleak)
19:34:09 executing program 6:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 17)

19:34:09 executing program 5:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0x5312)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x149802, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'rose0\x00'})
pwritev2(r1, &(0x7f0000000600)=[{&(0x7f00000000c0)="7d6d540c10037b9b35480d310900", 0xe}, {0x0}], 0x2, 0x0, 0x0, 0x0)
ioctl$F2FS_IOC_SET_PIN_FILE(0xffffffffffffffff, 0x4004f50d, &(0x7f0000007680))
ioctl$F2FS_IOC_START_VOLATILE_WRITE(r1, 0xf503, 0x0)
io_setup(0x9, &(0x7f0000000040)=<r2=>0x0)
clock_gettime(0x0, &(0x7f0000007140))
recvmmsg(r0, &(0x7f0000006f40)=[{{0x0, 0x0, &(0x7f0000002380)=[{&(0x7f0000000080)=""/236, 0xec}, {&(0x7f0000000180)=""/139, 0x8b}, {&(0x7f0000000240)=""/63, 0x3f}, {&(0x7f0000000280)=""/4096, 0x1000}, {&(0x7f0000001280)=""/204, 0xcc}, {&(0x7f0000001380)=""/4096, 0x1000}], 0x6, &(0x7f0000002400)=""/111, 0x6f}, 0x6}, {{&(0x7f0000002480)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x80, &(0x7f0000002680)=[{&(0x7f0000002500)=""/125, 0x7d}, {&(0x7f0000002580)=""/61, 0x3d}, {&(0x7f00000025c0)=""/170, 0xaa}], 0x3, &(0x7f00000026c0)=""/167, 0xa7}, 0x3}, {{&(0x7f0000002780)=@in6, 0x80, &(0x7f0000002b00)=[{&(0x7f0000002800)=""/242, 0xf2}, {&(0x7f0000002900)=""/72, 0x48}, {&(0x7f0000002980)=""/133, 0x85}, {&(0x7f0000002a40)=""/173, 0xad}], 0x4, &(0x7f0000002b40)=""/156, 0x9c}, 0x2}, {{&(0x7f0000002c00)=@tipc, 0x80, &(0x7f0000002cc0)=[{&(0x7f0000002c80)=""/33, 0x21}], 0x1, &(0x7f0000002d00)=""/53, 0x35}, 0x2}, {{&(0x7f0000002d40)=@isdn, 0x80, &(0x7f00000042c0)=[{&(0x7f0000002dc0)=""/137, 0x89}, {&(0x7f0000002e80)=""/118, 0x76}, {&(0x7f0000002f00)=""/69, 0x45}, {0xfffffffffffffffe}, {&(0x7f0000002f80)=""/4096, 0x1000}, {&(0x7f00000076c0)=""/120, 0x78}, {&(0x7f0000004000)=""/181, 0xb5}, {&(0x7f00000040c0)=""/135, 0x87}, {&(0x7f0000004180)=""/210, 0xd2}, {&(0x7f0000004280)=""/63, 0x3f}], 0xa, &(0x7f0000004380)=""/234, 0xea}, 0x5}, {{&(0x7f0000004480)=@can, 0x80, &(0x7f0000004600)=[{&(0x7f0000004500)=""/234, 0xea}], 0x1, &(0x7f0000004640)=""/4096, 0x1000}, 0x8}, {{&(0x7f0000005640)=@ax25={{}, [@null, @bcast, @default, @null, @default, @rose, @rose]}, 0x80, &(0x7f0000005880)=[{&(0x7f00000056c0)=""/124, 0x7c}, {&(0x7f0000005740)=""/130, 0x82}, {&(0x7f0000005800)=""/72, 0x48}], 0x3, &(0x7f00000058c0)=""/141, 0x8d}, 0x7f}, {{&(0x7f0000005980)=@pppol2tpv3in6={0x18, 0x1, {0x0, <r3=>0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @initdev}}}, 0x80, &(0x7f0000006dc0)=[{&(0x7f0000005a00)=""/96, 0x60}, {&(0x7f0000005a80)=""/221, 0xdd}, {&(0x7f0000005b80)=""/226, 0xe2}, {&(0x7f0000005c80)=""/4096, 0x1000}, {&(0x7f0000006c80)=""/55, 0x37}, {&(0x7f0000006cc0)=""/24, 0x18}, {&(0x7f0000006d00)=""/44, 0x2c}, {&(0x7f0000006d40)=""/128, 0x80}], 0x8, &(0x7f0000006e40)=""/226, 0xe2}, 0x2}], 0x8, 0x21, &(0x7f0000007180)={0x0, 0x3938700})
r4 = open_tree(r0, &(0x7f0000007240)='./file0\x00', 0x1000)
r5 = inotify_init()
r6 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000007580)='/sys/class/pps', 0x181000, 0xa3)
ioctl$sock_inet6_udp_SIOCINQ(r6, 0x541b, &(0x7f00000075c0))
r7 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000007600), 0x1, 0x0)
mknodat$loop(r7, &(0x7f0000007640)='./file1\x00', 0x80, 0x1)
r8 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/fscaps', 0x200000, 0x0)
r9 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x4042, 0x0)
fcntl$dupfd(r8, 0x0, r9)
io_submit(r2, 0x3, &(0x7f0000007540)=[&(0x7f0000007280)={0x0, 0x0, 0x0, 0x5, 0xff00, r3, &(0x7f00000071c0)="72b30302bb45190fa66e7ae7ec9517cd3bfe1263738e5a5fdc098b1d0ec906282820e24d319c30fee7ea1af90fa95a7ce5de1eb025d4097c0de1b9304d285d3e076c6190b7412bf0a6a37f01cd20c242c284a245e201b5cb11654f2eb4241c", 0x5f, 0x2, 0x0, 0x3, r4}, &(0x7f00000073c0)={0x0, 0x0, 0x0, 0x3, 0x8001, r0, &(0x7f00000072c0)="d354ceda9bdab8a26a4d69e080952dba6279f458d4aea90a2c253e6a0aa5f71dec0d6d044c0470229ec6fd1d73a65e53f4e2411681d43fadf77ae08691f7b2bcb8fdeb53ded1a78d381b60621ba827799ae6dec07c1b8abb3386c7dfeafba96cfb188e5beef17add97d37556d26162150a4a966c5a25c3c8e5d6852fc52e8bb875c4c174c2bbb33a5248dca250e94d7f699f18e492a8a25a3cdaf71cd27a29bfa86afdc20153b13cf620828a6ac5bb3e88f3b76f5cb02bb803253e7ae3e26cb88c2179c84d1a5c8ea7d4d0e90109c142", 0xd0, 0x8, 0x0, 0x2}, &(0x7f0000007500)={0x0, 0x0, 0x0, 0x2, 0x0, r5, &(0x7f0000007400)="a277dc2aeb47bedf7e894b9b922888a084e2241a522b8cf44d373c361dae7c031ebbfa6e69e0588b737d1fb6e3d692c84430d34c22b26eb5d2ece17ad63d6d8a1d2478f2bae872757b78d9fab2e82509a7817cd484298994e7f75ac0a8418e315dd6aa2fc6ee0d4122baf43045168ab969fb83fadf50c67dcda62667b442ef79f8d6352d8e07c2b2585ce0015710c4700f87f5f46123ba65b4b6efa761fa26e4a0f9700cd42c297f3c272353ddc562b56835d70ad96fb45a7d1859ffc804a91edbb3e9015d10aeaa248545afdf", 0xcd, 0x33e6, 0x0, 0x1, r9}])

19:34:09 executing program 3:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)=<r2=>0x0)
r3 = creat(&(0x7f0000000380)='./file1\x00', 0x0)
r4 = syz_io_uring_setup(0x1, 0x0, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140))
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
r6 = syz_io_uring_setup(0x76e7, &(0x7f0000000340), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000280), &(0x7f00000003c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0xa, 0x0, r5)
syz_io_uring_submit(0x0, r2, &(0x7f00000003c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x4, 0x0, @fd=r3, 0xfffffffffffffff9, 0x0, 0xf690, 0x0, 0x0, {0x0, r5}}, 0x1000)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
fchmodat(r7, &(0x7f0000000180)='./file0\x00', 0x4)
r8 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r9 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r9, r8, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r7, 0x5206, &(0x7f0000000480))

19:34:09 executing program 2:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 16)

19:34:09 executing program 4:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000080)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r1 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[])
r2 = openat(r1, &(0x7f0000000180)='./file0\x00', 0x101042, 0x2500)
write(r2, &(0x7f0000000080)="01", 0xffff8000)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
io_submit(0x0, 0x1, &(0x7f0000001340)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x2}])
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r3, 0xc0182101, &(0x7f0000000740)={0x0, 0x37, 0x9})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000000)={0x0, 0x0, r0, 0xffffff80, 0x80000})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000200)={0x0, 0x0, 0xffffffffffffffff, 0x0, 0xfe7})

19:34:09 executing program 0:
syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240))

19:34:09 executing program 7:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0x1276)

19:34:09 executing program 1:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, 0x0, &(0x7f0000000240))

[ 1432.886461] FAULT_INJECTION: forcing a failure.
[ 1432.886461] name failslab, interval 1, probability 0, space 0, times 0
[ 1432.886481] CPU: 0 PID: 6629 Comm: syz-executor.6 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1432.886495] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1432.886503] Call Trace:
[ 1432.886506]  <TASK>
[ 1432.886511]  dump_stack_lvl+0x8b/0xb3
[ 1432.886535]  should_fail.cold+0x5/0xa
[ 1432.886551]  ? create_object.isra.0+0x3a/0xa20
[ 1432.886574]  should_failslab+0x5/0x10
[ 1432.886594]  kmem_cache_alloc+0x5b/0x480
[ 1432.886610]  create_object.isra.0+0x3a/0xa20
[ 1432.886627]  ? kasan_unpoison+0x23/0x50
[ 1432.886647]  kmem_cache_alloc_trace+0x22e/0x3c0
[ 1432.886663]  io_rsrc_node_switch_start.part.0+0x43/0x240
[ 1432.886684]  io_uring_setup.cold+0x1daa/0x271c
[ 1432.886706]  ? io_sqe_files_register+0x230/0x230
[ 1432.886736]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1432.886759]  do_syscall_64+0x3b/0x90
[ 1432.886772]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1432.886788] RIP: 0033:0x7f011e7ddb19
[ 1432.886797] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1432.886807] RSP: 002b:00007f011bd53108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1432.886819] RAX: ffffffffffffffda RBX: 00007f011e8f0f60 RCX: 00007f011e7ddb19
[ 1432.886827] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1432.886833] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
19:34:09 executing program 4:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000080)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r1 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[])
r2 = openat(r1, &(0x7f0000000180)='./file0\x00', 0x101042, 0x2500)
write(r2, &(0x7f0000000080)="01", 0xffff8000)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
io_submit(0x0, 0x1, &(0x7f0000001340)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x2}])
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r3, 0xc0182101, &(0x7f0000000740)={0x0, 0x37, 0x9})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000000)={0x0, 0x0, r0, 0xffffff80, 0x80000})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000200)={0x0, 0x0, 0xffffffffffffffff, 0x0, 0xfe7})

[ 1432.886840] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1432.886847] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1432.886867]  </TASK>
[ 1432.889991] FAULT_INJECTION: forcing a failure.
[ 1432.889991] name failslab, interval 1, probability 0, space 0, times 0
[ 1432.890006] CPU: 0 PID: 6626 Comm: syz-executor.2 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1432.890018] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1432.890025] Call Trace:
[ 1432.890027]  <TASK>
19:34:09 executing program 2:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 17)

[ 1432.890031]  dump_stack_lvl+0x8b/0xb3
[ 1432.890045]  should_fail.cold+0x5/0xa
[ 1432.890056]  ? io_rsrc_node_switch_start.part.0+0x43/0x240
[ 1432.890073]  should_failslab+0x5/0x10
[ 1432.890087]  kmem_cache_alloc_trace+0x55/0x3c0
[ 1432.890102]  io_rsrc_node_switch_start.part.0+0x43/0x240
[ 1432.890122]  io_uring_setup.cold+0x1daa/0x271c
[ 1432.890143]  ? io_sqe_files_register+0x230/0x230
[ 1432.890171]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1432.890192]  do_syscall_64+0x3b/0x90
[ 1432.890205]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1432.890220] RIP: 0033:0x7f4ea96a2b19
[ 1432.890228] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1432.890238] RSP: 002b:00007f4ea6c18108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1432.890249] RAX: ffffffffffffffda RBX: 00007f4ea97b5f60 RCX: 00007f4ea96a2b19
[ 1432.890257] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1432.890264] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1432.890271] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1432.890277] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1432.890297]  </TASK>
[ 1433.041479] FAULT_INJECTION: forcing a failure.
[ 1433.041479] name failslab, interval 1, probability 0, space 0, times 0
[ 1433.041501] CPU: 0 PID: 6649 Comm: syz-executor.2 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1433.041515] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1433.041523] Call Trace:
[ 1433.041526]  <TASK>
[ 1433.041531]  dump_stack_lvl+0x8b/0xb3
[ 1433.041551]  should_fail.cold+0x5/0xa
[ 1433.041563]  ? create_object.isra.0+0x3a/0xa20
[ 1433.041582]  should_failslab+0x5/0x10
[ 1433.041599]  kmem_cache_alloc+0x5b/0x480
[ 1433.041615]  create_object.isra.0+0x3a/0xa20
[ 1433.041630]  ? kasan_unpoison+0x23/0x50
[ 1433.041648]  kmem_cache_alloc_trace+0x22e/0x3c0
[ 1433.041663]  io_rsrc_node_switch_start.part.0+0x43/0x240
[ 1433.041682]  io_uring_setup.cold+0x1daa/0x271c
[ 1433.041703]  ? io_sqe_files_register+0x230/0x230
[ 1433.041731]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1433.041753]  do_syscall_64+0x3b/0x90
[ 1433.041767]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1433.041783] RIP: 0033:0x7f4ea96a2b19
[ 1433.041792] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1433.041803] RSP: 002b:00007f4ea6c18108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1433.041815] RAX: ffffffffffffffda RBX: 00007f4ea97b5f60 RCX: 00007f4ea96a2b19
[ 1433.041822] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1433.041829] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1433.041836] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1433.041843] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1433.041862]  </TASK>
[ 1444.739660] kmemleak: 4 new suspected memory leaks (see /sys/kernel/debug/kmemleak)
19:34:29 executing program 2:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 18)

19:34:29 executing program 1:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), 0x0)

19:34:29 executing program 4:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000080)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r1 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[])
r2 = openat(r1, &(0x7f0000000180)='./file0\x00', 0x101042, 0x2500)
write(r2, &(0x7f0000000080)="01", 0xffff8000)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
io_submit(0x0, 0x1, &(0x7f0000001340)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x2}])
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r3, 0xc0182101, &(0x7f0000000740)={0x0, 0x37, 0x9})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000000)={0x0, 0x0, r0, 0xffffff80, 0x80000})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000200)={0x0, 0x0, 0xffffffffffffffff, 0x0, 0xfe7})

19:34:29 executing program 7:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0x1277)

19:34:29 executing program 0:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, 0x0, &(0x7f0000000240))

19:34:29 executing program 6:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 18)

19:34:29 executing program 3:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)=<r2=>0x0)
r3 = creat(&(0x7f0000000380)='./file1\x00', 0x0)
r4 = syz_io_uring_setup(0x1, 0x0, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140))
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
r6 = syz_io_uring_setup(0x76e7, &(0x7f0000000340), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000280), &(0x7f00000003c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0xa, 0x0, r5)
syz_io_uring_submit(0x0, r2, &(0x7f00000003c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x4, 0x0, @fd=r3, 0xfffffffffffffff9, 0x0, 0xf690, 0x0, 0x0, {0x0, r5}}, 0x1000)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
fchmodat(r7, &(0x7f0000000180)='./file0\x00', 0x4)
r8 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r9 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r9, r8, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r7, 0x5206, &(0x7f0000000480))

19:34:29 executing program 5:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x800, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'rose0\x00'})
pwritev2(r1, &(0x7f0000000600)=[{&(0x7f00000000c0)="7d6d540c10037b9b35480d310900", 0xe}, {0x0}], 0x2, 0x0, 0x0, 0x0)
kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, r0, &(0x7f0000000040)={r0, r1, 0x6})
ioctl$CDROMRESET(r0, 0x5312)

[ 1453.422043] FAULT_INJECTION: forcing a failure.
[ 1453.422043] name failslab, interval 1, probability 0, space 0, times 0
[ 1453.422075] CPU: 1 PID: 6661 Comm: syz-executor.6 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1453.422099] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1453.422112] Call Trace:
[ 1453.422118]  <TASK>
[ 1453.422125]  dump_stack_lvl+0x8b/0xb3
[ 1453.422158]  should_fail.cold+0x5/0xa
[ 1453.422180]  ? create_object.isra.0+0x3a/0xa20
[ 1453.422213]  should_failslab+0x5/0x10
[ 1453.422242]  kmem_cache_alloc+0x5b/0x480
[ 1453.422296]  create_object.isra.0+0x3a/0xa20
19:34:29 executing program 0:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, 0x0, &(0x7f0000000240))

[ 1453.422333]  kmemleak_alloc_percpu+0xa0/0x100
[ 1453.422373]  pcpu_alloc+0x7bf/0x1060
[ 1453.422412]  ? kmalloc_array+0x23/0x23
[ 1453.422440]  percpu_ref_init+0x31/0x3d0
[ 1453.422479]  io_rsrc_node_switch_start.part.0+0x6a/0x240
[ 1453.422511]  io_uring_setup.cold+0x1daa/0x271c
[ 1453.422549]  ? io_sqe_files_register+0x230/0x230
[ 1453.422601]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1453.422640]  do_syscall_64+0x3b/0x90
[ 1453.422664]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1453.422693] RIP: 0033:0x7f011e7ddb19
[ 1453.422709] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1453.422728] RSP: 002b:00007f011bd53108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1453.422749] RAX: ffffffffffffffda RBX: 00007f011e8f0f60 RCX: 00007f011e7ddb19
[ 1453.422763] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1453.422776] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1453.422789] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1453.422801] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1453.422838]  </TASK>
[ 1453.463331] FAULT_INJECTION: forcing a failure.
[ 1453.463331] name failslab, interval 1, probability 0, space 0, times 0
[ 1453.463363] CPU: 1 PID: 6663 Comm: syz-executor.2 Not tainted 5.18.0-rc4-next-20220427 #1
19:34:29 executing program 7:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0x1278)

[ 1453.463387] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1453.463400] Call Trace:
[ 1453.463405]  <TASK>
[ 1453.463412]  dump_stack_lvl+0x8b/0xb3
[ 1453.463444]  should_fail.cold+0x5/0xa
[ 1453.463466]  ? create_object.isra.0+0x3a/0xa20
[ 1453.463500]  should_failslab+0x5/0x10
[ 1453.463528]  kmem_cache_alloc+0x5b/0x480
[ 1453.463556]  create_object.isra.0+0x3a/0xa20
[ 1453.463593]  kmemleak_alloc_percpu+0xa0/0x100
[ 1453.463633]  pcpu_alloc+0x7bf/0x1060
[ 1453.463673]  ? kmalloc_array+0x23/0x23
[ 1453.463700]  percpu_ref_init+0x31/0x3d0
[ 1453.463740]  io_rsrc_node_switch_start.part.0+0x6a/0x240
[ 1453.463771]  io_uring_setup.cold+0x1daa/0x271c
19:34:29 executing program 5:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40a1c1, 0x0)
ioctl$CDROMRESET(r0, 0x5312)
r1 = openat$null(0xffffffffffffff9c, &(0x7f0000000040), 0x4000, 0x0)
write(r1, &(0x7f0000000080)="f49660f4ece88a37f87123b112f714152aac06c5084dc8942a30f3ce4ab11e92df6dba2b17ae023557fceed3d10bb55d335b917cb730f7e1dc2ce4a3b9ba7aabb484c0121ea6fd9b8686f00b07266d0ddcdf1989947f1b9b1c3b4351fa67cd75e838003196a3d4ca01bb28f82c28b3b052ad87644be573f7bddf1bf389b984dd0333d88b1a5322f342360ee9bee52dfb961769856f784f25fc298642a9cb3737f991c3f1997c2768bf0232fc0f9492aa8d692d2f95981ea5aa3fb9b189805086a870dd45b34f5bd1e939679bdf3fd9ed0d", 0xd1)

19:34:29 executing program 6:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 19)

[ 1453.463810]  ? io_sqe_files_register+0x230/0x230
[ 1453.463861]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1453.463901]  do_syscall_64+0x3b/0x90
19:34:29 executing program 1:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), 0x0)

19:34:29 executing program 2:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 19)

19:34:29 executing program 4:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000080)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r1 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[])
r2 = openat(r1, &(0x7f0000000180)='./file0\x00', 0x101042, 0x2500)
write(r2, &(0x7f0000000080)="01", 0xffff8000)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
io_submit(0x0, 0x1, &(0x7f0000001340)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x2}])
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f00000006c0)={<r4=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(0xffffffffffffffff, 0xc0182101, &(0x7f0000000740)={r4, 0x37, 0x9})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000000)={r4, 0x0, r0, 0xffffff80, 0x80000})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000200)={0x0, 0x0, 0xffffffffffffffff, 0x0, 0xfe7})

[ 1453.463925]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1453.463959] RIP: 0033:0x7f4ea96a2b19
[ 1453.463975] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
19:34:29 executing program 0:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, 0x0, &(0x7f0000000240))

19:34:29 executing program 3:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)=<r2=>0x0)
r3 = creat(&(0x7f0000000380)='./file1\x00', 0x0)
r4 = syz_io_uring_setup(0x1, 0x0, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140))
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
r6 = syz_io_uring_setup(0x76e7, &(0x7f0000000340), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000280), &(0x7f00000003c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0xa, 0x0, r5)
syz_io_uring_submit(0x0, r2, &(0x7f00000003c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x4, 0x0, @fd=r3, 0xfffffffffffffff9, 0x0, 0xf690, 0x0, 0x0, {0x0, r5}}, 0x1000)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
fchmodat(r7, &(0x7f0000000180)='./file0\x00', 0x4)
r8 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r9 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r9, r8, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r7, 0x5206, &(0x7f0000000480))

[ 1453.463994] RSP: 002b:00007f4ea6c18108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1453.464015] RAX: ffffffffffffffda RBX: 00007f4ea97b5f60 RCX: 00007f4ea96a2b19
[ 1453.464029] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1453.464042] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1453.464056] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1453.464070] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1453.464108]  </TASK>
[ 1453.762399] FAULT_INJECTION: forcing a failure.
[ 1453.762399] name failslab, interval 1, probability 0, space 0, times 0
[ 1453.762460] CPU: 0 PID: 6690 Comm: syz-executor.2 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1453.762484] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1453.762498] Call Trace:
[ 1453.762504]  <TASK>
[ 1453.762512]  dump_stack_lvl+0x8b/0xb3
[ 1453.762545]  should_fail.cold+0x5/0xa
[ 1453.762567]  ? create_object.isra.0+0x3a/0xa20
[ 1453.762602]  should_failslab+0x5/0x10
[ 1453.762630]  kmem_cache_alloc+0x5b/0x480
[ 1453.762658]  create_object.isra.0+0x3a/0xa20
[ 1453.762695]  kmemleak_alloc_percpu+0xa0/0x100
[ 1453.762735]  pcpu_alloc+0x7bf/0x1060
[ 1453.762775]  ? kmalloc_array+0x23/0x23
[ 1453.762802]  percpu_ref_init+0x31/0x3d0
[ 1453.762847]  io_rsrc_node_switch_start.part.0+0x6a/0x240
[ 1453.762883]  io_uring_setup.cold+0x1daa/0x271c
[ 1453.762922]  ? io_sqe_files_register+0x230/0x230
[ 1453.762974]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1453.763014]  do_syscall_64+0x3b/0x90
[ 1453.763037]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1453.763066] RIP: 0033:0x7f4ea96a2b19
[ 1453.763083] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
19:34:29 executing program 5:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
signalfd(r0, &(0x7f0000000040)={[0xfffe]}, 0x8)
ioctl$CDROMRESET(r0, 0x5312)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x149802, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'rose0\x00'})
pwritev2(r1, &(0x7f0000000600)=[{&(0x7f00000000c0)="7d6d540c10037b9b35480d310900", 0xe}, {0x0}], 0x2, 0x0, 0x0, 0x0)
ioctl$AUTOFS_IOC_EXPIRE(r1, 0x810c9365, &(0x7f0000000080)={{0x6b0}, 0x100, './file0\x00'})

[ 1453.763102] RSP: 002b:00007f4ea6c18108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1453.763124] RAX: ffffffffffffffda RBX: 00007f4ea97b5f60 RCX: 00007f4ea96a2b19
[ 1453.763137] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
19:34:30 executing program 7:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0x1279)

19:34:30 executing program 4:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000080)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r1 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[])
r2 = openat(r1, &(0x7f0000000180)='./file0\x00', 0x101042, 0x2500)
write(r2, &(0x7f0000000080)="01", 0xffff8000)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
io_submit(0x0, 0x1, &(0x7f0000001340)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x2}])
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f00000006c0)={<r4=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(0xffffffffffffffff, 0xc0182101, &(0x7f0000000740)={r4, 0x37, 0x9})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000000)={r4, 0x0, r0, 0xffffff80, 0x80000})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000200)={0x0, 0x0, 0xffffffffffffffff, 0x0, 0xfe7})

[ 1453.763150] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1453.763163] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1453.763175] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1453.763212]  </TASK>
[ 1453.779582] FAULT_INJECTION: forcing a failure.
[ 1453.779582] name failslab, interval 1, probability 0, space 0, times 0
[ 1453.779616] CPU: 1 PID: 6688 Comm: syz-executor.6 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1453.779640] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1453.779654] Call Trace:
[ 1453.779660]  <TASK>
[ 1453.779668]  dump_stack_lvl+0x8b/0xb3
[ 1453.779702]  should_fail.cold+0x5/0xa
19:34:30 executing program 1:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), 0x0)

[ 1453.779725]  ? create_object.isra.0+0x3a/0xa20
[ 1453.779760]  should_failslab+0x5/0x10
[ 1453.779790]  kmem_cache_alloc+0x5b/0x480
[ 1453.779818]  create_object.isra.0+0x3a/0xa20
[ 1453.779855]  kmemleak_alloc_percpu+0xa0/0x100
[ 1453.779896]  pcpu_alloc+0x7bf/0x1060
[ 1453.779941]  ? kmalloc_array+0x23/0x23
[ 1453.779970]  percpu_ref_init+0x31/0x3d0
[ 1453.780010]  io_rsrc_node_switch_start.part.0+0x6a/0x240
[ 1453.780042]  io_uring_setup.cold+0x1daa/0x271c
[ 1453.780081]  ? io_sqe_files_register+0x230/0x230
[ 1453.780133]  ? syscall_enter_from_user_mode+0x1d/0x50
19:34:30 executing program 0:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), 0x0)

[ 1453.780173]  do_syscall_64+0x3b/0x90
[ 1453.780197]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1453.780226] RIP: 0033:0x7f011e7ddb19
[ 1453.780244] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1453.780264] RSP: 002b:00007f011bd53108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1453.780285] RAX: ffffffffffffffda RBX: 00007f011e8f0f60 RCX: 00007f011e7ddb19
[ 1453.780299] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1453.780312] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1453.780325] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1453.780338] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1453.780374]  </TASK>
[ 1467.110126] kmemleak: 4 new suspected memory leaks (see /sys/kernel/debug/kmemleak)
19:34:50 executing program 2:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 20)

[ 1474.095274] FAULT_INJECTION: forcing a failure.
[ 1474.095274] name failslab, interval 1, probability 0, space 0, times 0
[ 1474.095296] CPU: 0 PID: 6721 Comm: syz-executor.2 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1474.095309] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1474.095317] Call Trace:
[ 1474.095320]  <TASK>
[ 1474.095325]  dump_stack_lvl+0x8b/0xb3
[ 1474.095345]  should_fail.cold+0x5/0xa
[ 1474.095357]  ? percpu_ref_init+0xdb/0x3d0
[ 1474.095377]  should_failslab+0x5/0x10
[ 1474.095394]  kmem_cache_alloc_trace+0x55/0x3c0
[ 1474.095409]  ? kmalloc_array+0x23/0x23
[ 1474.095424]  percpu_ref_init+0xdb/0x3d0
[ 1474.095444]  io_rsrc_node_switch_start.part.0+0x6a/0x240
19:34:50 executing program 0:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), 0x0)

19:34:50 executing program 3:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)=<r2=>0x0)
r3 = creat(&(0x7f0000000380)='./file1\x00', 0x0)
r4 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, 0x0, &(0x7f0000000140))
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
r6 = syz_io_uring_setup(0x76e7, &(0x7f0000000340), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000280), &(0x7f00000003c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0xa, 0x0, r5)
syz_io_uring_submit(0x0, r2, &(0x7f00000003c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x4, 0x0, @fd=r3, 0xfffffffffffffff9, 0x0, 0xf690, 0x0, 0x0, {0x0, r5}}, 0x1000)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
fchmodat(r7, &(0x7f0000000180)='./file0\x00', 0x4)
r8 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r9 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r9, r8, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r7, 0x5206, &(0x7f0000000480))

19:34:50 executing program 4:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000080)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r1 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[])
r2 = openat(r1, &(0x7f0000000180)='./file0\x00', 0x101042, 0x2500)
write(r2, &(0x7f0000000080)="01", 0xffff8000)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
io_submit(0x0, 0x1, &(0x7f0000001340)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x2}])
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f00000006c0)={<r4=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(0xffffffffffffffff, 0xc0182101, &(0x7f0000000740)={r4, 0x37, 0x9})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000000)={r4, 0x0, r0, 0xffffff80, 0x80000})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000200)={0x0, 0x0, 0xffffffffffffffff, 0x0, 0xfe7})

19:34:50 executing program 5:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x151040, 0x0)
ioctl$CDROMRESET(r0, 0x5312)
ioctl$BLKZEROOUT(r0, 0x127f, &(0x7f0000000040)={0x100, 0x100000001})

19:34:50 executing program 7:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0x127a)

19:34:50 executing program 6:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 20)

19:34:50 executing program 1:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000080)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r1 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[])
r2 = openat(r1, &(0x7f0000000180)='./file0\x00', 0x101042, 0x2500)
write(r2, &(0x7f0000000080)="01", 0xffff8000)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
io_submit(0x0, 0x1, &(0x7f0000001340)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x2}])
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f00000006c0)={<r4=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(0xffffffffffffffff, 0xc0182101, &(0x7f0000000740)={r4, 0x37, 0x9})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000000)={r4, 0x0, r0, 0xffffff80, 0x80000})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000200)={0x0, 0x0, 0xffffffffffffffff, 0x0, 0xfe7})

[ 1474.095462]  io_uring_setup.cold+0x1daa/0x271c
[ 1474.095482]  ? io_sqe_files_register+0x230/0x230
[ 1474.095515]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1474.095539]  do_syscall_64+0x3b/0x90
[ 1474.095552]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1474.095568] RIP: 0033:0x7f4ea96a2b19
[ 1474.095577] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1474.095588] RSP: 002b:00007f4ea6c18108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1474.095599] RAX: ffffffffffffffda RBX: 00007f4ea97b5f60 RCX: 00007f4ea96a2b19
[ 1474.095607] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1474.095614] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1474.095620] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1474.095627] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1474.095647]  </TASK>
[ 1474.160201] FAULT_INJECTION: forcing a failure.
[ 1474.160201] name failslab, interval 1, probability 0, space 0, times 0
[ 1474.160226] CPU: 0 PID: 6731 Comm: syz-executor.6 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1474.160239] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1474.160247] Call Trace:
[ 1474.160250]  <TASK>
[ 1474.160255]  dump_stack_lvl+0x8b/0xb3
[ 1474.160276]  should_fail.cold+0x5/0xa
[ 1474.160288]  ? percpu_ref_init+0xdb/0x3d0
[ 1474.160311]  should_failslab+0x5/0x10
[ 1474.160328]  kmem_cache_alloc_trace+0x55/0x3c0
[ 1474.160343]  ? kmalloc_array+0x23/0x23
[ 1474.160358]  percpu_ref_init+0xdb/0x3d0
[ 1474.160381]  io_rsrc_node_switch_start.part.0+0x6a/0x240
[ 1474.160399]  io_uring_setup.cold+0x1daa/0x271c
[ 1474.160420]  ? io_sqe_files_register+0x230/0x230
[ 1474.160449]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1474.160472]  do_syscall_64+0x3b/0x90
[ 1474.160485]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1474.160501] RIP: 0033:0x7f011e7ddb19
[ 1474.160510] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1474.160522] RSP: 002b:00007f011bd53108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1474.160535] RAX: ffffffffffffffda RBX: 00007f011e8f0f60 RCX: 00007f011e7ddb19
[ 1474.160543] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1474.160550] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1474.160557] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1474.160564] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1474.160583]  </TASK>
[ 1487.135515] kmemleak: 4 new suspected memory leaks (see /sys/kernel/debug/kmemleak)
19:35:11 executing program 3:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)=<r2=>0x0)
r3 = creat(&(0x7f0000000380)='./file1\x00', 0x0)
r4 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, 0x0, &(0x7f0000000140))
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
r6 = syz_io_uring_setup(0x76e7, &(0x7f0000000340), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000280), &(0x7f00000003c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0xa, 0x0, r5)
syz_io_uring_submit(0x0, r2, &(0x7f00000003c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x4, 0x0, @fd=r3, 0xfffffffffffffff9, 0x0, 0xf690, 0x0, 0x0, {0x0, r5}}, 0x1000)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
fchmodat(r7, &(0x7f0000000180)='./file0\x00', 0x4)
r8 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r9 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r9, r8, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r7, 0x5206, &(0x7f0000000480))

19:35:11 executing program 4:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000080)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r1 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[])
r2 = openat(r1, &(0x7f0000000180)='./file0\x00', 0x101042, 0x2500)
write(r2, &(0x7f0000000080)="01", 0xffff8000)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
io_submit(0x0, 0x1, &(0x7f0000001340)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x2}])
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f00000006c0)={<r4=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r3, 0xc0182101, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000000)={r4, 0x0, r0, 0xffffff80, 0x80000})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000200)={0x0, 0x0, 0xffffffffffffffff, 0x0, 0xfe7})

19:35:11 executing program 6:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 21)

19:35:11 executing program 5:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000040), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0x5312)

19:35:11 executing program 0:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), 0x0)

19:35:11 executing program 7:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0x127b)

19:35:11 executing program 2:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 21)

19:35:11 executing program 1:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)=<r2=>0x0)
r3 = creat(&(0x7f0000000380)='./file1\x00', 0x0)
r4 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, 0x0, &(0x7f0000000140))
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
r6 = syz_io_uring_setup(0x76e7, &(0x7f0000000340), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000280), &(0x7f00000003c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0xa, 0x0, r5)
syz_io_uring_submit(0x0, r2, &(0x7f00000003c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x4, 0x0, @fd=r3, 0xfffffffffffffff9, 0x0, 0xf690, 0x0, 0x0, {0x0, r5}}, 0x1000)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
fchmodat(r7, &(0x7f0000000180)='./file0\x00', 0x4)
r8 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r9 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r9, r8, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r7, 0x5206, &(0x7f0000000480))

[ 1495.079463] FAULT_INJECTION: forcing a failure.
[ 1495.079463] name failslab, interval 1, probability 0, space 0, times 0
[ 1495.079484] CPU: 1 PID: 6752 Comm: syz-executor.2 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1495.079501] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1495.079509] Call Trace:
[ 1495.079512]  <TASK>
[ 1495.079517]  dump_stack_lvl+0x8b/0xb3
[ 1495.079537]  should_fail.cold+0x5/0xa
[ 1495.079549]  ? create_object.isra.0+0x3a/0xa20
[ 1495.079568]  should_failslab+0x5/0x10
[ 1495.079585]  kmem_cache_alloc+0x5b/0x480
[ 1495.079601]  create_object.isra.0+0x3a/0xa20
[ 1495.079616]  ? kasan_unpoison+0x23/0x50
[ 1495.079634]  kmem_cache_alloc_trace+0x22e/0x3c0
19:35:11 executing program 0:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)=<r2=>0x0)
r3 = creat(0x0, 0x0)
r4 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140))
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
r6 = syz_io_uring_setup(0x76e7, &(0x7f0000000340), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000280), &(0x7f00000003c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0xa, 0x0, r5)
syz_io_uring_submit(0x0, r2, &(0x7f00000003c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x4, 0x0, @fd=r3, 0xfffffffffffffff9, 0x0, 0xf690, 0x0, 0x0, {0x0, r5}}, 0x1000)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
fchmodat(r7, &(0x7f0000000180)='./file0\x00', 0x4)
r8 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r9 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r9, r8, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r7, 0x5206, &(0x7f0000000480))

[ 1495.079647]  ? kmalloc_array+0x23/0x23
[ 1495.079663]  percpu_ref_init+0xdb/0x3d0
[ 1495.079684]  io_rsrc_node_switch_start.part.0+0x6a/0x240
[ 1495.079702]  io_uring_setup.cold+0x1daa/0x271c
[ 1495.079723]  ? io_sqe_files_register+0x230/0x230
[ 1495.079752]  ? syscall_enter_from_user_mode+0x1d/0x50
19:35:11 executing program 2:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 22)

[ 1495.079774]  do_syscall_64+0x3b/0x90
[ 1495.079787]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1495.079803] RIP: 0033:0x7f4ea96a2b19
19:35:11 executing program 1:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240))

[ 1495.079812] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1495.079823] RSP: 002b:00007f4ea6c18108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
19:35:11 executing program 3:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)=<r2=>0x0)
r3 = creat(&(0x7f0000000380)='./file1\x00', 0x0)
r4 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, 0x0, &(0x7f0000000140))
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
r6 = syz_io_uring_setup(0x76e7, &(0x7f0000000340), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000280), &(0x7f00000003c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0xa, 0x0, r5)
syz_io_uring_submit(0x0, r2, &(0x7f00000003c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x4, 0x0, @fd=r3, 0xfffffffffffffff9, 0x0, 0xf690, 0x0, 0x0, {0x0, r5}}, 0x1000)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
fchmodat(r7, &(0x7f0000000180)='./file0\x00', 0x4)
r8 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r9 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r9, r8, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r7, 0x5206, &(0x7f0000000480))

[ 1495.079835] RAX: ffffffffffffffda RBX: 00007f4ea97b5f60 RCX: 00007f4ea96a2b19
[ 1495.079843] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
19:35:11 executing program 4:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000080)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r1 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[])
r2 = openat(r1, &(0x7f0000000180)='./file0\x00', 0x101042, 0x2500)
write(r2, &(0x7f0000000080)="01", 0xffff8000)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
io_submit(0x0, 0x1, &(0x7f0000001340)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x2}])
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f00000006c0)={<r4=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r3, 0xc0182101, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000000)={r4, 0x0, r0, 0xffffff80, 0x80000})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000200)={0x0, 0x0, 0xffffffffffffffff, 0x0, 0xfe7})

[ 1495.079850] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
19:35:11 executing program 5:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0x5312)
ioctl$F2FS_IOC_RELEASE_COMPRESS_BLOCKS(r0, 0x8008f512, &(0x7f0000000040))

[ 1495.079857] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1495.079864] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1495.079883]  </TASK>
19:35:11 executing program 7:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0x127c)

[ 1495.105449] FAULT_INJECTION: forcing a failure.
[ 1495.105449] name failslab, interval 1, probability 0, space 0, times 0
[ 1495.105483] CPU: 0 PID: 6747 Comm: syz-executor.6 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1495.105507] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1495.105521] Call Trace:
[ 1495.105527]  <TASK>
19:35:11 executing program 6:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 22)

[ 1495.105534]  dump_stack_lvl+0x8b/0xb3
[ 1495.105570]  should_fail.cold+0x5/0xa
[ 1495.105595]  ? create_object.isra.0+0x3a/0xa20
[ 1495.105632]  should_failslab+0x5/0x10
19:35:11 executing program 0:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000080)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r1 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[])
r2 = openat(r1, &(0x7f0000000180)='./file0\x00', 0x101042, 0x2500)
write(r2, &(0x7f0000000080)="01", 0xffff8000)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
io_submit(0x0, 0x1, &(0x7f0000001340)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x2}])
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f00000006c0)={<r4=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r3, 0xc0182101, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000000)={r4, 0x0, r0, 0xffffff80, 0x80000})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000200)={0x0, 0x0, 0xffffffffffffffff, 0x0, 0xfe7})

[ 1495.105661]  kmem_cache_alloc+0x5b/0x480
[ 1495.105690]  create_object.isra.0+0x3a/0xa20
[ 1495.105718]  ? kasan_unpoison+0x23/0x50
[ 1495.105751]  kmem_cache_alloc_trace+0x22e/0x3c0
[ 1495.105777]  ? kmalloc_array+0x23/0x23
[ 1495.105804]  percpu_ref_init+0xdb/0x3d0
[ 1495.105844]  io_rsrc_node_switch_start.part.0+0x6a/0x240
[ 1495.105877]  io_uring_setup.cold+0x1daa/0x271c
[ 1495.105916]  ? io_sqe_files_register+0x230/0x230
[ 1495.105978]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1495.106019]  do_syscall_64+0x3b/0x90
[ 1495.106043]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1495.106072] RIP: 0033:0x7f011e7ddb19
[ 1495.106089] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
19:35:11 executing program 4:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000080)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r1 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[])
r2 = openat(r1, &(0x7f0000000180)='./file0\x00', 0x101042, 0x2500)
write(r2, &(0x7f0000000080)="01", 0xffff8000)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
io_submit(0x0, 0x1, &(0x7f0000001340)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x2}])
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f00000006c0)={<r4=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r3, 0xc0182101, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000000)={r4, 0x0, r0, 0xffffff80, 0x80000})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000200)={0x0, 0x0, 0xffffffffffffffff, 0x0, 0xfe7})

[ 1495.106109] RSP: 002b:00007f011bd53108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
19:35:11 executing program 7:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0x127d)

19:35:11 executing program 3:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)=<r2=>0x0)
r3 = creat(&(0x7f0000000380)='./file1\x00', 0x0)
r4 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), 0x0)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
r6 = syz_io_uring_setup(0x76e7, &(0x7f0000000340), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000280), &(0x7f00000003c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0xa, 0x0, r5)
syz_io_uring_submit(0x0, r2, &(0x7f00000003c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x4, 0x0, @fd=r3, 0xfffffffffffffff9, 0x0, 0xf690, 0x0, 0x0, {0x0, r5}}, 0x1000)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
fchmodat(r7, &(0x7f0000000180)='./file0\x00', 0x4)
r8 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r9 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r9, r8, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r7, 0x5206, &(0x7f0000000480))

[ 1495.106130] RAX: ffffffffffffffda RBX: 00007f011e8f0f60 RCX: 00007f011e7ddb19
[ 1495.106144] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1495.106157] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1495.106170] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1495.106183] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1495.106220]  </TASK>
[ 1495.317331] FAULT_INJECTION: forcing a failure.
[ 1495.317331] name fail_usercopy, interval 1, probability 0, space 0, times 0
19:35:11 executing program 5:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0xc0, 0x0)
ioctl$CDROMRESET(r0, 0x5312)

[ 1495.317352] CPU: 1 PID: 6773 Comm: syz-executor.6 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1495.317364] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1495.317373] Call Trace:
[ 1495.317376]  <TASK>
[ 1495.317381]  dump_stack_lvl+0x8b/0xb3
[ 1495.317400]  should_fail.cold+0x5/0xa
[ 1495.317415]  _copy_to_user+0x2a/0x140
[ 1495.317430]  io_uring_setup.cold+0x17c2/0x271c
[ 1495.317452]  ? io_sqe_files_register+0x230/0x230
[ 1495.317482]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1495.317507]  do_syscall_64+0x3b/0x90
[ 1495.317521]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1495.317537] RIP: 0033:0x7f011e7ddb19
[ 1495.317546] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1495.317557] RSP: 002b:00007f011bd53108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1495.317569] RAX: ffffffffffffffda RBX: 00007f011e8f0f60 RCX: 00007f011e7ddb19
[ 1495.317576] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1495.317583] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1495.317590] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1495.317597] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1495.317616]  </TASK>
[ 1495.318073] FAULT_INJECTION: forcing a failure.
[ 1495.318073] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1495.318106] CPU: 0 PID: 6769 Comm: syz-executor.2 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1495.318130] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1495.318144] Call Trace:
[ 1495.318149]  <TASK>
[ 1495.318157]  dump_stack_lvl+0x8b/0xb3
[ 1495.318190]  should_fail.cold+0x5/0xa
[ 1495.318217]  _copy_to_user+0x2a/0x140
[ 1495.318243]  io_uring_setup.cold+0x17c2/0x271c
[ 1495.318283]  ? io_sqe_files_register+0x230/0x230
[ 1495.318337]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1495.318378]  do_syscall_64+0x3b/0x90
[ 1495.318403]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1495.318433] RIP: 0033:0x7f4ea96a2b19
[ 1495.318449] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1495.318469] RSP: 002b:00007f4ea6c18108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1495.318490] RAX: ffffffffffffffda RBX: 00007f4ea97b5f60 RCX: 00007f4ea96a2b19
[ 1495.318504] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1495.318517] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1495.318530] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1495.318549] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1495.318585]  </TASK>
[ 1509.370327] kmemleak: 4 new suspected memory leaks (see /sys/kernel/debug/kmemleak)
19:35:32 executing program 6:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 23)

19:35:32 executing program 5:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/fscaps', 0x200000, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x4042, 0x0)
fcntl$dupfd(r1, 0x0, r2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000080)={{0x1, 0x1, 0x18, r2}, './file1\x00'})
openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/button', 0x442200, 0x40)
ioctl$CDROMRESET(r0, 0x5312)

19:35:32 executing program 3:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)=<r2=>0x0)
r3 = creat(&(0x7f0000000380)='./file1\x00', 0x0)
r4 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), 0x0)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
r6 = syz_io_uring_setup(0x76e7, &(0x7f0000000340), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000280), &(0x7f00000003c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0xa, 0x0, r5)
syz_io_uring_submit(0x0, r2, &(0x7f00000003c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x4, 0x0, @fd=r3, 0xfffffffffffffff9, 0x0, 0xf690, 0x0, 0x0, {0x0, r5}}, 0x1000)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
fchmodat(r7, &(0x7f0000000180)='./file0\x00', 0x4)
r8 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r9 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r9, r8, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r7, 0x5206, &(0x7f0000000480))

19:35:32 executing program 4:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000080)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r1 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[])
r2 = openat(r1, &(0x7f0000000180)='./file0\x00', 0x101042, 0x2500)
write(r2, &(0x7f0000000080)="01", 0xffff8000)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
io_submit(0x0, 0x1, &(0x7f0000001340)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x2}])
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f00000006c0)={<r4=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r3, 0xc0182101, &(0x7f0000000740)={0x0, 0x37, 0x9})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000000)={r4, 0x0, r0, 0xffffff80, 0x80000})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000200)={0x0, 0x0, 0xffffffffffffffff, 0x0, 0xfe7})

19:35:32 executing program 0:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)=<r2=>0x0)
r3 = creat(0x0, 0x0)
r4 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140))
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
r6 = syz_io_uring_setup(0x76e7, &(0x7f0000000340), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000280), &(0x7f00000003c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0xa, 0x0, r5)
syz_io_uring_submit(0x0, r2, &(0x7f00000003c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x4, 0x0, @fd=r3, 0xfffffffffffffff9, 0x0, 0xf690, 0x0, 0x0, {0x0, r5}}, 0x1000)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
fchmodat(r7, &(0x7f0000000180)='./file0\x00', 0x4)
r8 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r9 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r9, r8, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r7, 0x5206, &(0x7f0000000480))

19:35:32 executing program 2:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 23)

19:35:32 executing program 7:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0x127e)

19:35:32 executing program 1:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000080)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r1 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[])
r2 = openat(r1, &(0x7f0000000180)='./file0\x00', 0x101042, 0x2500)
write(r2, &(0x7f0000000080)="01", 0xffff8000)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
io_submit(0x0, 0x0, &(0x7f0000001340))
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f00000006c0)={<r4=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r3, 0xc0182101, &(0x7f0000000740)={r4, 0x37, 0x9})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000000)={r4, 0x0, r0, 0xffffff80, 0x80000})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000200)={0x0, 0x0, 0xffffffffffffffff, 0x0, 0xfe7})

[ 1516.392392] FAULT_INJECTION: forcing a failure.
[ 1516.392392] name failslab, interval 1, probability 0, space 0, times 0
[ 1516.392413] CPU: 0 PID: 6793 Comm: syz-executor.2 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1516.392427] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1516.392435] Call Trace:
[ 1516.392439]  <TASK>
[ 1516.392443]  dump_stack_lvl+0x8b/0xb3
[ 1516.392466]  should_fail.cold+0x5/0xa
[ 1516.392481]  should_failslab+0x5/0x10
[ 1516.392498]  kmem_cache_alloc_lru+0x60/0x7c0
[ 1516.392510]  ? sock_alloc_inode+0x23/0x1d0
[ 1516.392522]  ? selinux_inet_conn_request+0x2a0/0x2a0
[ 1516.392543]  sock_alloc_inode+0x23/0x1d0
[ 1516.392554]  ? sock_free_inode+0x20/0x20
[ 1516.392565]  alloc_inode+0x63/0x240
[ 1516.392582]  new_inode_pseudo+0x14/0xe0
[ 1516.392600]  sock_alloc+0x3c/0x260
[ 1516.392613]  __sock_create+0xb9/0x750
[ 1516.392631]  io_uring_setup.cold+0x1e6d/0x271c
[ 1516.392653]  ? io_sqe_files_register+0x230/0x230
[ 1516.392682]  ? syscall_enter_from_user_mode+0x1d/0x50
19:35:32 executing program 1:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100), 0x0)
r2 = creat(&(0x7f0000000380)='./file1\x00', 0x0)
r3 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140))
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r3, 0x9, 0x0, 0x0)
r5 = syz_io_uring_setup(0x76e7, &(0x7f0000000340), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000280), &(0x7f00000003c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r5, 0xa, 0x0, r4)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000003c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x4, 0x0, @fd=r2, 0xfffffffffffffff9, 0x0, 0xf690, 0x0, 0x0, {0x0, r4}}, 0x1000)
r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
fchmodat(r6, &(0x7f0000000180)='./file0\x00', 0x4)
r7 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r8 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r8, r7, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r6, 0x5206, &(0x7f0000000480))

[ 1516.392705]  do_syscall_64+0x3b/0x90
[ 1516.392718]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1516.392735] RIP: 0033:0x7f4ea96a2b19
[ 1516.392744] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1516.392755] RSP: 002b:00007f4ea6c18108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1516.392766] RAX: ffffffffffffffda RBX: 00007f4ea97b5f60 RCX: 00007f4ea96a2b19
[ 1516.392774] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1516.392782] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1516.392789] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1516.392796] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1516.392815]  </TASK>
[ 1516.392985] socket: no more sockets
[ 1516.434653] FAULT_INJECTION: forcing a failure.
[ 1516.434653] name failslab, interval 1, probability 0, space 0, times 0
[ 1516.434673] CPU: 0 PID: 6801 Comm: syz-executor.6 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1516.434686] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1516.434694] Call Trace:
[ 1516.434697]  <TASK>
[ 1516.434702]  dump_stack_lvl+0x8b/0xb3
[ 1516.434721]  should_fail.cold+0x5/0xa
[ 1516.434736]  should_failslab+0x5/0x10
[ 1516.434758]  kmem_cache_alloc_lru+0x60/0x7c0
[ 1516.434771]  ? sock_alloc_inode+0x23/0x1d0
[ 1516.434786]  ? selinux_inet_conn_request+0x2a0/0x2a0
[ 1516.434817]  sock_alloc_inode+0x23/0x1d0
[ 1516.434849]  ? sock_free_inode+0x20/0x20
[ 1516.434881]  alloc_inode+0x63/0x240
[ 1516.434931]  new_inode_pseudo+0x14/0xe0
[ 1516.434981]  sock_alloc+0x3c/0x260
[ 1516.435013]  __sock_create+0xb9/0x750
[ 1516.435055]  io_uring_setup.cold+0x1e6d/0x271c
[ 1516.435093]  ? io_sqe_files_register+0x230/0x230
[ 1516.435122]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1516.435145]  do_syscall_64+0x3b/0x90
[ 1516.435158]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1516.435190] RIP: 0033:0x7f011e7ddb19
[ 1516.435199] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1516.435211] RSP: 002b:00007f011bd53108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
19:35:32 executing program 2:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 24)

[ 1516.435222] RAX: ffffffffffffffda RBX: 00007f011e8f0f60 RCX: 00007f011e7ddb19
[ 1516.435230] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1516.435237] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1516.435244] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1516.435252] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1516.435271]  </TASK>
[ 1516.435355] socket: no more sockets
19:35:32 executing program 0:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0x1260)

19:35:32 executing program 6:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 24)

19:35:32 executing program 4:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000080)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r1 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[])
r2 = openat(r1, &(0x7f0000000180)='./file0\x00', 0x101042, 0x2500)
write(r2, &(0x7f0000000080)="01", 0xffff8000)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
io_submit(0x0, 0x1, &(0x7f0000001340)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x2}])
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f00000006c0)={<r4=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r3, 0xc0182101, &(0x7f0000000740)={0x0, 0x37, 0x9})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000000)={r4, 0x0, r0, 0xffffff80, 0x80000})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000200)={0x0, 0x0, 0xffffffffffffffff, 0x0, 0xfe7})

19:35:32 executing program 7:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0x127f)

19:35:32 executing program 5:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0x5312)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/fscaps', 0x200000, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x4042, 0x0)
fcntl$dupfd(r1, 0x0, r2)
ioctl$CDROM_LAST_WRITTEN(r2, 0x5395, &(0x7f0000000040))

19:35:32 executing program 3:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)=<r2=>0x0)
r3 = creat(&(0x7f0000000380)='./file1\x00', 0x0)
r4 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), 0x0)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
r6 = syz_io_uring_setup(0x76e7, &(0x7f0000000340), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000280), &(0x7f00000003c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0xa, 0x0, r5)
syz_io_uring_submit(0x0, r2, &(0x7f00000003c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x4, 0x0, @fd=r3, 0xfffffffffffffff9, 0x0, 0xf690, 0x0, 0x0, {0x0, r5}}, 0x1000)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
fchmodat(r7, &(0x7f0000000180)='./file0\x00', 0x4)
r8 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r9 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r9, r8, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r7, 0x5206, &(0x7f0000000480))

[ 1516.638995] FAULT_INJECTION: forcing a failure.
[ 1516.638995] name failslab, interval 1, probability 0, space 0, times 0
[ 1516.639028] CPU: 0 PID: 6812 Comm: syz-executor.6 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1516.639052] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1516.639066] Call Trace:
[ 1516.639071]  <TASK>
[ 1516.639079]  dump_stack_lvl+0x8b/0xb3
[ 1516.639111]  should_fail.cold+0x5/0xa
[ 1516.639133]  ? create_object.isra.0+0x3a/0xa20
[ 1516.639181]  should_failslab+0x5/0x10
[ 1516.639210]  kmem_cache_alloc+0x5b/0x480
[ 1516.639239]  create_object.isra.0+0x3a/0xa20
[ 1516.639267]  ? kasan_unpoison+0x23/0x50
[ 1516.639300]  kmem_cache_alloc_lru+0x2d3/0x7c0
[ 1516.639319]  ? sock_alloc_inode+0x23/0x1d0
[ 1516.639351]  sock_alloc_inode+0x23/0x1d0
[ 1516.639371]  ? sock_free_inode+0x20/0x20
[ 1516.639390]  alloc_inode+0x63/0x240
[ 1516.639421]  new_inode_pseudo+0x14/0xe0
[ 1516.639453]  sock_alloc+0x3c/0x260
[ 1516.639476]  __sock_create+0xb9/0x750
[ 1516.639509]  io_uring_setup.cold+0x1e6d/0x271c
[ 1516.639548]  ? io_sqe_files_register+0x230/0x230
[ 1516.639602]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1516.639643]  do_syscall_64+0x3b/0x90
[ 1516.639667]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1516.639696] RIP: 0033:0x7f011e7ddb19
[ 1516.639712] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1516.639732] RSP: 002b:00007f011bd53108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1516.639753] RAX: ffffffffffffffda RBX: 00007f011e8f0f60 RCX: 00007f011e7ddb19
[ 1516.639767] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1516.639780] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1516.639793] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1516.639806] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1516.639843]  </TASK>
[ 1516.677843] FAULT_INJECTION: forcing a failure.
[ 1516.677843] name failslab, interval 1, probability 0, space 0, times 0
[ 1516.677878] CPU: 1 PID: 6816 Comm: syz-executor.2 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1516.677902] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1516.677923] Call Trace:
[ 1516.677929]  <TASK>
[ 1516.677937]  dump_stack_lvl+0x8b/0xb3
[ 1516.677974]  should_fail.cold+0x5/0xa
[ 1516.677997]  ? create_object.isra.0+0x3a/0xa20
[ 1516.678031]  should_failslab+0x5/0x10
[ 1516.678060]  kmem_cache_alloc+0x5b/0x480
[ 1516.678088]  create_object.isra.0+0x3a/0xa20
[ 1516.678116]  ? kasan_unpoison+0x23/0x50
[ 1516.678149]  kmem_cache_alloc_lru+0x2d3/0x7c0
[ 1516.678167]  ? sock_alloc_inode+0x23/0x1d0
[ 1516.678199]  sock_alloc_inode+0x23/0x1d0
[ 1516.678218]  ? sock_free_inode+0x20/0x20
[ 1516.678237]  alloc_inode+0x63/0x240
[ 1516.678268]  new_inode_pseudo+0x14/0xe0
[ 1516.678300]  sock_alloc+0x3c/0x260
[ 1516.678323]  __sock_create+0xb9/0x750
[ 1516.678355]  io_uring_setup.cold+0x1e6d/0x271c
[ 1516.678394]  ? io_sqe_files_register+0x230/0x230
[ 1516.678447]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1516.678487]  do_syscall_64+0x3b/0x90
[ 1516.678511]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1516.678540] RIP: 0033:0x7f4ea96a2b19
[ 1516.678556] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1516.678576] RSP: 002b:00007f4ea6c18108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1516.678597] RAX: ffffffffffffffda RBX: 00007f4ea97b5f60 RCX: 00007f4ea96a2b19
[ 1516.678611] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1516.678624] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1516.678637] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1516.678649] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1516.678686]  </TASK>
[ 1529.236027] kmemleak: 4 new suspected memory leaks (see /sys/kernel/debug/kmemleak)
19:35:53 executing program 6:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 25)

19:35:53 executing program 0:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0x5312)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/fscaps', 0x200000, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x4042, 0x0)
fcntl$dupfd(r1, 0x0, r2)
ioctl$CDROM_LAST_WRITTEN(r2, 0x5395, &(0x7f0000000040))

19:35:53 executing program 3:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)=<r2=>0x0)
r3 = creat(&(0x7f0000000380)='./file1\x00', 0x0)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140))
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
r5 = syz_io_uring_setup(0x76e7, &(0x7f0000000340), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000280), &(0x7f00000003c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r5, 0xa, 0x0, r4)
syz_io_uring_submit(0x0, r2, &(0x7f00000003c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x4, 0x0, @fd=r3, 0xfffffffffffffff9, 0x0, 0xf690, 0x0, 0x0, {0x0, r4}}, 0x1000)
r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
fchmodat(r6, &(0x7f0000000180)='./file0\x00', 0x4)
r7 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r8 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r8, r7, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r6, 0x5206, &(0x7f0000000480))

19:35:53 executing program 5:
openat$sr(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/fscaps', 0x200000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x4042, 0x0)
fcntl$dupfd(r0, 0x0, r1)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/fscaps', 0x200000, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x4042, 0x0)
r4 = fcntl$dupfd(r2, 0x0, r3)
openat$sysfs(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/fscaps', 0x200000, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x4042, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(r4, 0xc020f509, &(0x7f0000000080)={r5, 0x80000000, 0x939, 0x76f9})
openat$incfs(r2, &(0x7f00000000c0)='.log\x00', 0x125000, 0xc4)
r6 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/fscaps', 0x200000, 0x0)
r7 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x4042, 0x0)
r8 = fcntl$dupfd(r6, 0x0, r7)
ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r8, 0x8010671f, &(0x7f0000000180)={&(0x7f0000000200)=""/147, 0x93})
ioctl$CDROMRESET(r6, 0x5312)
socket$inet(0x2, 0x6, 0x7)
openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x149802, 0x0)
ioctl$BTRFS_IOC_GET_SUPPORTED_FEATURES(0xffffffffffffffff, 0x80489439, &(0x7f0000000100))
openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x101c00, 0x0)

19:35:53 executing program 1:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)=<r2=>0x0)
r3 = creat(&(0x7f0000000380)='./file1\x00', 0x0)
r4 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), 0x0)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
r6 = syz_io_uring_setup(0x76e7, &(0x7f0000000340), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000280), &(0x7f00000003c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0xa, 0x0, r5)
syz_io_uring_submit(0x0, r2, &(0x7f00000003c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x4, 0x0, @fd=r3, 0xfffffffffffffff9, 0x0, 0xf690, 0x0, 0x0, {0x0, r5}}, 0x1000)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
fchmodat(r7, &(0x7f0000000180)='./file0\x00', 0x4)
r8 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r9 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r9, r8, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r7, 0x5206, &(0x7f0000000480))

19:35:53 executing program 2:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 25)

19:35:53 executing program 7:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0x2284)

19:35:53 executing program 4:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000080)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r1 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[])
r2 = openat(r1, &(0x7f0000000180)='./file0\x00', 0x101042, 0x2500)
write(r2, &(0x7f0000000080)="01", 0xffff8000)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
io_submit(0x0, 0x1, &(0x7f0000001340)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x2}])
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f00000006c0)={<r4=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r3, 0xc0182101, &(0x7f0000000740)={0x0, 0x37, 0x9})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000000)={r4, 0x0, r0, 0xffffff80, 0x80000})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000200)={0x0, 0x0, 0xffffffffffffffff, 0x0, 0xfe7})

[ 1537.091762] FAULT_INJECTION: forcing a failure.
[ 1537.091762] name failslab, interval 1, probability 0, space 0, times 0
[ 1537.091784] CPU: 0 PID: 6839 Comm: syz-executor.6 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1537.091796] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1537.091805] Call Trace:
[ 1537.091808]  <TASK>
[ 1537.091813]  dump_stack_lvl+0x8b/0xb3
[ 1537.091832]  should_fail.cold+0x5/0xa
[ 1537.091844]  ? security_inode_alloc+0x34/0x160
[ 1537.091862]  should_failslab+0x5/0x10
[ 1537.091879]  kmem_cache_alloc+0x5b/0x480
[ 1537.091894]  security_inode_alloc+0x34/0x160
[ 1537.091914]  inode_init_always+0x5d8/0xd20
[ 1537.091929]  ? __init_waitqueue_head+0x6b/0xd0
[ 1537.091949]  alloc_inode+0x84/0x240
[ 1537.091965]  new_inode_pseudo+0x14/0xe0
[ 1537.091984]  sock_alloc+0x3c/0x260
[ 1537.091998]  __sock_create+0xb9/0x750
[ 1537.092017]  io_uring_setup.cold+0x1e6d/0x271c
[ 1537.092038]  ? io_sqe_files_register+0x230/0x230
[ 1537.092067]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1537.092088]  do_syscall_64+0x3b/0x90
[ 1537.092102]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1537.092118] RIP: 0033:0x7f011e7ddb19
[ 1537.092127] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1537.092138] RSP: 002b:00007f011bd53108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1537.092150] RAX: ffffffffffffffda RBX: 00007f011e8f0f60 RCX: 00007f011e7ddb19
[ 1537.092157] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1537.092164] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1537.092171] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1537.092178] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1537.092197]  </TASK>
[ 1537.092283] socket: no more sockets
[ 1537.131694] FAULT_INJECTION: forcing a failure.
[ 1537.131694] name failslab, interval 1, probability 0, space 0, times 0
[ 1537.131715] CPU: 0 PID: 6836 Comm: syz-executor.2 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1537.131728] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1537.131737] Call Trace:
[ 1537.131740]  <TASK>
[ 1537.131744]  dump_stack_lvl+0x8b/0xb3
[ 1537.131765]  should_fail.cold+0x5/0xa
[ 1537.131777]  ? security_inode_alloc+0x34/0x160
[ 1537.131794]  should_failslab+0x5/0x10
[ 1537.131811]  kmem_cache_alloc+0x5b/0x480
[ 1537.131826]  security_inode_alloc+0x34/0x160
[ 1537.131843]  inode_init_always+0x5d8/0xd20
[ 1537.131857]  ? __init_waitqueue_head+0x6b/0xd0
[ 1537.131877]  alloc_inode+0x84/0x240
[ 1537.131893]  new_inode_pseudo+0x14/0xe0
19:35:53 executing program 0:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, 0x0, &(0x7f0000000340)=<r2=>0x0)
r3 = creat(&(0x7f0000000380)='./file1\x00', 0x0)
r4 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140))
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
r6 = syz_io_uring_setup(0x76e7, &(0x7f0000000340), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000280), &(0x7f00000003c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0xa, 0x0, r5)
syz_io_uring_submit(0x0, r2, &(0x7f00000003c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x4, 0x0, @fd=r3, 0xfffffffffffffff9, 0x0, 0xf690, 0x0, 0x0, {0x0, r5}}, 0x1000)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
fchmodat(r7, &(0x7f0000000180)='./file0\x00', 0x4)
r8 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r9 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r9, r8, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r7, 0x5206, &(0x7f0000000480))

[ 1537.131914]  sock_alloc+0x3c/0x260
[ 1537.131928]  __sock_create+0xb9/0x750
[ 1537.131946]  io_uring_setup.cold+0x1e6d/0x271c
[ 1537.131967]  ? io_sqe_files_register+0x230/0x230
[ 1537.131996]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1537.132018]  do_syscall_64+0x3b/0x90
[ 1537.132031]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1537.132047] RIP: 0033:0x7f4ea96a2b19
19:35:53 executing program 4:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000080)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r1 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[])
r2 = openat(r1, &(0x7f0000000180)='./file0\x00', 0x101042, 0x2500)
write(r2, &(0x7f0000000080)="01", 0xffff8000)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
io_submit(0x0, 0x1, &(0x7f0000001340)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x2}])
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f00000006c0)={<r4=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r3, 0xc0182101, &(0x7f0000000740)={r4, 0x0, 0x9})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000000)={r4, 0x0, r0, 0xffffff80, 0x80000})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000200)={0x0, 0x0, 0xffffffffffffffff, 0x0, 0xfe7})

[ 1537.132056] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1537.132067] RSP: 002b:00007f4ea6c18108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1537.132078] RAX: ffffffffffffffda RBX: 00007f4ea97b5f60 RCX: 00007f4ea96a2b19
[ 1537.132086] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
19:35:53 executing program 2:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 26)

[ 1537.132093] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1537.132100] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1537.132107] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1537.132126]  </TASK>
[ 1537.132204] socket: no more sockets
[ 1537.201647] audit: type=1400 audit(1651088153.379:14): avc:  denied  { create } for  pid=6837 comm="syz-executor.5" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=dccp_socket permissive=1
19:35:53 executing program 3:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)=<r2=>0x0)
r3 = creat(&(0x7f0000000380)='./file1\x00', 0x0)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140))
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
r5 = syz_io_uring_setup(0x76e7, &(0x7f0000000340), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000280), &(0x7f00000003c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r5, 0xa, 0x0, r4)
syz_io_uring_submit(0x0, r2, &(0x7f00000003c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x4, 0x0, @fd=r3, 0xfffffffffffffff9, 0x0, 0xf690, 0x0, 0x0, {0x0, r4}}, 0x1000)
r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
fchmodat(r6, &(0x7f0000000180)='./file0\x00', 0x4)
r7 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r8 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r8, r7, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r6, 0x5206, &(0x7f0000000480))

19:35:53 executing program 6:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 26)

[ 1537.248324] FAULT_INJECTION: forcing a failure.
[ 1537.248324] name failslab, interval 1, probability 0, space 0, times 0
[ 1537.248346] CPU: 0 PID: 6853 Comm: syz-executor.2 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1537.248359] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1537.248368] Call Trace:
[ 1537.248371]  <TASK>
[ 1537.248376]  dump_stack_lvl+0x8b/0xb3
[ 1537.248396]  should_fail.cold+0x5/0xa
[ 1537.248408]  ? create_object.isra.0+0x3a/0xa20
[ 1537.248428]  should_failslab+0x5/0x10
[ 1537.248443]  kmem_cache_alloc+0x5b/0x480
[ 1537.248459]  create_object.isra.0+0x3a/0xa20
[ 1537.248474]  ? kasan_unpoison+0x23/0x50
[ 1537.248492]  kmem_cache_alloc+0x239/0x480
[ 1537.248506]  security_inode_alloc+0x34/0x160
[ 1537.248524]  inode_init_always+0x5d8/0xd20
[ 1537.248539]  ? __init_waitqueue_head+0x6b/0xd0
[ 1537.248558]  alloc_inode+0x84/0x240
[ 1537.248574]  new_inode_pseudo+0x14/0xe0
[ 1537.248592]  sock_alloc+0x3c/0x260
[ 1537.248606]  __sock_create+0xb9/0x750
[ 1537.248624]  io_uring_setup.cold+0x1e6d/0x271c
[ 1537.248645]  ? io_sqe_files_register+0x230/0x230
19:35:53 executing program 7:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0x4b47)

[ 1537.248677]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1537.248700]  do_syscall_64+0x3b/0x90
[ 1537.248713]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1537.248729] RIP: 0033:0x7f4ea96a2b19
[ 1537.248738] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1537.248749] RSP: 002b:00007f4ea6c18108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1537.248761] RAX: ffffffffffffffda RBX: 00007f4ea97b5f60 RCX: 00007f4ea96a2b19
[ 1537.248768] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1537.248775] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1537.248782] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1537.248789] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1537.248808]  </TASK>
19:35:53 executing program 4:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000080)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r1 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[])
r2 = openat(r1, &(0x7f0000000180)='./file0\x00', 0x101042, 0x2500)
write(r2, &(0x7f0000000080)="01", 0xffff8000)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
io_submit(0x0, 0x1, &(0x7f0000001340)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x2}])
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f00000006c0)={<r4=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r3, 0xc0182101, &(0x7f0000000740)={r4, 0x0, 0x9})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000000)={r4, 0x0, r0, 0xffffff80, 0x80000})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000200)={0x0, 0x0, 0xffffffffffffffff, 0x0, 0xfe7})

[ 1537.358250] FAULT_INJECTION: forcing a failure.
[ 1537.358250] name failslab, interval 1, probability 0, space 0, times 0
[ 1537.358281] CPU: 0 PID: 6859 Comm: syz-executor.6 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1537.358314] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1537.358336] Call Trace:
[ 1537.358343]  <TASK>
[ 1537.358354]  dump_stack_lvl+0x8b/0xb3
[ 1537.358392]  should_fail.cold+0x5/0xa
[ 1537.358424]  ? create_object.isra.0+0x3a/0xa20
[ 1537.358474]  should_failslab+0x5/0x10
[ 1537.358519]  kmem_cache_alloc+0x5b/0x480
[ 1537.358555]  create_object.isra.0+0x3a/0xa20
[ 1537.358599]  ? kasan_unpoison+0x23/0x50
[ 1537.358647]  kmem_cache_alloc+0x239/0x480
[ 1537.358678]  security_inode_alloc+0x34/0x160
[ 1537.358724]  inode_init_always+0x5d8/0xd20
[ 1537.358761]  ? __init_waitqueue_head+0x6b/0xd0
[ 1537.358810]  alloc_inode+0x84/0x240
[ 1537.358834]  new_inode_pseudo+0x14/0xe0
[ 1537.358851]  sock_alloc+0x3c/0x260
[ 1537.358865]  __sock_create+0xb9/0x750
[ 1537.358882]  io_uring_setup.cold+0x1e6d/0x271c
[ 1537.358903]  ? io_sqe_files_register+0x230/0x230
[ 1537.358939]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1537.358961]  do_syscall_64+0x3b/0x90
[ 1537.358975]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1537.358991] RIP: 0033:0x7f011e7ddb19
[ 1537.359000] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1537.359011] RSP: 002b:00007f011bd53108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1537.359022] RAX: ffffffffffffffda RBX: 00007f011e8f0f60 RCX: 00007f011e7ddb19
[ 1537.359030] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1537.359037] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1537.359043] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1537.359050] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1537.359070]  </TASK>
[ 1549.373093] kmemleak: 19 new suspected memory leaks (see /sys/kernel/debug/kmemleak)
19:36:13 executing program 7:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0x4b49)

19:36:13 executing program 2:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 27)

19:36:13 executing program 5:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000040), 0xa00, 0x0)
ioctl$CDROMRESET(r0, 0x5312)

19:36:13 executing program 4:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000080)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r1 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[])
r2 = openat(r1, &(0x7f0000000180)='./file0\x00', 0x101042, 0x2500)
write(r2, &(0x7f0000000080)="01", 0xffff8000)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
io_submit(0x0, 0x1, &(0x7f0000001340)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x2}])
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f00000006c0)={<r4=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r3, 0xc0182101, &(0x7f0000000740)={r4, 0x0, 0x9})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000000)={r4, 0x0, r0, 0xffffff80, 0x80000})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000200)={0x0, 0x0, 0xffffffffffffffff, 0x0, 0xfe7})

19:36:13 executing program 0:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)=<r2=>0x0)
r3 = creat(&(0x7f0000000380)='./file1\x00', 0x0)
r4 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140))
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
r6 = syz_io_uring_setup(0x76e7, &(0x7f0000000340), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000280), &(0x7f00000003c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0xa, 0x0, r5)
syz_io_uring_submit(0x0, r2, &(0x7f00000003c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x4, 0x0, @fd=r3, 0xfffffffffffffff9, 0x0, 0xf690, 0x0, 0x0, {0x0, r5}}, 0x1000)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
fchmodat(r7, &(0x7f0000000180)='./file0\x00', 0x4)
r8 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r9 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r9, r8, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r7, 0x5206, &(0x7f0000000480))

19:36:13 executing program 3:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)=<r2=>0x0)
r3 = creat(&(0x7f0000000380)='./file1\x00', 0x0)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140))
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
r5 = syz_io_uring_setup(0x76e7, &(0x7f0000000340), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000280), &(0x7f00000003c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r5, 0xa, 0x0, r4)
syz_io_uring_submit(0x0, r2, &(0x7f00000003c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x4, 0x0, @fd=r3, 0xfffffffffffffff9, 0x0, 0xf690, 0x0, 0x0, {0x0, r4}}, 0x1000)
r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
fchmodat(r6, &(0x7f0000000180)='./file0\x00', 0x4)
r7 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r8 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r8, r7, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r6, 0x5206, &(0x7f0000000480))

19:36:13 executing program 6:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 27)

19:36:13 executing program 1:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, 0x0, &(0x7f0000000340)=<r2=>0x0)
r3 = creat(&(0x7f0000000380)='./file1\x00', 0x0)
r4 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140))
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
r6 = syz_io_uring_setup(0x76e7, &(0x7f0000000340), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000280), &(0x7f00000003c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0xa, 0x0, r5)
syz_io_uring_submit(0x0, r2, &(0x7f00000003c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x4, 0x0, @fd=r3, 0xfffffffffffffff9, 0x0, 0xf690, 0x0, 0x0, {0x0, r5}}, 0x1000)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
fchmodat(r7, &(0x7f0000000180)='./file0\x00', 0x4)
r8 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r9 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r9, r8, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r7, 0x5206, &(0x7f0000000480))

[ 1557.078271] FAULT_INJECTION: forcing a failure.
[ 1557.078271] name failslab, interval 1, probability 0, space 0, times 0
[ 1557.078293] CPU: 0 PID: 6878 Comm: syz-executor.2 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1557.078306] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1557.078314] Call Trace:
[ 1557.078317]  <TASK>
[ 1557.078322]  dump_stack_lvl+0x8b/0xb3
[ 1557.078343]  should_fail.cold+0x5/0xa
[ 1557.078355]  ? sk_prot_alloc+0x63/0x2e0
[ 1557.078373]  should_failslab+0x5/0x10
[ 1557.078390]  kmem_cache_alloc+0x5b/0x480
[ 1557.078405]  sk_prot_alloc+0x63/0x2e0
[ 1557.078423]  sk_alloc+0x34/0x750
[ 1557.078439]  ? lock_downgrade+0x6d0/0x6d0
[ 1557.078457]  unix_create1+0xa7/0x8d0
[ 1557.078473]  unix_create+0x110/0x220
[ 1557.078490]  __sock_create+0x345/0x750
[ 1557.078507]  io_uring_setup.cold+0x1e6d/0x271c
[ 1557.078528]  ? io_sqe_files_register+0x230/0x230
[ 1557.078557]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1557.078580]  do_syscall_64+0x3b/0x90
19:36:13 executing program 4:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000080)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r1 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[])
r2 = openat(r1, &(0x7f0000000180)='./file0\x00', 0x101042, 0x2500)
write(r2, &(0x7f0000000080)="01", 0xffff8000)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
io_submit(0x0, 0x1, &(0x7f0000001340)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x2}])
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f00000006c0)={<r4=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r3, 0xc0182101, &(0x7f0000000740)={r4, 0x37})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000000)={r4, 0x0, r0, 0xffffff80, 0x80000})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000200)={0x0, 0x0, 0xffffffffffffffff, 0x0, 0xfe7})

[ 1557.078593]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1557.078609] RIP: 0033:0x7f4ea96a2b19
[ 1557.078617] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
19:36:13 executing program 2:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 28)

[ 1557.078628] RSP: 002b:00007f4ea6c18108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1557.078640] RAX: ffffffffffffffda RBX: 00007f4ea97b5f60 RCX: 00007f4ea96a2b19
[ 1557.078648] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1557.078655] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
19:36:13 executing program 3:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)=<r2=>0x0)
r3 = creat(&(0x7f0000000380)='./file1\x00', 0x0)
r4 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140))
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
r6 = syz_io_uring_setup(0x0, &(0x7f0000000340), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000280), &(0x7f00000003c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0xa, 0x0, r5)
syz_io_uring_submit(0x0, r2, &(0x7f00000003c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x4, 0x0, @fd=r3, 0xfffffffffffffff9, 0x0, 0xf690, 0x0, 0x0, {0x0, r5}}, 0x1000)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
fchmodat(r7, &(0x7f0000000180)='./file0\x00', 0x4)
r8 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r9 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r9, r8, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r7, 0x5206, &(0x7f0000000480))

[ 1557.078662] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1557.078668] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
19:36:13 executing program 7:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0x5309)

[ 1557.078688]  </TASK>
[ 1557.131700] FAULT_INJECTION: forcing a failure.
[ 1557.131700] name failslab, interval 1, probability 0, space 0, times 0
19:36:13 executing program 0:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)=<r2=>0x0)
r3 = creat(&(0x7f0000000380)='./file1\x00', 0x0)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140))
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
r5 = syz_io_uring_setup(0x76e7, &(0x7f0000000340), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000280), &(0x7f00000003c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r5, 0xa, 0x0, r4)
syz_io_uring_submit(0x0, r2, &(0x7f00000003c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x4, 0x0, @fd=r3, 0xfffffffffffffff9, 0x0, 0xf690, 0x0, 0x0, {0x0, r4}}, 0x1000)
r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
fchmodat(r6, &(0x7f0000000180)='./file0\x00', 0x4)
r7 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r8 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r8, r7, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r6, 0x5206, &(0x7f0000000480))

[ 1557.131733] CPU: 1 PID: 6887 Comm: syz-executor.6 Not tainted 5.18.0-rc4-next-20220427 #1
19:36:13 executing program 1:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)=<r2=>0x0)
r3 = creat(&(0x7f0000000380)='./file1\x00', 0x0)
syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140))
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
r5 = syz_io_uring_setup(0x76e7, &(0x7f0000000340), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000280), &(0x7f00000003c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r5, 0xa, 0x0, r4)
syz_io_uring_submit(0x0, r2, &(0x7f00000003c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x4, 0x0, @fd=r3, 0xfffffffffffffff9, 0x0, 0xf690, 0x0, 0x0, {0x0, r4}}, 0x1000)
r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
fchmodat(r6, &(0x7f0000000180)='./file0\x00', 0x4)
r7 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r8 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r8, r7, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r6, 0x5206, &(0x7f0000000480))

[ 1557.131785] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1557.131799] Call Trace:
[ 1557.131804]  <TASK>
[ 1557.131812]  dump_stack_lvl+0x8b/0xb3
[ 1557.131844]  should_fail.cold+0x5/0xa
[ 1557.131866]  ? sk_prot_alloc+0x63/0x2e0
[ 1557.131898]  should_failslab+0x5/0x10
[ 1557.131936]  kmem_cache_alloc+0x5b/0x480
[ 1557.131964]  sk_prot_alloc+0x63/0x2e0
[ 1557.131999]  sk_alloc+0x34/0x750
[ 1557.132028]  ? lock_downgrade+0x6d0/0x6d0
[ 1557.132060]  unix_create1+0xa7/0x8d0
[ 1557.132089]  unix_create+0x110/0x220
[ 1557.132114]  __sock_create+0x345/0x750
[ 1557.132147]  io_uring_setup.cold+0x1e6d/0x271c
[ 1557.132186]  ? io_sqe_files_register+0x230/0x230
19:36:13 executing program 5:
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f0000000040)={{0x1, 0x1, 0x18, <r0=>0xffffffffffffffff, @out_args}, './file0\x00'})
ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r0, 0x40a85321, &(0x7f0000000080)={{0x1f, 0x4}, 'port0\x00', 0x42, 0x10, 0x8, 0x4, 0x200, 0x100, 0x3, 0x0, 0x3})
r1 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r1, 0x5312)

19:36:13 executing program 4:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000080)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r1 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[])
r2 = openat(r1, &(0x7f0000000180)='./file0\x00', 0x101042, 0x2500)
write(r2, &(0x7f0000000080)="01", 0xffff8000)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
io_submit(0x0, 0x1, &(0x7f0000001340)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x2}])
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f00000006c0)={<r4=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r3, 0xc0182101, &(0x7f0000000740)={r4, 0x37})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000000)={r4, 0x0, r0, 0xffffff80, 0x80000})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000200)={0x0, 0x0, 0xffffffffffffffff, 0x0, 0xfe7})

[ 1557.132239]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1557.132278]  do_syscall_64+0x3b/0x90
[ 1557.132303]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1557.132331] RIP: 0033:0x7f011e7ddb19
[ 1557.132348] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
19:36:13 executing program 6:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 28)

[ 1557.132368] RSP: 002b:00007f011bd53108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1557.132389] RAX: ffffffffffffffda RBX: 00007f011e8f0f60 RCX: 00007f011e7ddb19
[ 1557.132403] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1557.132416] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1557.132429] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1557.132441] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1557.132477]  </TASK>
[ 1557.270656] FAULT_INJECTION: forcing a failure.
[ 1557.270656] name failslab, interval 1, probability 0, space 0, times 0
[ 1557.270687] CPU: 1 PID: 6894 Comm: syz-executor.2 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1557.270711] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
19:36:13 executing program 3:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)=<r2=>0x0)
r3 = creat(&(0x7f0000000380)='./file1\x00', 0x0)
r4 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140))
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
r6 = syz_io_uring_setup(0x0, &(0x7f0000000340), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000280), &(0x7f00000003c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0xa, 0x0, r5)
syz_io_uring_submit(0x0, r2, &(0x7f00000003c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x4, 0x0, @fd=r3, 0xfffffffffffffff9, 0x0, 0xf690, 0x0, 0x0, {0x0, r5}}, 0x1000)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
fchmodat(r7, &(0x7f0000000180)='./file0\x00', 0x4)
r8 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r9 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r9, r8, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r7, 0x5206, &(0x7f0000000480))

[ 1557.270725] Call Trace:
[ 1557.270730]  <TASK>
[ 1557.270738]  dump_stack_lvl+0x8b/0xb3
[ 1557.270769]  should_fail.cold+0x5/0xa
[ 1557.270791]  ? create_object.isra.0+0x3a/0xa20
[ 1557.270825]  should_failslab+0x5/0x10
[ 1557.270854]  kmem_cache_alloc+0x5b/0x480
[ 1557.270883]  create_object.isra.0+0x3a/0xa20
[ 1557.270916]  ? kasan_unpoison+0x23/0x50
[ 1557.270955]  kmem_cache_alloc+0x239/0x480
[ 1557.270982]  sk_prot_alloc+0x63/0x2e0
[ 1557.271018]  sk_alloc+0x34/0x750
[ 1557.271047]  ? lock_downgrade+0x6d0/0x6d0
[ 1557.271079]  unix_create1+0xa7/0x8d0
[ 1557.271108]  unix_create+0x110/0x220
[ 1557.271134]  __sock_create+0x345/0x750
19:36:13 executing program 1:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)=<r2=>0x0)
r3 = creat(&(0x7f0000000380)='./file1\x00', 0x0)
r4 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140))
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
r6 = syz_io_uring_setup(0x0, &(0x7f0000000340), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000280), &(0x7f00000003c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0xa, 0x0, r5)
syz_io_uring_submit(0x0, r2, &(0x7f00000003c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x4, 0x0, @fd=r3, 0xfffffffffffffff9, 0x0, 0xf690, 0x0, 0x0, {0x0, r5}}, 0x1000)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
fchmodat(r7, &(0x7f0000000180)='./file0\x00', 0x4)
r8 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r9 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r9, r8, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r7, 0x5206, &(0x7f0000000480))

[ 1557.271167]  io_uring_setup.cold+0x1e6d/0x271c
[ 1557.271206]  ? io_sqe_files_register+0x230/0x230
[ 1557.271259]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1557.271299]  do_syscall_64+0x3b/0x90
[ 1557.271324]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1557.271353] RIP: 0033:0x7f4ea96a2b19
[ 1557.271369] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1557.271389] RSP: 002b:00007f4ea6c18108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
19:36:13 executing program 4:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000080)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r1 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[])
r2 = openat(r1, &(0x7f0000000180)='./file0\x00', 0x101042, 0x2500)
write(r2, &(0x7f0000000080)="01", 0xffff8000)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
io_submit(0x0, 0x1, &(0x7f0000001340)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x2}])
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f00000006c0)={<r4=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r3, 0xc0182101, &(0x7f0000000740)={r4, 0x37})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000000)={r4, 0x0, r0, 0xffffff80, 0x80000})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000200)={0x0, 0x0, 0xffffffffffffffff, 0x0, 0xfe7})

[ 1557.271410] RAX: ffffffffffffffda RBX: 00007f4ea97b5f60 RCX: 00007f4ea96a2b19
[ 1557.271424] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1557.271437] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1557.271450] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1557.271462] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1557.271499]  </TASK>
[ 1557.351740] FAULT_INJECTION: forcing a failure.
[ 1557.351740] name failslab, interval 1, probability 0, space 0, times 0
[ 1557.351781] CPU: 0 PID: 6906 Comm: syz-executor.6 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1557.351795] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1557.351803] Call Trace:
[ 1557.351807]  <TASK>
[ 1557.351812]  dump_stack_lvl+0x8b/0xb3
[ 1557.351833]  should_fail.cold+0x5/0xa
[ 1557.351845]  ? create_object.isra.0+0x3a/0xa20
[ 1557.351866]  should_failslab+0x5/0x10
[ 1557.351882]  kmem_cache_alloc+0x5b/0x480
[ 1557.351898]  create_object.isra.0+0x3a/0xa20
[ 1557.351917]  ? kasan_unpoison+0x23/0x50
[ 1557.351935]  kmem_cache_alloc+0x239/0x480
[ 1557.351949]  sk_prot_alloc+0x63/0x2e0
[ 1557.351970]  sk_alloc+0x34/0x750
[ 1557.351986]  ? lock_downgrade+0x6d0/0x6d0
[ 1557.352005]  unix_create1+0xa7/0x8d0
[ 1557.352021]  unix_create+0x110/0x220
[ 1557.352034]  __sock_create+0x345/0x750
[ 1557.352052]  io_uring_setup.cold+0x1e6d/0x271c
[ 1557.352073]  ? io_sqe_files_register+0x230/0x230
[ 1557.352102]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1557.352124]  do_syscall_64+0x3b/0x90
[ 1557.352137]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1557.352153] RIP: 0033:0x7f011e7ddb19
[ 1557.352162] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1557.352173] RSP: 002b:00007f011bd53108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1557.352186] RAX: ffffffffffffffda RBX: 00007f011e8f0f60 RCX: 00007f011e7ddb19
[ 1557.352193] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1557.352200] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1557.352207] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1557.352213] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1557.352233]  </TASK>
[ 1570.969992] kmemleak: 4 new suspected memory leaks (see /sys/kernel/debug/kmemleak)
19:36:34 executing program 7:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0x530f)

19:36:34 executing program 3:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)=<r2=>0x0)
r3 = creat(&(0x7f0000000380)='./file1\x00', 0x0)
r4 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140))
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
r6 = syz_io_uring_setup(0x0, &(0x7f0000000340), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000280), &(0x7f00000003c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0xa, 0x0, r5)
syz_io_uring_submit(0x0, r2, &(0x7f00000003c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x4, 0x0, @fd=r3, 0xfffffffffffffff9, 0x0, 0xf690, 0x0, 0x0, {0x0, r5}}, 0x1000)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
fchmodat(r7, &(0x7f0000000180)='./file0\x00', 0x4)
r8 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r9 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r9, r8, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r7, 0x5206, &(0x7f0000000480))

19:36:34 executing program 2:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 29)

19:36:34 executing program 5:
r0 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/tcp_rmem\x00', 0x1, 0x0)
ioctl$BTRFS_IOC_BALANCE(r0, 0x5000940c, 0x0)
r1 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x56f300, 0x0)
ioctl$CDROMRESET(r1, 0x5312)

19:36:34 executing program 4:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000080)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r1 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[])
r2 = openat(r1, &(0x7f0000000180)='./file0\x00', 0x101042, 0x2500)
write(r2, &(0x7f0000000080)="01", 0xffff8000)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
io_submit(0x0, 0x1, &(0x7f0000001340)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x2}])
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f00000006c0)={<r4=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r3, 0xc0182101, &(0x7f0000000740)={r4, 0x37, 0x9})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(0xffffffffffffffff, 0x40182103, &(0x7f0000000000)={r4, 0x0, r0, 0xffffff80, 0x80000})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000200)={0x0, 0x0, 0xffffffffffffffff, 0x0, 0xfe7})

19:36:34 executing program 6:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 29)

19:36:34 executing program 1:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 1)

19:36:34 executing program 0:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, 0x0, &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x2, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240))

[ 1578.032663] FAULT_INJECTION: forcing a failure.
[ 1578.032663] name failslab, interval 1, probability 0, space 0, times 0
[ 1578.032684] CPU: 1 PID: 6929 Comm: syz-executor.2 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1578.032697] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1578.032705] Call Trace:
[ 1578.032709]  <TASK>
[ 1578.032713]  dump_stack_lvl+0x8b/0xb3
[ 1578.032733]  should_fail.cold+0x5/0xa
[ 1578.032745]  ? selinux_sk_alloc_security+0x90/0x200
[ 1578.032764]  should_failslab+0x5/0x10
[ 1578.032780]  kmem_cache_alloc_trace+0x55/0x3c0
[ 1578.032796]  selinux_sk_alloc_security+0x90/0x200
[ 1578.032813]  security_sk_alloc+0x56/0xb0
[ 1578.032834]  sk_prot_alloc+0xad/0x2e0
[ 1578.032854]  sk_alloc+0x34/0x750
[ 1578.032870]  ? lock_downgrade+0x6d0/0x6d0
[ 1578.032888]  unix_create1+0xa7/0x8d0
[ 1578.032907]  unix_create+0x110/0x220
[ 1578.032921]  __sock_create+0x345/0x750
[ 1578.032938]  io_uring_setup.cold+0x1e6d/0x271c
[ 1578.032959]  ? io_sqe_files_register+0x230/0x230
[ 1578.032988]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1578.033010]  do_syscall_64+0x3b/0x90
[ 1578.033023]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1578.033039] RIP: 0033:0x7f4ea96a2b19
[ 1578.033048] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1578.033059] RSP: 002b:00007f4ea6c18108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1578.033072] RAX: ffffffffffffffda RBX: 00007f4ea97b5f60 RCX: 00007f4ea96a2b19
[ 1578.033079] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1578.033086] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1578.033093] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1578.033099] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1578.033119]  </TASK>
[ 1578.065777] FAULT_INJECTION: forcing a failure.
[ 1578.065777] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1578.065811] CPU: 0 PID: 6937 Comm: syz-executor.1 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1578.065835] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1578.065849] Call Trace:
[ 1578.065855]  <TASK>
[ 1578.065863]  dump_stack_lvl+0x8b/0xb3
[ 1578.065902]  should_fail.cold+0x5/0xa
[ 1578.065934]  _copy_from_user+0x2a/0x170
[ 1578.065960]  io_uring_setup+0x86/0x150
[ 1578.065994]  ? lock_is_held_type+0xd7/0x130
[ 1578.066028]  ? io_sqe_files_register+0x230/0x230
[ 1578.066058]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 1578.066093]  ? vfs_write+0x422/0xac0
[ 1578.066121]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[ 1578.066156]  ? fput+0x2a/0x50
[ 1578.066205]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1578.066265]  do_syscall_64+0x3b/0x90
[ 1578.066304]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1578.066340] RIP: 0033:0x7f2c579bdb19
[ 1578.066356] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1578.066376] RSP: 002b:00007f2c54f33108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1578.066398] RAX: ffffffffffffffda RBX: 00007f2c57ad0f60 RCX: 00007f2c579bdb19
[ 1578.066412] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1578.066425] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1578.066438] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1578.066450] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1578.066487]  </TASK>
[ 1578.089244] FAULT_INJECTION: forcing a failure.
[ 1578.089244] name failslab, interval 1, probability 0, space 0, times 0
[ 1578.089278] CPU: 0 PID: 6936 Comm: syz-executor.6 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1578.089301] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1578.089316] Call Trace:
[ 1578.089321]  <TASK>
[ 1578.089329]  dump_stack_lvl+0x8b/0xb3
[ 1578.089362]  should_fail.cold+0x5/0xa
[ 1578.089385]  ? selinux_sk_alloc_security+0x90/0x200
[ 1578.089418]  should_failslab+0x5/0x10
[ 1578.089452]  kmem_cache_alloc_trace+0x55/0x3c0
[ 1578.089481]  selinux_sk_alloc_security+0x90/0x200
[ 1578.089514]  security_sk_alloc+0x56/0xb0
[ 1578.089552]  sk_prot_alloc+0xad/0x2e0
[ 1578.089588]  sk_alloc+0x34/0x750
[ 1578.089617]  ? lock_downgrade+0x6d0/0x6d0
[ 1578.089650]  unix_create1+0xa7/0x8d0
[ 1578.089679]  unix_create+0x110/0x220
[ 1578.089704]  __sock_create+0x345/0x750
[ 1578.089738]  io_uring_setup.cold+0x1e6d/0x271c
[ 1578.089777]  ? io_sqe_files_register+0x230/0x230
[ 1578.089829]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1578.089870]  do_syscall_64+0x3b/0x90
[ 1578.089894]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1578.089924] RIP: 0033:0x7f011e7ddb19
[ 1578.089940] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1578.089961] RSP: 002b:00007f011bd53108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1578.089983] RAX: ffffffffffffffda RBX: 00007f011e8f0f60 RCX: 00007f011e7ddb19
[ 1578.089997] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1578.090010] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1578.090023] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1578.090035] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1578.090072]  </TASK>
[ 1589.082577] kmemleak: 4 new suspected memory leaks (see /sys/kernel/debug/kmemleak)
19:36:53 executing program 6:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 30)

19:36:53 executing program 1:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 2)

19:36:53 executing program 0:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)=<r2=>0x0)
r3 = creat(&(0x7f0000000380)='./file1\x00', 0x0)
r4 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140))
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
r6 = syz_io_uring_setup(0x0, &(0x7f0000000340), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000280), &(0x7f00000003c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0xa, 0x0, r5)
syz_io_uring_submit(0x0, r2, &(0x7f00000003c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x4, 0x0, @fd=r3, 0xfffffffffffffff9, 0x0, 0xf690, 0x0, 0x0, {0x0, r5}}, 0x1000)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
fchmodat(r7, &(0x7f0000000180)='./file0\x00', 0x4)
r8 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r9 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r9, r8, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r7, 0x5206, &(0x7f0000000480))

19:36:53 executing program 3:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)=<r2=>0x0)
r3 = creat(&(0x7f0000000380)='./file1\x00', 0x0)
r4 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140))
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
r6 = syz_io_uring_setup(0x76e7, 0x0, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000280), &(0x7f00000003c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0xa, 0x0, r5)
syz_io_uring_submit(0x0, r2, &(0x7f00000003c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x4, 0x0, @fd=r3, 0xfffffffffffffff9, 0x0, 0xf690, 0x0, 0x0, {0x0, r5}}, 0x1000)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
fchmodat(r7, &(0x7f0000000180)='./file0\x00', 0x4)
r8 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r9 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r9, r8, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r7, 0x5206, &(0x7f0000000480))

19:36:53 executing program 4:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000080)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r1 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[])
r2 = openat(r1, &(0x7f0000000180)='./file0\x00', 0x101042, 0x2500)
write(r2, &(0x7f0000000080)="01", 0xffff8000)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
io_submit(0x0, 0x1, &(0x7f0000001340)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x2}])
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f00000006c0)={<r4=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r3, 0xc0182101, &(0x7f0000000740)={r4, 0x37, 0x9})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(0xffffffffffffffff, 0x40182103, &(0x7f0000000000)={r4, 0x0, r0, 0xffffff80, 0x80000})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000200)={0x0, 0x0, 0xffffffffffffffff, 0x0, 0xfe7})

19:36:53 executing program 5:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0x5312)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x149802, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'rose0\x00'})
pwritev2(r1, &(0x7f0000000600)=[{&(0x7f00000000c0)="7d6d540c10037b9b35480d310900", 0xe}, {0x0}], 0x2, 0x0, 0x0, 0x0)
fstat(r1, &(0x7f0000000040))

19:36:53 executing program 7:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0x5310)

19:36:53 executing program 2:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 30)

[ 1597.319448] FAULT_INJECTION: forcing a failure.
[ 1597.319448] name failslab, interval 1, probability 0, space 0, times 0
[ 1597.319480] CPU: 0 PID: 6944 Comm: syz-executor.6 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1597.319503] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1597.319517] Call Trace:
[ 1597.319523]  <TASK>
[ 1597.319531]  dump_stack_lvl+0x8b/0xb3
[ 1597.319563]  should_fail.cold+0x5/0xa
[ 1597.319585]  ? create_object.isra.0+0x3a/0xa20
[ 1597.319618]  should_failslab+0x5/0x10
[ 1597.319647]  kmem_cache_alloc+0x5b/0x480
[ 1597.319675]  create_object.isra.0+0x3a/0xa20
[ 1597.319703]  ? kasan_unpoison+0x23/0x50
[ 1597.319736]  kmem_cache_alloc_trace+0x22e/0x3c0
[ 1597.319764]  selinux_sk_alloc_security+0x90/0x200
[ 1597.319798]  security_sk_alloc+0x56/0xb0
[ 1597.319835]  sk_prot_alloc+0xad/0x2e0
[ 1597.319871]  sk_alloc+0x34/0x750
[ 1597.319905]  ? lock_downgrade+0x6d0/0x6d0
[ 1597.319938]  unix_create1+0xa7/0x8d0
[ 1597.319967]  unix_create+0x110/0x220
[ 1597.319992]  __sock_create+0x345/0x750
[ 1597.320024]  io_uring_setup.cold+0x1e6d/0x271c
[ 1597.320063]  ? io_sqe_files_register+0x230/0x230
[ 1597.320115]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1597.320155]  do_syscall_64+0x3b/0x90
[ 1597.320179]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1597.320208] RIP: 0033:0x7f011e7ddb19
[ 1597.320224] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1597.320244] RSP: 002b:00007f011bd53108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1597.320265] RAX: ffffffffffffffda RBX: 00007f011e8f0f60 RCX: 00007f011e7ddb19
[ 1597.320279] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1597.320292] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1597.320304] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
19:36:53 executing program 4:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000080)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r1 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[])
r2 = openat(r1, &(0x7f0000000180)='./file0\x00', 0x101042, 0x2500)
write(r2, &(0x7f0000000080)="01", 0xffff8000)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
io_submit(0x0, 0x1, &(0x7f0000001340)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x2}])
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f00000006c0)={<r4=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r3, 0xc0182101, &(0x7f0000000740)={r4, 0x37, 0x9})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(0xffffffffffffffff, 0x40182103, &(0x7f0000000000)={r4, 0x0, r0, 0xffffff80, 0x80000})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000200)={0x0, 0x0, 0xffffffffffffffff, 0x0, 0xfe7})

[ 1597.320325] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
19:36:53 executing program 6:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 31)

[ 1597.320362]  </TASK>
[ 1597.347543] FAULT_INJECTION: forcing a failure.
[ 1597.347543] name failslab, interval 1, probability 0, space 0, times 0
[ 1597.347575] CPU: 1 PID: 6947 Comm: syz-executor.2 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1597.347599] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1597.347614] Call Trace:
[ 1597.347619]  <TASK>
[ 1597.347627]  dump_stack_lvl+0x8b/0xb3
[ 1597.347660]  should_fail.cold+0x5/0xa
[ 1597.347683]  ? create_object.isra.0+0x3a/0xa20
19:36:53 executing program 2:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 31)

[ 1597.347718]  should_failslab+0x5/0x10
[ 1597.347749]  kmem_cache_alloc+0x5b/0x480
[ 1597.347778]  create_object.isra.0+0x3a/0xa20
[ 1597.347806]  ? kasan_unpoison+0x23/0x50
[ 1597.347840]  kmem_cache_alloc_trace+0x22e/0x3c0
[ 1597.347869]  selinux_sk_alloc_security+0x90/0x200
[ 1597.347910]  security_sk_alloc+0x56/0xb0
[ 1597.347952]  sk_prot_alloc+0xad/0x2e0
[ 1597.347990]  sk_alloc+0x34/0x750
[ 1597.348019]  ? lock_downgrade+0x6d0/0x6d0
[ 1597.348052]  unix_create1+0xa7/0x8d0
[ 1597.348082]  unix_create+0x110/0x220
[ 1597.348108]  __sock_create+0x345/0x750
[ 1597.348141]  io_uring_setup.cold+0x1e6d/0x271c
19:36:53 executing program 1:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 3)

[ 1597.348181]  ? io_sqe_files_register+0x230/0x230
[ 1597.348235]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1597.348277]  do_syscall_64+0x3b/0x90
[ 1597.348301]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1597.348342] RIP: 0033:0x7f4ea96a2b19
[ 1597.348358] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1597.348377] RSP: 002b:00007f4ea6c18108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1597.348399] RAX: ffffffffffffffda RBX: 00007f4ea97b5f60 RCX: 00007f4ea96a2b19
[ 1597.348413] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1597.348426] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
19:36:53 executing program 5:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000040), 0x428180, 0x0)
ioctl$CDROMRESET(r0, 0x5312)
r1 = syz_open_dev$vcsa(&(0x7f0000000000), 0xffff, 0x301882)
finit_module(r1, &(0x7f0000000080)='/dev/sr0\x00', 0x3)

19:36:53 executing program 7:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0x5311)

19:36:53 executing program 0:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0x5310)

19:36:53 executing program 3:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)=<r2=>0x0)
r3 = creat(&(0x7f0000000380)='./file1\x00', 0x0)
r4 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140))
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
r6 = syz_io_uring_setup(0x76e7, 0x0, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000280), &(0x7f00000003c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0xa, 0x0, r5)
syz_io_uring_submit(0x0, r2, &(0x7f00000003c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x4, 0x0, @fd=r3, 0xfffffffffffffff9, 0x0, 0xf690, 0x0, 0x0, {0x0, r5}}, 0x1000)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
fchmodat(r7, &(0x7f0000000180)='./file0\x00', 0x4)
r8 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r9 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r9, r8, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r7, 0x5206, &(0x7f0000000480))

[ 1597.348439] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1597.348452] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1597.348488]  </TASK>
[ 1597.369339] FAULT_INJECTION: forcing a failure.
[ 1597.369339] name failslab, interval 1, probability 0, space 0, times 0
[ 1597.369369] CPU: 0 PID: 6962 Comm: syz-executor.1 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1597.369393] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1597.369407] Call Trace:
[ 1597.369412]  <TASK>
[ 1597.369420]  dump_stack_lvl+0x8b/0xb3
[ 1597.369451]  should_fail.cold+0x5/0xa
[ 1597.369474]  ? io_uring_setup.cold+0x15b/0x271c
[ 1597.369508]  should_failslab+0x5/0x10
[ 1597.369537]  __kmalloc+0x72/0x440
[ 1597.369564]  io_uring_setup.cold+0x15b/0x271c
[ 1597.369596]  ? lock_is_held_type+0xd7/0x130
[ 1597.369630]  ? io_sqe_files_register+0x230/0x230
[ 1597.369683]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1597.369723]  do_syscall_64+0x3b/0x90
[ 1597.369747]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1597.369777] RIP: 0033:0x7f2c579bdb19
[ 1597.369793] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1597.369813] RSP: 002b:00007f2c54f12108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1597.369834] RAX: ffffffffffffffda RBX: 00007f2c57ad1020 RCX: 00007f2c579bdb19
[ 1597.369849] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1597.369862] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1597.369875] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1597.369895] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1597.369931]  </TASK>
[ 1597.627482] FAULT_INJECTION: forcing a failure.
[ 1597.627482] name failslab, interval 1, probability 0, space 0, times 0
[ 1597.627529] CPU: 0 PID: 6969 Comm: syz-executor.6 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1597.627557] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1597.627573] Call Trace:
[ 1597.627580]  <TASK>
[ 1597.627589]  dump_stack_lvl+0x8b/0xb3
[ 1597.627631]  should_fail.cold+0x5/0xa
[ 1597.627662]  should_failslab+0x5/0x10
[ 1597.627705]  kmem_cache_alloc_lru+0x60/0x7c0
19:36:53 executing program 4:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000080)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r1 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[])
r2 = openat(r1, &(0x7f0000000180)='./file0\x00', 0x101042, 0x2500)
write(r2, &(0x7f0000000080)="01", 0xffff8000)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
io_submit(0x0, 0x1, &(0x7f0000001340)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x2}])
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f00000006c0)={<r4=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r3, 0xc0182101, &(0x7f0000000740)={r4, 0x37, 0x9})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000200)={0x0, 0x0, 0xffffffffffffffff, 0x0, 0xfe7})

[ 1597.627730]  ? alloc_inode+0x170/0x240
[ 1597.627780]  alloc_inode+0x170/0x240
[ 1597.627816]  new_inode_pseudo+0x14/0xe0
[ 1597.627860]  alloc_anon_inode+0x22/0x3c0
[ 1597.627893]  ? _raw_spin_unlock+0x24/0x40
[ 1597.627931]  anon_inode_make_secure_inode+0xaa/0x180
[ 1597.627969]  ? __x64_sys_epoll_ctl+0x1c0/0x1c0
[ 1597.628005]  ? security_socket_post_create+0x9e/0xd0
[ 1597.628052]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 1597.628103]  anon_inode_getfile_secure+0x73/0x1e0
[ 1597.628146]  io_uring_setup.cold+0x1ed0/0x271c
[ 1597.628195]  ? io_sqe_files_register+0x230/0x230
[ 1597.628262]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1597.628314]  do_syscall_64+0x3b/0x90
[ 1597.628356]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1597.628398] RIP: 0033:0x7f011e7ddb19
[ 1597.628419] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
19:36:53 executing program 5:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
r1 = syz_mount_image$iso9660(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x7, 0x3, &(0x7f00000003c0)=[{&(0x7f0000000200)="f898d8e70471cad06b50072fbc29e4dea062a4f1208f5347ebe9f8185a19b8871b84a04dc297f1889709cfb6d8a87c3f205f84dca814d4ee6575f6678358709dfa9af72795569705b115b3f1e1d737126028bc9578bb55b4e523a198e55666679d1d052abaaa8b9876476eb4346f16f2c4d83a9259ce0a567e3d1aa2d5415c7eebda59b13c2dba67fd3cb3cf4451bf79aedb97b747c88882a84b0d2c5db834b8edce5b869f5ce6b8ca604db5b9cec7dbe8e0da8cc94995ba19422e83b580e56d6ec0ee42290ab13c3204805e9e62956414", 0xd1}, {&(0x7f0000000300)="3c8e566035cec73b9f77c2ef55c3526e32ea6a4d5eb9d92dab8b784ebb707a681653674dc894ecfc9fb480ac8b4ed7c81273ad9864dd3a52c81be764ddbb1482b96965d14716e05d6dfeb32f4c7bae2428468d8361", 0x55, 0x40}, {&(0x7f0000000380)="27d1c6", 0x3, 0x5}], 0x472, &(0x7f0000000440)={[{@map_normal}, {@overriderock}, {@map_off}, {@check_strict}, {@check_strict}, {@iocharset={'iocharset', 0x3d, 'cp949'}}, {@sbsector={'sbsector', 0x3d, 0x101}}], [{@euid_eq}, {@seclabel}, {@uid_gt}, {@subj_user={'subj_user', 0x3d, 'system.advise\x00'}}]})
preadv(r1, &(0x7f0000000680)=[{&(0x7f0000000500)=""/16, 0x10}, {&(0x7f0000000540)=""/136, 0x88}, {&(0x7f0000000600)=""/67, 0x43}], 0x3, 0x7, 0x5)
ioctl$CDROMRESET(r0, 0x5312)
r2 = syz_open_dev$loop(&(0x7f0000000040), 0x400, 0x2)
fgetxattr(r2, &(0x7f0000000080)=@known='system.advise\x00', &(0x7f00000000c0)=""/170, 0xaa)

19:36:53 executing program 6:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 32)

19:36:53 executing program 0:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 1)

19:36:53 executing program 7:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0x5312)

[ 1597.628443] RSP: 002b:00007f011bd53108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1597.628470] RAX: ffffffffffffffda RBX: 00007f011e8f0f60 RCX: 00007f011e7ddb19
[ 1597.628493] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1597.628509] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1597.628524] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1597.628538] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1597.628587]  </TASK>
[ 1597.642861] FAULT_INJECTION: forcing a failure.
[ 1597.642861] name failslab, interval 1, probability 0, space 0, times 0
[ 1597.642953] CPU: 0 PID: 6974 Comm: syz-executor.2 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1597.642996] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1597.643019] Call Trace:
[ 1597.643028]  <TASK>
[ 1597.643040]  dump_stack_lvl+0x8b/0xb3
[ 1597.643084]  should_fail.cold+0x5/0xa
[ 1597.643127]  should_failslab+0x5/0x10
[ 1597.643176]  kmem_cache_alloc_lru+0x60/0x7c0
[ 1597.643208]  ? alloc_inode+0x170/0x240
[ 1597.643267]  alloc_inode+0x170/0x240
[ 1597.643316]  new_inode_pseudo+0x14/0xe0
[ 1597.643378]  alloc_anon_inode+0x22/0x3c0
[ 1597.643414]  ? _raw_spin_unlock+0x24/0x40
[ 1597.643466]  anon_inode_make_secure_inode+0xaa/0x180
[ 1597.643520]  ? __x64_sys_epoll_ctl+0x1c0/0x1c0
[ 1597.643560]  ? security_socket_post_create+0x9e/0xd0
[ 1597.643604]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 1597.643652]  anon_inode_getfile_secure+0x73/0x1e0
[ 1597.643701]  io_uring_setup.cold+0x1ed0/0x271c
[ 1597.643749]  ? io_sqe_files_register+0x230/0x230
[ 1597.643811]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1597.643859]  do_syscall_64+0x3b/0x90
[ 1597.643887]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1597.643920] RIP: 0033:0x7f4ea96a2b19
[ 1597.643939] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1597.643962] RSP: 002b:00007f4ea6c18108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1597.643986] RAX: ffffffffffffffda RBX: 00007f4ea97b5f60 RCX: 00007f4ea96a2b19
[ 1597.644003] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1597.644018] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1597.644033] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1597.644048] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1597.644091]  </TASK>
[ 1597.649284] FAULT_INJECTION: forcing a failure.
[ 1597.649284] name failslab, interval 1, probability 0, space 0, times 0
[ 1597.649316] CPU: 0 PID: 6980 Comm: syz-executor.1 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1597.649342] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1597.649357] Call Trace:
[ 1597.649363]  <TASK>
[ 1597.649371]  dump_stack_lvl+0x8b/0xb3
[ 1597.649402]  should_fail.cold+0x5/0xa
[ 1597.649427]  ? create_object.isra.0+0x3a/0xa20
[ 1597.649466]  should_failslab+0x5/0x10
[ 1597.649498]  kmem_cache_alloc+0x5b/0x480
[ 1597.649530]  create_object.isra.0+0x3a/0xa20
[ 1597.649564]  ? kasan_unpoison+0x23/0x50
[ 1597.649603]  __kmalloc+0x25b/0x440
[ 1597.649633]  io_uring_setup.cold+0x15b/0x271c
[ 1597.649671]  ? lock_is_held_type+0xd7/0x130
[ 1597.649709]  ? io_sqe_files_register+0x230/0x230
[ 1597.649770]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1597.649817]  do_syscall_64+0x3b/0x90
[ 1597.649853]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1597.649886] RIP: 0033:0x7f2c579bdb19
[ 1597.649903] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1597.649926] RSP: 002b:00007f2c54f33108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1597.649950] RAX: ffffffffffffffda RBX: 00007f2c57ad0f60 RCX: 00007f2c579bdb19
[ 1597.649967] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1597.649982] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1597.649997] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1597.650012] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1597.650055]  </TASK>
[ 1597.890383] FAULT_INJECTION: forcing a failure.
[ 1597.890383] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1597.890416] CPU: 1 PID: 6993 Comm: syz-executor.0 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1597.890439] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1597.890453] Call Trace:
[ 1597.890464]  <TASK>
[ 1597.890472]  dump_stack_lvl+0x8b/0xb3
[ 1597.890504]  should_fail.cold+0x5/0xa
[ 1597.890531]  _copy_from_user+0x2a/0x170
[ 1597.890557]  io_uring_setup+0x86/0x150
[ 1597.890590]  ? lock_is_held_type+0xd7/0x130
[ 1597.890625]  ? io_sqe_files_register+0x230/0x230
[ 1597.890654]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 1597.890689]  ? vfs_write+0x422/0xac0
[ 1597.890717]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[ 1597.890751]  ? fput+0x2a/0x50
[ 1597.890786]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1597.890825]  do_syscall_64+0x3b/0x90
[ 1597.890849]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1597.890879] RIP: 0033:0x7f06699e0b19
[ 1597.890895] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1597.890914] RSP: 002b:00007f0666f56108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1597.890940] RAX: ffffffffffffffda RBX: 00007f0669af3f60 RCX: 00007f06699e0b19
[ 1597.890954] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1597.890967] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1597.890980] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1597.890993] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1597.891029]  </TASK>
[ 1597.923950] FAULT_INJECTION: forcing a failure.
[ 1597.923950] name failslab, interval 1, probability 0, space 0, times 0
[ 1597.923987] CPU: 0 PID: 6991 Comm: syz-executor.6 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1597.924014] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1597.924030] Call Trace:
[ 1597.924036]  <TASK>
[ 1597.924044]  dump_stack_lvl+0x8b/0xb3
[ 1597.924079]  should_fail.cold+0x5/0xa
[ 1597.924104]  ? create_object.isra.0+0x3a/0xa20
[ 1597.924142]  should_failslab+0x5/0x10
[ 1597.924174]  kmem_cache_alloc+0x5b/0x480
[ 1597.924206]  create_object.isra.0+0x3a/0xa20
[ 1597.924239]  ? kasan_unpoison+0x23/0x50
[ 1597.924276]  kmem_cache_alloc_lru+0x2d3/0x7c0
[ 1597.924297]  ? alloc_inode+0x170/0x240
[ 1597.924356]  alloc_inode+0x170/0x240
[ 1597.924394]  new_inode_pseudo+0x14/0xe0
[ 1597.924432]  alloc_anon_inode+0x22/0x3c0
[ 1597.924456]  ? _raw_spin_unlock+0x24/0x40
[ 1597.924487]  anon_inode_make_secure_inode+0xaa/0x180
[ 1597.924522]  ? __x64_sys_epoll_ctl+0x1c0/0x1c0
[ 1597.924552]  ? security_socket_post_create+0x9e/0xd0
[ 1597.924595]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 1597.924641]  anon_inode_getfile_secure+0x73/0x1e0
[ 1597.924680]  io_uring_setup.cold+0x1ed0/0x271c
[ 1597.924723]  ? io_sqe_files_register+0x230/0x230
[ 1597.924784]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1597.924829]  do_syscall_64+0x3b/0x90
[ 1597.924861]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1597.924893] RIP: 0033:0x7f011e7ddb19
[ 1597.924911] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1597.924934] RSP: 002b:00007f011bd53108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1597.924958] RAX: ffffffffffffffda RBX: 00007f011e8f0f60 RCX: 00007f011e7ddb19
[ 1597.924973] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1597.924987] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1597.925002] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1597.925016] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1597.925057]  </TASK>
[ 1610.446227] kmemleak: 4 new suspected memory leaks (see /sys/kernel/debug/kmemleak)
19:37:16 executing program 5:
preadv(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)=""/135, 0x87}], 0x1, 0x69c7, 0x20000000)
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x60b01, 0x0)
ioctl$CDROMRESET(r0, 0x5312)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x149802, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'rose0\x00'})
pwritev2(r1, &(0x7f0000000600)=[{&(0x7f00000000c0)="7d6d540c10037b9b35480d310900", 0xe}, {0x0}], 0x2, 0x0, 0x0, 0x0)
getdents64(r0, &(0x7f0000000140)=""/226, 0xe2)
epoll_ctl$EPOLL_CTL_DEL(r0, 0x2, r1)

19:37:16 executing program 1:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 4)

19:37:16 executing program 0:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 2)

19:37:16 executing program 7:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0x5319)

19:37:16 executing program 6:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 33)

19:37:16 executing program 3:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)=<r2=>0x0)
r3 = creat(&(0x7f0000000380)='./file1\x00', 0x0)
r4 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140))
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
r6 = syz_io_uring_setup(0x76e7, 0x0, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000280), &(0x7f00000003c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0xa, 0x0, r5)
syz_io_uring_submit(0x0, r2, &(0x7f00000003c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x4, 0x0, @fd=r3, 0xfffffffffffffff9, 0x0, 0xf690, 0x0, 0x0, {0x0, r5}}, 0x1000)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
fchmodat(r7, &(0x7f0000000180)='./file0\x00', 0x4)
r8 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r9 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r9, r8, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r7, 0x5206, &(0x7f0000000480))

19:37:16 executing program 4:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000080)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r1 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[])
r2 = openat(r1, &(0x7f0000000180)='./file0\x00', 0x101042, 0x2500)
write(r2, &(0x7f0000000080)="01", 0xffff8000)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
io_submit(0x0, 0x1, &(0x7f0000001340)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x2}])
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f00000006c0)={<r4=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r3, 0xc0182101, &(0x7f0000000740)={r4, 0x37, 0x9})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000200)={0x0, 0x0, 0xffffffffffffffff, 0x0, 0xfe7})

19:37:16 executing program 2:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 32)

[ 1620.554869] FAULT_INJECTION: forcing a failure.
[ 1620.554869] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1620.554949] CPU: 0 PID: 7009 Comm: syz-executor.1 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1620.554973] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1620.554986] Call Trace:
[ 1620.554991]  <TASK>
[ 1620.555001] FAULT_INJECTION: forcing a failure.
[ 1620.555001] name failslab, interval 1, probability 0, space 0, times 0
[ 1620.554999]  dump_stack_lvl+0x8b/0xb3
[ 1620.555030]  should_fail.cold+0x5/0xa
[ 1620.555057]  prepare_alloc_pages+0x17b/0x500
[ 1620.555107]  __alloc_pages+0x131/0x4e0
[ 1620.555132]  ? __alloc_pages_slowpath.constprop.0+0x1f10/0x1f10
[ 1620.555159]  ? find_held_lock+0x2c/0x110
[ 1620.555196]  ? lock_downgrade+0x6d0/0x6d0
[ 1620.555235]  alloc_pages+0x1a0/0x2f0
[ 1620.555267]  kmalloc_order+0x30/0xd0
[ 1620.555302]  kmalloc_order_trace+0x14/0xf0
[ 1620.555335]  io_uring_setup.cold+0x1e8/0x271c
[ 1620.555367]  ? lock_is_held_type+0xd7/0x130
[ 1620.555401]  ? io_sqe_files_register+0x230/0x230
[ 1620.555455]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1620.555499]  do_syscall_64+0x3b/0x90
[ 1620.555523]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1620.555553] RIP: 0033:0x7f2c579bdb19
[ 1620.555568] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1620.555588] RSP: 002b:00007f2c54f33108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1620.555609] RAX: ffffffffffffffda RBX: 00007f2c57ad0f60 RCX: 00007f2c579bdb19
[ 1620.555624] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1620.555636] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1620.555649] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
19:37:16 executing program 1:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 5)

19:37:16 executing program 4:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000080)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r1 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[])
r2 = openat(r1, &(0x7f0000000180)='./file0\x00', 0x101042, 0x2500)
write(r2, &(0x7f0000000080)="01", 0xffff8000)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
io_submit(0x0, 0x1, &(0x7f0000001340)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x2}])
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f00000006c0)={<r4=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r3, 0xc0182101, &(0x7f0000000740)={r4, 0x37, 0x9})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000200)={0x0, 0x0, 0xffffffffffffffff, 0x0, 0xfe7})

[ 1620.555662] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1620.555698]  </TASK>
[ 1620.555705] CPU: 1 PID: 7014 Comm: syz-executor.0 Not tainted 5.18.0-rc4-next-20220427 #1
19:37:16 executing program 7:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0x5320)

[ 1620.555728] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
19:37:16 executing program 0:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 3)

19:37:16 executing program 6:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 34)

[ 1620.555741] Call Trace:
[ 1620.555746]  <TASK>
[ 1620.555753]  dump_stack_lvl+0x8b/0xb3
19:37:16 executing program 5:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
r1 = syz_open_pts(r0, 0x101)
read(r1, &(0x7f0000000040)=""/51, 0x33)
ioctl$CDROMRESET(r0, 0x5312)

[ 1620.555780]  should_fail.cold+0x5/0xa
[ 1620.555801]  ? io_uring_setup.cold+0x15b/0x271c
[ 1620.555833]  should_failslab+0x5/0x10
[ 1620.555861]  __kmalloc+0x72/0x440
[ 1620.555892]  io_uring_setup.cold+0x15b/0x271c
[ 1620.555927]  ? lock_is_held_type+0xd7/0x130
[ 1620.555959]  ? io_sqe_files_register+0x230/0x230
[ 1620.556011]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1620.556051]  do_syscall_64+0x3b/0x90
[ 1620.556075]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1620.556103] RIP: 0033:0x7f06699e0b19
[ 1620.556118] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1620.556137] RSP: 002b:00007f0666f56108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1620.556158] RAX: ffffffffffffffda RBX: 00007f0669af3f60 RCX: 00007f06699e0b19
[ 1620.556172] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1620.556185] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1620.556197] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1620.556210] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1620.556247]  </TASK>
[ 1620.576685] FAULT_INJECTION: forcing a failure.
[ 1620.576685] name failslab, interval 1, probability 0, space 0, times 0
[ 1620.576715] CPU: 0 PID: 7012 Comm: syz-executor.2 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1620.576738] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1620.576752] Call Trace:
[ 1620.576757]  <TASK>
[ 1620.576764]  dump_stack_lvl+0x8b/0xb3
[ 1620.576792]  should_fail.cold+0x5/0xa
[ 1620.576815]  ? create_object.isra.0+0x3a/0xa20
[ 1620.576849]  should_failslab+0x5/0x10
[ 1620.576881]  kmem_cache_alloc+0x5b/0x480
[ 1620.576910]  create_object.isra.0+0x3a/0xa20
[ 1620.576938]  ? kasan_unpoison+0x23/0x50
[ 1620.576971]  kmem_cache_alloc_lru+0x2d3/0x7c0
[ 1620.576990]  ? alloc_inode+0x170/0x240
[ 1620.577028]  alloc_inode+0x170/0x240
[ 1620.577058]  new_inode_pseudo+0x14/0xe0
19:37:16 executing program 3:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)=<r2=>0x0)
r3 = creat(&(0x7f0000000380)='./file1\x00', 0x0)
r4 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140))
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
r6 = syz_io_uring_setup(0x76e7, &(0x7f0000000340), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, 0x0, &(0x7f00000003c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0xa, 0x0, r5)
syz_io_uring_submit(0x0, r2, &(0x7f00000003c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x4, 0x0, @fd=r3, 0xfffffffffffffff9, 0x0, 0xf690, 0x0, 0x0, {0x0, r5}}, 0x1000)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
fchmodat(r7, &(0x7f0000000180)='./file0\x00', 0x4)
r8 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r9 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r9, r8, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r7, 0x5206, &(0x7f0000000480))

19:37:16 executing program 2:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 33)

[ 1620.577091]  alloc_anon_inode+0x22/0x3c0
[ 1620.577113]  ? _raw_spin_unlock+0x24/0x40
[ 1620.577144]  anon_inode_make_secure_inode+0xaa/0x180
[ 1620.577175]  ? __x64_sys_epoll_ctl+0x1c0/0x1c0
[ 1620.577201]  ? security_socket_post_create+0x9e/0xd0
[ 1620.577240]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 1620.577280]  anon_inode_getfile_secure+0x73/0x1e0
[ 1620.577315]  io_uring_setup.cold+0x1ed0/0x271c
[ 1620.577354]  ? io_sqe_files_register+0x230/0x230
[ 1620.577405]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1620.577445]  do_syscall_64+0x3b/0x90
[ 1620.577469]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1620.577497] RIP: 0033:0x7f4ea96a2b19
[ 1620.577514] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1620.577534] RSP: 002b:00007f4ea6c18108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1620.577554] RAX: ffffffffffffffda RBX: 00007f4ea97b5f60 RCX: 00007f4ea96a2b19
19:37:17 executing program 4:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000080)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r1 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[])
r2 = openat(r1, &(0x7f0000000180)='./file0\x00', 0x101042, 0x2500)
write(r2, &(0x7f0000000080)="01", 0xffff8000)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
io_submit(0x0, 0x1, &(0x7f0000001340)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x2}])
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f00000006c0)={<r4=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r3, 0xc0182101, &(0x7f0000000740)={r4, 0x37, 0x9})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000000)={0x0, 0x0, r0, 0xffffff80, 0x80000})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000200)={0x0, 0x0, 0xffffffffffffffff, 0x0, 0xfe7})

[ 1620.577568] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1620.577581] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1620.577594] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1620.577607] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1620.577643]  </TASK>
[ 1620.580287] FAULT_INJECTION: forcing a failure.
[ 1620.580287] name failslab, interval 1, probability 0, space 0, times 0
[ 1620.580314] CPU: 0 PID: 7015 Comm: syz-executor.6 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1620.580336] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1620.580349] Call Trace:
[ 1620.580353]  <TASK>
[ 1620.580360]  dump_stack_lvl+0x8b/0xb3
[ 1620.580386]  should_fail.cold+0x5/0xa
[ 1620.580407]  ? security_inode_alloc+0x34/0x160
[ 1620.580436]  should_failslab+0x5/0x10
[ 1620.580463]  kmem_cache_alloc+0x5b/0x480
[ 1620.580490]  security_inode_alloc+0x34/0x160
[ 1620.580521]  inode_init_always+0x5d8/0xd20
[ 1620.580554]  alloc_inode+0x84/0x240
[ 1620.580584]  new_inode_pseudo+0x14/0xe0
[ 1620.580616]  alloc_anon_inode+0x22/0x3c0
[ 1620.580637]  ? _raw_spin_unlock+0x24/0x40
[ 1620.580675]  anon_inode_make_secure_inode+0xaa/0x180
[ 1620.580705]  ? __x64_sys_epoll_ctl+0x1c0/0x1c0
[ 1620.580731]  ? security_socket_post_create+0x9e/0xd0
[ 1620.580769]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 1620.580807]  anon_inode_getfile_secure+0x73/0x1e0
[ 1620.580842]  io_uring_setup.cold+0x1ed0/0x271c
[ 1620.580885]  ? io_sqe_files_register+0x230/0x230
[ 1620.580936]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1620.580975]  do_syscall_64+0x3b/0x90
[ 1620.580999]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1620.581027] RIP: 0033:0x7f011e7ddb19
[ 1620.581042] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1620.581062] RSP: 002b:00007f011bd53108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1620.581082] RAX: ffffffffffffffda RBX: 00007f011e8f0f60 RCX: 00007f011e7ddb19
[ 1620.581095] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1620.581108] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1620.581120] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1620.581133] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1620.581169]  </TASK>
[ 1620.806503] FAULT_INJECTION: forcing a failure.
[ 1620.806503] name failslab, interval 1, probability 0, space 0, times 0
[ 1620.806535] CPU: 0 PID: 7031 Comm: syz-executor.0 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1620.806558] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1620.806572] Call Trace:
[ 1620.806578]  <TASK>
[ 1620.806587]  dump_stack_lvl+0x8b/0xb3
[ 1620.806621]  should_fail.cold+0x5/0xa
[ 1620.806644]  ? create_object.isra.0+0x3a/0xa20
[ 1620.806678]  should_failslab+0x5/0x10
[ 1620.806707]  kmem_cache_alloc+0x5b/0x480
[ 1620.806735]  create_object.isra.0+0x3a/0xa20
[ 1620.806763]  ? kasan_unpoison+0x23/0x50
[ 1620.806797]  __kmalloc+0x25b/0x440
[ 1620.806823]  io_uring_setup.cold+0x15b/0x271c
[ 1620.806855]  ? lock_is_held_type+0xd7/0x130
[ 1620.806895]  ? io_sqe_files_register+0x230/0x230
[ 1620.806948]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1620.806988]  do_syscall_64+0x3b/0x90
[ 1620.807012]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1620.807041] RIP: 0033:0x7f06699e0b19
[ 1620.807056] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1620.807077] RSP: 002b:00007f0666f56108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1620.807098] RAX: ffffffffffffffda RBX: 00007f0669af3f60 RCX: 00007f06699e0b19
[ 1620.807112] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1620.807125] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1620.807138] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1620.807151] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1620.807187]  </TASK>
[ 1620.816103] FAULT_INJECTION: forcing a failure.
[ 1620.816103] name failslab, interval 1, probability 0, space 0, times 0
[ 1620.816136] CPU: 1 PID: 7027 Comm: syz-executor.1 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1620.816160] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1620.816174] Call Trace:
[ 1620.816180]  <TASK>
[ 1620.816187]  dump_stack_lvl+0x8b/0xb3
[ 1620.816220]  should_fail.cold+0x5/0xa
[ 1620.816243]  ? create_object.isra.0+0x3a/0xa20
[ 1620.816277]  should_failslab+0x5/0x10
[ 1620.816307]  kmem_cache_alloc+0x5b/0x480
[ 1620.816335]  create_object.isra.0+0x3a/0xa20
[ 1620.816372]  kmalloc_order+0x9c/0xd0
[ 1620.816406]  kmalloc_order_trace+0x14/0xf0
[ 1620.816439]  io_uring_setup.cold+0x1e8/0x271c
[ 1620.816472]  ? lock_is_held_type+0xd7/0x130
[ 1620.816506]  ? io_sqe_files_register+0x230/0x230
[ 1620.816559]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1620.816598]  do_syscall_64+0x3b/0x90
[ 1620.816622]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1620.816651] RIP: 0033:0x7f2c579bdb19
[ 1620.816680] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1620.816699] RSP: 002b:00007f2c54f33108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1620.816721] RAX: ffffffffffffffda RBX: 00007f2c57ad0f60 RCX: 00007f2c579bdb19
[ 1620.816734] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1620.816747] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1620.816760] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1620.816773] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1620.816809]  </TASK>
[ 1620.854448] FAULT_INJECTION: forcing a failure.
[ 1620.854448] name failslab, interval 1, probability 0, space 0, times 0
[ 1620.854481] CPU: 0 PID: 7034 Comm: syz-executor.6 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1620.854505] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1620.854519] Call Trace:
[ 1620.854525]  <TASK>
[ 1620.854533]  dump_stack_lvl+0x8b/0xb3
[ 1620.854567]  should_fail.cold+0x5/0xa
[ 1620.854591]  ? create_object.isra.0+0x3a/0xa20
[ 1620.854629]  should_failslab+0x5/0x10
[ 1620.854662]  kmem_cache_alloc+0x5b/0x480
[ 1620.854692]  create_object.isra.0+0x3a/0xa20
[ 1620.854720]  ? kasan_unpoison+0x23/0x50
[ 1620.854754]  kmem_cache_alloc+0x239/0x480
[ 1620.854781]  security_inode_alloc+0x34/0x160
[ 1620.854813]  inode_init_always+0x5d8/0xd20
[ 1620.854848]  alloc_inode+0x84/0x240
[ 1620.854885]  new_inode_pseudo+0x14/0xe0
[ 1620.854918]  alloc_anon_inode+0x22/0x3c0
[ 1620.854939]  ? _raw_spin_unlock+0x24/0x40
[ 1620.854968]  anon_inode_make_secure_inode+0xaa/0x180
[ 1620.855000]  ? __x64_sys_epoll_ctl+0x1c0/0x1c0
[ 1620.855027]  ? security_socket_post_create+0x9e/0xd0
[ 1620.855064]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 1620.855104]  anon_inode_getfile_secure+0x73/0x1e0
[ 1620.855139]  io_uring_setup.cold+0x1ed0/0x271c
[ 1620.855179]  ? io_sqe_files_register+0x230/0x230
[ 1620.855232]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1620.855279]  do_syscall_64+0x3b/0x90
[ 1620.855303]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1620.855331] RIP: 0033:0x7f011e7ddb19
[ 1620.855348] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1620.855368] RSP: 002b:00007f011bd53108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1620.855390] RAX: ffffffffffffffda RBX: 00007f011e8f0f60 RCX: 00007f011e7ddb19
[ 1620.855404] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1620.855417] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1620.855430] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1620.855443] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1620.855480]  </TASK>
[ 1620.942195] FAULT_INJECTION: forcing a failure.
[ 1620.942195] name failslab, interval 1, probability 0, space 0, times 0
[ 1620.942228] CPU: 1 PID: 7040 Comm: syz-executor.2 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1620.942251] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1620.942265] Call Trace:
[ 1620.942271]  <TASK>
[ 1620.942278]  dump_stack_lvl+0x8b/0xb3
[ 1620.942310]  should_fail.cold+0x5/0xa
[ 1620.942332]  ? security_inode_alloc+0x34/0x160
[ 1620.942363]  should_failslab+0x5/0x10
[ 1620.942393]  kmem_cache_alloc+0x5b/0x480
[ 1620.942420]  security_inode_alloc+0x34/0x160
[ 1620.942451]  inode_init_always+0x5d8/0xd20
[ 1620.942485]  alloc_inode+0x84/0x240
[ 1620.942515]  new_inode_pseudo+0x14/0xe0
[ 1620.942548]  alloc_anon_inode+0x22/0x3c0
[ 1620.942569]  ? _raw_spin_unlock+0x24/0x40
[ 1620.942597]  anon_inode_make_secure_inode+0xaa/0x180
[ 1620.942629]  ? __x64_sys_epoll_ctl+0x1c0/0x1c0
[ 1620.942655]  ? security_socket_post_create+0x9e/0xd0
[ 1620.942692]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 1620.942733]  anon_inode_getfile_secure+0x73/0x1e0
[ 1620.942767]  io_uring_setup.cold+0x1ed0/0x271c
[ 1620.942806]  ? io_sqe_files_register+0x230/0x230
[ 1620.942858]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1620.942904]  do_syscall_64+0x3b/0x90
[ 1620.942929]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1620.942957] RIP: 0033:0x7f4ea96a2b19
[ 1620.942973] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1620.942993] RSP: 002b:00007f4ea6c18108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1620.943015] RAX: ffffffffffffffda RBX: 00007f4ea97b5f60 RCX: 00007f4ea96a2b19
[ 1620.943029] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1620.943041] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1620.943054] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1620.943066] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1620.943103]  </TASK>
[ 1634.044001] kmemleak: 4 new suspected memory leaks (see /sys/kernel/debug/kmemleak)
19:37:37 executing program 4:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000080)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r1 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[])
r2 = openat(r1, &(0x7f0000000180)='./file0\x00', 0x101042, 0x2500)
write(r2, &(0x7f0000000080)="01", 0xffff8000)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
io_submit(0x0, 0x1, &(0x7f0000001340)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x2}])
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f00000006c0)={<r4=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r3, 0xc0182101, &(0x7f0000000740)={r4, 0x37, 0x9})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000000)={0x0, 0x0, r0, 0xffffff80, 0x80000})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000200)={0x0, 0x0, 0xffffffffffffffff, 0x0, 0xfe7})

19:37:37 executing program 3:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)=<r2=>0x0)
r3 = creat(&(0x7f0000000380)='./file1\x00', 0x0)
r4 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140))
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
r6 = syz_io_uring_setup(0x76e7, &(0x7f0000000340), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, 0x0, &(0x7f00000003c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0xa, 0x0, r5)
syz_io_uring_submit(0x0, r2, &(0x7f00000003c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x4, 0x0, @fd=r3, 0xfffffffffffffff9, 0x0, 0xf690, 0x0, 0x0, {0x0, r5}}, 0x1000)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
fchmodat(r7, &(0x7f0000000180)='./file0\x00', 0x4)
r8 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r9 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r9, r8, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r7, 0x5206, &(0x7f0000000480))

19:37:37 executing program 1:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 6)

19:37:37 executing program 5:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x3519c0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x149802, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'rose0\x00'})
pwritev2(r1, &(0x7f0000000600)=[{&(0x7f00000000c0)="7d6d540c10037b9b35480d310900", 0xe}, {0x0}], 0x2, 0x0, 0x0, 0x0)
sendfile(r1, r0, &(0x7f00000000c0)=0x200000000000000, 0xf3d6)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/fscaps', 0x200000, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x4042, 0x0)
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/fscaps', 0x200000, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x4042, 0x0)
fcntl$dupfd(r4, 0x0, r5)
accept$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000140)=0x14)
fcntl$dupfd(r2, 0x0, r3)
ioctl$CDROMRESET(r2, 0x5312)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000000)={<r6=>r0, 0x643a, 0x1, 0x7f})
ioctl$DVD_WRITE_STRUCT(r6, 0x5390, &(0x7f0000000200)=@copyright={0x1, 0x1, 0x4, 0x8})

19:37:37 executing program 6:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 35)

19:37:37 executing program 0:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 4)

19:37:37 executing program 2:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 34)

19:37:37 executing program 7:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0x5322)

[ 1641.283972] FAULT_INJECTION: forcing a failure.
[ 1641.283972] name failslab, interval 1, probability 0, space 0, times 0
[ 1641.284020] CPU: 1 PID: 7062 Comm: syz-executor.1 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1641.284064] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1641.284090] Call Trace:
[ 1641.284100]  <TASK>
[ 1641.284114]  dump_stack_lvl+0x8b/0xb3
[ 1641.284164]  should_fail.cold+0x5/0xa
[ 1641.284206]  ? io_uring_setup.cold+0x35b/0x271c
[ 1641.284269]  should_failslab+0x5/0x10
[ 1641.284334]  __kmalloc+0x72/0x440
[ 1641.284388]  io_uring_setup.cold+0x35b/0x271c
[ 1641.284451]  ? lock_is_held_type+0xd7/0x130
[ 1641.284515]  ? io_sqe_files_register+0x230/0x230
[ 1641.284607]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1641.284682]  do_syscall_64+0x3b/0x90
[ 1641.284730]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1641.284788] RIP: 0033:0x7f2c579bdb19
[ 1641.284817] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
19:37:37 executing program 4:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000080)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r1 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[])
r2 = openat(r1, &(0x7f0000000180)='./file0\x00', 0x101042, 0x2500)
write(r2, &(0x7f0000000080)="01", 0xffff8000)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
io_submit(0x0, 0x1, &(0x7f0000001340)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x2}])
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f00000006c0)={<r4=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r3, 0xc0182101, &(0x7f0000000740)={r4, 0x37, 0x9})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000000)={0x0, 0x0, r0, 0xffffff80, 0x80000})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000200)={0x0, 0x0, 0xffffffffffffffff, 0x0, 0xfe7})

19:37:37 executing program 7:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0x5323)

[ 1641.284837] RSP: 002b:00007f2c54f33108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1641.284858] RAX: ffffffffffffffda RBX: 00007f2c57ad0f60 RCX: 00007f2c579bdb19
[ 1641.284877] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1641.284891] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1641.284903] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
19:37:37 executing program 2:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 35)

[ 1641.284916] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1641.284961]  </TASK>
[ 1641.287687] FAULT_INJECTION: forcing a failure.
[ 1641.287687] name failslab, interval 1, probability 0, space 0, times 0
[ 1641.287712] CPU: 0 PID: 7050 Comm: syz-executor.2 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1641.287730] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1641.287740] Call Trace:
[ 1641.287745]  <TASK>
[ 1641.287751]  dump_stack_lvl+0x8b/0xb3
[ 1641.287778]  should_fail.cold+0x5/0xa
[ 1641.287795]  ? create_object.isra.0+0x3a/0xa20
[ 1641.287822]  should_failslab+0x5/0x10
[ 1641.287845]  kmem_cache_alloc+0x5b/0x480
19:37:37 executing program 0:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 5)

[ 1641.287867]  create_object.isra.0+0x3a/0xa20
[ 1641.287889]  ? kasan_unpoison+0x23/0x50
19:37:37 executing program 6:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 36)

[ 1641.287910]  kmem_cache_alloc+0x239/0x480
[ 1641.287925]  security_inode_alloc+0x34/0x160
[ 1641.287944]  inode_init_always+0x5d8/0xd20
[ 1641.287964]  alloc_inode+0x84/0x240
19:37:37 executing program 1:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 7)

[ 1641.287980]  new_inode_pseudo+0x14/0xe0
[ 1641.287998]  alloc_anon_inode+0x22/0x3c0
[ 1641.288011]  ? _raw_spin_unlock+0x24/0x40
[ 1641.288027]  anon_inode_make_secure_inode+0xaa/0x180
[ 1641.288044]  ? __x64_sys_epoll_ctl+0x1c0/0x1c0
[ 1641.288059]  ? security_socket_post_create+0x9e/0xd0
[ 1641.288079]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 1641.288101]  anon_inode_getfile_secure+0x73/0x1e0
[ 1641.288120]  io_uring_setup.cold+0x1ed0/0x271c
[ 1641.288142]  ? io_sqe_files_register+0x230/0x230
[ 1641.288171]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1641.288193]  do_syscall_64+0x3b/0x90
[ 1641.288206]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1641.288222] RIP: 0033:0x7f4ea96a2b19
[ 1641.288232] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1641.288243] RSP: 002b:00007f4ea6c18108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1641.288255] RAX: ffffffffffffffda RBX: 00007f4ea97b5f60 RCX: 00007f4ea96a2b19
[ 1641.288263] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1641.288270] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1641.288277] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1641.288284] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1641.288303]  </TASK>
[ 1641.308557] FAULT_INJECTION: forcing a failure.
[ 1641.308557] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1641.308656] CPU: 0 PID: 7057 Comm: syz-executor.0 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1641.308670] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1641.308677] Call Trace:
[ 1641.308680]  <TASK>
[ 1641.308684]  dump_stack_lvl+0x8b/0xb3
[ 1641.308699]  should_fail.cold+0x5/0xa
[ 1641.308713]  prepare_alloc_pages+0x17b/0x500
[ 1641.308737]  __alloc_pages+0x131/0x4e0
[ 1641.308751]  ? __alloc_pages_slowpath.constprop.0+0x1f10/0x1f10
[ 1641.308766]  ? find_held_lock+0x2c/0x110
[ 1641.308786]  ? lock_downgrade+0x6d0/0x6d0
[ 1641.308807]  alloc_pages+0x1a0/0x2f0
[ 1641.308825]  kmalloc_order+0x30/0xd0
[ 1641.308844]  kmalloc_order_trace+0x14/0xf0
[ 1641.308865]  io_uring_setup.cold+0x1e8/0x271c
[ 1641.308882]  ? lock_is_held_type+0xd7/0x130
[ 1641.308900]  ? io_sqe_files_register+0x230/0x230
[ 1641.308932]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1641.308970]  do_syscall_64+0x3b/0x90
[ 1641.308983]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1641.308999] RIP: 0033:0x7f06699e0b19
[ 1641.309007] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1641.309018] RSP: 002b:00007f0666f56108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1641.309029] RAX: ffffffffffffffda RBX: 00007f0669af3f60 RCX: 00007f06699e0b19
[ 1641.309037] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1641.309044] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1641.309051] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1641.309058] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1641.309078]  </TASK>
[ 1641.309422] FAULT_INJECTION: forcing a failure.
[ 1641.309422] name failslab, interval 1, probability 0, space 0, times 0
[ 1641.309450] CPU: 1 PID: 7059 Comm: syz-executor.6 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1641.309473] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1641.309486] Call Trace:
[ 1641.309491]  <TASK>
[ 1641.309498]  dump_stack_lvl+0x8b/0xb3
[ 1641.309525]  should_fail.cold+0x5/0xa
[ 1641.309551]  should_failslab+0x5/0x10
[ 1641.309579]  kmem_cache_alloc_lru+0x60/0x7c0
[ 1641.309598]  ? __d_alloc+0x31/0x990
[ 1641.309631]  __d_alloc+0x31/0x990
[ 1641.309661]  d_alloc_pseudo+0x19/0x70
[ 1641.309687]  alloc_file_pseudo+0xce/0x250
[ 1641.309717]  ? alloc_file+0x580/0x580
[ 1641.309746]  ? __x64_sys_epoll_ctl+0x1c0/0x1c0
[ 1641.309774]  ? security_socket_post_create+0x9e/0xd0
[ 1641.309820]  anon_inode_getfile_secure+0xb5/0x1e0
[ 1641.309855]  io_uring_setup.cold+0x1ed0/0x271c
[ 1641.309900]  ? io_sqe_files_register+0x230/0x230
[ 1641.309952]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1641.309992]  do_syscall_64+0x3b/0x90
[ 1641.310016]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1641.310044] RIP: 0033:0x7f011e7ddb19
[ 1641.310059] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1641.310080] RSP: 002b:00007f011bd53108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1641.310100] RAX: ffffffffffffffda RBX: 00007f011e8f0f60 RCX: 00007f011e7ddb19
[ 1641.310113] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1641.310126] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1641.310139] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1641.310152] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1641.310188]  </TASK>
[ 1641.449534] FAULT_INJECTION: forcing a failure.
[ 1641.449534] name failslab, interval 1, probability 0, space 0, times 0
[ 1641.449555] CPU: 0 PID: 7075 Comm: syz-executor.2 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1641.449567] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1641.449576] Call Trace:
[ 1641.449580]  <TASK>
[ 1641.449585]  dump_stack_lvl+0x8b/0xb3
[ 1641.449605]  should_fail.cold+0x5/0xa
[ 1641.449620]  should_failslab+0x5/0x10
[ 1641.449640]  kmem_cache_alloc_lru+0x60/0x7c0
[ 1641.449651]  ? __d_alloc+0x31/0x990
[ 1641.449669]  __d_alloc+0x31/0x990
[ 1641.449685]  d_alloc_pseudo+0x19/0x70
[ 1641.449699]  alloc_file_pseudo+0xce/0x250
[ 1641.449715]  ? alloc_file+0x580/0x580
[ 1641.449731]  ? __x64_sys_epoll_ctl+0x1c0/0x1c0
[ 1641.449746]  ? security_socket_post_create+0x9e/0xd0
[ 1641.449771]  anon_inode_getfile_secure+0xb5/0x1e0
[ 1641.449790]  io_uring_setup.cold+0x1ed0/0x271c
[ 1641.449812]  ? io_sqe_files_register+0x230/0x230
[ 1641.449840]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1641.449862]  do_syscall_64+0x3b/0x90
[ 1641.449875]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1641.449891] RIP: 0033:0x7f4ea96a2b19
[ 1641.449900] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1641.449914] RSP: 002b:00007f4ea6c18108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1641.449926] RAX: ffffffffffffffda RBX: 00007f4ea97b5f60 RCX: 00007f4ea96a2b19
[ 1641.449934] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1641.449941] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1641.449948] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1641.449955] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1641.449975]  </TASK>
[ 1641.541348] FAULT_INJECTION: forcing a failure.
[ 1641.541348] name failslab, interval 1, probability 0, space 0, times 0
[ 1641.541368] CPU: 0 PID: 7078 Comm: syz-executor.0 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1641.541381] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1641.541390] Call Trace:
[ 1641.541394]  <TASK>
[ 1641.541398]  dump_stack_lvl+0x8b/0xb3
[ 1641.541419]  should_fail.cold+0x5/0xa
[ 1641.541431]  ? create_object.isra.0+0x3a/0xa20
[ 1641.541451]  should_failslab+0x5/0x10
[ 1641.541467]  kmem_cache_alloc+0x5b/0x480
[ 1641.541483]  create_object.isra.0+0x3a/0xa20
[ 1641.541503]  kmalloc_order+0x9c/0xd0
[ 1641.541521]  kmalloc_order_trace+0x14/0xf0
[ 1641.541539]  io_uring_setup.cold+0x1e8/0x271c
[ 1641.541556]  ? lock_is_held_type+0xd7/0x130
[ 1641.541575]  ? io_sqe_files_register+0x230/0x230
[ 1641.541603]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1641.541624]  do_syscall_64+0x3b/0x90
[ 1641.541637]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1641.541653] RIP: 0033:0x7f06699e0b19
[ 1641.541662] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1641.541673] RSP: 002b:00007f0666f56108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1641.541685] RAX: ffffffffffffffda RBX: 00007f0669af3f60 RCX: 00007f06699e0b19
[ 1641.541692] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1641.541699] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1641.541707] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1641.541714] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1641.541733]  </TASK>
[ 1641.569447] FAULT_INJECTION: forcing a failure.
[ 1641.569447] name failslab, interval 1, probability 0, space 0, times 0
[ 1641.569468] CPU: 0 PID: 7083 Comm: syz-executor.1 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1641.569481] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1641.569490] Call Trace:
[ 1641.569493]  <TASK>
[ 1641.569498]  dump_stack_lvl+0x8b/0xb3
[ 1641.569518]  should_fail.cold+0x5/0xa
[ 1641.569530]  ? create_object.isra.0+0x3a/0xa20
[ 1641.569551]  should_failslab+0x5/0x10
[ 1641.569567]  kmem_cache_alloc+0x5b/0x480
[ 1641.569583]  create_object.isra.0+0x3a/0xa20
[ 1641.569598]  ? kasan_unpoison+0x23/0x50
[ 1641.569616]  __kmalloc+0x25b/0x440
[ 1641.569630]  io_uring_setup.cold+0x35b/0x271c
[ 1641.569648]  ? lock_is_held_type+0xd7/0x130
[ 1641.569667]  ? io_sqe_files_register+0x230/0x230
[ 1641.569695]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1641.569717]  do_syscall_64+0x3b/0x90
[ 1641.569730]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1641.569746] RIP: 0033:0x7f2c579bdb19
[ 1641.569755] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1641.569766] RSP: 002b:00007f2c54f33108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1641.569778] RAX: ffffffffffffffda RBX: 00007f2c57ad0f60 RCX: 00007f2c579bdb19
[ 1641.569786] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1641.569792] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1641.569799] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1641.569806] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1641.569825]  </TASK>
[ 1641.587620] FAULT_INJECTION: forcing a failure.
[ 1641.587620] name failslab, interval 1, probability 0, space 0, times 0
[ 1641.587653] CPU: 1 PID: 7085 Comm: syz-executor.6 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1641.587676] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1641.587691] Call Trace:
[ 1641.587696]  <TASK>
[ 1641.587704]  dump_stack_lvl+0x8b/0xb3
[ 1641.587738]  should_fail.cold+0x5/0xa
[ 1641.587761]  ? create_object.isra.0+0x3a/0xa20
[ 1641.587795]  should_failslab+0x5/0x10
[ 1641.587824]  kmem_cache_alloc+0x5b/0x480
[ 1641.587853]  create_object.isra.0+0x3a/0xa20
[ 1641.587887]  ? kasan_unpoison+0x23/0x50
[ 1641.587922]  kmem_cache_alloc_lru+0x2d3/0x7c0
[ 1641.587941]  ? __d_alloc+0x31/0x990
[ 1641.587972]  __d_alloc+0x31/0x990
[ 1641.588002]  d_alloc_pseudo+0x19/0x70
[ 1641.588029]  alloc_file_pseudo+0xce/0x250
[ 1641.588057]  ? alloc_file+0x580/0x580
[ 1641.588087]  ? __x64_sys_epoll_ctl+0x1c0/0x1c0
[ 1641.588115]  ? security_socket_post_create+0x9e/0xd0
[ 1641.588160]  anon_inode_getfile_secure+0xb5/0x1e0
[ 1641.588195]  io_uring_setup.cold+0x1ed0/0x271c
[ 1641.588235]  ? io_sqe_files_register+0x230/0x230
[ 1641.588287]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1641.588328]  do_syscall_64+0x3b/0x90
[ 1641.588352]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1641.588383] RIP: 0033:0x7f011e7ddb19
[ 1641.588405] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1641.588434] RSP: 002b:00007f011bd53108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1641.588464] RAX: ffffffffffffffda RBX: 00007f011e8f0f60 RCX: 00007f011e7ddb19
[ 1641.588478] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1641.588491] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1641.588503] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1641.588516] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1641.588553]  </TASK>
[ 1652.561308] kmemleak: 4 new suspected memory leaks (see /sys/kernel/debug/kmemleak)
19:37:56 executing program 6:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 37)

19:37:56 executing program 7:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0x5325)

19:37:56 executing program 1:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 8)

19:37:56 executing program 5:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0x5312)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x149802, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'rose0\x00'})
pwritev2(r1, &(0x7f0000000600)=[{&(0x7f00000000c0)="7d6d540c10037b9b35480d310900", 0xe}, {0x0}], 0x2, 0x0, 0x0, 0x0)
ioctl$F2FS_IOC_SET_PIN_FILE(r1, 0x4004f50d, &(0x7f0000000040)=0x1)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0xa)

19:37:56 executing program 4:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000080)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r1 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[])
r2 = openat(r1, &(0x7f0000000180)='./file0\x00', 0x101042, 0x2500)
write(r2, &(0x7f0000000080)="01", 0xffff8000)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
io_submit(0x0, 0x1, &(0x7f0000001340)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x2}])
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f00000006c0)={<r4=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r3, 0xc0182101, &(0x7f0000000740)={r4, 0x37, 0x9})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000000)={r4, 0x0, 0xffffffffffffffff, 0xffffff80, 0x80000})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000200)={0x0, 0x0, 0xffffffffffffffff, 0x0, 0xfe7})

19:37:56 executing program 2:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 36)

19:37:56 executing program 3:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)=<r2=>0x0)
r3 = creat(&(0x7f0000000380)='./file1\x00', 0x0)
r4 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140))
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
r6 = syz_io_uring_setup(0x76e7, &(0x7f0000000340), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, 0x0, &(0x7f00000003c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0xa, 0x0, r5)
syz_io_uring_submit(0x0, r2, &(0x7f00000003c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x4, 0x0, @fd=r3, 0xfffffffffffffff9, 0x0, 0xf690, 0x0, 0x0, {0x0, r5}}, 0x1000)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
fchmodat(r7, &(0x7f0000000180)='./file0\x00', 0x4)
r8 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r9 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r9, r8, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r7, 0x5206, &(0x7f0000000480))

19:37:56 executing program 0:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 6)

[ 1660.446955] FAULT_INJECTION: forcing a failure.
[ 1660.446955] name failslab, interval 1, probability 0, space 0, times 0
[ 1660.446976] CPU: 0 PID: 7098 Comm: syz-executor.0 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1660.446989] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1660.446996] Call Trace:
[ 1660.447000]  <TASK>
[ 1660.447005]  dump_stack_lvl+0x8b/0xb3
[ 1660.447025]  should_fail.cold+0x5/0xa
[ 1660.447037]  ? io_uring_setup.cold+0x35b/0x271c
[ 1660.447058]  should_failslab+0x5/0x10
[ 1660.447076]  __kmalloc+0x72/0x440
[ 1660.447090]  io_uring_setup.cold+0x35b/0x271c
[ 1660.447111]  ? io_sqe_files_register+0x230/0x230
[ 1660.447140]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1660.447162]  do_syscall_64+0x3b/0x90
[ 1660.447175]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1660.447191] RIP: 0033:0x7f06699e0b19
[ 1660.447200] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
19:37:56 executing program 1:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 9)

19:37:56 executing program 0:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 7)

[ 1660.447211] RSP: 002b:00007f0666f56108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1660.447223] RAX: ffffffffffffffda RBX: 00007f0669af3f60 RCX: 00007f06699e0b19
[ 1660.447230] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1660.447237] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1660.447244] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1660.447251] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1660.447270]  </TASK>
[ 1660.453121] FAULT_INJECTION: forcing a failure.
[ 1660.453121] name failslab, interval 1, probability 0, space 0, times 0
[ 1660.453137] CPU: 0 PID: 7100 Comm: syz-executor.1 Not tainted 5.18.0-rc4-next-20220427 #1
19:37:56 executing program 7:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0x5326)

[ 1660.453149] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1660.453156] Call Trace:
[ 1660.453158]  <TASK>
[ 1660.453166]  dump_stack_lvl+0x8b/0xb3
[ 1660.453180]  should_fail.cold+0x5/0xa
[ 1660.453191]  ? io_uring_setup.cold+0x3dd/0x271c
[ 1660.453209]  should_failslab+0x5/0x10
[ 1660.453232]  __kmalloc+0x72/0x440
19:37:56 executing program 4:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000080)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r1 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[])
r2 = openat(r1, &(0x7f0000000180)='./file0\x00', 0x101042, 0x2500)
write(r2, &(0x7f0000000080)="01", 0xffff8000)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
io_submit(0x0, 0x1, &(0x7f0000001340)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x2}])
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f00000006c0)={<r4=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r3, 0xc0182101, &(0x7f0000000740)={r4, 0x37, 0x9})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000000)={r4, 0x0, 0xffffffffffffffff, 0xffffff80, 0x80000})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000200)={0x0, 0x0, 0xffffffffffffffff, 0x0, 0xfe7})

[ 1660.453246]  io_uring_setup.cold+0x3dd/0x271c
[ 1660.453263]  ? lock_is_held_type+0xd7/0x130
[ 1660.453280]  ? io_sqe_files_register+0x230/0x230
[ 1660.453308]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1660.453329]  do_syscall_64+0x3b/0x90
[ 1660.453342]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1660.453360] RIP: 0033:0x7f2c579bdb19
[ 1660.453370] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
19:37:56 executing program 3:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)=<r2=>0x0)
r3 = creat(&(0x7f0000000380)='./file1\x00', 0x0)
r4 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140))
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
r6 = syz_io_uring_setup(0x76e7, &(0x7f0000000340), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000280), 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0xa, 0x0, r5)
syz_io_uring_submit(0x0, r2, &(0x7f00000003c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x4, 0x0, @fd=r3, 0xfffffffffffffff9, 0x0, 0xf690, 0x0, 0x0, {0x0, r5}}, 0x1000)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
fchmodat(r7, &(0x7f0000000180)='./file0\x00', 0x4)
r8 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r9 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r9, r8, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r7, 0x5206, &(0x7f0000000480))

[ 1660.453383] RSP: 002b:00007f2c54f33108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1660.453395] RAX: ffffffffffffffda RBX: 00007f2c57ad0f60 RCX: 00007f2c579bdb19
[ 1660.453403] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1660.453410] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1660.453416] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1660.453423] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1660.453443]  </TASK>
[ 1660.501265] FAULT_INJECTION: forcing a failure.
[ 1660.501265] name failslab, interval 1, probability 0, space 0, times 0
[ 1660.501300] CPU: 0 PID: 7103 Comm: syz-executor.6 Not tainted 5.18.0-rc4-next-20220427 #1
19:37:56 executing program 1:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 10)

19:37:56 executing program 6:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 38)

[ 1660.501330] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
19:37:56 executing program 0:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 8)

19:37:56 executing program 5:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x1d9b01, 0x0)
ioctl$CDROMRESET(r0, 0x5312)

19:37:56 executing program 2:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 37)

[ 1660.501351] Call Trace:
[ 1660.501358]  <TASK>
[ 1660.501368]  dump_stack_lvl+0x8b/0xb3
[ 1660.501405]  should_fail.cold+0x5/0xa
[ 1660.501435]  ? __alloc_file+0x21/0x230
[ 1660.501476]  should_failslab+0x5/0x10
[ 1660.501518]  kmem_cache_alloc+0x5b/0x480
[ 1660.501552]  __alloc_file+0x21/0x230
[ 1660.501591]  alloc_empty_file+0x6d/0x170
[ 1660.501634]  alloc_file+0x59/0x580
[ 1660.501678]  alloc_file_pseudo+0x16a/0x250
[ 1660.501718]  ? alloc_file+0x580/0x580
[ 1660.501773]  anon_inode_getfile_secure+0xb5/0x1e0
[ 1660.501814]  io_uring_setup.cold+0x1ed0/0x271c
[ 1660.501839]  ? io_sqe_files_register+0x230/0x230
[ 1660.501868]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1660.501891]  do_syscall_64+0x3b/0x90
[ 1660.501907]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1660.501923] RIP: 0033:0x7f011e7ddb19
[ 1660.501932] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1660.501943] RSP: 002b:00007f011bd53108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
19:37:56 executing program 7:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0x5327)

[ 1660.501955] RAX: ffffffffffffffda RBX: 00007f011e8f0f60 RCX: 00007f011e7ddb19
[ 1660.501962] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1660.501969] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1660.501976] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1660.501983] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1660.502002]  </TASK>
[ 1660.522790] FAULT_INJECTION: forcing a failure.
[ 1660.522790] name failslab, interval 1, probability 0, space 0, times 0
[ 1660.522826] CPU: 1 PID: 7104 Comm: syz-executor.2 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1660.522851] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1660.522872] Call Trace:
[ 1660.522878]  <TASK>
[ 1660.522887]  dump_stack_lvl+0x8b/0xb3
[ 1660.522924]  should_fail.cold+0x5/0xa
19:37:56 executing program 5:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0)
ioctl$CDROMRESET(r0, 0x5312)
ioctl$CDROMSEEK(r0, 0x5316, &(0x7f0000000040)={0x1, 0x85, 0x0, 0x11, 0x5, 0x7f})
r1 = dup(r0)
fallocate(r1, 0x8, 0x80000000, 0x6)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x149802, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={'rose0\x00'})
pwritev2(r0, &(0x7f0000000600)=[{&(0x7f00000000c0)="7d6d540c10037b9b35480d310900", 0xe}, {0x0}], 0x2, 0x0, 0x0, 0x0)
ioctl$CDROMREADAUDIO(r0, 0x530e, &(0x7f00000001c0)={@msf={0xb4, 0x7f, 0x1}, 0x2, 0x42, &(0x7f0000000140)=""/66})
ioctl$FS_IOC_GET_ENCRYPTION_NONCE(r2, 0x8010661b, &(0x7f0000000100))
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x40c0, 0x0)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x169802, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000000)={'rose0\x00'})
pwritev2(r4, &(0x7f0000000600)=[{&(0x7f00000000c0)="7d6d540c10037b9b35480d310900", 0xe}, {0x0}], 0x2, 0x0, 0x0, 0x0)
fcntl$dupfd(r3, 0x406, r4)

[ 1660.522949]  ? create_object.isra.0+0x3a/0xa20
[ 1660.522988]  should_failslab+0x5/0x10
[ 1660.523020]  kmem_cache_alloc+0x5b/0x480
[ 1660.523051]  create_object.isra.0+0x3a/0xa20
[ 1660.523081]  ? kasan_unpoison+0x23/0x50
[ 1660.523117]  kmem_cache_alloc_lru+0x2d3/0x7c0
[ 1660.523138]  ? __d_alloc+0x31/0x990
[ 1660.523172]  __d_alloc+0x31/0x990
[ 1660.523204]  d_alloc_pseudo+0x19/0x70
[ 1660.523232]  alloc_file_pseudo+0xce/0x250
[ 1660.523264]  ? alloc_file+0x580/0x580
[ 1660.523296]  ? __x64_sys_epoll_ctl+0x1c0/0x1c0
[ 1660.523327]  ? security_socket_post_create+0x9e/0xd0
[ 1660.523376]  anon_inode_getfile_secure+0xb5/0x1e0
[ 1660.523413]  io_uring_setup.cold+0x1ed0/0x271c
[ 1660.523456]  ? io_sqe_files_register+0x230/0x230
[ 1660.523514]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1660.523558]  do_syscall_64+0x3b/0x90
[ 1660.523584]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1660.523615] RIP: 0033:0x7f4ea96a2b19
[ 1660.523633] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1660.523654] RSP: 002b:00007f4ea6c18108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1660.523677] RAX: ffffffffffffffda RBX: 00007f4ea97b5f60 RCX: 00007f4ea96a2b19
[ 1660.523692] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1660.523706] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1660.523720] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1660.523734] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1660.523773]  </TASK>
[ 1660.574126] FAULT_INJECTION: forcing a failure.
[ 1660.574126] name failslab, interval 1, probability 0, space 0, times 0
[ 1660.574146] CPU: 0 PID: 7111 Comm: syz-executor.0 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1660.574158] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1660.574167] Call Trace:
[ 1660.574170]  <TASK>
[ 1660.574175]  dump_stack_lvl+0x8b/0xb3
[ 1660.574194]  should_fail.cold+0x5/0xa
[ 1660.574207]  ? create_object.isra.0+0x3a/0xa20
[ 1660.574226]  should_failslab+0x5/0x10
[ 1660.574242]  kmem_cache_alloc+0x5b/0x480
[ 1660.574257]  create_object.isra.0+0x3a/0xa20
[ 1660.574272]  ? kasan_unpoison+0x23/0x50
[ 1660.574290]  __kmalloc+0x25b/0x440
[ 1660.574304]  io_uring_setup.cold+0x35b/0x271c
[ 1660.574321]  ? lock_is_held_type+0xd7/0x130
[ 1660.574339]  ? io_sqe_files_register+0x230/0x230
[ 1660.574368]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1660.574389]  do_syscall_64+0x3b/0x90
[ 1660.574402]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1660.574418] RIP: 0033:0x7f06699e0b19
[ 1660.574427] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1660.574438] RSP: 002b:00007f0666f56108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1660.574450] RAX: ffffffffffffffda RBX: 00007f0669af3f60 RCX: 00007f06699e0b19
[ 1660.574457] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1660.574464] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1660.574471] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1660.574478] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1660.574497]  </TASK>
[ 1660.579259] FAULT_INJECTION: forcing a failure.
[ 1660.579259] name failslab, interval 1, probability 0, space 0, times 0
[ 1660.579275] CPU: 0 PID: 7113 Comm: syz-executor.1 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1660.579287] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1660.579294] Call Trace:
[ 1660.579297]  <TASK>
[ 1660.579302]  dump_stack_lvl+0x8b/0xb3
[ 1660.579316]  should_fail.cold+0x5/0xa
[ 1660.579328]  ? create_object.isra.0+0x3a/0xa20
[ 1660.579346]  should_failslab+0x5/0x10
[ 1660.579361]  kmem_cache_alloc+0x5b/0x480
[ 1660.579376]  create_object.isra.0+0x3a/0xa20
[ 1660.579392]  ? kasan_unpoison+0x23/0x50
[ 1660.579409]  __kmalloc+0x25b/0x440
[ 1660.579424]  io_uring_setup.cold+0x3dd/0x271c
[ 1660.579445]  ? lock_is_held_type+0xd7/0x130
[ 1660.579463]  ? io_sqe_files_register+0x230/0x230
[ 1660.579491]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1660.579512]  do_syscall_64+0x3b/0x90
[ 1660.579527]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1660.579545] RIP: 0033:0x7f2c579bdb19
[ 1660.579554] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1660.579566] RSP: 002b:00007f2c54f33108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1660.579577] RAX: ffffffffffffffda RBX: 00007f2c57ad0f60 RCX: 00007f2c579bdb19
[ 1660.579585] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1660.579592] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1660.579599] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1660.579606] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1660.579625]  </TASK>
[ 1660.738355] FAULT_INJECTION: forcing a failure.
[ 1660.738355] name failslab, interval 1, probability 0, space 0, times 0
[ 1660.738375] CPU: 0 PID: 7124 Comm: syz-executor.0 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1660.738388] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1660.738396] Call Trace:
[ 1660.738399]  <TASK>
[ 1660.738404]  dump_stack_lvl+0x8b/0xb3
[ 1660.738424]  should_fail.cold+0x5/0xa
[ 1660.738437]  ? io_uring_setup.cold+0x3dd/0x271c
[ 1660.738454]  should_failslab+0x5/0x10
[ 1660.738471]  __kmalloc+0x72/0x440
[ 1660.738486]  io_uring_setup.cold+0x3dd/0x271c
[ 1660.738503]  ? lock_is_held_type+0xd7/0x130
[ 1660.738522]  ? io_sqe_files_register+0x230/0x230
[ 1660.738554]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1660.738575]  do_syscall_64+0x3b/0x90
[ 1660.738588]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1660.738604] RIP: 0033:0x7f06699e0b19
[ 1660.738613] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1660.738624] RSP: 002b:00007f0666f56108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1660.738636] RAX: ffffffffffffffda RBX: 00007f0669af3f60 RCX: 00007f06699e0b19
[ 1660.738643] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1660.738650] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1660.738657] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1660.738664] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1660.738683]  </TASK>
[ 1660.761632] FAULT_INJECTION: forcing a failure.
[ 1660.761632] name failslab, interval 1, probability 0, space 0, times 0
[ 1660.761653] CPU: 0 PID: 7131 Comm: syz-executor.2 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1660.761666] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1660.761675] Call Trace:
[ 1660.761678]  <TASK>
[ 1660.761683]  dump_stack_lvl+0x8b/0xb3
[ 1660.761703]  should_fail.cold+0x5/0xa
[ 1660.761715]  ? __alloc_file+0x21/0x230
[ 1660.761732]  should_failslab+0x5/0x10
[ 1660.761749]  kmem_cache_alloc+0x5b/0x480
[ 1660.761764]  __alloc_file+0x21/0x230
[ 1660.761779]  alloc_empty_file+0x6d/0x170
[ 1660.761796]  alloc_file+0x59/0x580
[ 1660.761813]  alloc_file_pseudo+0x16a/0x250
[ 1660.761828]  ? alloc_file+0x580/0x580
[ 1660.761852]  anon_inode_getfile_secure+0xb5/0x1e0
[ 1660.761876]  io_uring_setup.cold+0x1ed0/0x271c
[ 1660.761897]  ? io_sqe_files_register+0x230/0x230
[ 1660.761929]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1660.761951]  do_syscall_64+0x3b/0x90
[ 1660.761964]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1660.761981] RIP: 0033:0x7f4ea96a2b19
[ 1660.761991] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1660.762004] RSP: 002b:00007f4ea6c18108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1660.762018] RAX: ffffffffffffffda RBX: 00007f4ea97b5f60 RCX: 00007f4ea96a2b19
[ 1660.762028] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1660.762038] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1660.762047] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1660.762056] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1660.762082]  </TASK>
[ 1660.771134] FAULT_INJECTION: forcing a failure.
[ 1660.771134] name failslab, interval 1, probability 0, space 0, times 0
[ 1660.771168] CPU: 1 PID: 7128 Comm: syz-executor.1 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1660.771193] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1660.771208] Call Trace:
[ 1660.771214]  <TASK>
[ 1660.771222]  dump_stack_lvl+0x8b/0xb3
[ 1660.771259]  should_fail.cold+0x5/0xa
[ 1660.771284]  ? create_object.isra.0+0x3a/0xa20
[ 1660.771323]  should_failslab+0x5/0x10
[ 1660.771354]  kmem_cache_alloc+0x5b/0x480
[ 1660.771386]  create_object.isra.0+0x3a/0xa20
[ 1660.771426]  kmemleak_alloc_percpu+0xa0/0x100
[ 1660.771469]  pcpu_alloc+0x7bf/0x1060
[ 1660.771513]  ? io_sq_thread_unpark+0xba/0xba
[ 1660.771544]  percpu_ref_init+0x31/0x3d0
[ 1660.771587]  io_uring_setup.cold+0x49d/0x271c
[ 1660.771622]  ? lock_is_held_type+0xd7/0x130
[ 1660.771657]  ? io_sqe_files_register+0x230/0x230
[ 1660.771714]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1660.771757]  do_syscall_64+0x3b/0x90
[ 1660.771784]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1660.771815] RIP: 0033:0x7f2c579bdb19
[ 1660.771832] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1660.771853] RSP: 002b:00007f2c54f33108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1660.771882] RAX: ffffffffffffffda RBX: 00007f2c57ad0f60 RCX: 00007f2c579bdb19
[ 1660.771897] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1660.771912] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1660.771926] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1660.771940] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1660.771984]  </TASK>
[ 1660.808079] FAULT_INJECTION: forcing a failure.
[ 1660.808079] name failslab, interval 1, probability 0, space 0, times 0
[ 1660.808100] CPU: 0 PID: 7132 Comm: syz-executor.6 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1660.808112] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1660.808121] Call Trace:
[ 1660.808124]  <TASK>
[ 1660.808129]  dump_stack_lvl+0x8b/0xb3
[ 1660.808148]  should_fail.cold+0x5/0xa
[ 1660.808161]  ? create_object.isra.0+0x3a/0xa20
[ 1660.808181]  should_failslab+0x5/0x10
[ 1660.808197]  kmem_cache_alloc+0x5b/0x480
[ 1660.808213]  create_object.isra.0+0x3a/0xa20
[ 1660.808228]  ? kasan_unpoison+0x23/0x50
[ 1660.808246]  kmem_cache_alloc+0x239/0x480
[ 1660.808261]  __alloc_file+0x21/0x230
[ 1660.808276]  alloc_empty_file+0x6d/0x170
[ 1660.808293]  alloc_file+0x59/0x580
[ 1660.808311]  alloc_file_pseudo+0x16a/0x250
[ 1660.808326]  ? alloc_file+0x580/0x580
[ 1660.808351]  anon_inode_getfile_secure+0xb5/0x1e0
[ 1660.808371]  io_uring_setup.cold+0x1ed0/0x271c
[ 1660.808393]  ? io_sqe_files_register+0x230/0x230
[ 1660.808423]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1660.808453]  do_syscall_64+0x3b/0x90
[ 1660.808470]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1660.808491] RIP: 0033:0x7f011e7ddb19
[ 1660.808503] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1660.808517] RSP: 002b:00007f011bd53108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1660.808532] RAX: ffffffffffffffda RBX: 00007f011e8f0f60 RCX: 00007f011e7ddb19
[ 1660.808541] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1660.808551] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1660.808560] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1660.808569] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1660.808595]  </TASK>
[ 1672.733934] kmemleak: 4 new suspected memory leaks (see /sys/kernel/debug/kmemleak)
19:38:17 executing program 2:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 38)

19:38:17 executing program 4:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000080)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r1 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[])
r2 = openat(r1, &(0x7f0000000180)='./file0\x00', 0x101042, 0x2500)
write(r2, &(0x7f0000000080)="01", 0xffff8000)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
io_submit(0x0, 0x1, &(0x7f0000001340)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x2}])
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f00000006c0)={<r4=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r3, 0xc0182101, &(0x7f0000000740)={r4, 0x37, 0x9})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000000)={r4, 0x0, 0xffffffffffffffff, 0xffffff80, 0x80000})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000200)={0x0, 0x0, 0xffffffffffffffff, 0x0, 0xfe7})

19:38:17 executing program 5:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000040), 0x10040, 0x0)
ioctl$CDROMRESET(r0, 0x5312)

19:38:17 executing program 1:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 11)

19:38:17 executing program 7:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0x5328)

19:38:17 executing program 6:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 39)

19:38:17 executing program 3:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)=<r2=>0x0)
r3 = creat(&(0x7f0000000380)='./file1\x00', 0x0)
r4 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140))
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
r6 = syz_io_uring_setup(0x76e7, &(0x7f0000000340), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000280), 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0xa, 0x0, r5)
syz_io_uring_submit(0x0, r2, &(0x7f00000003c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x4, 0x0, @fd=r3, 0xfffffffffffffff9, 0x0, 0xf690, 0x0, 0x0, {0x0, r5}}, 0x1000)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
fchmodat(r7, &(0x7f0000000180)='./file0\x00', 0x4)
r8 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r9 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r9, r8, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r7, 0x5206, &(0x7f0000000480))

19:38:17 executing program 0:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 9)

[ 1681.878114] FAULT_INJECTION: forcing a failure.
[ 1681.878114] name failslab, interval 1, probability 0, space 0, times 0
[ 1681.878142] CPU: 1 PID: 7151 Comm: syz-executor.2 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1681.878160] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1681.878172] Call Trace:
[ 1681.878177]  <TASK>
[ 1681.878183]  dump_stack_lvl+0x8b/0xb3
[ 1681.878210]  should_fail.cold+0x5/0xa
[ 1681.878228]  ? create_object.isra.0+0x3a/0xa20
[ 1681.878257]  should_failslab+0x5/0x10
[ 1681.878280]  kmem_cache_alloc+0x5b/0x480
[ 1681.878304]  create_object.isra.0+0x3a/0xa20
[ 1681.878327]  ? kasan_unpoison+0x23/0x50
[ 1681.878354]  kmem_cache_alloc+0x239/0x480
[ 1681.878376]  __alloc_file+0x21/0x230
[ 1681.878400]  alloc_empty_file+0x6d/0x170
[ 1681.878424]  alloc_file+0x59/0x580
[ 1681.878450]  alloc_file_pseudo+0x16a/0x250
[ 1681.878473]  ? alloc_file+0x580/0x580
[ 1681.878509]  anon_inode_getfile_secure+0xb5/0x1e0
[ 1681.878539]  io_uring_setup.cold+0x1ed0/0x271c
[ 1681.878571]  ? io_sqe_files_register+0x230/0x230
[ 1681.878614]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1681.878652]  do_syscall_64+0x3b/0x90
19:38:18 executing program 5:
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000040)={0x4, 0x6}, 0x4)
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x30740, 0x0)
ioctl$CDROMRESET(r0, 0x5312)
openat$cdrom(0xffffffffffffff9c, &(0x7f00000001c0), 0x18100, 0x0)
r1 = syz_open_dev$vcsa(&(0x7f0000000080), 0x800, 0x101000)
ioctl$CDROM_SEND_PACKET(r1, 0x5393, &(0x7f0000000180)={"21b23862c4cc48aa30139411", &(0x7f00000000c0)="60dfa2b95b4f7565b2839468ae8ab59f2698efded12948acb0acb97bd75c4a5134e74b8d82ed78a495c15450d3d3ec8b48", 0x31, 0x9, &(0x7f0000000100)={0x6, 0x1, 0x1, 0x7, 0x0, 0x0, 0x0, "6bbab60a", 0x1, "230aadea", 0x3f, 0x3f, 0x6, "b876fb", "c00794a2afd4b34b5c8adc12652ca6db0e9bafd405bfd810ca5626c5cba86a1b3acffb0a9262e2934d8babf11f23"}, 0x3, 0x5125, 0x1000, &(0x7f0000000140)})

[ 1681.878672]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1681.878699] RIP: 0033:0x7f4ea96a2b19
[ 1681.878714] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1681.878730] RSP: 002b:00007f4ea6c18108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1681.878747] RAX: ffffffffffffffda RBX: 00007f4ea97b5f60 RCX: 00007f4ea96a2b19
[ 1681.878758] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1681.878768] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1681.878779] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1681.878789] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
19:38:18 executing program 4:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000080)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r1 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[])
r2 = openat(r1, &(0x7f0000000180)='./file0\x00', 0x101042, 0x2500)
write(r2, &(0x7f0000000080)="01", 0xffff8000)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
io_submit(0x0, 0x1, &(0x7f0000001340)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x2}])
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f00000006c0)={<r4=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r3, 0xc0182101, &(0x7f0000000740)={r4, 0x37, 0x9})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000000)={r4, 0x0, r0, 0x0, 0x80000})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000200)={0x0, 0x0, 0xffffffffffffffff, 0x0, 0xfe7})

[ 1681.878818]  </TASK>
[ 1681.892554] FAULT_INJECTION: forcing a failure.
[ 1681.892554] name failslab, interval 1, probability 0, space 0, times 0
[ 1681.892576] CPU: 1 PID: 7158 Comm: syz-executor.0 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1681.892594] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
19:38:18 executing program 7:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0x5329)

[ 1681.892605] Call Trace:
[ 1681.892609]  <TASK>
[ 1681.892615]  dump_stack_lvl+0x8b/0xb3
[ 1681.892635]  should_fail.cold+0x5/0xa
[ 1681.892653]  ? create_object.isra.0+0x3a/0xa20
[ 1681.892678]  should_failslab+0x5/0x10
[ 1681.892700]  kmem_cache_alloc+0x5b/0x480
[ 1681.892721]  create_object.isra.0+0x3a/0xa20
[ 1681.892750]  ? kasan_unpoison+0x23/0x50
[ 1681.892776]  __kmalloc+0x25b/0x440
[ 1681.892797]  io_uring_setup.cold+0x3dd/0x271c
[ 1681.892822]  ? lock_is_held_type+0xd7/0x130
19:38:18 executing program 2:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 39)

19:38:18 executing program 3:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)=<r2=>0x0)
r3 = creat(&(0x7f0000000380)='./file1\x00', 0x0)
r4 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140))
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
r6 = syz_io_uring_setup(0x76e7, &(0x7f0000000340), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000280), 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0xa, 0x0, r5)
syz_io_uring_submit(0x0, r2, &(0x7f00000003c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x4, 0x0, @fd=r3, 0xfffffffffffffff9, 0x0, 0xf690, 0x0, 0x0, {0x0, r5}}, 0x1000)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
fchmodat(r7, &(0x7f0000000180)='./file0\x00', 0x4)
r8 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r9 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r9, r8, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r7, 0x5206, &(0x7f0000000480))

[ 1681.892848]  ? io_sqe_files_register+0x230/0x230
[ 1681.892889]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1681.892920]  do_syscall_64+0x3b/0x90
[ 1681.892939]  entry_SYSCALL_64_after_hwframe+0x44/0xae
19:38:18 executing program 6:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 40)

[ 1681.892961] RIP: 0033:0x7f06699e0b19
19:38:18 executing program 1:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 12)

[ 1681.892973] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1681.892988] RSP: 002b:00007f0666f56108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1681.893004] RAX: ffffffffffffffda RBX: 00007f0669af3f60 RCX: 00007f06699e0b19
[ 1681.893015] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1681.893025] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1681.893036] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1681.893046] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1681.893075]  </TASK>
[ 1681.903519] FAULT_INJECTION: forcing a failure.
[ 1681.903519] name failslab, interval 1, probability 0, space 0, times 0
[ 1681.903552] CPU: 0 PID: 7163 Comm: syz-executor.1 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1681.903576] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1681.903590] Call Trace:
[ 1681.903595]  <TASK>
[ 1681.903602]  dump_stack_lvl+0x8b/0xb3
[ 1681.903636]  should_fail.cold+0x5/0xa
[ 1681.903657]  ? create_object.isra.0+0x3a/0xa20
[ 1681.903691]  should_failslab+0x5/0x10
[ 1681.903720]  kmem_cache_alloc+0x5b/0x480
[ 1681.903748]  create_object.isra.0+0x3a/0xa20
[ 1681.903785]  kmemleak_alloc_percpu+0xa0/0x100
[ 1681.903824]  pcpu_alloc+0x7bf/0x1060
[ 1681.903871]  ? io_sq_thread_unpark+0xba/0xba
[ 1681.903900]  percpu_ref_init+0x31/0x3d0
[ 1681.903939]  io_uring_setup.cold+0x49d/0x271c
[ 1681.903971]  ? lock_is_held_type+0xd7/0x130
[ 1681.904008]  ? io_sqe_files_register+0x230/0x230
[ 1681.904060]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1681.904099]  do_syscall_64+0x3b/0x90
[ 1681.904123]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1681.904152] RIP: 0033:0x7f2c579bdb19
[ 1681.904167] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1681.904187] RSP: 002b:00007f2c54f33108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1681.904208] RAX: ffffffffffffffda RBX: 00007f2c57ad0f60 RCX: 00007f2c579bdb19
[ 1681.904222] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1681.904235] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1681.904248] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1681.904260] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1681.904296]  </TASK>
[ 1681.920154] FAULT_INJECTION: forcing a failure.
[ 1681.920154] name failslab, interval 1, probability 0, space 0, times 0
[ 1681.920185] CPU: 1 PID: 7160 Comm: syz-executor.6 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1681.920209] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1681.920221] Call Trace:
[ 1681.920226]  <TASK>
[ 1681.920233]  dump_stack_lvl+0x8b/0xb3
[ 1681.920259]  should_fail.cold+0x5/0xa
[ 1681.920282]  ? security_file_alloc+0x34/0x170
[ 1681.920317]  should_failslab+0x5/0x10
[ 1681.920344]  kmem_cache_alloc+0x5b/0x480
[ 1681.920370]  security_file_alloc+0x34/0x170
[ 1681.920401]  __alloc_file+0xb6/0x230
[ 1681.920434]  alloc_empty_file+0x6d/0x170
[ 1681.920467]  alloc_file+0x59/0x580
[ 1681.920496]  alloc_file_pseudo+0x16a/0x250
[ 1681.920526]  ? alloc_file+0x580/0x580
[ 1681.920562]  anon_inode_getfile_secure+0xb5/0x1e0
[ 1681.920590]  io_uring_setup.cold+0x1ed0/0x271c
[ 1681.920620]  ? io_sqe_files_register+0x230/0x230
[ 1681.920661]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1681.920692]  do_syscall_64+0x3b/0x90
[ 1681.920711]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1681.920733] RIP: 0033:0x7f011e7ddb19
[ 1681.920746] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1681.920762] RSP: 002b:00007f011bd53108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1681.920778] RAX: ffffffffffffffda RBX: 00007f011e8f0f60 RCX: 00007f011e7ddb19
[ 1681.920789] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1681.920799] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1681.920809] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1681.920819] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1681.920847]  </TASK>
[ 1682.134839] FAULT_INJECTION: forcing a failure.
[ 1682.134839] name failslab, interval 1, probability 0, space 0, times 0
[ 1682.134916] CPU: 1 PID: 7179 Comm: syz-executor.6 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1682.134932] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1682.134942] Call Trace:
[ 1682.134946]  <TASK>
[ 1682.134952]  dump_stack_lvl+0x8b/0xb3
[ 1682.134976]  should_fail.cold+0x5/0xa
[ 1682.134991]  ? create_object.isra.0+0x3a/0xa20
[ 1682.135016]  should_failslab+0x5/0x10
[ 1682.135037]  kmem_cache_alloc+0x5b/0x480
[ 1682.135056]  create_object.isra.0+0x3a/0xa20
[ 1682.135076]  ? kasan_unpoison+0x23/0x50
[ 1682.135100]  kmem_cache_alloc+0x239/0x480
[ 1682.135118]  security_file_alloc+0x34/0x170
[ 1682.135142]  __alloc_file+0xb6/0x230
[ 1682.135162]  alloc_empty_file+0x6d/0x170
[ 1682.135184]  alloc_file+0x59/0x580
[ 1682.135206]  alloc_file_pseudo+0x16a/0x250
[ 1682.135226]  ? alloc_file+0x580/0x580
[ 1682.135257]  anon_inode_getfile_secure+0xb5/0x1e0
[ 1682.135282]  io_uring_setup.cold+0x1ed0/0x271c
[ 1682.135310]  ? io_sqe_files_register+0x230/0x230
[ 1682.135347]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1682.135376]  do_syscall_64+0x3b/0x90
[ 1682.135393]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1682.135414] RIP: 0033:0x7f011e7ddb19
[ 1682.135425] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1682.135438] RSP: 002b:00007f011bd53108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1682.135452] RAX: ffffffffffffffda RBX: 00007f011e8f0f60 RCX: 00007f011e7ddb19
[ 1682.135462] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1682.135471] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1682.135479] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1682.135487] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1682.135512]  </TASK>
[ 1682.145024] FAULT_INJECTION: forcing a failure.
[ 1682.145024] name failslab, interval 1, probability 0, space 0, times 0
[ 1682.145044] CPU: 1 PID: 7181 Comm: syz-executor.1 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1682.145059] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1682.145068] Call Trace:
[ 1682.145071]  <TASK>
[ 1682.145076]  dump_stack_lvl+0x8b/0xb3
[ 1682.145093]  should_fail.cold+0x5/0xa
[ 1682.145108]  ? percpu_ref_init+0xdb/0x3d0
[ 1682.145134]  should_failslab+0x5/0x10
[ 1682.145152]  kmem_cache_alloc_trace+0x55/0x3c0
[ 1682.145169]  ? io_sq_thread_unpark+0xba/0xba
[ 1682.145188]  percpu_ref_init+0xdb/0x3d0
[ 1682.145213]  io_uring_setup.cold+0x49d/0x271c
[ 1682.145234]  ? lock_is_held_type+0xd7/0x130
[ 1682.145255]  ? io_sqe_files_register+0x230/0x230
[ 1682.145290]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1682.145316]  do_syscall_64+0x3b/0x90
[ 1682.145332]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1682.145350] RIP: 0033:0x7f2c579bdb19
[ 1682.145360] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1682.145373] RSP: 002b:00007f2c54f33108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1682.145387] RAX: ffffffffffffffda RBX: 00007f2c57ad0f60 RCX: 00007f2c579bdb19
[ 1682.145396] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1682.145404] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1682.145413] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1682.145421] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1682.145445]  </TASK>
[ 1682.170310] FAULT_INJECTION: forcing a failure.
[ 1682.170310] name failslab, interval 1, probability 0, space 0, times 0
[ 1682.170344] CPU: 0 PID: 7176 Comm: syz-executor.2 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1682.170369] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1682.170383] Call Trace:
[ 1682.170389]  <TASK>
[ 1682.170396]  dump_stack_lvl+0x8b/0xb3
[ 1682.170430]  should_fail.cold+0x5/0xa
[ 1682.170453]  ? security_file_alloc+0x34/0x170
[ 1682.170488]  should_failslab+0x5/0x10
[ 1682.170520]  kmem_cache_alloc+0x5b/0x480
[ 1682.170548]  security_file_alloc+0x34/0x170
[ 1682.170580]  __alloc_file+0xb6/0x230
[ 1682.170610]  alloc_empty_file+0x6d/0x170
[ 1682.170642]  alloc_file+0x59/0x580
[ 1682.170674]  alloc_file_pseudo+0x16a/0x250
[ 1682.170703]  ? alloc_file+0x580/0x580
[ 1682.170749]  anon_inode_getfile_secure+0xb5/0x1e0
[ 1682.170786]  io_uring_setup.cold+0x1ed0/0x271c
[ 1682.170826]  ? io_sqe_files_register+0x230/0x230
[ 1682.170887]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1682.170929]  do_syscall_64+0x3b/0x90
[ 1682.170954]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1682.170985] RIP: 0033:0x7f4ea96a2b19
[ 1682.171002] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1682.171021] RSP: 002b:00007f4ea6c18108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1682.171043] RAX: ffffffffffffffda RBX: 00007f4ea97b5f60 RCX: 00007f4ea96a2b19
[ 1682.171057] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1682.171070] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1682.171082] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1682.171095] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1682.171131]  </TASK>
[ 1693.448395] kmemleak: 4 new suspected memory leaks (see /sys/kernel/debug/kmemleak)
19:38:37 executing program 2:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 40)

19:38:37 executing program 4:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000080)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r1 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[])
r2 = openat(r1, &(0x7f0000000180)='./file0\x00', 0x101042, 0x2500)
write(r2, &(0x7f0000000080)="01", 0xffff8000)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
io_submit(0x0, 0x1, &(0x7f0000001340)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x2}])
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f00000006c0)={<r4=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r3, 0xc0182101, &(0x7f0000000740)={r4, 0x37, 0x9})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000000)={r4, 0x0, r0, 0x0, 0x80000})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000200)={0x0, 0x0, 0xffffffffffffffff, 0x0, 0xfe7})

19:38:37 executing program 0:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 10)

19:38:37 executing program 5:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
fstatfs(r0, &(0x7f0000000080)=""/17)
ioctl$CDROMRESET(r0, 0x5312)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r0, 0xc0189379, &(0x7f0000000040)={{0x1, 0x1, 0x18, r0}, './file0\x00'})

19:38:37 executing program 7:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0x5330)

19:38:37 executing program 1:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 13)

19:38:37 executing program 6:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 41)

19:38:37 executing program 3:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)=<r2=>0x0)
r3 = creat(&(0x7f0000000380)='./file1\x00', 0x0)
r4 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140))
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
syz_io_uring_setup(0x76e7, &(0x7f0000000340), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000280), &(0x7f00000003c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(0xffffffffffffffff, 0xa, 0x0, r5)
syz_io_uring_submit(0x0, r2, &(0x7f00000003c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x4, 0x0, @fd=r3, 0xfffffffffffffff9, 0x0, 0xf690, 0x0, 0x0, {0x0, r5}}, 0x1000)
r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
fchmodat(r6, &(0x7f0000000180)='./file0\x00', 0x4)
r7 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r8 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r8, r7, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r6, 0x5206, &(0x7f0000000480))

[ 1701.255035] FAULT_INJECTION: forcing a failure.
[ 1701.255035] name failslab, interval 1, probability 0, space 0, times 0
[ 1701.255070] CPU: 1 PID: 7187 Comm: syz-executor.2 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1701.255094] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1701.255108] Call Trace:
[ 1701.255114]  <TASK>
[ 1701.255121]  dump_stack_lvl+0x8b/0xb3
[ 1701.255155]  should_fail.cold+0x5/0xa
[ 1701.255178]  ? create_object.isra.0+0x3a/0xa20
[ 1701.255223]  should_failslab+0x5/0x10
[ 1701.255256]  kmem_cache_alloc+0x5b/0x480
[ 1701.255285]  create_object.isra.0+0x3a/0xa20
[ 1701.255316]  ? kasan_unpoison+0x23/0x50
[ 1701.255351]  kmem_cache_alloc+0x239/0x480
[ 1701.255390]  security_file_alloc+0x34/0x170
[ 1701.255438]  __alloc_file+0xb6/0x230
[ 1701.255468]  alloc_empty_file+0x6d/0x170
[ 1701.255500]  alloc_file+0x59/0x580
[ 1701.255537]  alloc_file_pseudo+0x16a/0x250
[ 1701.255567]  ? alloc_file+0x580/0x580
[ 1701.255613]  anon_inode_getfile_secure+0xb5/0x1e0
[ 1701.255651]  io_uring_setup.cold+0x1ed0/0x271c
[ 1701.255692]  ? io_sqe_files_register+0x230/0x230
[ 1701.255745]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1701.255788]  do_syscall_64+0x3b/0x90
19:38:37 executing program 4:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000080)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r1 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[])
r2 = openat(r1, &(0x7f0000000180)='./file0\x00', 0x101042, 0x2500)
write(r2, &(0x7f0000000080)="01", 0xffff8000)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
io_submit(0x0, 0x1, &(0x7f0000001340)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x2}])
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f00000006c0)={<r4=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r3, 0xc0182101, &(0x7f0000000740)={r4, 0x37, 0x9})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000000)={r4, 0x0, r0, 0x0, 0x80000})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000200)={0x0, 0x0, 0xffffffffffffffff, 0x0, 0xfe7})

19:38:37 executing program 5:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000040), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0x5312)

[ 1701.255812]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1701.255844] RIP: 0033:0x7f4ea96a2b19
[ 1701.255861] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1701.255881] RSP: 002b:00007f4ea6c18108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1701.255902] RAX: ffffffffffffffda RBX: 00007f4ea97b5f60 RCX: 00007f4ea96a2b19
19:38:37 executing program 7:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0x5331)

[ 1701.255917] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1701.255930] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1701.255943] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1701.255956] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
19:38:37 executing program 6:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 42)

19:38:37 executing program 2:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 41)

[ 1701.255992]  </TASK>
[ 1701.285316] FAULT_INJECTION: forcing a failure.
[ 1701.285316] name failslab, interval 1, probability 0, space 0, times 0
[ 1701.285345] CPU: 1 PID: 7194 Comm: syz-executor.0 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1701.285373] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1701.285392] Call Trace:
[ 1701.285399]  <TASK>
[ 1701.285409]  dump_stack_lvl+0x8b/0xb3
[ 1701.285449]  should_fail.cold+0x5/0xa
[ 1701.285479]  ? create_object.isra.0+0x3a/0xa20
[ 1701.285511]  should_failslab+0x5/0x10
[ 1701.285538]  kmem_cache_alloc+0x5b/0x480
[ 1701.285566]  create_object.isra.0+0x3a/0xa20
19:38:37 executing program 0:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 11)

[ 1701.285603]  kmemleak_alloc_percpu+0xa0/0x100
[ 1701.285642]  pcpu_alloc+0x7bf/0x1060
19:38:37 executing program 1:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 14)

[ 1701.285683]  ? io_sq_thread_unpark+0xba/0xba
[ 1701.285712]  percpu_ref_init+0x31/0x3d0
[ 1701.285752]  io_uring_setup.cold+0x49d/0x271c
[ 1701.285783]  ? lock_is_held_type+0xd7/0x130
[ 1701.285832]  ? io_sqe_files_register+0x230/0x230
[ 1701.285884]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1701.285923]  do_syscall_64+0x3b/0x90
[ 1701.285947]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1701.285975] RIP: 0033:0x7f06699e0b19
[ 1701.285991] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1701.286010] RSP: 002b:00007f0666f56108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
19:38:37 executing program 3:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)=<r2=>0x0)
r3 = creat(&(0x7f0000000380)='./file1\x00', 0x0)
r4 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140))
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
syz_io_uring_setup(0x76e7, &(0x7f0000000340), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000280), &(0x7f00000003c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(0xffffffffffffffff, 0xa, 0x0, r5)
syz_io_uring_submit(0x0, r2, &(0x7f00000003c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x4, 0x0, @fd=r3, 0xfffffffffffffff9, 0x0, 0xf690, 0x0, 0x0, {0x0, r5}}, 0x1000)
r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
fchmodat(r6, &(0x7f0000000180)='./file0\x00', 0x4)
r7 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r8 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r8, r7, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r6, 0x5206, &(0x7f0000000480))

[ 1701.286031] RAX: ffffffffffffffda RBX: 00007f0669af3f60 RCX: 00007f06699e0b19
[ 1701.286045] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1701.286058] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1701.286071] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1701.286083] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1701.286119]  </TASK>
[ 1701.288927] FAULT_INJECTION: forcing a failure.
[ 1701.288927] name failslab, interval 1, probability 0, space 0, times 0
[ 1701.288954] CPU: 1 PID: 7201 Comm: syz-executor.1 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1701.288977] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1701.288990] Call Trace:
[ 1701.288995]  <TASK>
[ 1701.289002]  dump_stack_lvl+0x8b/0xb3
[ 1701.289028]  should_fail.cold+0x5/0xa
[ 1701.289050]  ? create_object.isra.0+0x3a/0xa20
[ 1701.289082]  should_failslab+0x5/0x10
[ 1701.289110]  kmem_cache_alloc+0x5b/0x480
[ 1701.289138]  create_object.isra.0+0x3a/0xa20
[ 1701.289166]  ? kasan_unpoison+0x23/0x50
[ 1701.289204]  kmem_cache_alloc_trace+0x22e/0x3c0
[ 1701.289229]  ? io_sq_thread_unpark+0xba/0xba
[ 1701.289257]  percpu_ref_init+0xdb/0x3d0
[ 1701.289294]  io_uring_setup.cold+0x49d/0x271c
[ 1701.289326]  ? lock_is_held_type+0xd7/0x130
[ 1701.289360]  ? io_sqe_files_register+0x230/0x230
[ 1701.289443]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1701.289490]  do_syscall_64+0x3b/0x90
[ 1701.289514]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1701.289542] RIP: 0033:0x7f2c579bdb19
[ 1701.289558] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1701.289577] RSP: 002b:00007f2c54f33108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1701.289598] RAX: ffffffffffffffda RBX: 00007f2c57ad0f60 RCX: 00007f2c579bdb19
[ 1701.289612] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1701.289625] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1701.289637] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1701.289650] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1701.289687]  </TASK>
[ 1701.316200] FAULT_INJECTION: forcing a failure.
[ 1701.316200] name failslab, interval 1, probability 0, space 0, times 0
[ 1701.316230] CPU: 1 PID: 7203 Comm: syz-executor.6 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1701.316255] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1701.316269] Call Trace:
[ 1701.316274]  <TASK>
[ 1701.316281]  dump_stack_lvl+0x8b/0xb3
[ 1701.316312]  should_fail.cold+0x5/0xa
[ 1701.316336]  ? __io_uring_add_tctx_node+0x15f/0x390
[ 1701.316371]  should_failslab+0x5/0x10
[ 1701.316415]  kmem_cache_alloc_trace+0x55/0x3c0
[ 1701.316448]  __io_uring_add_tctx_node+0x15f/0x390
[ 1701.316476]  ? io_eventfd_put+0x50/0x50
[ 1701.316515]  io_uring_setup.cold+0x21c1/0x271c
[ 1701.316559]  ? io_sqe_files_register+0x230/0x230
[ 1701.316612]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1701.316654]  do_syscall_64+0x3b/0x90
[ 1701.316679]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1701.316707] RIP: 0033:0x7f011e7ddb19
[ 1701.316723] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1701.316743] RSP: 002b:00007f011bd53108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1701.316764] RAX: ffffffffffffffda RBX: 00007f011e8f0f60 RCX: 00007f011e7ddb19
[ 1701.316778] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1701.316791] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1701.316804] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1701.316817] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1701.316854]  </TASK>
[ 1701.557721] FAULT_INJECTION: forcing a failure.
[ 1701.557721] name failslab, interval 1, probability 0, space 0, times 0
[ 1701.557751] CPU: 1 PID: 7216 Comm: syz-executor.6 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1701.557773] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1701.557786] Call Trace:
[ 1701.557791]  <TASK>
[ 1701.557798]  dump_stack_lvl+0x8b/0xb3
[ 1701.557838]  should_fail.cold+0x5/0xa
[ 1701.557863]  ? create_object.isra.0+0x3a/0xa20
[ 1701.557894]  should_failslab+0x5/0x10
[ 1701.557922]  kmem_cache_alloc+0x5b/0x480
[ 1701.557949]  create_object.isra.0+0x3a/0xa20
[ 1701.557974]  ? kasan_unpoison+0x23/0x50
[ 1701.558005]  kmem_cache_alloc_trace+0x22e/0x3c0
[ 1701.558031]  __io_uring_add_tctx_node+0x15f/0x390
[ 1701.558058]  ? io_eventfd_put+0x50/0x50
[ 1701.558094]  io_uring_setup.cold+0x21c1/0x271c
[ 1701.558130]  ? io_sqe_files_register+0x230/0x230
[ 1701.558179]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1701.558218]  do_syscall_64+0x3b/0x90
[ 1701.558241]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1701.558268] RIP: 0033:0x7f011e7ddb19
[ 1701.558283] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1701.558301] RSP: 002b:00007f011bd53108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1701.558321] RAX: ffffffffffffffda RBX: 00007f011e8f0f60 RCX: 00007f011e7ddb19
[ 1701.558334] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1701.558346] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1701.558360] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1701.558377] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1701.558422]  </TASK>
[ 1701.606767] FAULT_INJECTION: forcing a failure.
[ 1701.606767] name failslab, interval 1, probability 0, space 0, times 0
[ 1701.606805] CPU: 0 PID: 7221 Comm: syz-executor.0 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1701.606832] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1701.606856] Call Trace:
[ 1701.606862]  <TASK>
[ 1701.606872]  dump_stack_lvl+0x8b/0xb3
[ 1701.606910]  should_fail.cold+0x5/0xa
[ 1701.606937]  ? create_object.isra.0+0x3a/0xa20
[ 1701.606983]  should_failslab+0x5/0x10
[ 1701.607017]  kmem_cache_alloc+0x5b/0x480
[ 1701.607050]  create_object.isra.0+0x3a/0xa20
[ 1701.607095]  kmemleak_alloc_percpu+0xa0/0x100
[ 1701.607141]  pcpu_alloc+0x7bf/0x1060
[ 1701.607188]  ? io_sq_thread_unpark+0xba/0xba
[ 1701.607221]  percpu_ref_init+0x31/0x3d0
[ 1701.607267]  io_uring_setup.cold+0x49d/0x271c
[ 1701.607305]  ? lock_is_held_type+0xd7/0x130
[ 1701.607343]  ? io_sqe_files_register+0x230/0x230
[ 1701.607404]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1701.607450]  do_syscall_64+0x3b/0x90
[ 1701.607478]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1701.607512] RIP: 0033:0x7f06699e0b19
[ 1701.607530] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1701.607555] RSP: 002b:00007f0666f56108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1701.607579] RAX: ffffffffffffffda RBX: 00007f0669af3f60 RCX: 00007f06699e0b19
[ 1701.607596] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1701.607611] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1701.607626] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1701.607641] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1701.607683]  </TASK>
[ 1701.628247] FAULT_INJECTION: forcing a failure.
[ 1701.628247] name failslab, interval 1, probability 0, space 0, times 0
[ 1701.628275] CPU: 1 PID: 7219 Comm: syz-executor.2 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1701.628297] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1701.628309] Call Trace:
[ 1701.628313]  <TASK>
[ 1701.628321]  dump_stack_lvl+0x8b/0xb3
[ 1701.628349]  should_fail.cold+0x5/0xa
[ 1701.628376]  ? __io_uring_add_tctx_node+0x15f/0x390
[ 1701.628419]  should_failslab+0x5/0x10
[ 1701.628449]  kmem_cache_alloc_trace+0x55/0x3c0
[ 1701.628476]  __io_uring_add_tctx_node+0x15f/0x390
[ 1701.628500]  ? io_eventfd_put+0x50/0x50
[ 1701.628535]  io_uring_setup.cold+0x21c1/0x271c
[ 1701.628571]  ? io_sqe_files_register+0x230/0x230
[ 1701.628618]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1701.628656]  do_syscall_64+0x3b/0x90
[ 1701.628678]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1701.628704] RIP: 0033:0x7f4ea96a2b19
[ 1701.628719] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1701.628737] RSP: 002b:00007f4ea6c18108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1701.628755] RAX: ffffffffffffffda RBX: 00007f4ea97b5f60 RCX: 00007f4ea96a2b19
[ 1701.628768] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1701.628780] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1701.628791] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1701.628803] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1701.628835]  </TASK>
[ 1701.677799] FAULT_INJECTION: forcing a failure.
[ 1701.677799] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1701.678045] CPU: 0 PID: 7226 Comm: syz-executor.1 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1701.678073] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1701.678088] Call Trace:
[ 1701.678094]  <TASK>
[ 1701.678102]  dump_stack_lvl+0x8b/0xb3
[ 1701.678139]  should_fail.cold+0x5/0xa
[ 1701.678169]  prepare_alloc_pages+0x17b/0x500
[ 1701.678220]  __alloc_pages+0x131/0x4e0
[ 1701.678248]  ? __alloc_pages_slowpath.constprop.0+0x1f10/0x1f10
[ 1701.678296]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 1701.678334]  ? cap_capable+0x1eb/0x250
[ 1701.678381]  alloc_pages+0x1a0/0x2f0
[ 1701.678417]  __get_free_pages+0xc/0xa0
[ 1701.678453]  io_uring_setup.cold+0x11b4/0x271c
[ 1701.678497]  ? io_sqe_files_register+0x230/0x230
[ 1701.678556]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1701.678601]  do_syscall_64+0x3b/0x90
[ 1701.678628]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1701.678660] RIP: 0033:0x7f2c579bdb19
[ 1701.678677] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1701.678699] RSP: 002b:00007f2c54f33108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1701.678723] RAX: ffffffffffffffda RBX: 00007f2c57ad0f60 RCX: 00007f2c579bdb19
[ 1701.678738] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1701.678753] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1701.678767] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1701.678781] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1701.678822]  </TASK>
[ 1716.232413] kmemleak: 4 new suspected memory leaks (see /sys/kernel/debug/kmemleak)
19:39:00 executing program 4:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000080)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r1 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[])
r2 = openat(r1, &(0x7f0000000180)='./file0\x00', 0x101042, 0x2500)
write(r2, &(0x7f0000000080)="01", 0xffff8000)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
io_submit(0x0, 0x1, &(0x7f0000001340)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x2}])
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f00000006c0)={<r4=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r3, 0xc0182101, &(0x7f0000000740)={r4, 0x37, 0x9})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000000)={r4, 0x0, r0, 0xffffff80})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000200)={0x0, 0x0, 0xffffffffffffffff, 0x0, 0xfe7})

19:39:00 executing program 7:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0x5396)

19:39:00 executing program 3:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)=<r2=>0x0)
r3 = creat(&(0x7f0000000380)='./file1\x00', 0x0)
r4 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140))
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
syz_io_uring_setup(0x76e7, &(0x7f0000000340), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000280), &(0x7f00000003c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(0xffffffffffffffff, 0xa, 0x0, r5)
syz_io_uring_submit(0x0, r2, &(0x7f00000003c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x4, 0x0, @fd=r3, 0xfffffffffffffff9, 0x0, 0xf690, 0x0, 0x0, {0x0, r5}}, 0x1000)
r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
fchmodat(r6, &(0x7f0000000180)='./file0\x00', 0x4)
r7 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r8 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r8, r7, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r6, 0x5206, &(0x7f0000000480))

19:39:00 executing program 0:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 12)

19:39:00 executing program 6:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 43)

19:39:00 executing program 1:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 15)

19:39:00 executing program 2:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 42)

19:39:00 executing program 5:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0xc8240, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r3=>0x0})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="00010000", @ANYRES16=r4, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r3, @ANYBLOB="e200330080800000080211000001080211"], 0x100}}, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000340), r2)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r5=>0x0})
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000000200)=ANY=[@ANYBLOB="8c27519022ef6511e1cd55f6d408bc7c01ec82b8876f6da46e00"/39, @ANYRES32=r0, @ANYBLOB="ff010000000000002e2f66696c653000"])
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="00010000", @ANYRES16=r6, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r5, @ANYBLOB="e200330080800000080211000001080211"], 0x100}}, 0x0)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000080), r1)
sendmsg$MPTCP_PM_CMD_GET_ADDR(r1, &(0x7f0000000300)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000002c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="8c000000", @ANYRES16=0x0, @ANYBLOB="100028bd70cbaa15447930a3b6b2777273c0004e72df25030000000800030006000000080003000800000008000200040000381b50523b8f7f7300f800000014000400ff02000000000000000000000010000114000400fe8800000000000000020002000000bb060001000a1dd2761795d1f128bc9800e8a504b20509ecb4f192e50108000600040100000800030064010100"], 0x8c}, 0x1, 0x0, 0x0, 0x4000000}, 0x40005)
ioctl$CDROMRESET(r0, 0x5312)
ioctl$CDROMPLAYMSF(r0, 0x5303, &(0x7f0000000100)={0x6, 0x2, 0x7f, 0xe, 0x4, 0x4})
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x149802, 0x0)
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f0000000000)={'rose0\x00'})
pwritev2(r7, &(0x7f0000000600)=[{&(0x7f00000000c0)="7d6d540c10037b9b35480d310900", 0xe}, {0x0}], 0x2, 0x0, 0x0, 0x0)
write$binfmt_misc(r7, &(0x7f0000000540)={'syz1', "4550a049b2656e18e27f1d05a95fd362c31687869d79b293617fe6a078c491d7da55fb786162d7d9ccab32c20d550c0c2e07379f3cfde84e39abc727b749aebc90b99b47e34ed028543c7785d105b1292c7dc83cf52f3bc543dc12de92a290968e45b77b0d0fda43f39420b3994f9a35d84a95dad4559d2080dfe778a710f8211d1e2bdb0e856f43982f01833cf48abbde242a2e3140066efd20f0c1d711b0a442633e89f8b58005c33964cedfdb908bc903fcf14c0442cbc3f729e30deb58618f765ba214e6ba75a945ac79465c3cc093f0aa972a4f973bf8c068bb7be3f53904740d9b33b4ccde29333dad7cc7df1ddc8e7ff1be00074d95b5147f0dfdfb0002be69b322dc4980e72de4d9ac8172c1b350dda17abe92b7a5320957bd279dfdf3aa09314f2f775f37da4beecf7c9c6e63b66f268afc3626884c17525c061d8b400604c0c98debf1f2885cf101f92bf84d47c8e22f9ffadb78a918539b0897ba890eaf89c831a0a1c71adbf3902a7ee78ec7265c9857544a40ed577c062afd6441abb2104269c9af87cf7151bbd28afe19fdfe6951b0717d17b29c2a505d29453595f6c5c60ea5add082631a3045e9f8daac94a158b86d4270a2498436c3220af8d224802f2203f47a9e549f2d65d8c862ef357848083b5ec92f675b13a3d1dfe9ff435ce2daa38ff418aad66ea102b38f9e6868dad550ea800924c039c7904857222e1c7e71009839c2817db3eefec4f904e069e1e574fbb8293585fc4c1c2fa2b59985a4059c772da52f6bd22f714439738075372389afc418306bc4e9044c2980094c87c867e6666e330d3df44472791fee4d86ba9e7599a4c2685149477048ed917b489eb7dd5a96afc1b36e6b5bd111954d027ac50221adbb54b82101593d893f87be6f3121f672af64d213362b6b794bee0d2bb7035b4ef6289a698f1ab8b544e2b721d9c5b98f386d2f028755c3fdd1ecf401d4e88ae361f5bcc0dc773e9227a2b133fb60d79055e2d4d0f9fb548dadf8d5cc4284d46117fcaf2686f6e78dca43feb74cd48dcbb2a4509e5fb003142d749de948a1afe4da81e81e454516ce27611d5adb1423e5d8039bc953594c53137b21c13cc49063a68f680b4f8d3b55a7f4509b5b1e4064a27ce2380db0204d4cc4d43c4194379660ab4fc86976b8470eb4290301b2e301c6ac32a306e0dba972c84c8f15fc9c7bed400a38f44731e3d3112acf3a86a27d7e6ee9c30afac1258f0c39da555d0f63ed6de9506b5e05db43e47d79d9fcdc6c9b8bd0548f650facafca84f596b96d0ec50b6bef9e77317039157cf81caa8cb740f821c561dd6280987481b2fd526fd2e3d376c6bd10647286991d95a39b0365d7f1203ba86a3e64efc0f9067e3c4e2e0d5c0dd2353ba7079def619f7cc95345b2d2cf39249ff3e6f61cf4703563872af503017ae39445fad9f4834296192412fe0ac7d11720f1ab6f80198b9c4bb66d6a0fc7bed34b2b70d4439d25b6b663e502d4f441d4b17c70ceeffc8cfa244da7c0b61fb318f6af64aa2e9e78cb35ade26dce4d517cf91421afe8897aee82bc07c1ff74c3ec5e020ac6f0394d284ebf1ef9a02e09fcee4b114db4f79ecaf2b0d8037abb06f3adaf5aaa3411d55283023fcfbf9d5a95a5d186507a0806299d150cd76074d5a1b9e519f83792ebdbfd28a01b0200af62189720bebfcf1b6db64e4e1f91416936aacbf4fce012398f57e81f939642e1228e22f9c08914e297c448beb98f132294e5f47eecad302a2774affe93df6f44fda1b4f3f5aa1b19a3d7184a6e4d3c5e54dc5537c8ae3dcd36eef3bf97240589cfa69216e6cef6572b20fc8608bbcba34956b2194d21b415ec74db0b503ee0c0ba28d8d869aa0fe0aa8a187ae2b2fa7a37bb3f47b3cda7496088f0ff4b11547e631c0bdcd94717e61a7b1a876355ed929692c73c82cd43648e1267950a5dc8c71c38b11685e7b27612b9b166ad61ac7e963744f2059d4f52bd0a575255e5b3c8b714fafb1e7f70536a891962ea1e8807d04eece03a797e0ab80c9fdbb90a047bb67c6257e245c7a7e8787816e0263bf4f694fb6a31e98f09a11034ccbd09554b63f7cf5a0035ba67969fbbd68d7ce6ae40276965de3d03eddf7330e44a8ae3a387a491a34870a3c6e495827409fecf0ebb2f11ee0872a337c32f8f594390139d3bb65dedab4a603a20a5c0d6930debc399341919b0046399f22f86d37828f6730e87baa1d9472732513ba3e9685e1015fb622f75c8cb498baafdd0cb4cb1eb1e1a2aa13563a73ddcade8b2e5034d8b3813a816e4d15c8aae003e8d19922a2705b3883e37bc9b59e0b0457fd1a4d11b9c1247a98559230d682c759eb43aa2a2803013a712e2022a4a770ab218097498ccbf6678a42abcf83b88186b873137700400e56f9cc9c4f46c8c751360da2ecdf0d9b88629481c93eff6a89671b70f2f37e342a5481e28885afc51e93747781048f912527a8f120b0dea99de8a962ad77b5312adbadfe6432c8bf5800844be60855c6dbe89dbda5c7ec30d359e7709ae32265350d0aed78d10ee127eafeb84f94a4706ab59cdbd83f09209c5546cd5ef0d51bc2dd9a2c4e7fb5e3bee40628b4a8a580206a74f09714fa7003936c9d7a20eb6b0552520e3e4ec63c2483e18890f40fa706269e4a07573cba0a74a0909d65bdfa5bffdb3c7b3b6cefcc495d45dce705b65a18b5870b045548b50d0108491d6c4eb2013306903b7f244ef8066341dda3b6f5a5be0894b8bd26709fd295ef3fbe8ca4351ec42a312b6a2a0cfdc1fca0797c821f16a0c29827ef40a1dbea3f5e9298acf0c11fb92a5a8a80e44d3648ec66f2735abe66e7b456554a43e1cfb40c75cf30e71faff66769604fcc9a91e31a8c93ff2e8345df1fc382ad03a1248391602bfc5a0cfa28245f73c2416c4b2fea5c722bd82b93de12f2122de3bb840d05c411761ac8e88251a8f4ddf52d153832f34bb210c16a6b2c76e8f1f38ca462ed22feaa54e18f2cf56e42a75423598e55e3ec89e5d97c31ba71cf21b8bcf2c264bf7575d0eb345db96198c763a58f5cc708ff8be6f011761a5e554d03cbecad0dcf716077ad280a30180f775b92f219a8d38f361e9de79f5adb5c30f3c3152533705dda5bd031d66f973844d0d4ab59606a4ffaf14ae76f0a35144bb32fa03257d8fd5ffde8dc3ecd9c7fec5aeefd93f0831d310292f1e63bf1b475c49e676e4beda173a18ae11b8f34f176cadb3b4c7002ed598392ef23bee8e028b2d011922328d38dcbcac28ca7d714c8bab68e03912cf88e80dbc629179ed8daddb26f4eae1e86d6bdbab4297de810a5926b4c989c96f9492f0bf9a9510b36ed8757da9ced641e27501f35ad23dbcef9764f62bcb8b3fed748129757192631ac8ec4ce4cb0cb18f994c3525d409b99aa1060fc9766e51a2b02bcc37356e9fdee0e20f47021d2cbdd26133e812bfe0d39433c8095529defdbe578344d04a02b92e3e90d230503e8d1981ccc366586ffd0128c641924ea86847895e799132991ace5716201075ac63fc62dc622dbea015da9090c87481e33060584e3d09416518cfd63381af04f352e6409232d656030bc7c37d0350202e34721aa2fa9c8a5a5914960ba6b0b0ca7127857bd105f2912ed2684dcb20b9faaf2a46c9d6aa48717c6a494f5dca629d9e95fa084f073a21fcd28140b4ba59091e18524a2787fc3225497521f591e6bd7e058df025102c15af378193af51981634caa95ee4560b688d29aaac2f41cd4a048d4324abba68ce87308c9f4b89922f6e12528a1755f52b98d65a47e025b886b34e3fb4f252c5bb7f30b235937637d94dc9e807e5af814e000b5f7af6db8413844cd64a529ab47477fc64d776306f19ddebb045e76b834a8b88d154ec8c8aa50576face3a0faabe0f55264ce290a06e6bd2fe793d0812137152985b61a56c98ebaa33d9f23f8939dad1fef8cd0ee7f7543bc5ba87df8b191348f915d13b56fed3f2763708f3100fa7665f4ca2ad55af7a86d5fc6b7556364d61cc6c7249af8efa8db70ab6af7246372b59238f65fc36aec8c4186c0e22817e45b8f7257294714336c763021ad6139fd3fc2ae9f5bfbb56b733802b149f2fa1dd389ab6e1dfd1f3f177d12862c858f438918ae642105633124aa5b524a8f67c6357818a2c72ff9a4abd9422f6d60084bf8a23d0aa954c19a40eda4902053393f4ad5b046ab81a4e4ebd42da236c70e664028a45821a728705754bbbe5fece3d644948a383e2feb22a21d61af1251dec92989acb5bde2c5631433204a8af889ff1656e4f00bc5d40cc06e78cfce9e5a8a41aa2b18a836956422e78a93d4243681962d0281e4d7510d6078821e04f881b3c0e3ba81fe3be455d50efc93a8c2bdefe7d7f5c1759b8abdd6238292a166c11def195e0f32de0ef53dcf513f7158a150e5edad393594e1cef5bf7eec2122d4941c2bc4846a0c9e35dd8c1008d75302836dfa3db99c031e3db3204851da5cd01092a04bb6fdc8ffb3aba4d7c71d444c23d88ef5549dfafec2d1a99adf046a4c8fda40b3be3359018ec94e41c1e28fb49fae17fb4b6681451a69433ea7617b56a14885cad9c80ede4f8ada299e58cf99a911131cc13cc1effca2a210624b486ffca0494d236b2511005b4382b101cbdf446d979c083e2917b96e53584c9632eb95127f8e586d90a2728d4ec960d4be9f1071e117d359e07b62d8d81135db2ba40ccf0d90198382a60c11ceff3a42adb11ec91fbc732c4e935402b8afe73f99b80054b5f10fd85c48baa57a0403b3d87bea939523a4c8b198b232cce359d31f05c14062ce9bb8aad89e2a9e3d77adb2676435694f89e4474bb5995e1b4109d1c978782815030483bb8b9d79d7adc54f32ece769c4d6bfed61cb34470fdefb80c6f1b611755517f8e77b04687a8d071c4e981f5c97ed05579c6df5097fff332c8cf4624ca757472becb8426bf478aa6b893a2af3e3e8d6e74de5bcad604613d80322b1bf774dc6a00304a70df45ae1b31ea564b8ec145364d9cce9ad62e0210a17d7e6aa92356cffb3589702f378afcf72267ad2b629da02858e56bae0f037d324ef392649398a7250d2b784866112cef1e8a15935ce397ea55819836e118c2176daa875c56a65f1b1b78722f32adfc988de5739a5fcd5ac5919191e39d2921e52cd94ceadcbdb6e15cb99bd60b77e19909bee42f4a36309b84916acbc32602f662847effb3dc5d89d10b495e1b413b7b1b1407df99aae9f4181bf100c8914866d11f6356907b4bee29f8a857681279cd1acef534aaae9f9c7dd2a73549bafebb05ac3e3d0f1f9938d79fa1502574235bfeaee9ff6335a5559afe89acdded57a8c2bda66bae1a1c6aae98a94747d9a600beba1a7141548b562d4be31dd08c53e32f8e628772f7d54e3a31b3b6f557fd5a9c5efe1f608b6a20a2c9bd5ba54f40660cabc45ac8e38b8521068705949cfc17c35f255e7860b6a7f0374d7f6d1b982bb9221ee8c90f35a8f009bac446fdd6b65d462347df3937dab100aef7f896dcb5eab5de582139d782ee657d28f0e91313ed4bebc9207ac56c0fe93aae33bd312166f998e5c78261915da0815d6fee0214e2f37f463178c692cafc9647d215ddbb81677317dc1f6e749e70bb313c0518070f0a729ea31b94d61256c7ddf49902d6e220fadeef355c297e27b57faf24e074fe5c4036dc539355926c805560c291bbe381303930ac715d0e719c038832e08676385af4d6adf1381df208a636ffe5161b1fd170c2c0e20307"}, 0x1004)

[ 1724.105586] FAULT_INJECTION: forcing a failure.
[ 1724.105586] name failslab, interval 1, probability 0, space 0, times 0
[ 1724.105612] CPU: 0 PID: 7241 Comm: syz-executor.2 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1724.105631] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1724.105641] Call Trace:
[ 1724.105646]  <TASK>
[ 1724.105652]  dump_stack_lvl+0x8b/0xb3
[ 1724.105677]  should_fail.cold+0x5/0xa
[ 1724.105694]  ? create_object.isra.0+0x3a/0xa20
[ 1724.105721]  should_failslab+0x5/0x10
[ 1724.105743]  kmem_cache_alloc+0x5b/0x480
19:39:00 executing program 4:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000080)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r1 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[])
r2 = openat(r1, &(0x7f0000000180)='./file0\x00', 0x101042, 0x2500)
write(r2, &(0x7f0000000080)="01", 0xffff8000)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
io_submit(0x0, 0x1, &(0x7f0000001340)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x2}])
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f00000006c0)={<r4=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r3, 0xc0182101, &(0x7f0000000740)={r4, 0x37, 0x9})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000000)={r4, 0x0, r0, 0xffffff80})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000200)={0x0, 0x0, 0xffffffffffffffff, 0x0, 0xfe7})

[ 1724.105765]  create_object.isra.0+0x3a/0xa20
[ 1724.105787]  ? kasan_unpoison+0x23/0x50
[ 1724.105812]  kmem_cache_alloc_trace+0x22e/0x3c0
[ 1724.105834]  __io_uring_add_tctx_node+0x15f/0x390
[ 1724.105862]  ? io_eventfd_put+0x50/0x50
[ 1724.105891]  io_uring_setup.cold+0x21c1/0x271c
[ 1724.105921]  ? io_sqe_files_register+0x230/0x230
[ 1724.105962]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1724.105994]  do_syscall_64+0x3b/0x90
[ 1724.106012]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1724.106035] RIP: 0033:0x7f4ea96a2b19
[ 1724.106048] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1724.106064] RSP: 002b:00007f4ea6c18108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1724.106081] RAX: ffffffffffffffda RBX: 00007f4ea97b5f60 RCX: 00007f4ea96a2b19
[ 1724.106093] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1724.106103] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1724.106114] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1724.106124] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1724.106160]  </TASK>
[ 1724.138639] FAULT_INJECTION: forcing a failure.
[ 1724.138639] name failslab, interval 1, probability 0, space 0, times 0
[ 1724.138677] CPU: 1 PID: 7249 Comm: syz-executor.0 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1724.138704] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
19:39:00 executing program 0:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 13)

19:39:00 executing program 2:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 43)

19:39:00 executing program 7:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0x541b)

[ 1724.138720] Call Trace:
[ 1724.138726]  <TASK>
[ 1724.138734]  dump_stack_lvl+0x8b/0xb3
[ 1724.138768]  should_fail.cold+0x5/0xa
[ 1724.138794]  ? percpu_ref_init+0xdb/0x3d0
[ 1724.138835]  should_failslab+0x5/0x10
[ 1724.138875]  kmem_cache_alloc_trace+0x55/0x3c0
[ 1724.138904]  ? io_sq_thread_unpark+0xba/0xba
[ 1724.138937]  percpu_ref_init+0xdb/0x3d0
[ 1724.138980]  io_uring_setup.cold+0x49d/0x271c
[ 1724.139019]  ? __sanitizer_cov_trace_cmp8+0x1d/0x70
[ 1724.139057]  ? xfd_validate_state+0x59/0x180
[ 1724.139091]  ? io_sqe_files_register+0x230/0x230
[ 1724.139151]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1724.139196]  do_syscall_64+0x3b/0x90
[ 1724.139224]  entry_SYSCALL_64_after_hwframe+0x44/0xae
19:39:00 executing program 1:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 16)

[ 1724.139257] RIP: 0033:0x7f06699e0b19
[ 1724.139275] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1724.139298] RSP: 002b:00007f0666f35108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1724.139323] RAX: ffffffffffffffda RBX: 00007f0669af4020 RCX: 00007f06699e0b19
[ 1724.139339] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1724.139354] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1724.139369] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1724.139383] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1724.139424]  </TASK>
[ 1724.166460] FAULT_INJECTION: forcing a failure.
[ 1724.166460] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1724.166483] CPU: 0 PID: 7248 Comm: syz-executor.1 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1724.166501] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
19:39:00 executing program 3:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)=<r2=>0x0)
r3 = creat(&(0x7f0000000380)='./file1\x00', 0x0)
r4 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140))
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
r6 = syz_io_uring_setup(0x76e7, &(0x7f0000000340), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000280), &(0x7f00000003c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0xa, 0x0, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000003c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x4, 0x0, @fd=r3, 0xfffffffffffffff9, 0x0, 0xf690, 0x0, 0x0, {0x0, r5}}, 0x1000)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
fchmodat(r7, &(0x7f0000000180)='./file0\x00', 0x4)
r8 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r9 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r9, r8, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r7, 0x5206, &(0x7f0000000480))

19:39:00 executing program 6:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 44)

[ 1724.166511] Call Trace:
[ 1724.166515]  <TASK>
[ 1724.166520]  dump_stack_lvl+0x8b/0xb3
[ 1724.166541]  should_fail.cold+0x5/0xa
[ 1724.166560]  prepare_alloc_pages+0x17b/0x500
[ 1724.166587]  ? lock_is_held_type+0xd7/0x130
[ 1724.166613]  __alloc_pages+0x131/0x4e0
[ 1724.166632]  ? __alloc_pages_slowpath.constprop.0+0x1f10/0x1f10
[ 1724.166667]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 1724.166692]  ? cap_capable+0x1eb/0x250
[ 1724.166724]  alloc_pages+0x1a0/0x2f0
[ 1724.166749]  __get_free_pages+0xc/0xa0
[ 1724.166775]  io_uring_setup.cold+0x13d4/0x271c
[ 1724.166803]  ? io_sqe_files_register+0x230/0x230
[ 1724.166845]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1724.166874]  do_syscall_64+0x3b/0x90
[ 1724.166892]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1724.166913] RIP: 0033:0x7f2c579bdb19
[ 1724.166925] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1724.166940] RSP: 002b:00007f2c54f33108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1724.166955] RAX: ffffffffffffffda RBX: 00007f2c57ad0f60 RCX: 00007f2c579bdb19
[ 1724.166965] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1724.166975] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1724.166985] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1724.166994] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1724.167021]  </TASK>
[ 1724.185086] FAULT_INJECTION: forcing a failure.
[ 1724.185086] name failslab, interval 1, probability 0, space 0, times 0
[ 1724.185108] CPU: 0 PID: 7245 Comm: syz-executor.6 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1724.185125] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1724.185136] Call Trace:
[ 1724.185139]  <TASK>
[ 1724.185144]  dump_stack_lvl+0x8b/0xb3
[ 1724.185165]  should_fail.cold+0x5/0xa
[ 1724.185184]  should_failslab+0x5/0x10
[ 1724.185209]  kmem_cache_alloc_lru+0x60/0x7c0
[ 1724.185223]  ? xas_alloc+0x35d/0x480
[ 1724.185250]  xas_alloc+0x35d/0x480
[ 1724.185274]  xas_create+0x35b/0x1030
[ 1724.185310]  xas_store+0x90/0x1c40
[ 1724.185344]  __xa_store+0x16d/0x2d0
[ 1724.185368]  ? xa_delete_node+0x270/0x270
[ 1724.185395]  ? rwlock_bug.part.0+0x90/0x90
[ 1724.185428]  xa_store+0x31/0x50
[ 1724.185454]  __io_uring_add_tctx_node+0x1d2/0x390
[ 1724.185476]  ? io_eventfd_put+0x50/0x50
[ 1724.185505]  io_uring_setup.cold+0x21c1/0x271c
[ 1724.185533]  ? io_sqe_files_register+0x230/0x230
[ 1724.185575]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1724.185605]  do_syscall_64+0x3b/0x90
[ 1724.185622]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1724.185646] RIP: 0033:0x7f011e7ddb19
[ 1724.185658] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1724.185673] RSP: 002b:00007f011bd53108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1724.185688] RAX: ffffffffffffffda RBX: 00007f011e8f0f60 RCX: 00007f011e7ddb19
[ 1724.185698] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1724.185708] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1724.185717] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1724.185726] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1724.185754]  </TASK>
[ 1724.372952] FAULT_INJECTION: forcing a failure.
[ 1724.372952] name failslab, interval 1, probability 0, space 0, times 0
[ 1724.372989] CPU: 1 PID: 7261 Comm: syz-executor.1 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1724.373015] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1724.373030] Call Trace:
[ 1724.373037]  <TASK>
[ 1724.373045]  dump_stack_lvl+0x8b/0xb3
[ 1724.373079]  should_fail.cold+0x5/0xa
[ 1724.373104]  ? io_rsrc_node_switch_start.part.0+0x43/0x240
[ 1724.373140]  should_failslab+0x5/0x10
[ 1724.373172]  kmem_cache_alloc_trace+0x55/0x3c0
[ 1724.373204]  io_rsrc_node_switch_start.part.0+0x43/0x240
[ 1724.373239]  io_uring_setup.cold+0x1daa/0x271c
[ 1724.373282]  ? io_sqe_files_register+0x230/0x230
[ 1724.373339]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1724.373384]  do_syscall_64+0x3b/0x90
[ 1724.373410]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1724.373442] RIP: 0033:0x7f2c579bdb19
[ 1724.373460] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1724.373483] RSP: 002b:00007f2c54f33108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1724.373507] RAX: ffffffffffffffda RBX: 00007f2c57ad0f60 RCX: 00007f2c579bdb19
[ 1724.373523] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1724.373538] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1724.373552] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1724.373566] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1724.373606]  </TASK>
[ 1724.375391] FAULT_INJECTION: forcing a failure.
[ 1724.375391] name failslab, interval 1, probability 0, space 0, times 0
[ 1724.375420] CPU: 1 PID: 7259 Comm: syz-executor.0 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1724.375445] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1724.375459] Call Trace:
[ 1724.375464]  <TASK>
[ 1724.375472]  dump_stack_lvl+0x8b/0xb3
[ 1724.375499]  should_fail.cold+0x5/0xa
[ 1724.375523]  ? create_object.isra.0+0x3a/0xa20
[ 1724.375559]  should_failslab+0x5/0x10
[ 1724.375589]  kmem_cache_alloc+0x5b/0x480
[ 1724.375620]  create_object.isra.0+0x3a/0xa20
[ 1724.375651]  ? kasan_unpoison+0x23/0x50
[ 1724.375687]  kmem_cache_alloc_trace+0x22e/0x3c0
[ 1724.375715]  ? io_sq_thread_unpark+0xba/0xba
[ 1724.375746]  percpu_ref_init+0xdb/0x3d0
[ 1724.375789]  io_uring_setup.cold+0x49d/0x271c
[ 1724.375824]  ? lock_is_held_type+0xd7/0x130
[ 1724.375865]  ? io_sqe_files_register+0x230/0x230
[ 1724.375925]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1724.375969]  do_syscall_64+0x3b/0x90
[ 1724.375995]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1724.376026] RIP: 0033:0x7f06699e0b19
[ 1724.376043] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1724.376066] RSP: 002b:00007f0666f56108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1724.376089] RAX: ffffffffffffffda RBX: 00007f0669af3f60 RCX: 00007f06699e0b19
[ 1724.376104] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1724.376118] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1724.376133] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1724.376147] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1724.376188]  </TASK>
[ 1724.451073] FAULT_INJECTION: forcing a failure.
[ 1724.451073] name failslab, interval 1, probability 0, space 0, times 0
[ 1724.451095] CPU: 0 PID: 7270 Comm: syz-executor.6 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1724.451110] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1724.451119] Call Trace:
[ 1724.451123]  <TASK>
[ 1724.451127]  dump_stack_lvl+0x8b/0xb3
[ 1724.451149]  should_fail.cold+0x5/0xa
[ 1724.451163]  ? create_object.isra.0+0x3a/0xa20
[ 1724.451184]  should_failslab+0x5/0x10
[ 1724.451202]  kmem_cache_alloc+0x5b/0x480
[ 1724.451215]  ? arch_stack_walk+0x99/0xf0
[ 1724.451238]  create_object.isra.0+0x3a/0xa20
[ 1724.451255]  ? kasan_unpoison+0x23/0x50
[ 1724.451276]  kmem_cache_alloc_lru+0x2d3/0x7c0
[ 1724.451287]  ? xas_alloc+0x35d/0x480
[ 1724.451310]  xas_alloc+0x35d/0x480
[ 1724.451330]  xas_create+0x35b/0x1030
[ 1724.451359]  xas_store+0x90/0x1c40
[ 1724.451388]  __xa_store+0x16d/0x2d0
[ 1724.451407]  ? xa_delete_node+0x270/0x270
[ 1724.451429]  ? rwlock_bug.part.0+0x90/0x90
[ 1724.451457]  xa_store+0x31/0x50
[ 1724.451475]  __io_uring_add_tctx_node+0x1d2/0x390
[ 1724.451493]  ? io_eventfd_put+0x50/0x50
[ 1724.451517]  io_uring_setup.cold+0x21c1/0x271c
[ 1724.451541]  ? io_sqe_files_register+0x230/0x230
[ 1724.451574]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1724.451599]  do_syscall_64+0x3b/0x90
[ 1724.451614]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1724.451632] RIP: 0033:0x7f011e7ddb19
[ 1724.451642] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1724.451655] RSP: 002b:00007f011bd53108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1724.451668] RAX: ffffffffffffffda RBX: 00007f011e8f0f60 RCX: 00007f011e7ddb19
[ 1724.451677] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1724.451685] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1724.451693] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1724.451700] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1724.451723]  </TASK>
[ 1724.458434] FAULT_INJECTION: forcing a failure.
[ 1724.458434] name failslab, interval 1, probability 0, space 0, times 0
[ 1724.458465] CPU: 1 PID: 7265 Comm: syz-executor.2 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1724.458489] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1724.458503] Call Trace:
[ 1724.458508]  <TASK>
[ 1724.458516]  dump_stack_lvl+0x8b/0xb3
[ 1724.458543]  should_fail.cold+0x5/0xa
[ 1724.458571]  should_failslab+0x5/0x10
[ 1724.458599]  kmem_cache_alloc_lru+0x60/0x7c0
[ 1724.458619]  ? xas_alloc+0x35d/0x480
[ 1724.458655]  xas_alloc+0x35d/0x480
[ 1724.458689]  xas_create+0x35b/0x1030
[ 1724.458741]  xas_store+0x90/0x1c40
[ 1724.458790]  __xa_store+0x16d/0x2d0
[ 1724.458823]  ? xa_delete_node+0x270/0x270
[ 1724.458867]  ? rwlock_bug.part.0+0x90/0x90
[ 1724.458913]  xa_store+0x31/0x50
[ 1724.458944]  __io_uring_add_tctx_node+0x1d2/0x390
[ 1724.458973]  ? io_eventfd_put+0x50/0x50
[ 1724.459014]  io_uring_setup.cold+0x21c1/0x271c
[ 1724.459054]  ? io_sqe_files_register+0x230/0x230
[ 1724.459109]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1724.459151]  do_syscall_64+0x3b/0x90
[ 1724.459176]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1724.459205] RIP: 0033:0x7f4ea96a2b19
[ 1724.459222] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1724.459243] RSP: 002b:00007f4ea6c18108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1724.459264] RAX: ffffffffffffffda RBX: 00007f4ea97b5f60 RCX: 00007f4ea96a2b19
[ 1724.459279] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1724.459293] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1724.459306] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1724.459320] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1724.459359]  </TASK>
[ 1737.165161] kmemleak: 12 new suspected memory leaks (see /sys/kernel/debug/kmemleak)
19:39:20 executing program 4:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000080)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r1 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[])
r2 = openat(r1, &(0x7f0000000180)='./file0\x00', 0x101042, 0x2500)
write(r2, &(0x7f0000000080)="01", 0xffff8000)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
io_submit(0x0, 0x1, &(0x7f0000001340)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x2}])
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f00000006c0)={<r4=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r3, 0xc0182101, &(0x7f0000000740)={r4, 0x37, 0x9})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000000)={r4, 0x0, r0, 0xffffff80})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000200)={0x0, 0x0, 0xffffffffffffffff, 0x0, 0xfe7})

19:39:20 executing program 2:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 44)

19:39:20 executing program 0:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 14)

19:39:20 executing program 5:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0x5312)
openat(r0, &(0x7f0000000040)='./file0\x00', 0x103040, 0x4)

19:39:20 executing program 1:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 17)

19:39:20 executing program 7:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0x5421)

19:39:20 executing program 6:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 45)

19:39:20 executing program 3:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)=<r2=>0x0)
r3 = creat(&(0x7f0000000380)='./file1\x00', 0x0)
r4 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140))
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
r6 = syz_io_uring_setup(0x76e7, &(0x7f0000000340), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000280), &(0x7f00000003c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0xa, 0x0, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000003c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x4, 0x0, @fd=r3, 0xfffffffffffffff9, 0x0, 0xf690, 0x0, 0x0, {0x0, r5}}, 0x1000)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
fchmodat(r7, &(0x7f0000000180)='./file0\x00', 0x4)
r8 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r9 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r9, r8, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r7, 0x5206, &(0x7f0000000480))

19:39:20 executing program 4:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000080)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r1 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[])
r2 = openat(r1, &(0x7f0000000180)='./file0\x00', 0x101042, 0x2500)
write(r2, &(0x7f0000000080)="01", 0xffff8000)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
io_submit(0x0, 0x1, &(0x7f0000001340)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x2}])
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f00000006c0)={<r4=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r3, 0xc0182101, &(0x7f0000000740)={r4, 0x37, 0x9})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000000)={r4, 0x0, r0, 0xffffff80, 0x80000})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(0xffffffffffffffff, 0x40182103, &(0x7f0000000200)={0x0, 0x0, 0xffffffffffffffff, 0x0, 0xfe7})

[ 1744.142941] FAULT_INJECTION: forcing a failure.
[ 1744.142941] name failslab, interval 1, probability 0, space 0, times 0
[ 1744.142964] CPU: 1 PID: 7282 Comm: syz-executor.1 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1744.142978] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1744.142985] Call Trace:
[ 1744.142989]  <TASK>
[ 1744.142994]  dump_stack_lvl+0x8b/0xb3
[ 1744.143014]  should_fail.cold+0x5/0xa
[ 1744.143026]  ? create_object.isra.0+0x3a/0xa20
[ 1744.143046]  should_failslab+0x5/0x10
[ 1744.143062]  kmem_cache_alloc+0x5b/0x480
[ 1744.143078]  create_object.isra.0+0x3a/0xa20
[ 1744.143093]  ? kasan_unpoison+0x23/0x50
[ 1744.143111]  kmem_cache_alloc_trace+0x22e/0x3c0
[ 1744.143126]  io_rsrc_node_switch_start.part.0+0x43/0x240
[ 1744.143144]  io_uring_setup.cold+0x1daa/0x271c
[ 1744.143166]  ? io_sqe_files_register+0x230/0x230
19:39:20 executing program 0:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 15)

[ 1744.143194]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1744.143216]  do_syscall_64+0x3b/0x90
19:39:20 executing program 1:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 18)

19:39:20 executing program 4:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000080)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r1 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[])
r2 = openat(r1, &(0x7f0000000180)='./file0\x00', 0x101042, 0x2500)
write(r2, &(0x7f0000000080)="01", 0xffff8000)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
io_submit(0x0, 0x1, &(0x7f0000001340)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x2}])
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f00000006c0)={<r4=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r3, 0xc0182101, &(0x7f0000000740)={r4, 0x37, 0x9})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000000)={r4, 0x0, r0, 0xffffff80, 0x80000})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(0xffffffffffffffff, 0x40182103, &(0x7f0000000200)={0x0, 0x0, 0xffffffffffffffff, 0x0, 0xfe7})

[ 1744.143230]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1744.143245] RIP: 0033:0x7f2c579bdb19
[ 1744.143254] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1744.143266] RSP: 002b:00007f2c54f33108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1744.143278] RAX: ffffffffffffffda RBX: 00007f2c57ad0f60 RCX: 00007f2c579bdb19
[ 1744.143286] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1744.143293] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1744.143300] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1744.143307] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1744.143327]  </TASK>
[ 1744.144512] FAULT_INJECTION: forcing a failure.
[ 1744.144512] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1744.144527] CPU: 1 PID: 7284 Comm: syz-executor.0 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1744.144540] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
19:39:20 executing program 5:
lstat(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, <r0=>0x0})
lchown(&(0x7f0000000140)='./file0\x00', r0, 0x0)
fchown(0xffffffffffffffff, r0, 0xee01)
r1 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
r2 = getgid()
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f00000002c0)={{0x1, 0x1, 0x18, r1}, './file0\x00'})
mount$9p_fd(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000180), 0x1, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@privport}, {@dfltgid={'dfltgid', 0x3d, r2}}, {@cache_fscache}], [{@fscontext={'fscontext', 0x3d, 'unconfined_u'}}, {@audit}, {@fsname={'fsname', 0x3d, '/dev/sr0\x00'}}, {@obj_type={'obj_type', 0x3d, '/dev/sr0\x00'}}, {@subj_user={'subj_user', 0x3d, '/dev/sr0\x00'}}]}})
ioctl$CDROMRESET(r1, 0x5312)

[ 1744.144547] Call Trace:
[ 1744.144549]  <TASK>
[ 1744.144553]  dump_stack_lvl+0x8b/0xb3
[ 1744.144567]  should_fail.cold+0x5/0xa
[ 1744.144581]  prepare_alloc_pages+0x17b/0x500
[ 1744.144605]  __alloc_pages+0x131/0x4e0
[ 1744.144619]  ? __alloc_pages_slowpath.constprop.0+0x1f10/0x1f10
[ 1744.144642]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 1744.144662]  ? cap_capable+0x1eb/0x250
[ 1744.144686]  alloc_pages+0x1a0/0x2f0
[ 1744.144704]  __get_free_pages+0xc/0xa0
[ 1744.144722]  io_uring_setup.cold+0x11b4/0x271c
[ 1744.144743]  ? io_sqe_files_register+0x230/0x230
[ 1744.144771]  ? syscall_enter_from_user_mode+0x1d/0x50
19:39:20 executing program 4:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000080)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r1 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[])
r2 = openat(r1, &(0x7f0000000180)='./file0\x00', 0x101042, 0x2500)
write(r2, &(0x7f0000000080)="01", 0xffff8000)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
io_submit(0x0, 0x1, &(0x7f0000001340)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x2}])
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f00000006c0)={<r4=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r3, 0xc0182101, &(0x7f0000000740)={r4, 0x37, 0x9})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000000)={r4, 0x0, r0, 0xffffff80, 0x80000})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(0xffffffffffffffff, 0x40182103, &(0x7f0000000200)={0x0, 0x0, 0xffffffffffffffff, 0x0, 0xfe7})

[ 1744.144792]  do_syscall_64+0x3b/0x90
[ 1744.144805]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1744.144820] RIP: 0033:0x7f06699e0b19
[ 1744.144828] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
19:39:20 executing program 7:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0x5450)

[ 1744.144843] RSP: 002b:00007f0666f56108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1744.144854] RAX: ffffffffffffffda RBX: 00007f0669af3f60 RCX: 00007f06699e0b19
[ 1744.144862] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1744.144869] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1744.144876] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1744.144883] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1744.144903]  </TASK>
[ 1744.217444] FAULT_INJECTION: forcing a failure.
[ 1744.217444] name failslab, interval 1, probability 0, space 0, times 0
[ 1744.217775] CPU: 1 PID: 7296 Comm: syz-executor.6 Not tainted 5.18.0-rc4-next-20220427 #1
19:39:20 executing program 1:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 19)

[ 1744.217814] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1744.217839] Call Trace:
[ 1744.217848]  <TASK>
[ 1744.217859]  dump_stack_lvl+0x8b/0xb3
[ 1744.217900]  should_fail.cold+0x5/0xa
[ 1744.217938]  should_failslab+0x5/0x10
[ 1744.217984]  kmem_cache_alloc_lru+0x60/0x7c0
[ 1744.218016]  ? xas_alloc+0x35d/0x480
[ 1744.218068]  xas_alloc+0x35d/0x480
[ 1744.218116]  xas_create+0x35b/0x1030
[ 1744.218180]  xas_store+0x90/0x1c40
[ 1744.218243]  __xa_store+0x16d/0x2d0
[ 1744.218292]  ? xa_delete_node+0x270/0x270
[ 1744.218334]  ? rwlock_bug.part.0+0x90/0x90
[ 1744.218360]  xa_store+0x31/0x50
[ 1744.218376]  __io_uring_add_tctx_node+0x1d2/0x390
[ 1744.218392]  ? io_eventfd_put+0x50/0x50
[ 1744.218413]  io_uring_setup.cold+0x21c1/0x271c
[ 1744.218456]  ? io_sqe_files_register+0x230/0x230
[ 1744.218484]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1744.218507]  do_syscall_64+0x3b/0x90
[ 1744.218521]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1744.218537] RIP: 0033:0x7f011e7ddb19
[ 1744.218546] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1744.218558] RSP: 002b:00007f011bd53108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1744.218570] RAX: ffffffffffffffda RBX: 00007f011e8f0f60 RCX: 00007f011e7ddb19
[ 1744.218578] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1744.218585] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1744.218592] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1744.218599] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1744.218620]  </TASK>
[ 1744.223802] FAULT_INJECTION: forcing a failure.
[ 1744.223802] name failslab, interval 1, probability 0, space 0, times 0
[ 1744.223875] CPU: 0 PID: 7299 Comm: syz-executor.2 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1744.223900] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1744.223915] Call Trace:
[ 1744.223921]  <TASK>
[ 1744.223929]  dump_stack_lvl+0x8b/0xb3
[ 1744.223964]  should_fail.cold+0x5/0xa
[ 1744.223987]  ? create_object.isra.0+0x3a/0xa20
[ 1744.224023]  should_failslab+0x5/0x10
[ 1744.224053]  kmem_cache_alloc+0x5b/0x480
[ 1744.224074]  ? arch_stack_walk+0x99/0xf0
[ 1744.224112]  create_object.isra.0+0x3a/0xa20
[ 1744.224141]  ? kasan_unpoison+0x23/0x50
[ 1744.224175]  kmem_cache_alloc_lru+0x2d3/0x7c0
[ 1744.224194]  ? xas_alloc+0x35d/0x480
[ 1744.224233]  xas_alloc+0x35d/0x480
[ 1744.224265]  xas_create+0x35b/0x1030
[ 1744.224316]  xas_store+0x90/0x1c40
[ 1744.224363]  __xa_store+0x16d/0x2d0
[ 1744.224396]  ? xa_delete_node+0x270/0x270
[ 1744.224433]  ? rwlock_bug.part.0+0x90/0x90
[ 1744.224479]  xa_store+0x31/0x50
[ 1744.224514]  __io_uring_add_tctx_node+0x1d2/0x390
[ 1744.224544]  ? io_eventfd_put+0x50/0x50
[ 1744.224584]  io_uring_setup.cold+0x21c1/0x271c
[ 1744.224624]  ? io_sqe_files_register+0x230/0x230
[ 1744.224678]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1744.224721]  do_syscall_64+0x3b/0x90
[ 1744.224746]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1744.224776] RIP: 0033:0x7f4ea96a2b19
[ 1744.224792] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1744.224812] RSP: 002b:00007f4ea6c18108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1744.224834] RAX: ffffffffffffffda RBX: 00007f4ea97b5f60 RCX: 00007f4ea96a2b19
[ 1744.224848] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1744.224862] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1744.224874] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1744.224887] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1744.224926]  </TASK>
[ 1744.262350] FAULT_INJECTION: forcing a failure.
[ 1744.262350] name failslab, interval 1, probability 0, space 0, times 0
[ 1744.262372] CPU: 1 PID: 7305 Comm: syz-executor.1 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1744.262385] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1744.262394] Call Trace:
[ 1744.262397]  <TASK>
[ 1744.262402]  dump_stack_lvl+0x8b/0xb3
[ 1744.262447]  should_fail.cold+0x5/0xa
[ 1744.262459]  ? create_object.isra.0+0x3a/0xa20
[ 1744.262479]  should_failslab+0x5/0x10
[ 1744.262496]  kmem_cache_alloc+0x5b/0x480
[ 1744.262511]  create_object.isra.0+0x3a/0xa20
[ 1744.262534]  kmemleak_alloc_percpu+0xa0/0x100
[ 1744.262556]  pcpu_alloc+0x7bf/0x1060
[ 1744.262578]  ? kmalloc_array+0x23/0x23
[ 1744.262593]  percpu_ref_init+0x31/0x3d0
[ 1744.262615]  io_rsrc_node_switch_start.part.0+0x6a/0x240
[ 1744.262633]  io_uring_setup.cold+0x1daa/0x271c
[ 1744.262654]  ? io_sqe_files_register+0x230/0x230
[ 1744.262682]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1744.262703]  do_syscall_64+0x3b/0x90
[ 1744.262716]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1744.262732] RIP: 0033:0x7f2c579bdb19
[ 1744.262741] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1744.262753] RSP: 002b:00007f2c54f33108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1744.262765] RAX: ffffffffffffffda RBX: 00007f2c57ad0f60 RCX: 00007f2c579bdb19
[ 1744.262773] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1744.262780] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1744.262788] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1744.262795] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1744.262815]  </TASK>
[ 1744.281671] FAULT_INJECTION: forcing a failure.
[ 1744.281671] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1744.281711] CPU: 1 PID: 7308 Comm: syz-executor.0 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1744.281749] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1744.281770] Call Trace:
[ 1744.281778]  <TASK>
[ 1744.281789]  dump_stack_lvl+0x8b/0xb3
[ 1744.281830]  should_fail.cold+0x5/0xa
[ 1744.281872]  prepare_alloc_pages+0x17b/0x500
[ 1744.281928]  ? lock_is_held_type+0xd7/0x130
[ 1744.281983]  __alloc_pages+0x131/0x4e0
[ 1744.282020]  ? __alloc_pages_slowpath.constprop.0+0x1f10/0x1f10
[ 1744.282078]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 1744.282134]  ? cap_capable+0x1eb/0x250
[ 1744.282196]  alloc_pages+0x1a0/0x2f0
[ 1744.282244]  __get_free_pages+0xc/0xa0
[ 1744.282288]  io_uring_setup.cold+0x13d4/0x271c
[ 1744.282309]  ? io_sqe_files_register+0x230/0x230
[ 1744.282338]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1744.282359]  do_syscall_64+0x3b/0x90
[ 1744.282373]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1744.282389] RIP: 0033:0x7f06699e0b19
[ 1744.282398] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1744.282409] RSP: 002b:00007f0666f56108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1744.282432] RAX: ffffffffffffffda RBX: 00007f0669af3f60 RCX: 00007f06699e0b19
[ 1744.282440] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1744.282447] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1744.282454] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1744.282461] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1744.282482]  </TASK>
[ 1744.410635] FAULT_INJECTION: forcing a failure.
[ 1744.410635] name failslab, interval 1, probability 0, space 0, times 0
[ 1744.410657] CPU: 1 PID: 7317 Comm: syz-executor.1 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1744.410671] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1744.410679] Call Trace:
[ 1744.410682]  <TASK>
[ 1744.410687]  dump_stack_lvl+0x8b/0xb3
[ 1744.410707]  should_fail.cold+0x5/0xa
[ 1744.410719]  ? create_object.isra.0+0x3a/0xa20
[ 1744.410738]  should_failslab+0x5/0x10
[ 1744.410758]  kmem_cache_alloc+0x5b/0x480
[ 1744.410774]  create_object.isra.0+0x3a/0xa20
[ 1744.410794]  kmemleak_alloc_percpu+0xa0/0x100
[ 1744.410816]  pcpu_alloc+0x7bf/0x1060
[ 1744.410838]  ? kmalloc_array+0x23/0x23
[ 1744.410853]  percpu_ref_init+0x31/0x3d0
[ 1744.410878]  io_rsrc_node_switch_start.part.0+0x6a/0x240
[ 1744.410896]  io_uring_setup.cold+0x1daa/0x271c
[ 1744.410917]  ? io_sqe_files_register+0x230/0x230
[ 1744.410945]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1744.410967]  do_syscall_64+0x3b/0x90
[ 1744.410980]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1744.410997] RIP: 0033:0x7f2c579bdb19
[ 1744.411005] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1744.411017] RSP: 002b:00007f2c54f33108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1744.411029] RAX: ffffffffffffffda RBX: 00007f2c57ad0f60 RCX: 00007f2c579bdb19
[ 1744.411036] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1744.411043] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1744.411050] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1744.411059] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1744.411078]  </TASK>
[ 1757.512821] kmemleak: 4 new suspected memory leaks (see /sys/kernel/debug/kmemleak)
19:39:40 executing program 0:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 16)

19:39:40 executing program 6:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 46)

[ 1764.529050] FAULT_INJECTION: forcing a failure.
[ 1764.529050] name failslab, interval 1, probability 0, space 0, times 0
[ 1764.529071] CPU: 0 PID: 7326 Comm: syz-executor.6 Not tainted 5.18.0-rc4-next-20220427 #1
19:39:40 executing program 7:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0x5451)

19:39:40 executing program 4:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000080)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r1 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[])
r2 = openat(r1, &(0x7f0000000180)='./file0\x00', 0x101042, 0x2500)
write(r2, &(0x7f0000000080)="01", 0xffff8000)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
io_submit(0x0, 0x1, &(0x7f0000001340)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x2}])
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f00000006c0)={<r4=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r3, 0xc0182101, &(0x7f0000000740)={r4, 0x37, 0x9})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000000)={r4, 0x0, r0, 0xffffff80, 0x80000})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, 0x0)

19:39:40 executing program 2:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 45)

19:39:40 executing program 5:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0x5312)
r1 = syz_open_dev$vcsa(&(0x7f0000000040), 0x7, 0x408882)
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080), 0x280400, 0x0)
ioctl$VT_RESIZEX(r2, 0x560a, &(0x7f00000000c0)={0x800, 0x7ff, 0x1, 0xffff, 0x5, 0x8})
ioctl$CDROMEJECT(r1, 0x5309)
ioctl$BLKTRACETEARDOWN(r1, 0x1276, 0x0)

19:39:40 executing program 1:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 20)

19:39:40 executing program 3:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)=<r2=>0x0)
r3 = creat(&(0x7f0000000380)='./file1\x00', 0x0)
r4 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140))
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
r6 = syz_io_uring_setup(0x76e7, &(0x7f0000000340), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000280), &(0x7f00000003c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0xa, 0x0, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000003c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x4, 0x0, @fd=r3, 0xfffffffffffffff9, 0x0, 0xf690, 0x0, 0x0, {0x0, r5}}, 0x1000)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
fchmodat(r7, &(0x7f0000000180)='./file0\x00', 0x4)
r8 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r9 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r9, r8, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r7, 0x5206, &(0x7f0000000480))

[ 1764.529085] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1764.529093] Call Trace:
[ 1764.529096]  <TASK>
[ 1764.529101]  dump_stack_lvl+0x8b/0xb3
[ 1764.529121]  should_fail.cold+0x5/0xa
[ 1764.529131]  ? kmem_cache_alloc_lru+0x2d3/0x7c0
[ 1764.529145]  ? create_object.isra.0+0x3a/0xa20
[ 1764.529164]  should_failslab+0x5/0x10
[ 1764.529181]  kmem_cache_alloc+0x5b/0x480
[ 1764.529191]  ? mark_held_locks+0x9e/0xe0
[ 1764.529210]  create_object.isra.0+0x3a/0xa20
[ 1764.529226]  ? kasan_unpoison+0x23/0x50
[ 1764.529244]  kmem_cache_alloc_lru+0x2d3/0x7c0
[ 1764.529255]  ? xas_alloc+0x35d/0x480
[ 1764.529276]  xas_alloc+0x35d/0x480
[ 1764.529293]  xas_create+0x35b/0x1030
[ 1764.529320]  xas_store+0x90/0x1c40
[ 1764.529350]  __xa_store+0x16d/0x2d0
[ 1764.529367]  ? xa_delete_node+0x270/0x270
[ 1764.529387]  ? rwlock_bug.part.0+0x90/0x90
[ 1764.529411]  xa_store+0x31/0x50
[ 1764.529427]  __io_uring_add_tctx_node+0x1d2/0x390
[ 1764.529443]  ? io_eventfd_put+0x50/0x50
[ 1764.529465]  io_uring_setup.cold+0x21c1/0x271c
[ 1764.529487]  ? io_sqe_files_register+0x230/0x230
[ 1764.529516]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1764.529539]  do_syscall_64+0x3b/0x90
[ 1764.529553]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1764.529569] RIP: 0033:0x7f011e7ddb19
19:39:40 executing program 6:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 47)

[ 1764.529578] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1764.529590] RSP: 002b:00007f011bd53108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1764.529602] RAX: ffffffffffffffda RBX: 00007f011e8f0f60 RCX: 00007f011e7ddb19
[ 1764.529609] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1764.529617] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1764.529624] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1764.529630] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1764.529651]  </TASK>
[ 1764.575643] FAULT_INJECTION: forcing a failure.
[ 1764.575643] name failslab, interval 1, probability 0, space 0, times 0
[ 1764.575665] CPU: 0 PID: 7335 Comm: syz-executor.0 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1764.575679] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1764.575687] Call Trace:
[ 1764.575691]  <TASK>
[ 1764.575695]  dump_stack_lvl+0x8b/0xb3
[ 1764.575715]  should_fail.cold+0x5/0xa
[ 1764.575727]  ? io_rsrc_node_switch_start.part.0+0x43/0x240
[ 1764.575746]  should_failslab+0x5/0x10
19:39:40 executing program 0:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 17)

[ 1764.575763]  kmem_cache_alloc_trace+0x55/0x3c0
[ 1764.575780]  io_rsrc_node_switch_start.part.0+0x43/0x240
[ 1764.575796]  io_uring_setup.cold+0x1daa/0x271c
[ 1764.575818]  ? io_sqe_files_register+0x230/0x230
[ 1764.575849]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1764.575872]  do_syscall_64+0x3b/0x90
[ 1764.575885]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1764.575901] RIP: 0033:0x7f06699e0b19
[ 1764.575911] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1764.575922] RSP: 002b:00007f0666f56108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1764.575934] RAX: ffffffffffffffda RBX: 00007f0669af3f60 RCX: 00007f06699e0b19
[ 1764.575942] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1764.575949] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1764.575956] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1764.575964] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1764.575983]  </TASK>
[ 1764.619970] FAULT_INJECTION: forcing a failure.
[ 1764.619970] name failslab, interval 1, probability 0, space 0, times 0
[ 1764.620005] CPU: 1 PID: 7339 Comm: syz-executor.1 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1764.620029] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1764.620046] Call Trace:
[ 1764.620051]  <TASK>
[ 1764.620060]  dump_stack_lvl+0x8b/0xb3
[ 1764.620093]  should_fail.cold+0x5/0xa
[ 1764.620116]  ? percpu_ref_init+0xdb/0x3d0
19:39:40 executing program 4:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000080)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r1 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[])
r2 = openat(r1, &(0x7f0000000180)='./file0\x00', 0x101042, 0x2500)
write(r2, &(0x7f0000000080)="01", 0xffff8000)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
io_submit(0x0, 0x1, &(0x7f0000001340)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x2}])
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f00000006c0)={<r4=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r3, 0xc0182101, &(0x7f0000000740)={r4, 0x37, 0x9})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000000)={r4, 0x0, r0, 0xffffff80, 0x80000})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, 0x0)

[ 1764.620153]  should_failslab+0x5/0x10
[ 1764.620183]  kmem_cache_alloc_trace+0x55/0x3c0
[ 1764.620210]  ? kmalloc_array+0x23/0x23
[ 1764.620239]  percpu_ref_init+0xdb/0x3d0
[ 1764.620277]  io_rsrc_node_switch_start.part.0+0x6a/0x240
[ 1764.620310]  io_uring_setup.cold+0x1daa/0x271c
[ 1764.620349]  ? io_sqe_files_register+0x230/0x230
19:39:40 executing program 5:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$BTRFS_IOC_DEFRAG(r0, 0x50009402, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f0000000040)={{0x1, 0x1, 0x18, <r1=>r0, {0x8}}, './file0\x00'})
prctl$PR_SET_MM_EXE_FILE(0x23, 0xd, r1)
ioctl$CDROMRESET(r0, 0x5312)

19:39:40 executing program 7:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0x5452)

19:39:40 executing program 1:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 21)

[ 1764.620401]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1764.620443]  do_syscall_64+0x3b/0x90
[ 1764.620467]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1764.620497] RIP: 0033:0x7f2c579bdb19
[ 1764.620513] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1764.620534] RSP: 002b:00007f2c54f33108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1764.620556] RAX: ffffffffffffffda RBX: 00007f2c57ad0f60 RCX: 00007f2c579bdb19
[ 1764.620570] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1764.620584] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1764.620597] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1764.620610] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
19:39:40 executing program 2:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 46)

[ 1764.620647]  </TASK>
[ 1764.621278] FAULT_INJECTION: forcing a failure.
[ 1764.621278] name failslab, interval 1, probability 0, space 0, times 0
[ 1764.621303] CPU: 1 PID: 7338 Comm: syz-executor.2 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1764.621326] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1764.621338] Call Trace:
[ 1764.621343]  <TASK>
[ 1764.621350]  dump_stack_lvl+0x8b/0xb3
[ 1764.621375]  should_fail.cold+0x5/0xa
[ 1764.621402]  should_failslab+0x5/0x10
[ 1764.621429]  kmem_cache_alloc_lru+0x60/0x7c0
[ 1764.621448]  ? xas_alloc+0x35d/0x480
[ 1764.621484]  xas_alloc+0x35d/0x480
[ 1764.621517]  xas_create+0x35b/0x1030
[ 1764.621567]  xas_store+0x90/0x1c40
[ 1764.621614]  __xa_store+0x16d/0x2d0
19:39:40 executing program 3:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340))
r2 = creat(&(0x7f0000000380)='./file1\x00', 0x0)
r3 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140))
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r3, 0x9, 0x0, 0x0)
r5 = syz_io_uring_setup(0x76e7, &(0x7f0000000340), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000280), &(0x7f00000003c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r5, 0xa, 0x0, r4)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000003c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x4, 0x0, @fd=r2, 0xfffffffffffffff9, 0x0, 0xf690, 0x0, 0x0, {0x0, r4}}, 0x1000)
r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
fchmodat(r6, &(0x7f0000000180)='./file0\x00', 0x4)
r7 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r8 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r8, r7, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r6, 0x5206, &(0x7f0000000480))

[ 1764.621647]  ? xa_delete_node+0x270/0x270
[ 1764.621684]  ? rwlock_bug.part.0+0x90/0x90
[ 1764.621730]  xa_store+0x31/0x50
[ 1764.621760]  __io_uring_add_tctx_node+0x1d2/0x390
[ 1764.621788]  ? io_eventfd_put+0x50/0x50
[ 1764.621835]  io_uring_setup.cold+0x21c1/0x271c
[ 1764.621875]  ? io_sqe_files_register+0x230/0x230
[ 1764.621929]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1764.621971]  do_syscall_64+0x3b/0x90
[ 1764.621995]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1764.622024] RIP: 0033:0x7f4ea96a2b19
[ 1764.622041] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1764.622061] RSP: 002b:00007f4ea6c18108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1764.622082] RAX: ffffffffffffffda RBX: 00007f4ea97b5f60 RCX: 00007f4ea96a2b19
[ 1764.622097] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1764.622111] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
19:39:41 executing program 5:
openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/fscaps', 0x200000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x4042, 0x0)
fcntl$dupfd(r0, 0x0, r1)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/fscaps', 0x200000, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x4042, 0x0)
fcntl$dupfd(r2, 0x0, r3)
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$CDROMRESET(r4, 0x5312)

[ 1764.622125] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1764.622138] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1764.622182]  </TASK>
19:39:41 executing program 7:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0x5460)

[ 1764.673486] FAULT_INJECTION: forcing a failure.
[ 1764.673486] name failslab, interval 1, probability 0, space 0, times 0
[ 1764.673508] CPU: 0 PID: 7345 Comm: syz-executor.6 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1764.673522] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1764.673531] Call Trace:
[ 1764.673535]  <TASK>
[ 1764.673539]  dump_stack_lvl+0x8b/0xb3
[ 1764.673563]  should_fail.cold+0x5/0xa
19:39:41 executing program 6:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 48)

[ 1764.673577]  ? vm_area_dup+0x7f/0x220
[ 1764.673600]  should_failslab+0x5/0x10
[ 1764.673619]  kmem_cache_alloc+0x5b/0x480
[ 1764.673636]  vm_area_dup+0x7f/0x220
[ 1764.673659]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 1764.673676]  ? mark_lock.part.0+0xef/0x2f60
[ 1764.673701]  ? lock_is_held_type+0xd7/0x130
19:39:41 executing program 4:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000080)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r1 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[])
r2 = openat(r1, &(0x7f0000000180)='./file0\x00', 0x101042, 0x2500)
write(r2, &(0x7f0000000080)="01", 0xffff8000)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
io_submit(0x0, 0x1, &(0x7f0000001340)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x2}])
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f00000006c0)={<r4=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r3, 0xc0182101, &(0x7f0000000740)={r4, 0x37, 0x9})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000000)={r4, 0x0, r0, 0xffffff80, 0x80000})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, 0x0)

[ 1764.673720]  ? find_held_lock+0x2c/0x110
[ 1764.673734]  ? vm_area_alloc+0xf0/0xf0
[ 1764.673750]  ? lock_release+0x3b2/0x750
[ 1764.673764]  ? avc_has_perm_noaudit+0x1c8/0x390
[ 1764.673779]  ? lock_downgrade+0x6d0/0x6d0
[ 1764.673795]  ? find_held_lock+0x2c/0x110
[ 1764.673815]  ? __sanitizer_cov_trace_cmp2+0x22/0x80
[ 1764.673840]  ? mark_lock.part.0+0xef/0x2f60
[ 1764.673856]  ? avc_has_perm_noaudit+0x1ef/0x390
[ 1764.673870]  __split_vma+0xa2/0x540
[ 1764.673886]  do_mas_align_munmap.constprop.0+0x263/0xfa0
[ 1764.673908]  ? __split_vma+0x540/0x540
[ 1764.673925]  ? mas_walk+0x48a/0x670
[ 1764.673946]  ? mas_find+0x203/0xdd0
[ 1764.673965]  ? inode_has_perm+0x171/0x1d0
[ 1764.673978]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 1764.673998]  do_mas_munmap+0x1ed/0x2c0
[ 1764.674013]  mmap_region+0x21c/0x1a70
[ 1764.674032]  ? lock_release+0x750/0x750
[ 1764.674047]  ? do_munmap+0x100/0x100
[ 1764.674063]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 1764.674081]  ? security_mmap_addr+0x79/0xa0
19:39:41 executing program 1:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 22)

[ 1764.674098]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 1764.674116]  ? get_unmapped_area+0x2f0/0x3d0
[ 1764.674139]  do_mmap+0x824/0xf40
[ 1764.674157]  vm_mmap_pgoff+0x1b5/0x280
[ 1764.674181]  ? randomize_stack_top+0x100/0x100
[ 1764.674200]  ? __fget_files+0x287/0x470
[ 1764.674229]  ksys_mmap_pgoff+0x3cc/0x4f0
[ 1764.674244]  do_syscall_64+0x3b/0x90
[ 1764.674258]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1764.674275] RIP: 0033:0x7f011e7ddb62
[ 1764.674284] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64
19:39:41 executing program 2:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 47)

[ 1764.674297] RSP: 002b:00007f011bd530f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009
[ 1764.674309] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f011e7ddb62
[ 1764.674317] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffe000
[ 1764.674324] RBP: 0000000020ffe000 R08: 0000000000000005 R09: 0000000000000000
[ 1764.674331] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000240
[ 1764.674338] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1764.674359]  </TASK>
[ 1764.782144] FAULT_INJECTION: forcing a failure.
[ 1764.782144] name failslab, interval 1, probability 0, space 0, times 0
[ 1764.782166] CPU: 0 PID: 7357 Comm: syz-executor.1 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1764.782179] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1764.782188] Call Trace:
[ 1764.782192]  <TASK>
[ 1764.782196]  dump_stack_lvl+0x8b/0xb3
[ 1764.782217]  should_fail.cold+0x5/0xa
[ 1764.782229]  ? create_object.isra.0+0x3a/0xa20
[ 1764.782251]  should_failslab+0x5/0x10
[ 1764.782267]  kmem_cache_alloc+0x5b/0x480
[ 1764.782283]  create_object.isra.0+0x3a/0xa20
[ 1764.782299]  ? kasan_unpoison+0x23/0x50
[ 1764.782317]  kmem_cache_alloc_trace+0x22e/0x3c0
[ 1764.782331]  ? kmalloc_array+0x23/0x23
[ 1764.782346]  percpu_ref_init+0xdb/0x3d0
[ 1764.782368]  io_rsrc_node_switch_start.part.0+0x6a/0x240
[ 1764.782386]  io_uring_setup.cold+0x1daa/0x271c
[ 1764.782408]  ? io_sqe_files_register+0x230/0x230
[ 1764.782436]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1764.782459]  do_syscall_64+0x3b/0x90
[ 1764.782473]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1764.782489] RIP: 0033:0x7f2c579bdb19
[ 1764.782498] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1764.782509] RSP: 002b:00007f2c54f33108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1764.782522] RAX: ffffffffffffffda RBX: 00007f2c57ad0f60 RCX: 00007f2c579bdb19
[ 1764.782530] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1764.782537] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1764.782544] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1764.782551] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1764.782571]  </TASK>
[ 1764.802213] FAULT_INJECTION: forcing a failure.
[ 1764.802213] name failslab, interval 1, probability 0, space 0, times 0
[ 1764.802249] CPU: 1 PID: 7350 Comm: syz-executor.0 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1764.802273] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1764.802288] Call Trace:
[ 1764.802294]  <TASK>
[ 1764.802303]  dump_stack_lvl+0x8b/0xb3
[ 1764.802336]  should_fail.cold+0x5/0xa
[ 1764.802359]  ? create_object.isra.0+0x3a/0xa20
[ 1764.802394]  should_failslab+0x5/0x10
[ 1764.802424]  kmem_cache_alloc+0x5b/0x480
[ 1764.802453]  create_object.isra.0+0x3a/0xa20
[ 1764.802482]  ? kasan_unpoison+0x23/0x50
[ 1764.802515]  kmem_cache_alloc_trace+0x22e/0x3c0
[ 1764.802544]  io_rsrc_node_switch_start.part.0+0x43/0x240
[ 1764.802577]  io_uring_setup.cold+0x1daa/0x271c
[ 1764.802617]  ? io_sqe_files_register+0x230/0x230
[ 1764.802669]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1764.802710]  do_syscall_64+0x3b/0x90
[ 1764.802744]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1764.802773] RIP: 0033:0x7f06699e0b19
[ 1764.802790] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1764.802811] RSP: 002b:00007f0666f56108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1764.802836] RAX: ffffffffffffffda RBX: 00007f0669af3f60 RCX: 00007f06699e0b19
[ 1764.802850] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1764.802868] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1764.802881] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1764.802894] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1764.802931]  </TASK>
[ 1764.813753] FAULT_INJECTION: forcing a failure.
[ 1764.813753] name failslab, interval 1, probability 0, space 0, times 0
[ 1764.813773] CPU: 0 PID: 7360 Comm: syz-executor.2 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1764.813787] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1764.813795] Call Trace:
[ 1764.813799]  <TASK>
[ 1764.813803]  dump_stack_lvl+0x8b/0xb3
[ 1764.813828]  should_fail.cold+0x5/0xa
[ 1764.813838]  ? kmem_cache_alloc_lru+0x2d3/0x7c0
[ 1764.813854]  ? create_object.isra.0+0x3a/0xa20
[ 1764.813873]  should_failslab+0x5/0x10
[ 1764.813890]  kmem_cache_alloc+0x5b/0x480
[ 1764.813900]  ? mark_held_locks+0x9e/0xe0
[ 1764.813921]  create_object.isra.0+0x3a/0xa20
[ 1764.813936]  ? kasan_unpoison+0x23/0x50
[ 1764.813955]  kmem_cache_alloc_lru+0x2d3/0x7c0
[ 1764.813966]  ? xas_alloc+0x35d/0x480
[ 1764.813987]  xas_alloc+0x35d/0x480
[ 1764.814005]  xas_create+0x35b/0x1030
[ 1764.814032]  xas_store+0x90/0x1c40
[ 1764.814058]  __xa_store+0x16d/0x2d0
[ 1764.814076]  ? xa_delete_node+0x270/0x270
[ 1764.814096]  ? rwlock_bug.part.0+0x90/0x90
[ 1764.814120]  xa_store+0x31/0x50
[ 1764.814137]  __io_uring_add_tctx_node+0x1d2/0x390
[ 1764.814154]  ? io_eventfd_put+0x50/0x50
[ 1764.814175]  io_uring_setup.cold+0x21c1/0x271c
[ 1764.814198]  ? io_sqe_files_register+0x230/0x230
[ 1764.814228]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1764.814252]  do_syscall_64+0x3b/0x90
[ 1764.814266]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1764.814283] RIP: 0033:0x7f4ea96a2b19
[ 1764.814292] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1764.814304] RSP: 002b:00007f4ea6c18108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1764.814316] RAX: ffffffffffffffda RBX: 00007f4ea97b5f60 RCX: 00007f4ea96a2b19
[ 1764.814324] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1764.814331] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1764.814338] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1764.814345] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1764.814366]  </TASK>
[ 1764.938945] FAULT_INJECTION: forcing a failure.
[ 1764.938945] name failslab, interval 1, probability 0, space 0, times 0
[ 1764.938967] CPU: 0 PID: 7370 Comm: syz-executor.6 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1764.938980] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1764.938989] Call Trace:
[ 1764.938992]  <TASK>
[ 1764.938997]  dump_stack_lvl+0x8b/0xb3
[ 1764.939017]  should_fail.cold+0x5/0xa
[ 1764.939029]  ? create_object.isra.0+0x3a/0xa20
[ 1764.939049]  should_failslab+0x5/0x10
[ 1764.939066]  kmem_cache_alloc+0x5b/0x480
[ 1764.939083]  create_object.isra.0+0x3a/0xa20
[ 1764.939098]  ? kasan_unpoison+0x23/0x50
[ 1764.939117]  kmem_cache_alloc+0x239/0x480
[ 1764.939132]  vm_area_dup+0x7f/0x220
[ 1764.939157]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 1764.939173]  ? mark_lock.part.0+0xef/0x2f60
[ 1764.939198]  ? lock_is_held_type+0xd7/0x130
[ 1764.939219]  ? find_held_lock+0x2c/0x110
[ 1764.939233]  ? vm_area_alloc+0xf0/0xf0
[ 1764.939250]  ? lock_release+0x3b2/0x750
[ 1764.939264]  ? avc_has_perm_noaudit+0x1c8/0x390
[ 1764.939277]  ? lock_downgrade+0x6d0/0x6d0
[ 1764.939291]  ? find_held_lock+0x2c/0x110
[ 1764.939309]  ? __sanitizer_cov_trace_cmp2+0x22/0x80
[ 1764.939330]  ? mark_lock.part.0+0xef/0x2f60
[ 1764.939346]  ? avc_has_perm_noaudit+0x1ef/0x390
[ 1764.939360]  __split_vma+0xa2/0x540
[ 1764.939376]  do_mas_align_munmap.constprop.0+0x263/0xfa0
[ 1764.939397]  ? __split_vma+0x540/0x540
[ 1764.939415]  ? mas_walk+0x48a/0x670
[ 1764.939435]  ? mas_find+0x203/0xdd0
[ 1764.939454]  ? inode_has_perm+0x171/0x1d0
[ 1764.939468]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 1764.939487]  do_mas_munmap+0x1ed/0x2c0
[ 1764.939502]  mmap_region+0x21c/0x1a70
[ 1764.939520]  ? lock_release+0x750/0x750
[ 1764.939536]  ? do_munmap+0x100/0x100
[ 1764.939552]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 1764.939570]  ? security_mmap_addr+0x79/0xa0
[ 1764.939586]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 1764.939604]  ? get_unmapped_area+0x2f0/0x3d0
[ 1764.939626]  do_mmap+0x824/0xf40
[ 1764.939644]  vm_mmap_pgoff+0x1b5/0x280
[ 1764.939668]  ? randomize_stack_top+0x100/0x100
[ 1764.939686]  ? __fget_files+0x287/0x470
[ 1764.939713]  ksys_mmap_pgoff+0x3cc/0x4f0
[ 1764.939728]  do_syscall_64+0x3b/0x90
[ 1764.939742]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1764.939758] RIP: 0033:0x7f011e7ddb62
[ 1764.939768] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64
[ 1764.939779] RSP: 002b:00007f011bd530f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009
[ 1764.939790] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f011e7ddb62
[ 1764.939798] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffe000
[ 1764.939805] RBP: 0000000020ffe000 R08: 0000000000000005 R09: 0000000000000000
[ 1764.939812] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000240
[ 1764.939819] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1764.939840]  </TASK>
[ 1764.945402] FAULT_INJECTION: forcing a failure.
[ 1764.945402] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1764.945419] CPU: 0 PID: 7373 Comm: syz-executor.1 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1764.945432] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1764.945439] Call Trace:
[ 1764.945442]  <TASK>
[ 1764.945446]  dump_stack_lvl+0x8b/0xb3
[ 1764.945460]  should_fail.cold+0x5/0xa
[ 1764.945475]  _copy_to_user+0x2a/0x140
[ 1764.945493]  io_uring_setup.cold+0x17c2/0x271c
[ 1764.945516]  ? io_sqe_files_register+0x230/0x230
[ 1764.945545]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1764.945567]  do_syscall_64+0x3b/0x90
[ 1764.945580]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1764.945596] RIP: 0033:0x7f2c579bdb19
[ 1764.945604] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1764.945616] RSP: 002b:00007f2c54f33108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1764.945627] RAX: ffffffffffffffda RBX: 00007f2c57ad0f60 RCX: 00007f2c579bdb19
[ 1764.945635] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1764.945643] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1764.945650] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1764.945657] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1764.945676]  </TASK>
[ 1765.010702] FAULT_INJECTION: forcing a failure.
[ 1765.010702] name failslab, interval 1, probability 0, space 0, times 0
[ 1765.010729] CPU: 0 PID: 7376 Comm: syz-executor.2 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1765.010742] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1765.010750] Call Trace:
[ 1765.010754]  <TASK>
[ 1765.010758]  dump_stack_lvl+0x8b/0xb3
[ 1765.010778]  should_fail.cold+0x5/0xa
[ 1765.010794]  should_failslab+0x5/0x10
[ 1765.010811]  kmem_cache_alloc_lru+0x60/0x7c0
[ 1765.010822]  ? xas_alloc+0x35d/0x480
[ 1765.010846]  xas_alloc+0x35d/0x480
[ 1765.010864]  xas_create+0x35b/0x1030
[ 1765.010884]  ? queued_spin_lock_slowpath+0xcd/0xc80
[ 1765.010907]  xas_store+0x90/0x1c40
[ 1765.010934]  __xa_store+0x16d/0x2d0
[ 1765.010951]  ? xa_delete_node+0x270/0x270
[ 1765.010971]  ? rwlock_bug.part.0+0x90/0x90
[ 1765.010995]  xa_store+0x31/0x50
[ 1765.011011]  __io_uring_add_tctx_node+0x1d2/0x390
[ 1765.011027]  ? io_eventfd_put+0x50/0x50
[ 1765.011049]  io_uring_setup.cold+0x21c1/0x271c
[ 1765.011071]  ? io_sqe_files_register+0x230/0x230
[ 1765.011101]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1765.011124]  do_syscall_64+0x3b/0x90
[ 1765.011137]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1765.011154] RIP: 0033:0x7f4ea96a2b19
[ 1765.011163] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1765.011175] RSP: 002b:00007f4ea6c18108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1765.011187] RAX: ffffffffffffffda RBX: 00007f4ea97b5f60 RCX: 00007f4ea96a2b19
[ 1765.011195] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1765.011202] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1765.011209] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1765.011216] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1765.011237]  </TASK>
[ 1779.144990] kmemleak: 4 new suspected memory leaks (see /sys/kernel/debug/kmemleak)
19:40:02 executing program 0:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 18)

19:40:02 executing program 2:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 48)

19:40:02 executing program 4:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000080)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r1 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[])
r2 = openat(r1, &(0x7f0000000180)='./file0\x00', 0x101042, 0x2500)
write(r2, &(0x7f0000000080)="01", 0xffff8000)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
io_submit(0x0, 0x1, &(0x7f0000001340)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x2}])
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f00000006c0)={<r4=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r3, 0xc0182101, &(0x7f0000000740)={r4, 0x37, 0x9})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000000)={r4, 0x0, r0, 0xffffff80, 0x80000})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000200))

19:40:02 executing program 5:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0x5312)
r1 = syz_mount_image$nfs(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x3b86, 0x7, &(0x7f00000014c0)=[{&(0x7f00000000c0)="904a99ec32d2e1ce34bfaaa4c149dce113d5969f9970990c5e0b03ec5e813eb9b94c84607bf32bf95952a29c7af7305cdf338229a8ed60226efcf392c8760f91130584543bd11b5a3a6875ac8c9fc91defe4b727f2c8621a5e1199fc0f97d444bddf9f5a25def0ef7c7e5e783252f0c98b9b248dfb67cd551169c3d615cede5c9c5a6de45d5bf326a37572f1b9b12a2784c841f58d29deda3a08291d927368550e97ede072b1491223a7901eebfc818a3f9056ebda4b", 0xb6, 0x9}, {&(0x7f0000000180)="65801b6f44671b738ce15e22524276ca56496362f077e8aeab4c78b3d7932980ba5f8faa26fadd936943f71b94e3fd2728fc7e58e26810c5f65c970dbae8a94524ddf33338a3a25b7b148c6197965ad1020425cb5dc58d2b8849ba081d398b5554c2080ec32d78e7ec90c6d7d6049d2a7c6d2d8b38885a9bc37eee9d8e3ca49eec2849d655d2bc71732f24ab7332f7a5b91394117e9394f4d0ed3293538282ff68aeded7b751c435b924de4049752968e809fdedb106246c8f75be6d03de1255ed0bd087a4d02ab66367e8faf0ea0f340b24cc5f7fae5e9e87ea09ecdd95827f0558dfd806e8b4542b49fee48f8394efbb390244854d8612ca64d4", 0xfb, 0x1}, {&(0x7f0000000280)="8a11ed4390dbe5e5c2bbe97f94d5f9ab7fdfec8f1129f38126088079b86b6427c0f18fc6cd6ce96e8402306371cc1997c5028304ae6e24c0f9d59358085d38ccafc90735c7fdd70d82f19847a93f4544039a69df3bca7ea27f0ac667864273063a3ec4f2750fe1fc50471bd4bdd124b22ae10dab6a7553c15b4b9132efd31549969046c2adce0a089791ec8a9a18abb5d8cf8e36fb444bec2f220bd52d4e3c6fa3df", 0xa2, 0x5}, {&(0x7f0000000340)="f23df743cbdb49c2b36d57eb34cec682ea4335d4aaa7a1c249711281179888ce11", 0x21, 0x7f}, {&(0x7f0000000380)="ce79181685d6e5ed82", 0x9, 0x8001}, {&(0x7f00000003c0)="2fb9e1247262892222492248c38f2eda7cb745a70f7d8b932cc3fff7e1e4e0736502bae153d7dd4bdbc5962e26367a3ef7a93bf72b7ec09462b35548da4dd0ed6c1c1a249b7a723369958bac89338453f64bc3a88d2c4ef5e4346ea55cf064765fb736e3a066b14304dfc30b3f1ff21013d6ecf056fa7f420fbf60b347018452c8abdcc4d14c3c31dd8bd6682bb5ada0215b5ab028da45557830b45d50dceb3ed3b94adcf02f8e5a18d093a178f85688a42ba116517a95d0bff59fe9117330917658d74dc6b965a63052623b01a538964db090a73f2cc94c988de45885e0e63fd7c5949d59efe05f51", 0xe9, 0x100000001}, {&(0x7f00000004c0)="86265d4eb33d4633cf1f41d6c63fec473a314917e4276c99d8aeb76578c8ba1dec7577f4e4888ad127fa0015536394a09585f085a7f47b35c0eca9e7084c03dac127e432ea3338e7951ed3f66130a15e9235e7168ef4a08780b4c788ab6f745626060130fdf138c27464b271e7d97e3f49a83811c13db11e36b22ba9777641c48caf48b9ef8610a769d4f882b0cef5f899a7dad68e543cba3f40a0d712ae4649d1e4444a05a796044cc7f7f1821a8a8fe05de18b4c126e0ff5b6e0558a596393b2206f4837ec92e47f5da8aec0545fb1ad93ae9923d51503f93952f1affa0f19d7e1132e3fa81a368da000f31a48784a00d7c314e99b714bb8c665304a5b929820e02e8cdeb3759aae6473be7f9bb84d2d1812e7e8cbe9fc0b9fae77d20b8ad9765c3c1f453264dc3db75a222ade9d593fdeb26f37b064d393da67570188315a2380c8255a519b1df80a5ebb6820e58ba9d336838cf5b982d29928a1707946263577236ac914393dbf52989b72db29557b98688a52203b5b0a38f3e04c6490c4e65926c4a4ee00b01618960c1ddc79fca6e0872605ca4ba7d58f0a73c1a77730f0c4269a6bf0089103198d71c47fca606e6d5fb77d6f3d22b0d5fa7c4579654e376e8a2f813147ddb552a744ccea1199775386218b3ccb55f0bf7d9bbed32a4ca1048e2ddc339576b6403bd74478a6ecdda82e505f1c34f09fb855ae943ba4d2fb29b2096961cb25a808a2516f1e15dc751010bde6f783093b275dc94723c65a637f92a8b7a7c188e51c12df09496361273d15a2c67585c6173e5d93b9788e2d007e0a7cbccf3e492c18bb4e97d84ec6f87c6fa885ab6a704af4dc2a69adb66cb20621eac1d22889a11470eee05dc081577e8f089236ae11ec77b810632cf915caf38d4d13ddf162550a4e4744e0052649d6dfcdb82023c19dbfff9f5920b63b238a1271593db1e1c5a9866ca362060a66d7dbb48f0b788945cba139e039d5f0676f9d5da8b631b2866347e255c3b9aff6707f4b6c334f7e8fe1fb1ebb0eae9d49bf0c75a79ce3342ae8422d69b4ccc4f47bda1c8118edd4b756184d858ac278d122f334f7f62180b796aad8c91eca852fdcb5ff1bd871c1dc885e2caad2b1c7fce55947a978db0367e4d61d1da7d473ee1118b67dcdaabac2370ec2d919623b433a6b554ae0ac1267183177db31c38f05c392f4172d1af60f924905aa29716ea727094e5cfb4519d4bdb35bc522fbe484c4ee09b6aace3429508b43f96b3637de949ed43bf612ebc94699e2ef018538f37d63c4fe78b0843dbd624fcf753b29a712fc391f543d1cccfb7b68c03eac5f0e5a0e9e6713bf847bed4af7e5ea893b818a42a5c9c84937dbde661315098e5189d0faf07ee4113ceb7a449347e687a0081d3424396de3659626ed19fa350a557dd0e5113ff243b9c4355b03d4e1e5bc891b16450d8aaaf1ed45c7ddcc4feb30e530d971a33518d156b213ef522f6d02f3b90b373063b5261383cd2a16bb6c291a8206e48474cecbc2e47f94f048f476787c3ff5e9124361fbfd0e523a800540e4728bcb727ed14bcabcc7c6b38003beb8b7ccfc55e353c3ffb2e3b823bf05e77fb7e4ef45e00481403186fa7e8c7c5e63176ca6b17733b3513c2f958c5dcd5d74f4376449c0bd2a2926da525b7e2e86b7fefa1f943dc1dd9df90bf9281d3c34a617bb82e489c48711a825e51577aa5e662f45cf718f9d6198ebdc2b54a66ce0ba1092d4db77d935af93efca400e1f5945161d0ecd6f46674739c188744c0dd177e7eaed445d2f802596c5463ab1702ee090423f4ff1d309624ba1ff65dbeb4c9464cfa5518513efbc8f7ea816a24052a0828e8227d4e89f359d9569b20cde63737305786a80e245070fa28938c559b5e827f7ad8168a9f9b40412e849bd0ce8f25398c10dd7e7fab8134b94dcfcf8d662d8a683c293ff88e2759590e47e05339b6eb7e8d4c6a5304b5ddf8d8ad58701ccd8ff8d6821e36b65174fa4a253006b707ccee9735c31f5eb5ffe09aeef991098e04a8145f6d224425b9eb5841e0e334949f2114daf33d06fe6ffb5239a8ce45caf65187d2aa39944c404eb07105b2f225439fb7a3fc4c6b1242ed6978bdd4a7558e5cdcbed63a37c4876decbc64612d7a8db1c867ef48425aa8991feb075b4e4732109418279fb7ba0fe8684e6107f88ee2ea9520f764ff7ad4287eaef166cd6d609996d9abdefce23a394b1a5f4ca229a730c663911d3197931dc503aace780a7973ee64de6786bf4299cbe421bd786ce3937a0c5216d2e1008e7c92e7a95030899a64bb7c9d5407ff118e3c82ddd073c494ab8db64553bf664e8bf5181f8eda7a5e84c8aedb9b41987f649f7fea284d2bd840236eda550e4ab3fed96ca78e7af71b8fcb7be2df3fab13989b32f7e8323acbc0016429de10a21523688ddc6eb164647f5a1723383529e237428810c9b419eabf881ace4cbcbbf8377846fbf468ffaeb72aef31502e1b9bb3464e9523facbd2f8e88178dca569bd25cfa4cfe10d1c77059475b917d30a4b2af3ae51bcca0f5069306098aa4a18613fd2f4477afcebe9f39f0710f3ad4d9972d56d0d07d68aae51147d06c83bdeee4a2d0fe39e040a8417cada1580dda02a5285d0c23cf6b94dc9c15ce0b0e313b634d2f71fb67c80e892874cf84b9d0106ec2b57b0efad3adea2b5ea78564be2708bb241bcd6095be701fa07a9af3d05f17f49eb5f46cf31f0f682ecff4c856a2c0bca3ace7c97b803fecab2fa2aa62cdf5fdf97fbdcb7f707f90e3b276413f8e8e35818a91562aa66e4f009f2412779a06d03bbc7834a2ff1a0e9ad1be9062e029f8fb2a4de59bcf06ccdbed11fb1a7062d677efe03b15786e48a4a3df7501ea67aacd758233892e022561ad5ae8690c1ff16b2d954703e215208c18cb787de6c74c3b1f41ca31b8723137a04e4fa88d8e24595e67cbe9c939dffeb6233369aa70230ba14529633675d274ea4cb5f99bb9aae9e3d6e1bc5d2ec07031c602966b00569e12f097f074d65e15104aac0db7bf495eaffae9967261989ec3c632fb57fa5dd82251e4036c1b85e94e75a80853d9adafee3e67d4a224aa3074941324acaf51a085369c0332065d4ea73ae9f2f36103d77b32b603b220040d195eb2b24a9724778f83c66526bc3659b8f2f532577257625f91ce9f745f49b455db1a775f5a585234a920da8a4ba4fc5386d818582a20f79eae20a31fd13dba813ef6a75a5df8a1f0d78faccd752506d197d9263a731bd94cf8a6df452f1967ff8e6409bb42a8ce3119ac8e4bd8b693c09b1d16a05af0cd48ba8369dcb0f4dd1b6b1a0f2b05139418a5f6c6d43ce7d313b904ed24ded40d5ee0f2e692c5feea01b5a350ccf8b4f6e7f4a7a92db6761c02aff6a6481b3b3bbade908df708dd68a0b4ec3320b5ee8ed55ec8a836ac510aadfe9a0b9385502da9a0ba8fe97d625555d13396ecf5aaace8cf7e10151ed24b88816e15cad50d5dc455a131dfce1b2b5ab66b2455419174d2e2fbc48ddb95d392d22ec2200c4c9f858956734f511bdede1db11d3a1297722fbf278c109300c34e48ab7a8e53f80d47a09c3fe9f37a74f01cdd7bd814cecddf682aa0e20b7d6d5c2ba1c49c5757775ebc57002b5d58d77c12d668b570f5a56ba2224d4d952fb98c1106ff108c7d644766bbaba85972885250fdfe4098561a1b2d565270a98ce2ee16868b71027d037454ba6f341ce18bb288bbee55cfac498f916a20e9b826ac45ea1eaf70bd63e18c2ff78abe4d438ee77a2cdd6d95565a7d85104900283f7db6f05d79c1450f4df6a14792e115aa072de167457bb791f273d203f105bbf24da20bcbcf5096df8d82ca8bdb3fd58e04128a17da1620731f4e5c4616083de42c7507c323e49fa0406ebc796e252679589ac4ce86bd7ee56ef06a8dc38fd53b6954862504f6e8c285b09793c9b1bbc37457626d5829e0f47e43e3a4ce46464222aeda0ed1dcdbeb4900956bddc1e71996cb0fdeeb5cc0cee7fb24217dbd62b610ca71452edb0cd35437394297ac96498594a789655968deb20e674046f74d56c60e2a6955286190f5c93cd07624ad640d20e5bee0e969a36eda040088e45a22b2228caff56270a9f8423670b050021f253aaaf4daf2198c95fa38bd426274e003290591cc385d639f1500eeedf9f5055be9d1ff887fd4da28f2ec671ccec9e8bec132ce8c234fc4efd365b895b604a6f402455c97c8048cc6822973b992b5f191b4093160f5515c2dfedfe93d1ee5a685e1613ae4d8d32d769f3665af1b7730275734d0610b0eab8f0faafa7640f12b913a871d12f9a194aa542ea8a9e883064cf5c677372e363db9d3e514839d61719dd81aff64126e4fbd2cfc5af9b857bbac68fad2fff8a9605471519871cfd841952e7b8f7f40727e03145ec6522bad5a98ce3f2117b952752652aba72a3a72c246e2eca6416af62f6f5df4dcb382a11ac138c2aa5a3741e1022a31042ce53d329ec5f9f465665715149b6583bd457fbcac3740a90466707dd3fcb6e4669cd4fc33542603d2658e787ecc6c535e9786d7f4716f5d718afcd74e7cac5c9c38af549b477c20235bd09954813d85a24dddb0ebde21f5cd542ce618f67ab33106d543d80be0e69ff54cabdab20e28ea655e635c753edbfc2ae8202317e7c846c5c67f5e09be7a4b189d001e61129b0032333ecd9c06576da8d92e1774e00ae77f778719d70da18d58a1568c1519fb1cc1818de7a59c3ee403b3aebe7aa56a801f32b055713780907ddd1850bfff1527460a42951c537f866702f72f9aa828770dee21b1fa3b984af7add0b909f67aed707c947021f1bd821d553f2f04c9d19e9b9b37e6d117ad061b0628dd274caec28f9c4dfc100a27d07239ab4c4eddfc30538f045053c0a6036c45228b3b3dfddcb4f29a0b5dbd7c2b33f58442bb9de2770bfb93f8da304f46da2e6ab2527d3540f65b627727f672839304c8db8af1edd5a56d03eb96d2fbe7e6e1c1e151b4bd16a6e7d96cdd9cad1efd59ebc1dba1fc22df6bb94d2e75c75ad1041013107f03970fae844090d74a9d9bdd8cd4841aa85204d9274013f89d1f7235a0b140e7999d9c70083b22086d97dfb5cf556bff571a0267066f49df8017b831294df4df5586f74f5a078a41998c9e296c27fbb9765619719b7c1d39657927fcad4c5e435110fb143b16787272c6813566a49f1e7a174fe2196d8b2155d0f16d136b2b5fc28af65648a0e1a316a5af7b5b9a2ebfbd7d9ad0317c779f8a6842f03dc0ab152f27ddae27d29074d85f56e26b7436e268374e76397df803ffe6226364e1379851641926bcccba848a8787bc3195e357a91a7e28fa27701c5cd8daa91963400dae325561193a2c3fd6625763b5be97351a59eaa31a2d93e16e13ad75d7b82d2fff93a8b75f2bbc8be65257a8528cc06c1b3c466449cbbcb1fba56e34310d110abcf62fb5c4056209c5f24b584e962bf419a072e049131c08a763e48b8f826493e9bc7966c47cad24dcaaffd9554134bd261a4c76ad63c5048cb2299f48ce3997baa989573f378374a70e525613222d682ad088822d12241a00ca68d8c17cbe9a3b3b98ddcabe09c90559839f2b8d1196dfe1bda6abb9d761339483c7cc1a9943e70488dc664dcff725f16b3a20d868d48c3d16fe60210e28bfcf0d279c756bb0d0d8b3e3e75b6eb5861d3b629269aa0836ec00500d8de3678aa68eaf9958e1921938b7cc250b3297ecce1286f668403d3e02c25ab16dfbd24343a77aeff0fc94", 0x1000, 0x2}], 0x1200000, &(0x7f0000001580)={[{'\x8f'}, {}, {']'}, {',+/\'&'}, {'[,-'}, {']{'}], [{@func={'func', 0x3d, 'MODULE_CHECK'}}, {@obj_type={'obj_type', 0x3d, '/dev/sr0\x00'}}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@subj_user={'subj_user', 0x3d, ']%!%,)%%\xcc()0,:&#/'}}, {@fscontext={'fscontext', 0x3d, 'user_u'}}, {@func={'func', 0x3d, 'BPRM_CHECK'}}, {@seclabel}, {@dont_appraise}, {@fsname={'fsname', 0x3d, '/dev/sr0\x00'}}]})
fcntl$F_SET_FILE_RW_HINT(r1, 0x40e, &(0x7f0000001640)=0x4)

19:40:02 executing program 7:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0x40049409)

[ 1786.152893] FAULT_INJECTION: forcing a failure.
[ 1786.152893] name failslab, interval 1, probability 0, space 0, times 0
[ 1786.152927] CPU: 0 PID: 7394 Comm: syz-executor.1 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1786.152941] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1786.152949] Call Trace:
[ 1786.152953]  <TASK>
[ 1786.152957]  dump_stack_lvl+0x8b/0xb3
[ 1786.152977]  should_fail.cold+0x5/0xa
[ 1786.152992]  should_failslab+0x5/0x10
[ 1786.153009]  kmem_cache_alloc_lru+0x60/0x7c0
[ 1786.153021]  ? sock_alloc_inode+0x23/0x1d0
[ 1786.153033]  ? selinux_inet_conn_request+0x2a0/0x2a0
[ 1786.153054]  sock_alloc_inode+0x23/0x1d0
[ 1786.153065]  ? sock_free_inode+0x20/0x20
[ 1786.153075]  alloc_inode+0x63/0x240
[ 1786.153092]  new_inode_pseudo+0x14/0xe0
[ 1786.153110]  sock_alloc+0x3c/0x260
[ 1786.153122]  __sock_create+0xb9/0x750
[ 1786.153140]  io_uring_setup.cold+0x1e6d/0x271c
[ 1786.153161]  ? io_sqe_files_register+0x230/0x230
[ 1786.153190]  ? syscall_enter_from_user_mode+0x1d/0x50
19:40:02 executing program 1:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 23)

19:40:02 executing program 6:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 49)

19:40:02 executing program 3:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340))
r2 = creat(&(0x7f0000000380)='./file1\x00', 0x0)
r3 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140))
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r3, 0x9, 0x0, 0x0)
r5 = syz_io_uring_setup(0x76e7, &(0x7f0000000340), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000280), &(0x7f00000003c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r5, 0xa, 0x0, r4)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000003c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x4, 0x0, @fd=r2, 0xfffffffffffffff9, 0x0, 0xf690, 0x0, 0x0, {0x0, r4}}, 0x1000)
r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
fchmodat(r6, &(0x7f0000000180)='./file0\x00', 0x4)
r7 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r8 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r8, r7, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r6, 0x5206, &(0x7f0000000480))

19:40:02 executing program 1:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 24)

[ 1786.153213]  do_syscall_64+0x3b/0x90
[ 1786.153226]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1786.153243] RIP: 0033:0x7f2c579bdb19
[ 1786.153252] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1786.153263] RSP: 002b:00007f2c54f33108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1786.153275] RAX: ffffffffffffffda RBX: 00007f2c57ad0f60 RCX: 00007f2c579bdb19
[ 1786.153283] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1786.153290] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1786.153297] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
19:40:02 executing program 7:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0x40081271)

[ 1786.153304] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1786.153324]  </TASK>
[ 1786.153330] socket: no more sockets
[ 1786.211013] FAULT_INJECTION: forcing a failure.
[ 1786.211013] name failslab, interval 1, probability 0, space 0, times 0
[ 1786.211073] CPU: 1 PID: 7388 Comm: syz-executor.2 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1786.211098] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1786.211113] Call Trace:
[ 1786.211118]  <TASK>
[ 1786.211125]  dump_stack_lvl+0x8b/0xb3
[ 1786.211157]  should_fail.cold+0x5/0xa
[ 1786.211176]  ? kmem_cache_alloc_lru+0x2d3/0x7c0
[ 1786.211201]  ? create_object.isra.0+0x3a/0xa20
[ 1786.211236]  should_failslab+0x5/0x10
[ 1786.211264]  kmem_cache_alloc+0x5b/0x480
[ 1786.211283]  ? mark_held_locks+0x9e/0xe0
[ 1786.211318]  create_object.isra.0+0x3a/0xa20
[ 1786.211346]  ? kasan_unpoison+0x23/0x50
[ 1786.211381]  kmem_cache_alloc_lru+0x2d3/0x7c0
[ 1786.211401]  ? xas_alloc+0x35d/0x480
[ 1786.211438]  xas_alloc+0x35d/0x480
[ 1786.211470]  xas_create+0x35b/0x1030
[ 1786.211521]  xas_store+0x90/0x1c40
[ 1786.211574]  __xa_store+0x16d/0x2d0
[ 1786.211606]  ? xa_delete_node+0x270/0x270
[ 1786.211643]  ? rwlock_bug.part.0+0x90/0x90
[ 1786.211697]  xa_store+0x31/0x50
[ 1786.211745]  __io_uring_add_tctx_node+0x1d2/0x390
[ 1786.211791]  ? io_eventfd_put+0x50/0x50
[ 1786.211847]  io_uring_setup.cold+0x21c1/0x271c
[ 1786.211889]  ? io_sqe_files_register+0x230/0x230
[ 1786.211943]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1786.211986]  do_syscall_64+0x3b/0x90
[ 1786.212010]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1786.212041] RIP: 0033:0x7f4ea96a2b19
[ 1786.212057] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1786.212078] RSP: 002b:00007f4ea6c18108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1786.212099] RAX: ffffffffffffffda RBX: 00007f4ea97b5f60 RCX: 00007f4ea96a2b19
[ 1786.212113] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1786.212126] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1786.212140] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1786.212153] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1786.212191]  </TASK>
[ 1786.218205] FAULT_INJECTION: forcing a failure.
[ 1786.218205] name failslab, interval 1, probability 0, space 0, times 0
[ 1786.218235] CPU: 1 PID: 7396 Comm: syz-executor.6 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1786.218258] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1786.218271] Call Trace:
[ 1786.218276]  <TASK>
[ 1786.218283]  dump_stack_lvl+0x8b/0xb3
[ 1786.218310]  should_fail.cold+0x5/0xa
[ 1786.218337]  should_failslab+0x5/0x10
[ 1786.218365]  kmem_cache_alloc_lru+0x60/0x7c0
[ 1786.218385]  ? xas_alloc+0x35d/0x480
[ 1786.218420]  xas_alloc+0x35d/0x480
[ 1786.218452]  xas_create+0x35b/0x1030
[ 1786.218503]  xas_store+0x90/0x1c40
[ 1786.218550]  __xa_store+0x16d/0x2d0
[ 1786.218583]  ? xa_delete_node+0x270/0x270
[ 1786.218620]  ? rwlock_bug.part.0+0x90/0x90
[ 1786.218673]  xa_store+0x31/0x50
[ 1786.218719]  __io_uring_add_tctx_node+0x1d2/0x390
[ 1786.218754]  ? io_eventfd_put+0x50/0x50
[ 1786.218794]  io_uring_setup.cold+0x21c1/0x271c
[ 1786.218834]  ? io_sqe_files_register+0x230/0x230
[ 1786.218888]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1786.218928]  do_syscall_64+0x3b/0x90
[ 1786.218953]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1786.218981] RIP: 0033:0x7f011e7ddb19
[ 1786.218997] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1786.219028] RSP: 002b:00007f011bd53108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1786.219049] RAX: ffffffffffffffda RBX: 00007f011e8f0f60 RCX: 00007f011e7ddb19
[ 1786.219064] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1786.219077] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1786.219090] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1786.219103] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1786.219146]  </TASK>
[ 1786.239588] FAULT_INJECTION: forcing a failure.
[ 1786.239588] name failslab, interval 1, probability 0, space 0, times 0
[ 1786.239610] CPU: 0 PID: 7406 Comm: syz-executor.1 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1786.239623] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1786.239633] Call Trace:
[ 1786.239636]  <TASK>
[ 1786.239641]  dump_stack_lvl+0x8b/0xb3
[ 1786.239662]  should_fail.cold+0x5/0xa
[ 1786.239674]  ? create_object.isra.0+0x3a/0xa20
[ 1786.239695]  should_failslab+0x5/0x10
[ 1786.239711]  kmem_cache_alloc+0x5b/0x480
[ 1786.239731]  create_object.isra.0+0x3a/0xa20
[ 1786.239746]  ? kasan_unpoison+0x23/0x50
[ 1786.239764]  kmem_cache_alloc_lru+0x2d3/0x7c0
[ 1786.239774]  ? sock_alloc_inode+0x23/0x1d0
[ 1786.239792]  sock_alloc_inode+0x23/0x1d0
[ 1786.239803]  ? sock_free_inode+0x20/0x20
[ 1786.239813]  alloc_inode+0x63/0x240
[ 1786.239830]  new_inode_pseudo+0x14/0xe0
[ 1786.239848]  sock_alloc+0x3c/0x260
[ 1786.239861]  __sock_create+0xb9/0x750
[ 1786.239879]  io_uring_setup.cold+0x1e6d/0x271c
[ 1786.239900]  ? io_sqe_files_register+0x230/0x230
[ 1786.239932]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1786.239955]  do_syscall_64+0x3b/0x90
[ 1786.239968]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1786.239987] RIP: 0033:0x7f2c579bdb19
[ 1786.239997] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1786.240010] RSP: 002b:00007f2c54f33108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1786.240022] RAX: ffffffffffffffda RBX: 00007f2c57ad0f60 RCX: 00007f2c579bdb19
[ 1786.240029] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1786.240036] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1786.240043] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1786.240050] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1786.240070]  </TASK>
[ 1801.193587] kmemleak: 4 new suspected memory leaks (see /sys/kernel/debug/kmemleak)
19:40:25 executing program 7:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0x40086602)

19:40:25 executing program 1:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 25)

19:40:25 executing program 0:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240))

19:40:25 executing program 4:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000080)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r1 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[])
r2 = openat(r1, &(0x7f0000000180)='./file0\x00', 0x101042, 0x2500)
write(r2, &(0x7f0000000080)="01", 0xffff8000)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
io_submit(0x0, 0x1, &(0x7f0000001340)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x2}])
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f00000006c0)={<r4=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r3, 0xc0182101, &(0x7f0000000740)={r4, 0x37, 0x9})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000000)={r4, 0x0, r0, 0xffffff80, 0x80000})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000200))

19:40:25 executing program 3:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340))
r2 = creat(&(0x7f0000000380)='./file1\x00', 0x0)
r3 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140))
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r3, 0x9, 0x0, 0x0)
r5 = syz_io_uring_setup(0x76e7, &(0x7f0000000340), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000280), &(0x7f00000003c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r5, 0xa, 0x0, r4)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000003c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x4, 0x0, @fd=r2, 0xfffffffffffffff9, 0x0, 0xf690, 0x0, 0x0, {0x0, r4}}, 0x1000)
r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
fchmodat(r6, &(0x7f0000000180)='./file0\x00', 0x4)
r7 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r8 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r8, r7, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r6, 0x5206, &(0x7f0000000480))

19:40:25 executing program 2:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 49)

19:40:25 executing program 6:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 50)

19:40:25 executing program 5:
prctl$PR_GET_TIMERSLACK(0x1e)
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0x5312)
r1 = syz_io_uring_complete(0x0)
ioctl$BTRFS_IOC_SNAP_DESTROY_V2(r1, 0x5000943f, &(0x7f0000000040)={{r0}, 0x0, 0x1e, @unused=[0x85, 0x7, 0x5, 0x94], @subvolid=0x8000})

19:40:25 executing program 4:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000080)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r1 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[])
r2 = openat(r1, &(0x7f0000000180)='./file0\x00', 0x101042, 0x2500)
write(r2, &(0x7f0000000080)="01", 0xffff8000)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
io_submit(0x0, 0x1, &(0x7f0000001340)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x2}])
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f00000006c0)={<r4=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r3, 0xc0182101, &(0x7f0000000740)={r4, 0x37, 0x9})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000000)={r4, 0x0, r0, 0xffffff80, 0x80000})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000200))

[ 1809.312544] FAULT_INJECTION: forcing a failure.
[ 1809.312544] name failslab, interval 1, probability 0, space 0, times 0
[ 1809.312583] CPU: 1 PID: 7423 Comm: syz-executor.2 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1809.312610] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1809.312626] Call Trace:
[ 1809.312632]  <TASK>
[ 1809.312641]  dump_stack_lvl+0x8b/0xb3
[ 1809.312679]  should_fail.cold+0x5/0xa
[ 1809.312705]  ? mas_alloc_nodes+0x36e/0x6a0
[ 1809.312741]  should_failslab+0x5/0x10
[ 1809.312774]  kmem_cache_alloc+0x5b/0x480
[ 1809.312813]  mas_alloc_nodes+0x36e/0x6a0
[ 1809.312845]  ? find_vma+0x108/0x1a0
[ 1809.312892]  mas_preallocate+0xff/0x270
[ 1809.312933]  __vma_adjust+0x1f6/0x18a0
[ 1809.312988]  ? vma_expand+0xda0/0xda0
[ 1809.313020]  ? anon_vma_clone+0x3ae/0x560
[ 1809.313053]  ? mark_lock.part.0+0xef/0x2f60
[ 1809.313096]  __split_vma+0x2a1/0x540
[ 1809.313126]  do_mas_align_munmap.constprop.0+0x263/0xfa0
[ 1809.313170]  ? __split_vma+0x540/0x540
[ 1809.313206]  ? mas_walk+0x48a/0x670
[ 1809.313244]  ? mas_find+0x203/0xdd0
[ 1809.313283]  ? inode_has_perm+0x171/0x1d0
[ 1809.313312]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 1809.313352]  do_mas_munmap+0x1ed/0x2c0
[ 1809.313382]  mmap_region+0x21c/0x1a70
[ 1809.313421]  ? lock_release+0x750/0x750
[ 1809.313452]  ? do_munmap+0x100/0x100
[ 1809.313485]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 1809.313523]  ? security_mmap_addr+0x79/0xa0
[ 1809.313556]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 1809.313593]  ? get_unmapped_area+0x2f0/0x3d0
[ 1809.313638]  do_mmap+0x824/0xf40
19:40:25 executing program 7:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0x40087602)

[ 1809.313675]  vm_mmap_pgoff+0x1b5/0x280
[ 1809.313721]  ? randomize_stack_top+0x100/0x100
[ 1809.313760]  ? __fget_files+0x287/0x470
[ 1809.313815]  ksys_mmap_pgoff+0x3cc/0x4f0
[ 1809.313847]  do_syscall_64+0x3b/0x90
[ 1809.313876]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1809.313909] RIP: 0033:0x7f4ea96a2b62
[ 1809.313928] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64
[ 1809.313951] RSP: 002b:00007f4ea6c180f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009
[ 1809.313975] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f4ea96a2b62
[ 1809.313991] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffe000
[ 1809.314005] RBP: 0000000020ffe000 R08: 0000000000000005 R09: 0000000000000000
[ 1809.314019] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000240
[ 1809.314033] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1809.314077]  </TASK>
[ 1809.318840] FAULT_INJECTION: forcing a failure.
[ 1809.318840] name failslab, interval 1, probability 0, space 0, times 0
[ 1809.318865] CPU: 0 PID: 7427 Comm: syz-executor.1 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1809.318886] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
19:40:25 executing program 0:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240))

19:40:25 executing program 5:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$FS_IOC_SETVERSION(r0, 0x40087602, &(0x7f0000000040)=0x4)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/fscaps', 0x200000, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x4042, 0x0)
fcntl$dupfd(r1, 0x0, r2)
perf_event_open$cgroup(&(0x7f0000000080)={0x0, 0x80, 0x20, 0x0, 0x6, 0x9, 0x0, 0x8851, 0x20240, 0x2, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x2, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x9, 0x0, @perf_config_ext={0x7, 0x4}, 0x0, 0x2a, 0x878, 0x1, 0x9, 0x7ee, 0x5, 0x0, 0x7, 0x0, 0x10001}, r1, 0x6, r0, 0x9)
ioctl$CDROMRESET(r0, 0x5312)

[ 1809.318899] Call Trace:
[ 1809.318904]  <TASK>
[ 1809.318911]  dump_stack_lvl+0x8b/0xb3
[ 1809.318937]  should_fail.cold+0x5/0xa
[ 1809.318958]  ? security_inode_alloc+0x34/0x160
[ 1809.318984]  should_failslab+0x5/0x10
[ 1809.319021]  kmem_cache_alloc+0x5b/0x480
[ 1809.319044]  security_inode_alloc+0x34/0x160
[ 1809.319088]  inode_init_always+0x5d8/0xd20
[ 1809.319124]  ? __init_waitqueue_head+0x6b/0xd0
[ 1809.319168]  alloc_inode+0x84/0x240
[ 1809.319212]  new_inode_pseudo+0x14/0xe0
[ 1809.319261]  sock_alloc+0x3c/0x260
[ 1809.319292]  __sock_create+0xb9/0x750
19:40:25 executing program 1:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 26)

19:40:25 executing program 6:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 51)

[ 1809.319323]  io_uring_setup.cold+0x1e6d/0x271c
[ 1809.319366]  ? io_sqe_files_register+0x230/0x230
19:40:25 executing program 2:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 50)

[ 1809.319397]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1809.319421]  do_syscall_64+0x3b/0x90
[ 1809.319434]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1809.319451] RIP: 0033:0x7f2c579bdb19
[ 1809.319461] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1809.319473] RSP: 002b:00007f2c54f33108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1809.319485] RAX: ffffffffffffffda RBX: 00007f2c57ad0f60 RCX: 00007f2c579bdb19
[ 1809.319493] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
19:40:25 executing program 3:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)=<r2=>0x0)
creat(&(0x7f0000000380)='./file1\x00', 0x0)
r3 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140))
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r3, 0x9, 0x0, 0x0)
r5 = syz_io_uring_setup(0x76e7, &(0x7f0000000340), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000280), &(0x7f00000003c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r5, 0xa, 0x0, r4)
syz_io_uring_submit(0x0, r2, 0x0, 0x1000)
r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
fchmodat(r6, &(0x7f0000000180)='./file0\x00', 0x4)
r7 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r8 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r8, r7, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r6, 0x5206, &(0x7f0000000480))

[ 1809.319500] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1809.319508] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1809.319515] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1809.319535]  </TASK>
[ 1809.319556] socket: no more sockets
[ 1809.320012] FAULT_INJECTION: forcing a failure.
[ 1809.320012] name failslab, interval 1, probability 0, space 0, times 0
[ 1809.320028] CPU: 0 PID: 7430 Comm: syz-executor.6 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1809.320040] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1809.320049] Call Trace:
[ 1809.320052]  <TASK>
[ 1809.320055]  dump_stack_lvl+0x8b/0xb3
[ 1809.320072]  should_fail.cold+0x5/0xa
[ 1809.320085]  ? create_object.isra.0+0x3a/0xa20
[ 1809.320107]  should_failslab+0x5/0x10
[ 1809.320123]  kmem_cache_alloc+0x5b/0x480
[ 1809.320139]  create_object.isra.0+0x3a/0xa20
[ 1809.320156]  ? kasan_unpoison+0x23/0x50
[ 1809.320176]  kmem_cache_alloc+0x239/0x480
[ 1809.320193]  mas_alloc_nodes+0x36e/0x6a0
[ 1809.320212]  ? find_vma+0x108/0x1a0
[ 1809.320237]  mas_preallocate+0xff/0x270
[ 1809.320258]  __vma_adjust+0x1f6/0x18a0
[ 1809.320284]  ? vma_expand+0xda0/0xda0
[ 1809.320299]  ? anon_vma_clone+0x3ae/0x560
[ 1809.320316]  ? mark_lock.part.0+0xef/0x2f60
[ 1809.320337]  __split_vma+0x2a1/0x540
[ 1809.320353]  do_mas_align_munmap.constprop.0+0x263/0xfa0
[ 1809.320374]  ? __split_vma+0x540/0x540
[ 1809.320392]  ? mas_walk+0x48a/0x670
[ 1809.320411]  ? mas_find+0x203/0xdd0
[ 1809.320431]  ? inode_has_perm+0x171/0x1d0
[ 1809.320446]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 1809.320466]  do_mas_munmap+0x1ed/0x2c0
[ 1809.320481]  mmap_region+0x21c/0x1a70
[ 1809.320499]  ? lock_release+0x750/0x750
[ 1809.320515]  ? do_munmap+0x100/0x100
[ 1809.320531]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 1809.320551]  ? security_mmap_addr+0x79/0xa0
[ 1809.320567]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 1809.320585]  ? get_unmapped_area+0x2f0/0x3d0
[ 1809.320608]  do_mmap+0x824/0xf40
[ 1809.320626]  vm_mmap_pgoff+0x1b5/0x280
[ 1809.320650]  ? randomize_stack_top+0x100/0x100
[ 1809.320669]  ? __fget_files+0x287/0x470
[ 1809.320695]  ksys_mmap_pgoff+0x3cc/0x4f0
[ 1809.320711]  do_syscall_64+0x3b/0x90
[ 1809.320724]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1809.320739] RIP: 0033:0x7f011e7ddb62
[ 1809.320751] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64
[ 1809.320762] RSP: 002b:00007f011bd530f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009
[ 1809.320773] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f011e7ddb62
[ 1809.320781] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffe000
[ 1809.320789] RBP: 0000000020ffe000 R08: 0000000000000005 R09: 0000000000000000
[ 1809.320796] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000240
[ 1809.320803] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1809.320829]  </TASK>
[ 1809.581645] FAULT_INJECTION: forcing a failure.
[ 1809.581645] name failslab, interval 1, probability 0, space 0, times 0
[ 1809.581690] CPU: 1 PID: 7448 Comm: syz-executor.6 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1809.581718] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1809.581733] Call Trace:
[ 1809.581741]  <TASK>
[ 1809.581753]  dump_stack_lvl+0x8b/0xb3
[ 1809.581790]  should_fail.cold+0x5/0xa
[ 1809.581832]  should_failslab+0x5/0x10
[ 1809.581867]  kmem_cache_alloc_lru+0x60/0x7c0
[ 1809.581890]  ? xas_alloc+0x35d/0x480
[ 1809.581937]  xas_alloc+0x35d/0x480
[ 1809.581978]  xas_create+0x35b/0x1030
[ 1809.582039]  xas_store+0x90/0x1c40
[ 1809.582099]  __xa_store+0x16d/0x2d0
[ 1809.582141]  ? xa_delete_node+0x270/0x270
[ 1809.582186]  ? rwlock_bug.part.0+0x90/0x90
[ 1809.582243]  xa_store+0x31/0x50
[ 1809.582283]  __io_uring_add_tctx_node+0x1d2/0x390
[ 1809.582316]  ? io_eventfd_put+0x50/0x50
[ 1809.582366]  io_uring_setup.cold+0x21c1/0x271c
[ 1809.582413]  ? io_sqe_files_register+0x230/0x230
[ 1809.582480]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1809.582533]  do_syscall_64+0x3b/0x90
[ 1809.582562]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1809.582600] RIP: 0033:0x7f011e7ddb19
[ 1809.582621] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1809.582645] RSP: 002b:00007f011bd53108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1809.582674] RAX: ffffffffffffffda RBX: 00007f011e8f0f60 RCX: 00007f011e7ddb19
[ 1809.582691] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1809.582706] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1809.582721] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1809.582735] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1809.582780]  </TASK>
[ 1809.590277] FAULT_INJECTION: forcing a failure.
[ 1809.590277] name failslab, interval 1, probability 0, space 0, times 0
[ 1809.590313] CPU: 1 PID: 7450 Comm: syz-executor.1 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1809.590344] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1809.590362] Call Trace:
[ 1809.590368]  <TASK>
[ 1809.590377]  dump_stack_lvl+0x8b/0xb3
[ 1809.590410]  should_fail.cold+0x5/0xa
[ 1809.590442]  ? create_object.isra.0+0x3a/0xa20
[ 1809.590484]  should_failslab+0x5/0x10
[ 1809.590521]  kmem_cache_alloc+0x5b/0x480
[ 1809.590558]  create_object.isra.0+0x3a/0xa20
[ 1809.590599]  ? kasan_unpoison+0x23/0x50
[ 1809.590644]  kmem_cache_alloc+0x239/0x480
[ 1809.590679]  security_inode_alloc+0x34/0x160
[ 1809.590726]  inode_init_always+0x5d8/0xd20
[ 1809.590765]  ? __init_waitqueue_head+0x6b/0xd0
[ 1809.590827]  alloc_inode+0x84/0x240
[ 1809.590866]  new_inode_pseudo+0x14/0xe0
[ 1809.590907]  sock_alloc+0x3c/0x260
[ 1809.590934]  __sock_create+0xb9/0x750
[ 1809.590981]  io_uring_setup.cold+0x1e6d/0x271c
[ 1809.591027]  ? io_sqe_files_register+0x230/0x230
[ 1809.591092]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1809.591142]  do_syscall_64+0x3b/0x90
[ 1809.591171]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1809.591209] RIP: 0033:0x7f2c579bdb19
[ 1809.591228] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1809.591251] RSP: 002b:00007f2c54f33108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1809.591282] RAX: ffffffffffffffda RBX: 00007f2c57ad0f60 RCX: 00007f2c579bdb19
[ 1809.591299] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1809.591314] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1809.591329] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1809.591344] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1809.591401]  </TASK>
[ 1809.669800] FAULT_INJECTION: forcing a failure.
[ 1809.669800] name failslab, interval 1, probability 0, space 0, times 0
[ 1809.670158] CPU: 0 PID: 7457 Comm: syz-executor.2 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1809.670185] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1809.670202] Call Trace:
[ 1809.670208]  <TASK>
[ 1809.670216]  dump_stack_lvl+0x8b/0xb3
[ 1809.670251]  should_fail.cold+0x5/0xa
[ 1809.670276]  ? create_object.isra.0+0x3a/0xa20
[ 1809.670318]  should_failslab+0x5/0x10
[ 1809.670349]  kmem_cache_alloc+0x5b/0x480
[ 1809.670388]  create_object.isra.0+0x3a/0xa20
[ 1809.670422]  ? kasan_unpoison+0x23/0x50
[ 1809.670462]  kmem_cache_alloc+0x239/0x480
[ 1809.670495]  mas_alloc_nodes+0x36e/0x6a0
[ 1809.670528]  ? find_vma+0x108/0x1a0
[ 1809.670573]  mas_preallocate+0xff/0x270
[ 1809.670613]  __vma_adjust+0x1f6/0x18a0
[ 1809.670666]  ? vma_expand+0xda0/0xda0
[ 1809.670698]  ? anon_vma_clone+0x3ae/0x560
[ 1809.670730]  ? mark_lock.part.0+0xef/0x2f60
[ 1809.670771]  __split_vma+0x2a1/0x540
[ 1809.670802]  do_mas_align_munmap.constprop.0+0x263/0xfa0
[ 1809.670846]  ? __split_vma+0x540/0x540
[ 1809.670882]  ? mas_walk+0x48a/0x670
[ 1809.670920]  ? mas_find+0x203/0xdd0
[ 1809.670960]  ? inode_has_perm+0x171/0x1d0
[ 1809.670988]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 1809.671028]  do_mas_munmap+0x1ed/0x2c0
[ 1809.671059]  mmap_region+0x21c/0x1a70
[ 1809.671096]  ? lock_release+0x750/0x750
[ 1809.671128]  ? do_munmap+0x100/0x100
[ 1809.671160]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 1809.671198]  ? security_mmap_addr+0x79/0xa0
[ 1809.671230]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 1809.671267]  ? get_unmapped_area+0x2f0/0x3d0
[ 1809.671312]  do_mmap+0x824/0xf40
[ 1809.671348]  vm_mmap_pgoff+0x1b5/0x280
[ 1809.671406]  ? randomize_stack_top+0x100/0x100
[ 1809.671445]  ? __fget_files+0x287/0x470
[ 1809.671499]  ksys_mmap_pgoff+0x3cc/0x4f0
[ 1809.671530]  do_syscall_64+0x3b/0x90
[ 1809.671558]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1809.671590] RIP: 0033:0x7f4ea96a2b62
[ 1809.671608] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64
[ 1809.671631] RSP: 002b:00007f4ea6c180f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009
[ 1809.671655] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f4ea96a2b62
[ 1809.671671] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffe000
[ 1809.671685] RBP: 0000000020ffe000 R08: 0000000000000005 R09: 0000000000000000
[ 1809.671700] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000240
[ 1809.671715] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1809.671759]  </TASK>
[ 1823.431237] kmemleak: 4 new suspected memory leaks (see /sys/kernel/debug/kmemleak)
19:40:47 executing program 7:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0x40101283)

19:40:47 executing program 2:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 51)

19:40:47 executing program 1:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 27)

19:40:47 executing program 5:
ioctl$CDROMRESET(0xffffffffffffffff, 0x5312)

19:40:47 executing program 0:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x2, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240))

19:40:47 executing program 6:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 52)

19:40:47 executing program 3:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)=<r2=>0x0)
creat(&(0x7f0000000380)='./file1\x00', 0x0)
r3 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140))
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r3, 0x9, 0x0, 0x0)
r5 = syz_io_uring_setup(0x76e7, &(0x7f0000000340), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000280), &(0x7f00000003c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r5, 0xa, 0x0, r4)
syz_io_uring_submit(0x0, r2, 0x0, 0x1000)
r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
fchmodat(r6, &(0x7f0000000180)='./file0\x00', 0x4)
r7 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r8 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r8, r7, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r6, 0x5206, &(0x7f0000000480))

19:40:47 executing program 4:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)=<r2=>0x0)
r3 = creat(&(0x7f0000000380)='./file1\x00', 0x0)
r4 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140))
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
r6 = syz_io_uring_setup(0x76e7, &(0x7f0000000340), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000280), &(0x7f00000003c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0xa, 0x0, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000003c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x4, 0x0, @fd=r3, 0xfffffffffffffff9, 0x0, 0xf690, 0x0, 0x0, {0x0, r5}}, 0x1000)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
fchmodat(r7, &(0x7f0000000180)='./file0\x00', 0x4)
r8 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r9 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r9, r8, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r7, 0x5206, &(0x7f0000000480))

[ 1831.818620] FAULT_INJECTION: forcing a failure.
[ 1831.818620] name failslab, interval 1, probability 0, space 0, times 0
[ 1831.818655] CPU: 1 PID: 7470 Comm: syz-executor.2 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1831.818679] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1831.818694] Call Trace:
[ 1831.818699]  <TASK>
[ 1831.818707]  dump_stack_lvl+0x8b/0xb3
[ 1831.818741]  should_fail.cold+0x5/0xa
[ 1831.818764]  ? vm_area_dup+0x7f/0x220
[ 1831.818807]  should_failslab+0x5/0x10
[ 1831.818837]  kmem_cache_alloc+0x5b/0x480
[ 1831.818867]  vm_area_dup+0x7f/0x220
[ 1831.818909]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 1831.818938]  ? mark_lock.part.0+0xef/0x2f60
[ 1831.818985]  ? lock_is_held_type+0xd7/0x130
[ 1831.819017]  ? find_held_lock+0x2c/0x110
[ 1831.819043]  ? vm_area_alloc+0xf0/0xf0
[ 1831.819073]  ? lock_release+0x3b2/0x750
19:40:48 executing program 5:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x42341, 0x0)
ioctl$CDROM_GET_CAPABILITY(r0, 0x5331)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/fscaps', 0x200000, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x4042, 0x0)
r3 = fcntl$dupfd(r1, 0x0, r2)
close_range(r3, r1, 0x228aff341295c2c9)
ioctl$CDROMRESET(r0, 0x5312)

[ 1831.819099]  ? avc_has_perm_noaudit+0x1c8/0x390
[ 1831.819123]  ? lock_downgrade+0x6d0/0x6d0
[ 1831.819147]  ? find_held_lock+0x2c/0x110
[ 1831.819181]  ? __sanitizer_cov_trace_cmp2+0x22/0x80
[ 1831.819219]  ? mark_lock.part.0+0xef/0x2f60
[ 1831.819249]  ? avc_has_perm_noaudit+0x1ef/0x390
[ 1831.819274]  __split_vma+0xa2/0x540
[ 1831.819302]  do_mas_align_munmap.constprop.0+0x263/0xfa0
[ 1831.819342]  ? __split_vma+0x540/0x540
[ 1831.819375]  ? mas_walk+0x48a/0x670
[ 1831.819411]  ? mas_find+0x203/0xdd0
[ 1831.819446]  ? inode_has_perm+0x171/0x1d0
[ 1831.819471]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 1831.819508]  do_mas_munmap+0x1ed/0x2c0
[ 1831.819536]  mmap_region+0x21c/0x1a70
[ 1831.819570]  ? lock_release+0x750/0x750
[ 1831.819599]  ? do_munmap+0x100/0x100
[ 1831.819629]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 1831.819662]  ? security_mmap_addr+0x79/0xa0
19:40:48 executing program 7:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0x40101286)

[ 1831.819718]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 1831.819752]  ? get_unmapped_area+0x2f0/0x3d0
[ 1831.819793]  do_mmap+0x824/0xf40
[ 1831.819826]  vm_mmap_pgoff+0x1b5/0x280
[ 1831.819869]  ? randomize_stack_top+0x100/0x100
[ 1831.819903]  ? __fget_files+0x287/0x470
19:40:48 executing program 2:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 52)

[ 1831.819953]  ksys_mmap_pgoff+0x3cc/0x4f0
[ 1831.819981]  do_syscall_64+0x3b/0x90
[ 1831.820006]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1831.820036] RIP: 0033:0x7f4ea96a2b62
[ 1831.820052] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64
19:40:48 executing program 1:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 28)

19:40:48 executing program 0:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x3, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240))

[ 1831.820073] RSP: 002b:00007f4ea6c180f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009
[ 1831.820094] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f4ea96a2b62
[ 1831.820109] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffe000
[ 1831.820122] RBP: 0000000020ffe000 R08: 0000000000000005 R09: 0000000000000000
[ 1831.820134] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000240
[ 1831.820147] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1831.820186]  </TASK>
[ 1831.853173] FAULT_INJECTION: forcing a failure.
[ 1831.853173] name failslab, interval 1, probability 0, space 0, times 0
19:40:48 executing program 3:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)=<r2=>0x0)
creat(&(0x7f0000000380)='./file1\x00', 0x0)
r3 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140))
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r3, 0x9, 0x0, 0x0)
r5 = syz_io_uring_setup(0x76e7, &(0x7f0000000340), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000280), &(0x7f00000003c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r5, 0xa, 0x0, r4)
syz_io_uring_submit(0x0, r2, 0x0, 0x1000)
r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
fchmodat(r6, &(0x7f0000000180)='./file0\x00', 0x4)
r7 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r8 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r8, r7, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r6, 0x5206, &(0x7f0000000480))

[ 1831.853209] CPU: 0 PID: 7476 Comm: syz-executor.1 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1831.853235] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1831.853251] Call Trace:
[ 1831.853257]  <TASK>
[ 1831.853265]  dump_stack_lvl+0x8b/0xb3
[ 1831.853299]  should_fail.cold+0x5/0xa
[ 1831.853323]  ? sk_prot_alloc+0x63/0x2e0
[ 1831.853358]  should_failslab+0x5/0x10
[ 1831.853391]  kmem_cache_alloc+0x5b/0x480
19:40:48 executing program 6:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 53)

19:40:48 executing program 4:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x2, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240))

[ 1831.853422]  sk_prot_alloc+0x63/0x2e0
[ 1831.853460]  sk_alloc+0x34/0x750
[ 1831.853492]  ? lock_downgrade+0x6d0/0x6d0
[ 1831.853527]  unix_create1+0xa7/0x8d0
[ 1831.853559]  unix_create+0x110/0x220
[ 1831.853587]  __sock_create+0x345/0x750
[ 1831.853623]  io_uring_setup.cold+0x1e6d/0x271c
[ 1831.853666]  ? io_sqe_files_register+0x230/0x230
[ 1831.853724]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1831.853768]  do_syscall_64+0x3b/0x90
[ 1831.853794]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1831.853831] RIP: 0033:0x7f2c579bdb19
[ 1831.853849] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1831.853875] RSP: 002b:00007f2c54f33108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1831.853897] RAX: ffffffffffffffda RBX: 00007f2c57ad0f60 RCX: 00007f2c579bdb19
[ 1831.853913] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1831.853927] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1831.853941] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1831.853955] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1831.853995]  </TASK>
[ 1831.864435] FAULT_INJECTION: forcing a failure.
[ 1831.864435] name failslab, interval 1, probability 0, space 0, times 0
[ 1831.864469] CPU: 0 PID: 7478 Comm: syz-executor.6 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1831.864493] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1831.864508] Call Trace:
[ 1831.864514]  <TASK>
[ 1831.864521]  dump_stack_lvl+0x8b/0xb3
[ 1831.864553]  should_fail.cold+0x5/0xa
[ 1831.864578]  ? create_object.isra.0+0x3a/0xa20
[ 1831.864616]  should_failslab+0x5/0x10
[ 1831.864647]  kmem_cache_alloc+0x5b/0x480
[ 1831.864679]  create_object.isra.0+0x3a/0xa20
19:40:48 executing program 5:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x989381, 0x0)
r1 = mmap$IORING_OFF_SQES(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x1000000, 0x2010, r0, 0x10000000)
syz_io_uring_submit(0x0, r1, &(0x7f0000000080)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x1, 0x0, 0x5, 0x3, &(0x7f0000000040)="8abadb3eb850", 0x0, 0x0, 0x0, {0x2}}, 0x100)
ioctl$CDROMRESET(r0, 0x5312)

[ 1831.864709]  ? kasan_unpoison+0x23/0x50
[ 1831.864746]  kmem_cache_alloc+0x239/0x480
[ 1831.864777]  vm_area_dup+0x7f/0x220
[ 1831.864834]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 1831.864865]  ? mark_lock.part.0+0xef/0x2f60
[ 1831.864914]  ? lock_is_held_type+0xd7/0x130
[ 1831.864947]  ? find_held_lock+0x2c/0x110
[ 1831.864975]  ? vm_area_alloc+0xf0/0xf0
[ 1831.865008]  ? lock_release+0x3b2/0x750
[ 1831.865036]  ? avc_has_perm_noaudit+0x1c8/0x390
[ 1831.865061]  ? lock_downgrade+0x6d0/0x6d0
[ 1831.865088]  ? find_held_lock+0x2c/0x110
[ 1831.865123]  ? __sanitizer_cov_trace_cmp2+0x22/0x80
[ 1831.865164]  ? mark_lock.part.0+0xef/0x2f60
[ 1831.865195]  ? avc_has_perm_noaudit+0x1ef/0x390
[ 1831.865223]  __split_vma+0xa2/0x540
[ 1831.865254]  do_mas_align_munmap.constprop.0+0x263/0xfa0
[ 1831.865296]  ? __split_vma+0x540/0x540
[ 1831.865332]  ? mas_walk+0x48a/0x670
[ 1831.865370]  ? mas_find+0x203/0xdd0
[ 1831.865408]  ? inode_has_perm+0x171/0x1d0
[ 1831.865435]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 1831.865474]  do_mas_munmap+0x1ed/0x2c0
[ 1831.865504]  mmap_region+0x21c/0x1a70
[ 1831.865541]  ? lock_release+0x750/0x750
[ 1831.865571]  ? do_munmap+0x100/0x100
[ 1831.865603]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 1831.865639]  ? security_mmap_addr+0x79/0xa0
[ 1831.865672]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 1831.865707]  ? get_unmapped_area+0x2f0/0x3d0
[ 1831.865751]  do_mmap+0x824/0xf40
[ 1831.865787]  vm_mmap_pgoff+0x1b5/0x280
[ 1831.865832]  ? randomize_stack_top+0x100/0x100
[ 1831.865870]  ? __fget_files+0x287/0x470
[ 1831.865923]  ksys_mmap_pgoff+0x3cc/0x4f0
[ 1831.865954]  do_syscall_64+0x3b/0x90
[ 1831.865980]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1831.866011] RIP: 0033:0x7f011e7ddb62
[ 1831.866028] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64
[ 1831.866052] RSP: 002b:00007f011bd530f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009
[ 1831.866075] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f011e7ddb62
[ 1831.866090] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffe000
[ 1831.866104] RBP: 0000000020ffe000 R08: 0000000000000005 R09: 0000000000000000
[ 1831.866117] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000240
[ 1831.866131] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1831.866173]  </TASK>
[ 1832.132416] FAULT_INJECTION: forcing a failure.
[ 1832.132416] name failslab, interval 1, probability 0, space 0, times 0
[ 1832.132462] CPU: 0 PID: 7489 Comm: syz-executor.2 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1832.132496] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1832.132520] Call Trace:
[ 1832.132528]  <TASK>
[ 1832.132541]  dump_stack_lvl+0x8b/0xb3
[ 1832.132583]  should_fail.cold+0x5/0xa
[ 1832.132610]  ? kmem_cache_alloc_lru+0x2d3/0x7c0
[ 1832.132644]  ? create_object.isra.0+0x3a/0xa20
[ 1832.132691]  should_failslab+0x5/0x10
[ 1832.132728]  kmem_cache_alloc+0x5b/0x480
[ 1832.132756]  ? mark_held_locks+0x9e/0xe0
[ 1832.132812]  create_object.isra.0+0x3a/0xa20
[ 1832.132863]  ? kasan_unpoison+0x23/0x50
[ 1832.132918]  kmem_cache_alloc_lru+0x2d3/0x7c0
[ 1832.132951]  ? xas_alloc+0x35d/0x480
[ 1832.133009]  xas_alloc+0x35d/0x480
[ 1832.133049]  xas_create+0x35b/0x1030
[ 1832.133099]  xas_store+0x90/0x1c40
[ 1832.133147]  __xa_store+0x16d/0x2d0
[ 1832.133180]  ? xa_delete_node+0x270/0x270
[ 1832.133217]  ? rwlock_bug.part.0+0x90/0x90
[ 1832.133261]  xa_store+0x31/0x50
[ 1832.133292]  __io_uring_add_tctx_node+0x1d2/0x390
[ 1832.133320]  ? io_eventfd_put+0x50/0x50
[ 1832.133360]  io_uring_setup.cold+0x21c1/0x271c
[ 1832.133400]  ? io_sqe_files_register+0x230/0x230
[ 1832.133453]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1832.133495]  do_syscall_64+0x3b/0x90
[ 1832.133519]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1832.133549] RIP: 0033:0x7f4ea96a2b19
[ 1832.133566] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1832.133586] RSP: 002b:00007f4ea6c18108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1832.133607] RAX: ffffffffffffffda RBX: 00007f4ea97b5f60 RCX: 00007f4ea96a2b19
[ 1832.133621] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1832.133635] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1832.133648] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1832.133660] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1832.133699]  </TASK>
[ 1832.164273] FAULT_INJECTION: forcing a failure.
[ 1832.164273] name failslab, interval 1, probability 0, space 0, times 0
[ 1832.164306] CPU: 0 PID: 7497 Comm: syz-executor.1 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1832.164330] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1832.164344] Call Trace:
[ 1832.164350]  <TASK>
[ 1832.164357]  dump_stack_lvl+0x8b/0xb3
[ 1832.164395]  should_fail.cold+0x5/0xa
[ 1832.164418]  ? create_object.isra.0+0x3a/0xa20
[ 1832.164452]  should_failslab+0x5/0x10
[ 1832.164481]  kmem_cache_alloc+0x5b/0x480
[ 1832.164510]  create_object.isra.0+0x3a/0xa20
[ 1832.164538]  ? kasan_unpoison+0x23/0x50
[ 1832.164571]  kmem_cache_alloc+0x239/0x480
[ 1832.164599]  sk_prot_alloc+0x63/0x2e0
[ 1832.164635]  sk_alloc+0x34/0x750
[ 1832.164664]  ? lock_downgrade+0x6d0/0x6d0
[ 1832.164696]  unix_create1+0xa7/0x8d0
[ 1832.164725]  unix_create+0x110/0x220
[ 1832.164751]  __sock_create+0x345/0x750
[ 1832.164784]  io_uring_setup.cold+0x1e6d/0x271c
[ 1832.164823]  ? io_sqe_files_register+0x230/0x230
[ 1832.164875]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1832.164915]  do_syscall_64+0x3b/0x90
[ 1832.164939]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1832.164968] RIP: 0033:0x7f2c579bdb19
[ 1832.164985] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1832.165005] RSP: 002b:00007f2c54f33108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1832.165027] RAX: ffffffffffffffda RBX: 00007f2c57ad0f60 RCX: 00007f2c579bdb19
[ 1832.165041] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1832.165054] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1832.165067] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1832.165080] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1832.165117]  </TASK>
[ 1832.279643] FAULT_INJECTION: forcing a failure.
[ 1832.279643] name failslab, interval 1, probability 0, space 0, times 0
[ 1832.279747] CPU: 1 PID: 7505 Comm: syz-executor.6 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1832.279778] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1832.279803] Call Trace:
[ 1832.279811]  <TASK>
[ 1832.279822]  dump_stack_lvl+0x8b/0xb3
[ 1832.279866]  should_fail.cold+0x5/0xa
[ 1832.279904]  should_failslab+0x5/0x10
[ 1832.279945]  kmem_cache_alloc_bulk+0x47/0x780
[ 1832.279973]  ? rcu_read_lock_sched_held+0x3a/0x70
[ 1832.280014]  ? kmem_cache_alloc+0x332/0x480
[ 1832.280054]  mas_alloc_nodes+0x2a6/0x6a0
[ 1832.280112]  mas_preallocate+0xff/0x270
[ 1832.280163]  __vma_adjust+0x1f6/0x18a0
[ 1832.280231]  ? vma_expand+0xda0/0xda0
[ 1832.280271]  ? anon_vma_clone+0x3ae/0x560
[ 1832.280320]  ? mark_lock.part.0+0xef/0x2f60
[ 1832.280372]  __split_vma+0x2a1/0x540
[ 1832.280410]  do_mas_align_munmap.constprop.0+0x263/0xfa0
[ 1832.280465]  ? __split_vma+0x540/0x540
[ 1832.280511]  ? mas_walk+0x48a/0x670
[ 1832.280559]  ? mas_find+0x203/0xdd0
[ 1832.280609]  ? inode_has_perm+0x171/0x1d0
[ 1832.280644]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 1832.280694]  do_mas_munmap+0x1ed/0x2c0
[ 1832.280737]  mmap_region+0x21c/0x1a70
[ 1832.280794]  ? lock_release+0x750/0x750
[ 1832.280834]  ? do_munmap+0x100/0x100
[ 1832.280875]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 1832.280922]  ? security_mmap_addr+0x79/0xa0
[ 1832.280964]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 1832.281011]  ? get_unmapped_area+0x2f0/0x3d0
[ 1832.281068]  do_mmap+0x824/0xf40
[ 1832.281114]  vm_mmap_pgoff+0x1b5/0x280
[ 1832.281177]  ? randomize_stack_top+0x100/0x100
[ 1832.281225]  ? __fget_files+0x287/0x470
[ 1832.281299]  ksys_mmap_pgoff+0x3cc/0x4f0
[ 1832.281338]  do_syscall_64+0x3b/0x90
[ 1832.281372]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1832.281413] RIP: 0033:0x7f011e7ddb62
[ 1832.281435] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64
[ 1832.281464] RSP: 002b:00007f011bd530f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009
[ 1832.281492] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f011e7ddb62
[ 1832.281511] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffe000
[ 1832.281530] RBP: 0000000020ffe000 R08: 0000000000000005 R09: 0000000000000000
[ 1832.281548] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000240
[ 1832.281568] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1832.281630]  </TASK>
[ 1845.898785] kmemleak: 4 new suspected memory leaks (see /sys/kernel/debug/kmemleak)
19:41:10 executing program 7:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0x40101288)

19:41:10 executing program 1:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 29)

19:41:10 executing program 5:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000040), 0x21a780, 0x0)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x10002, 0x0)
r2 = syz_open_dev$hiddev(&(0x7f0000000080), 0x1, 0x105000)
sendfile(r1, r2, 0x0, 0x8)
mkdirat$cgroup(r0, &(0x7f00000000c0)='syz1\x00', 0x1ff)
ioctl$CDROMRESET(r1, 0x5312)

19:41:10 executing program 6:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 54)

19:41:10 executing program 3:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)=<r2=>0x0)
r3 = creat(&(0x7f0000000380)='./file1\x00', 0x0)
r4 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140))
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
r6 = syz_io_uring_setup(0x76e7, &(0x7f0000000340), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000280), &(0x7f00000003c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0xa, 0x0, r5)
syz_io_uring_submit(0x0, r2, &(0x7f00000003c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd=r3, 0xfffffffffffffff9, 0x0, 0xf690, 0x0, 0x0, {0x0, r5}}, 0x1000)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
fchmodat(r7, &(0x7f0000000180)='./file0\x00', 0x4)
r8 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r9 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r9, r8, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r7, 0x5206, &(0x7f0000000480))

19:41:10 executing program 0:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x4, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240))

19:41:10 executing program 4:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)=<r2=>0x0)
creat(&(0x7f0000000380)='./file1\x00', 0x0)
r3 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140))
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r3, 0x9, 0x0, 0x0)
r5 = syz_io_uring_setup(0x76e7, &(0x7f0000000340), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000280), &(0x7f00000003c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r5, 0xa, 0x0, r4)
syz_io_uring_submit(0x0, r2, 0x0, 0x1000)
r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
fchmodat(r6, &(0x7f0000000180)='./file0\x00', 0x4)
r7 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r8 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r8, r7, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r6, 0x5206, &(0x7f0000000480))

19:41:10 executing program 2:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 53)

[ 1854.505514] FAULT_INJECTION: forcing a failure.
[ 1854.505514] name failslab, interval 1, probability 0, space 0, times 0
[ 1854.505566] CPU: 0 PID: 7522 Comm: syz-executor.1 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1854.505587] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1854.505599] Call Trace:
[ 1854.505604]  <TASK>
[ 1854.505611]  dump_stack_lvl+0x8b/0xb3
[ 1854.505640]  should_fail.cold+0x5/0xa
[ 1854.505659]  ? selinux_sk_alloc_security+0x90/0x200
[ 1854.505687]  should_failslab+0x5/0x10
[ 1854.505713]  kmem_cache_alloc_trace+0x55/0x3c0
[ 1854.505738]  selinux_sk_alloc_security+0x90/0x200
[ 1854.505766]  security_sk_alloc+0x56/0xb0
[ 1854.505802]  sk_prot_alloc+0xad/0x2e0
[ 1854.505833]  sk_alloc+0x34/0x750
[ 1854.505858]  ? lock_downgrade+0x6d0/0x6d0
[ 1854.505886]  unix_create1+0xa7/0x8d0
[ 1854.505912]  unix_create+0x110/0x220
[ 1854.505934]  __sock_create+0x345/0x750
[ 1854.505962]  io_uring_setup.cold+0x1e6d/0x271c
[ 1854.505996]  ? io_sqe_files_register+0x230/0x230
[ 1854.506042]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1854.506077]  do_syscall_64+0x3b/0x90
[ 1854.506098]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1854.506123] RIP: 0033:0x7f2c579bdb19
[ 1854.506137] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1854.506156] RSP: 002b:00007f2c54f33108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1854.506174] RAX: ffffffffffffffda RBX: 00007f2c57ad0f60 RCX: 00007f2c579bdb19
[ 1854.506186] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
19:41:10 executing program 3:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)=<r2=>0x0)
r3 = creat(&(0x7f0000000380)='./file1\x00', 0x0)
r4 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140))
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
r6 = syz_io_uring_setup(0x76e7, &(0x7f0000000340), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000280), &(0x7f00000003c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0xa, 0x0, r5)
syz_io_uring_submit(0x0, r2, &(0x7f00000003c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd=r3, 0xfffffffffffffff9, 0x0, 0xf690, 0x0, 0x0, {0x0, r5}}, 0x1000)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
fchmodat(r7, &(0x7f0000000180)='./file0\x00', 0x4)
r8 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r9 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r9, r8, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r7, 0x5206, &(0x7f0000000480))

[ 1854.506197] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1854.506208] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1854.506219] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1854.506251]  </TASK>
[ 1854.520165] FAULT_INJECTION: forcing a failure.
[ 1854.520165] name failslab, interval 1, probability 0, space 0, times 0
19:41:10 executing program 1:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 30)

19:41:10 executing program 6:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 55)

[ 1854.520193] CPU: 0 PID: 7527 Comm: syz-executor.6 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1854.520213] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
19:41:10 executing program 5:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x141b01, 0x0)
openat$sysfs(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/fscaps', 0x200000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x4042, 0x0)
fcntl$dupfd(r0, 0xe7042c55a6a6d69f, r0)
ioctl$CDROMRESET(r1, 0x5312)

[ 1854.520226] Call Trace:
[ 1854.520231]  <TASK>
[ 1854.520238]  dump_stack_lvl+0x8b/0xb3
[ 1854.520264]  should_fail.cold+0x5/0xa
[ 1854.520283]  ? create_object.isra.0+0x3a/0xa20
[ 1854.520313]  should_failslab+0x5/0x10
[ 1854.520337]  kmem_cache_alloc+0x5b/0x480
[ 1854.520353]  ? mark_held_locks+0x9e/0xe0
[ 1854.520388]  create_object.isra.0+0x3a/0xa20
[ 1854.520412]  ? kasan_unpoison+0x23/0x50
[ 1854.520441]  kmem_cache_alloc_bulk+0x3fa/0x780
[ 1854.520460]  ? kmem_cache_alloc+0x332/0x480
19:41:10 executing program 7:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0x401070c9)

[ 1854.520484]  mas_alloc_nodes+0x2a6/0x6a0
[ 1854.520519]  mas_preallocate+0xff/0x270
[ 1854.520550]  __vma_adjust+0x1f6/0x18a0
[ 1854.520591]  ? vma_expand+0xda0/0xda0
[ 1854.520615]  ? anon_vma_clone+0x3ae/0x560
[ 1854.520640]  ? mark_lock.part.0+0xef/0x2f60
[ 1854.520671]  __split_vma+0x2a1/0x540
[ 1854.520695]  do_mas_align_munmap.constprop.0+0x263/0xfa0
[ 1854.520728]  ? __split_vma+0x540/0x540
[ 1854.520756]  ? mas_walk+0x48a/0x670
[ 1854.520786]  ? mas_find+0x203/0xdd0
[ 1854.520816]  ? inode_has_perm+0x171/0x1d0
[ 1854.520838]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 1854.520869]  do_mas_munmap+0x1ed/0x2c0
[ 1854.520892]  mmap_region+0x21c/0x1a70
[ 1854.520920]  ? lock_release+0x750/0x750
[ 1854.520944]  ? do_munmap+0x100/0x100
[ 1854.520969]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 1854.520999]  ? security_mmap_addr+0x79/0xa0
[ 1854.521025]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 1854.521053]  ? get_unmapped_area+0x2f0/0x3d0
19:41:10 executing program 4:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)=<r2=>0x0)
r3 = creat(&(0x7f0000000380)='./file1\x00', 0x0)
r4 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140))
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
r6 = syz_io_uring_setup(0x76e7, &(0x7f0000000340), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000280), &(0x7f00000003c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0xa, 0x0, r5)
syz_io_uring_submit(0x0, r2, &(0x7f00000003c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd=r3, 0xfffffffffffffff9, 0x0, 0xf690, 0x0, 0x0, {0x0, r5}}, 0x1000)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
fchmodat(r7, &(0x7f0000000180)='./file0\x00', 0x4)
r8 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r9 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r9, r8, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r7, 0x5206, &(0x7f0000000480))

[ 1854.521088]  do_mmap+0x824/0xf40
[ 1854.521116]  vm_mmap_pgoff+0x1b5/0x280
[ 1854.521152]  ? randomize_stack_top+0x100/0x100
[ 1854.521181]  ? __fget_files+0x287/0x470
[ 1854.521223]  ksys_mmap_pgoff+0x3cc/0x4f0
[ 1854.521247]  do_syscall_64+0x3b/0x90
[ 1854.521269]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1854.521294] RIP: 0033:0x7f011e7ddb62
[ 1854.521308] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64
[ 1854.521325] RSP: 002b:00007f011bd530f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009
[ 1854.521342] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f011e7ddb62
[ 1854.521355] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffe000
[ 1854.521366] RBP: 0000000020ffe000 R08: 0000000000000005 R09: 0000000000000000
19:41:10 executing program 2:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 54)

[ 1854.521377] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000240
[ 1854.521388] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1854.521421]  </TASK>
[ 1854.607509] FAULT_INJECTION: forcing a failure.
[ 1854.607509] name failslab, interval 1, probability 0, space 0, times 0
[ 1854.607547] CPU: 1 PID: 7526 Comm: syz-executor.2 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1854.607574] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1854.607593] Call Trace:
[ 1854.607600]  <TASK>
[ 1854.607607]  dump_stack_lvl+0x8b/0xb3
[ 1854.607647]  should_fail.cold+0x5/0xa
[ 1854.607671]  ? mas_alloc_nodes+0x36e/0x6a0
[ 1854.607708]  should_failslab+0x5/0x10
[ 1854.607740]  kmem_cache_alloc+0x5b/0x480
[ 1854.607774]  mas_alloc_nodes+0x36e/0x6a0
[ 1854.607808]  ? find_vma+0x108/0x1a0
19:41:11 executing program 0:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x6, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240))

[ 1854.607857]  mas_preallocate+0xff/0x270
[ 1854.607898]  __vma_adjust+0x1f6/0x18a0
[ 1854.607948]  ? vma_expand+0xda0/0xda0
[ 1854.607978]  ? anon_vma_clone+0x3ae/0x560
[ 1854.608034]  ? mark_lock.part.0+0xef/0x2f60
[ 1854.608073]  __split_vma+0x2a1/0x540
[ 1854.608101]  do_mas_align_munmap.constprop.0+0x263/0xfa0
[ 1854.608140]  ? __split_vma+0x540/0x540
[ 1854.608173]  ? mas_walk+0x48a/0x670
[ 1854.608208]  ? mas_find+0x203/0xdd0
[ 1854.608244]  ? inode_has_perm+0x171/0x1d0
[ 1854.608272]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 1854.608307]  do_mas_munmap+0x1ed/0x2c0
[ 1854.608335]  mmap_region+0x21c/0x1a70
[ 1854.608369]  ? lock_release+0x750/0x750
19:41:11 executing program 1:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 31)

19:41:11 executing program 5:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0x5312)
r1 = openat$incfs(r0, &(0x7f0000000040)='.pending_reads\x00', 0x80100, 0x28)
ioctl$CDROMREADAUDIO(r1, 0x530e, &(0x7f00000000c0)={@msf={0x48, 0x1f, 0x3}, 0x4, 0x2, &(0x7f0000000080)=""/2})

19:41:11 executing program 7:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0x401070ca)

[ 1854.608397]  ? do_munmap+0x100/0x100
[ 1854.608427]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 1854.608461]  ? security_mmap_addr+0x79/0xa0
[ 1854.608492]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 1854.608526]  ? get_unmapped_area+0x2f0/0x3d0
[ 1854.608567]  do_mmap+0x824/0xf40
[ 1854.608600]  vm_mmap_pgoff+0x1b5/0x280
[ 1854.608643]  ? randomize_stack_top+0x100/0x100
[ 1854.608678]  ? __fget_files+0x287/0x470
[ 1854.608728]  ksys_mmap_pgoff+0x3cc/0x4f0
[ 1854.608757]  do_syscall_64+0x3b/0x90
[ 1854.608783]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1854.608814] RIP: 0033:0x7f4ea96a2b62
[ 1854.608830] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64
[ 1854.608852] RSP: 002b:00007f4ea6c180f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009
[ 1854.608874] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f4ea96a2b62
[ 1854.608888] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffe000
[ 1854.608901] RBP: 0000000020ffe000 R08: 0000000000000005 R09: 0000000000000000
[ 1854.608913] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000240
[ 1854.608926] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1854.608966]  </TASK>
[ 1854.770601] FAULT_INJECTION: forcing a failure.
[ 1854.770601] name failslab, interval 1, probability 0, space 0, times 0
[ 1854.770628] CPU: 0 PID: 7539 Comm: syz-executor.1 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1854.770646] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1854.770657] Call Trace:
[ 1854.770662]  <TASK>
[ 1854.770668]  dump_stack_lvl+0x8b/0xb3
[ 1854.770692]  should_fail.cold+0x5/0xa
[ 1854.770708]  ? create_object.isra.0+0x3a/0xa20
[ 1854.770733]  should_failslab+0x5/0x10
[ 1854.770755]  kmem_cache_alloc+0x5b/0x480
[ 1854.770775]  create_object.isra.0+0x3a/0xa20
[ 1854.770799]  ? kasan_unpoison+0x23/0x50
[ 1854.770823]  kmem_cache_alloc_trace+0x22e/0x3c0
[ 1854.770847]  selinux_sk_alloc_security+0x90/0x200
[ 1854.770873]  security_sk_alloc+0x56/0xb0
[ 1854.770899]  sk_prot_alloc+0xad/0x2e0
[ 1854.770926]  sk_alloc+0x34/0x750
[ 1854.770946]  ? lock_downgrade+0x6d0/0x6d0
[ 1854.770970]  unix_create1+0xa7/0x8d0
[ 1854.770991]  unix_create+0x110/0x220
[ 1854.771010]  __sock_create+0x345/0x750
[ 1854.771034]  io_uring_setup.cold+0x1e6d/0x271c
[ 1854.771062]  ? io_sqe_files_register+0x230/0x230
[ 1854.771100]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1854.771129]  do_syscall_64+0x3b/0x90
[ 1854.771147]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1854.771168] RIP: 0033:0x7f2c579bdb19
[ 1854.771180] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1854.771195] RSP: 002b:00007f2c54f33108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1854.771211] RAX: ffffffffffffffda RBX: 00007f2c57ad0f60 RCX: 00007f2c579bdb19
[ 1854.771221] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1854.771230] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1854.771240] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1854.771249] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1854.771275]  </TASK>
[ 1854.838553] FAULT_INJECTION: forcing a failure.
[ 1854.838553] name failslab, interval 1, probability 0, space 0, times 0
[ 1854.838595] CPU: 1 PID: 7543 Comm: syz-executor.6 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1854.838631] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1854.838652] Call Trace:
[ 1854.838658]  <TASK>
[ 1854.838668]  dump_stack_lvl+0x8b/0xb3
[ 1854.838713]  should_fail.cold+0x5/0xa
[ 1854.838744]  ? create_object.isra.0+0x3a/0xa20
[ 1854.838803]  should_failslab+0x5/0x10
[ 1854.838844]  kmem_cache_alloc+0x5b/0x480
[ 1854.838869]  ? mark_held_locks+0x9e/0xe0
[ 1854.838930]  create_object.isra.0+0x3a/0xa20
[ 1854.838977]  ? kasan_unpoison+0x23/0x50
[ 1854.839023]  kmem_cache_alloc_bulk+0x3fa/0x780
[ 1854.839054]  ? kmem_cache_alloc+0x332/0x480
[ 1854.839085]  mas_alloc_nodes+0x2a6/0x6a0
[ 1854.839128]  mas_preallocate+0xff/0x270
[ 1854.839165]  __vma_adjust+0x1f6/0x18a0
[ 1854.839213]  ? vma_expand+0xda0/0xda0
[ 1854.839241]  ? anon_vma_clone+0x3ae/0x560
[ 1854.839272]  ? mark_lock.part.0+0xef/0x2f60
[ 1854.839308]  __split_vma+0x2a1/0x540
[ 1854.839336]  do_mas_align_munmap.constprop.0+0x263/0xfa0
[ 1854.839375]  ? __split_vma+0x540/0x540
[ 1854.839408]  ? mas_walk+0x48a/0x670
[ 1854.839443]  ? mas_find+0x203/0xdd0
[ 1854.839479]  ? inode_has_perm+0x171/0x1d0
[ 1854.839505]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 1854.839541]  do_mas_munmap+0x1ed/0x2c0
[ 1854.839569]  mmap_region+0x21c/0x1a70
[ 1854.839603]  ? lock_release+0x750/0x750
[ 1854.839631]  ? do_munmap+0x100/0x100
[ 1854.839661]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 1854.839695]  ? security_mmap_addr+0x79/0xa0
[ 1854.839725]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 1854.839758]  ? get_unmapped_area+0x2f0/0x3d0
[ 1854.839800]  do_mmap+0x824/0xf40
[ 1854.839833]  vm_mmap_pgoff+0x1b5/0x280
[ 1854.839875]  ? randomize_stack_top+0x100/0x100
[ 1854.839910]  ? __fget_files+0x287/0x470
[ 1854.839959]  ksys_mmap_pgoff+0x3cc/0x4f0
[ 1854.839988]  do_syscall_64+0x3b/0x90
[ 1854.840039]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1854.840068] RIP: 0033:0x7f011e7ddb62
[ 1854.840086] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64
[ 1854.840106] RSP: 002b:00007f011bd530f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009
[ 1854.840127] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f011e7ddb62
[ 1854.840141] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffe000
[ 1854.840155] RBP: 0000000020ffe000 R08: 0000000000000005 R09: 0000000000000000
[ 1854.840168] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000240
[ 1854.840182] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1854.840220]  </TASK>
[ 1854.934217] FAULT_INJECTION: forcing a failure.
[ 1854.934217] name failslab, interval 1, probability 0, space 0, times 0
[ 1854.934242] CPU: 0 PID: 7551 Comm: syz-executor.2 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1854.934258] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1854.934268] Call Trace:
[ 1854.934272]  <TASK>
[ 1854.934277]  dump_stack_lvl+0x8b/0xb3
[ 1854.934301]  should_fail.cold+0x5/0xa
[ 1854.934315]  ? create_object.isra.0+0x3a/0xa20
[ 1854.934338]  should_failslab+0x5/0x10
[ 1854.934357]  kmem_cache_alloc+0x5b/0x480
[ 1854.934376]  create_object.isra.0+0x3a/0xa20
[ 1854.934394]  ? kasan_unpoison+0x23/0x50
[ 1854.934415]  kmem_cache_alloc+0x239/0x480
[ 1854.934433]  vm_area_dup+0x7f/0x220
[ 1854.934462]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 1854.934480]  ? mark_lock.part.0+0xef/0x2f60
[ 1854.934510]  ? lock_is_held_type+0xd7/0x130
[ 1854.934529]  ? find_held_lock+0x2c/0x110
[ 1854.934546]  ? vm_area_alloc+0xf0/0xf0
[ 1854.934565]  ? lock_release+0x3b2/0x750
[ 1854.934582]  ? avc_has_perm_noaudit+0x1c8/0x390
[ 1854.934598]  ? lock_downgrade+0x6d0/0x6d0
[ 1854.934614]  ? find_held_lock+0x2c/0x110
[ 1854.934634]  ? __sanitizer_cov_trace_cmp2+0x22/0x80
[ 1854.934659]  ? mark_lock.part.0+0xef/0x2f60
[ 1854.934677]  ? avc_has_perm_noaudit+0x1ef/0x390
[ 1854.934693]  __split_vma+0xa2/0x540
[ 1854.934712]  do_mas_align_munmap.constprop.0+0x263/0xfa0
[ 1854.934736]  ? __split_vma+0x540/0x540
[ 1854.934757]  ? mas_walk+0x48a/0x670
[ 1854.934780]  ? mas_find+0x203/0xdd0
[ 1854.934807]  ? inode_has_perm+0x171/0x1d0
[ 1854.934823]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 1854.934846]  do_mas_munmap+0x1ed/0x2c0
[ 1854.934863]  mmap_region+0x21c/0x1a70
[ 1854.934885]  ? lock_release+0x750/0x750
[ 1854.934903]  ? do_munmap+0x100/0x100
[ 1854.934922]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 1854.934945]  ? security_mmap_addr+0x79/0xa0
[ 1854.934967]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 1854.934988]  ? get_unmapped_area+0x2f0/0x3d0
[ 1854.935014]  do_mmap+0x824/0xf40
[ 1854.935036]  vm_mmap_pgoff+0x1b5/0x280
[ 1854.935063]  ? randomize_stack_top+0x100/0x100
[ 1854.935085]  ? __fget_files+0x287/0x470
[ 1854.935117]  ksys_mmap_pgoff+0x3cc/0x4f0
[ 1854.935134]  do_syscall_64+0x3b/0x90
[ 1854.935150]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1854.935168] RIP: 0033:0x7f4ea96a2b62
[ 1854.935179] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64
[ 1854.935192] RSP: 002b:00007f4ea6c180f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009
[ 1854.935205] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f4ea96a2b62
[ 1854.935214] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffe000
[ 1854.935223] RBP: 0000000020ffe000 R08: 0000000000000005 R09: 0000000000000000
[ 1854.935231] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000240
[ 1854.935239] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1854.935264]  </TASK>
[ 1854.956187] FAULT_INJECTION: forcing a failure.
[ 1854.956187] name failslab, interval 1, probability 0, space 0, times 0
[ 1854.956212] CPU: 0 PID: 7559 Comm: syz-executor.1 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1854.956228] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1854.956238] Call Trace:
[ 1854.956242]  <TASK>
[ 1854.956252]  dump_stack_lvl+0x8b/0xb3
[ 1854.956275]  should_fail.cold+0x5/0xa
[ 1854.956292]  should_failslab+0x5/0x10
[ 1854.956311]  kmem_cache_alloc_lru+0x60/0x7c0
[ 1854.956325]  ? alloc_inode+0x170/0x240
[ 1854.956349]  alloc_inode+0x170/0x240
[ 1854.956368]  new_inode_pseudo+0x14/0xe0
[ 1854.956389]  alloc_anon_inode+0x22/0x3c0
[ 1854.956403]  ? _raw_spin_unlock+0x24/0x40
[ 1854.956421]  anon_inode_make_secure_inode+0xaa/0x180
[ 1854.956442]  ? __x64_sys_epoll_ctl+0x1c0/0x1c0
[ 1854.956458]  ? security_socket_post_create+0x9e/0xd0
[ 1854.956484]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 1854.956510]  anon_inode_getfile_secure+0x73/0x1e0
[ 1854.956532]  io_uring_setup.cold+0x1ed0/0x271c
[ 1854.956557]  ? io_sqe_files_register+0x230/0x230
[ 1854.956589]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1854.956614]  do_syscall_64+0x3b/0x90
[ 1854.956629]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1854.956647] RIP: 0033:0x7f2c579bdb19
[ 1854.956658] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1854.956671] RSP: 002b:00007f2c54f33108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1854.956684] RAX: ffffffffffffffda RBX: 00007f2c57ad0f60 RCX: 00007f2c579bdb19
[ 1854.956693] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1854.956702] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1854.956709] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1854.956717] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1854.956740]  </TASK>
[ 1869.207012] kmemleak: 4 new suspected memory leaks (see /sys/kernel/debug/kmemleak)
19:41:34 executing program 3:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)=<r2=>0x0)
r3 = creat(&(0x7f0000000380)='./file1\x00', 0x0)
r4 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140))
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
r6 = syz_io_uring_setup(0x76e7, &(0x7f0000000340), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000280), &(0x7f00000003c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0xa, 0x0, r5)
syz_io_uring_submit(0x0, r2, &(0x7f00000003c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x0, 0x0, @fd=r3, 0xfffffffffffffff9, 0x0, 0xf690, 0x0, 0x0, {0x0, r5}}, 0x1000)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
fchmodat(r7, &(0x7f0000000180)='./file0\x00', 0x4)
r8 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r9 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r9, r8, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r7, 0x5206, &(0x7f0000000480))

19:41:34 executing program 7:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0x401070cd)

19:41:34 executing program 2:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 55)

19:41:34 executing program 5:
write$sndseq(0xffffffffffffffff, &(0x7f0000000040)=[{0xff, 0x80, 0x57, 0xf7, @time={0xc26, 0x200}, {0x3}, {0x9, 0x2}, @addr={0x6, 0x80}}, {0x9, 0x10, 0x0, 0x7f, @time={0x2, 0x4c2}, {0x40, 0xfa}, {0xfd, 0x6}, @addr={0x5, 0x80}}], 0x38)
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0xa200, 0x0)
ioctl(r1, 0x3c6, &(0x7f0000000080)="7635af4f3697b4691c3b3a50d1fdc77d032d8e83d804c50c74037f5b580db833bc1f42a7d3bffc2b27811c")
ioctl$CDROMRESET(r0, 0x5312)

19:41:34 executing program 4:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)=<r2=>0x0)
r3 = creat(&(0x7f0000000380)='./file1\x00', 0x0)
r4 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140))
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
syz_io_uring_setup(0x76e7, &(0x7f0000000340), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000280), &(0x7f00000003c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(0xffffffffffffffff, 0xa, 0x0, r5)
syz_io_uring_submit(0x0, r2, &(0x7f00000003c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x4, 0x0, @fd=r3, 0xfffffffffffffff9, 0x0, 0xf690, 0x0, 0x0, {0x0, r5}}, 0x1000)
r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
fchmodat(r6, &(0x7f0000000180)='./file0\x00', 0x4)
r7 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r8 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r8, r7, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r6, 0x5206, &(0x7f0000000480))

19:41:34 executing program 1:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 32)

19:41:34 executing program 0:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x8, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240))

19:41:34 executing program 6:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 56)

[ 1878.379110] FAULT_INJECTION: forcing a failure.
[ 1878.379110] name failslab, interval 1, probability 0, space 0, times 0
[ 1878.379132] CPU: 0 PID: 7574 Comm: syz-executor.1 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1878.379145] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1878.379153] Call Trace:
[ 1878.379157]  <TASK>
[ 1878.379162]  dump_stack_lvl+0x8b/0xb3
[ 1878.379181]  should_fail.cold+0x5/0xa
[ 1878.379193]  ? create_object.isra.0+0x3a/0xa20
[ 1878.379213]  should_failslab+0x5/0x10
[ 1878.379230]  kmem_cache_alloc+0x5b/0x480
[ 1878.379246]  create_object.isra.0+0x3a/0xa20
[ 1878.379262]  ? kasan_unpoison+0x23/0x50
[ 1878.379280]  kmem_cache_alloc_lru+0x2d3/0x7c0
[ 1878.379291]  ? alloc_inode+0x170/0x240
[ 1878.379312]  alloc_inode+0x170/0x240
[ 1878.379329]  new_inode_pseudo+0x14/0xe0
[ 1878.379346]  alloc_anon_inode+0x22/0x3c0
[ 1878.379358]  ? _raw_spin_unlock+0x24/0x40
[ 1878.379374]  anon_inode_make_secure_inode+0xaa/0x180
[ 1878.379391]  ? __x64_sys_epoll_ctl+0x1c0/0x1c0
[ 1878.379406]  ? security_socket_post_create+0x9e/0xd0
[ 1878.379428]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 1878.379451]  anon_inode_getfile_secure+0x73/0x1e0
[ 1878.379470]  io_uring_setup.cold+0x1ed0/0x271c
[ 1878.379492]  ? io_sqe_files_register+0x230/0x230
[ 1878.379521]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1878.379543]  do_syscall_64+0x3b/0x90
[ 1878.379557]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1878.379572] RIP: 0033:0x7f2c579bdb19
[ 1878.379581] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1878.379593] RSP: 002b:00007f2c54f33108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1878.379605] RAX: ffffffffffffffda RBX: 00007f2c57ad0f60 RCX: 00007f2c579bdb19
[ 1878.379613] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1878.379620] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1878.379627] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1878.379635] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1878.379654]  </TASK>
[ 1878.405721] FAULT_INJECTION: forcing a failure.
[ 1878.405721] name failslab, interval 1, probability 0, space 0, times 0
[ 1878.405758] CPU: 0 PID: 7577 Comm: syz-executor.2 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1878.405795] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1878.405816] Call Trace:
[ 1878.405823]  <TASK>
[ 1878.405832]  dump_stack_lvl+0x8b/0xb3
[ 1878.405867]  should_fail.cold+0x5/0xa
[ 1878.405896]  ? create_object.isra.0+0x3a/0xa20
[ 1878.405940]  should_failslab+0x5/0x10
[ 1878.405979]  kmem_cache_alloc+0x5b/0x480
[ 1878.406005]  ? mark_held_locks+0x9e/0xe0
[ 1878.406047]  create_object.isra.0+0x3a/0xa20
[ 1878.406086]  ? kasan_unpoison+0x23/0x50
[ 1878.406130]  kmem_cache_alloc_bulk+0x3fa/0x780
[ 1878.406167]  mas_alloc_nodes+0x2a6/0x6a0
[ 1878.406207]  mas_preallocate+0xff/0x270
[ 1878.406227]  __vma_adjust+0x1f6/0x18a0
[ 1878.406253]  ? vma_expand+0xda0/0xda0
[ 1878.406268]  ? anon_vma_clone+0x3ae/0x560
[ 1878.406284]  ? mark_lock.part.0+0xef/0x2f60
[ 1878.406304]  __split_vma+0x2a1/0x540
[ 1878.406319]  do_mas_align_munmap.constprop.0+0x263/0xfa0
[ 1878.406340]  ? __split_vma+0x540/0x540
[ 1878.406358]  ? mas_walk+0x48a/0x670
[ 1878.406377]  ? mas_find+0x203/0xdd0
[ 1878.406396]  ? inode_has_perm+0x171/0x1d0
[ 1878.406411]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 1878.406430]  do_mas_munmap+0x1ed/0x2c0
[ 1878.406445]  mmap_region+0x21c/0x1a70
[ 1878.406463]  ? lock_release+0x750/0x750
[ 1878.406479]  ? do_munmap+0x100/0x100
[ 1878.406495]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 1878.406514]  ? security_mmap_addr+0x79/0xa0
[ 1878.406531]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 1878.406549]  ? get_unmapped_area+0x2f0/0x3d0
[ 1878.406572]  do_mmap+0x824/0xf40
[ 1878.406590]  vm_mmap_pgoff+0x1b5/0x280
[ 1878.406613]  ? randomize_stack_top+0x100/0x100
[ 1878.406632]  ? __fget_files+0x287/0x470
[ 1878.406659]  ksys_mmap_pgoff+0x3cc/0x4f0
[ 1878.406674]  do_syscall_64+0x3b/0x90
[ 1878.406689]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1878.406705] RIP: 0033:0x7f4ea96a2b62
[ 1878.406714] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64
[ 1878.406726] RSP: 002b:00007f4ea6c180f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009
[ 1878.406738] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f4ea96a2b62
[ 1878.406745] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffe000
[ 1878.406752] RBP: 0000000020ffe000 R08: 0000000000000005 R09: 0000000000000000
[ 1878.406759] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000240
[ 1878.406766] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1878.406787]  </TASK>
[ 1878.475358] FAULT_INJECTION: forcing a failure.
[ 1878.475358] name failslab, interval 1, probability 0, space 0, times 0
[ 1878.475382] CPU: 0 PID: 7578 Comm: syz-executor.6 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1878.475399] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1878.475412] Call Trace:
[ 1878.475418]  <TASK>
[ 1878.475426]  dump_stack_lvl+0x8b/0xb3
[ 1878.475453]  should_fail.cold+0x5/0xa
[ 1878.475473]  ? create_object.isra.0+0x3a/0xa20
[ 1878.475506]  should_failslab+0x5/0x10
[ 1878.475530]  kmem_cache_alloc+0x5b/0x480
[ 1878.475552]  create_object.isra.0+0x3a/0xa20
[ 1878.475579]  ? kasan_unpoison+0x23/0x50
[ 1878.475602]  kmem_cache_alloc+0x239/0x480
[ 1878.475620]  mas_alloc_nodes+0x36e/0x6a0
[ 1878.475643]  ? find_vma+0x108/0x1a0
[ 1878.475671]  mas_preallocate+0xff/0x270
[ 1878.475692]  __vma_adjust+0x1f6/0x18a0
[ 1878.475719]  ? vma_expand+0xda0/0xda0
[ 1878.475735]  ? anon_vma_clone+0x3ae/0x560
[ 1878.475754]  ? mark_lock.part.0+0xef/0x2f60
[ 1878.475776]  __split_vma+0x2a1/0x540
[ 1878.475796]  do_mas_align_munmap.constprop.0+0x263/0xfa0
[ 1878.475818]  ? __split_vma+0x540/0x540
[ 1878.475835]  ? mas_walk+0x48a/0x670
[ 1878.475854]  ? mas_find+0x203/0xdd0
[ 1878.475873]  ? inode_has_perm+0x171/0x1d0
[ 1878.475888]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 1878.475907]  do_mas_munmap+0x1ed/0x2c0
[ 1878.475922]  mmap_region+0x21c/0x1a70
[ 1878.475940]  ? lock_release+0x750/0x750
[ 1878.475956]  ? do_munmap+0x100/0x100
[ 1878.475972]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 1878.475991]  ? security_mmap_addr+0x79/0xa0
[ 1878.476007]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 1878.476025]  ? get_unmapped_area+0x2f0/0x3d0
[ 1878.476047]  do_mmap+0x824/0xf40
[ 1878.476069]  vm_mmap_pgoff+0x1b5/0x280
[ 1878.476093]  ? randomize_stack_top+0x100/0x100
[ 1878.476112]  ? __fget_files+0x287/0x470
[ 1878.476139]  ksys_mmap_pgoff+0x3cc/0x4f0
[ 1878.476154]  do_syscall_64+0x3b/0x90
[ 1878.476168]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1878.476185] RIP: 0033:0x7f011e7ddb62
[ 1878.476194] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64
[ 1878.476205] RSP: 002b:00007f011bd530f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009
[ 1878.476218] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f011e7ddb62
[ 1878.476225] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffe000
[ 1878.476233] RBP: 0000000020ffe000 R08: 0000000000000005 R09: 0000000000000000
[ 1878.476241] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000240
[ 1878.476248] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1878.476270]  </TASK>
[ 1890.430897] kmemleak: 4 new suspected memory leaks (see /sys/kernel/debug/kmemleak)
19:41:54 executing program 4:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
fstatfs(r0, &(0x7f0000000080)=""/17)
ioctl$CDROMRESET(r0, 0x5312)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r0, 0xc0189379, &(0x7f0000000040)={{0x1, 0x1, 0x18, r0}, './file0\x00'})

19:41:54 executing program 1:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 33)

19:41:54 executing program 2:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 56)

19:41:54 executing program 0:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0xb, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240))

19:41:54 executing program 5:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0x5312)
ioctl$F2FS_IOC_WRITE_CHECKPOINT(r0, 0xf507, 0x0)
pwrite64(r0, &(0x7f0000000040)="5481d5a60a4b562be2e796e0f33bfee6d9167007e8a350514c5e82e413e992f8134c3c3286fb735fb0de97b704337318c0d118de1a2f781eaa3e164d9b9dfc60112343795088ad8ba719f8efae75fdd2ea0222e6d35684b0d7bba5fcdf525f117aaa7c82ca974af402e88c27021cfd6d5f20d6014bf0101a4958aacd88fb49b798c9dd4652689f597c9bcf707a7904467ea826b26d62f1b6798172e798561477c4e0aab2ded05e8b169f73bf751b88c56856290ccea9233aa5eaad54", 0xbc, 0x8001)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/fscaps', 0x200000, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x4042, 0x0)
fcntl$dupfd(r1, 0x0, r2)
ioctl$EXT4_IOC_GET_ES_CACHE(r0, 0xc020662a, &(0x7f0000000140)={0x3f, 0x1, 0x4, 0x5, 0x1, [{0x1, 0x6, 0x4, '\x00', 0x707}]})
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000200)={{0x1, 0x1, 0x18, <r3=>r2, {0x4}}, '.\x00'})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_RINGS_SET(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)={0x28, r5, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_RINGS_HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x4}]}]}, 0x28}}, 0x0)
sendmsg$ETHTOOL_MSG_PAUSE_SET(r3, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x2c, r5, 0x100, 0x70bd2b, 0x25dfdbfe, {}, [@ETHTOOL_A_PAUSE_RX={0x5}, @ETHTOOL_A_PAUSE_TX={0x5, 0x4, 0x1}, @ETHTOOL_A_PAUSE_TX={0x5, 0x4, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x6004}, 0x80)
r6 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/fscaps', 0x200000, 0x0)
r7 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x4042, 0x0)
fcntl$dupfd(r6, 0x0, r7)
ioctl$TIOCGPKT(r7, 0x80045438, &(0x7f0000000340))
openat(r1, &(0x7f0000000100)='./file0\x00', 0x684043, 0x1e8)

19:41:54 executing program 7:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0x401870c8)

19:41:54 executing program 3:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)=<r2=>0x0)
creat(&(0x7f0000000380)='./file1\x00', 0x0)
r3 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140))
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r3, 0x9, 0x0, 0x0)
r5 = syz_io_uring_setup(0x76e7, &(0x7f0000000340), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000280), &(0x7f00000003c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r5, 0xa, 0x0, r4)
syz_io_uring_submit(0x0, r2, &(0x7f00000003c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x4, 0x0, @fd, 0xfffffffffffffff9, 0x0, 0xf690, 0x0, 0x0, {0x0, r4}}, 0x1000)
r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
fchmodat(r6, &(0x7f0000000180)='./file0\x00', 0x4)
r7 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r8 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r8, r7, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r6, 0x5206, &(0x7f0000000480))

19:41:54 executing program 6:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 57)

[ 1898.461872] FAULT_INJECTION: forcing a failure.
[ 1898.461872] name failslab, interval 1, probability 0, space 0, times 0
[ 1898.461894] CPU: 0 PID: 7599 Comm: syz-executor.1 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1898.461908] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1898.461916] Call Trace:
[ 1898.461920]  <TASK>
[ 1898.461924]  dump_stack_lvl+0x8b/0xb3
[ 1898.461946]  should_fail.cold+0x5/0xa
[ 1898.461959]  ? security_inode_alloc+0x34/0x160
[ 1898.461976]  should_failslab+0x5/0x10
[ 1898.461993]  kmem_cache_alloc+0x5b/0x480
[ 1898.462009]  security_inode_alloc+0x34/0x160
[ 1898.462026]  inode_init_always+0x5d8/0xd20
[ 1898.462045]  alloc_inode+0x84/0x240
[ 1898.462062]  new_inode_pseudo+0x14/0xe0
[ 1898.462079]  alloc_anon_inode+0x22/0x3c0
19:41:54 executing program 1:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 34)

[ 1898.462091]  ? _raw_spin_unlock+0x24/0x40
[ 1898.462107]  anon_inode_make_secure_inode+0xaa/0x180
[ 1898.462125]  ? __x64_sys_epoll_ctl+0x1c0/0x1c0
[ 1898.462140]  ? security_socket_post_create+0x9e/0xd0
[ 1898.462160]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 1898.462183]  anon_inode_getfile_secure+0x73/0x1e0
[ 1898.462201]  io_uring_setup.cold+0x1ed0/0x271c
[ 1898.462223]  ? io_sqe_files_register+0x230/0x230
[ 1898.462253]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1898.462275]  do_syscall_64+0x3b/0x90
[ 1898.462288]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1898.462304] RIP: 0033:0x7f2c579bdb19
[ 1898.462313] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1898.462325] RSP: 002b:00007f2c54f33108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
19:41:54 executing program 7:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0x401870cb)

[ 1898.462336] RAX: ffffffffffffffda RBX: 00007f2c57ad0f60 RCX: 00007f2c579bdb19
[ 1898.462345] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
19:41:54 executing program 4:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)=<r2=>0x0)
r3 = creat(&(0x7f0000000380)='./file1\x00', 0x0)
r4 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140))
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
r6 = syz_io_uring_setup(0x76e7, &(0x7f0000000340), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000280), 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0xa, 0x0, r5)
syz_io_uring_submit(0x0, r2, &(0x7f00000003c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x4, 0x0, @fd=r3, 0xfffffffffffffff9, 0x0, 0xf690, 0x0, 0x0, {0x0, r5}}, 0x1000)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
fchmodat(r7, &(0x7f0000000180)='./file0\x00', 0x4)
r8 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r9 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r9, r8, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r7, 0x5206, &(0x7f0000000480))

[ 1898.462352] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1898.462359] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1898.462366] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1898.462386]  </TASK>
[ 1898.496161] FAULT_INJECTION: forcing a failure.
[ 1898.496161] name failslab, interval 1, probability 0, space 0, times 0
19:41:54 executing program 6:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 58)

[ 1898.496180] CPU: 0 PID: 7602 Comm: syz-executor.6 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1898.496193] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1898.496201] Call Trace:
[ 1898.496204]  <TASK>
[ 1898.496209]  dump_stack_lvl+0x8b/0xb3
[ 1898.496226]  should_fail.cold+0x5/0xa
[ 1898.496239]  ? create_object.isra.0+0x3a/0xa20
19:41:54 executing program 3:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)=<r2=>0x0)
creat(&(0x7f0000000380)='./file1\x00', 0x0)
r3 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140))
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r3, 0x9, 0x0, 0x0)
r5 = syz_io_uring_setup(0x76e7, &(0x7f0000000340), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000280), &(0x7f00000003c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r5, 0xa, 0x0, r4)
syz_io_uring_submit(0x0, r2, &(0x7f00000003c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x4, 0x0, @fd, 0xfffffffffffffff9, 0x0, 0xf690, 0x0, 0x0, {0x0, r4}}, 0x1000)
r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
fchmodat(r6, &(0x7f0000000180)='./file0\x00', 0x4)
r7 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r8 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r8, r7, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r6, 0x5206, &(0x7f0000000480))

[ 1898.496259]  should_failslab+0x5/0x10
[ 1898.496275]  kmem_cache_alloc+0x5b/0x480
[ 1898.496285]  ? mark_held_locks+0x9e/0xe0
[ 1898.496305]  create_object.isra.0+0x3a/0xa20
[ 1898.496321]  ? kasan_unpoison+0x23/0x50
[ 1898.496340]  kmem_cache_alloc_bulk+0x3fa/0x780
[ 1898.496351]  ? kmem_cache_alloc+0x332/0x480
[ 1898.496367]  mas_alloc_nodes+0x2a6/0x6a0
[ 1898.496390]  mas_preallocate+0xff/0x270
[ 1898.496410]  __vma_adjust+0x1f6/0x18a0
[ 1898.496437]  ? vma_expand+0xda0/0xda0
[ 1898.496452]  ? anon_vma_clone+0x3ae/0x560
[ 1898.496468]  ? mark_lock.part.0+0xef/0x2f60
19:41:54 executing program 0:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0xc, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240))

19:41:54 executing program 2:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 57)

[ 1898.496488]  __split_vma+0x2a1/0x540
[ 1898.496503]  do_mas_align_munmap.constprop.0+0x263/0xfa0
[ 1898.496528]  ? __split_vma+0x540/0x540
[ 1898.496546]  ? mas_walk+0x48a/0x670
[ 1898.496564]  ? mas_find+0x203/0xdd0
[ 1898.496584]  ? inode_has_perm+0x171/0x1d0
19:41:54 executing program 5:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
r1 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$SG_IO(r1, 0x2285, &(0x7f0000000880)={0x53, 0xfffffffffffffffc, 0x36, 0x0, @scatter={0x9, 0x0, &(0x7f0000000700)=[{&(0x7f0000000080)=""/169, 0xa9}, {&(0x7f0000000140)=""/223, 0xdf}, {&(0x7f0000000240)=""/142, 0x8e}, {&(0x7f0000000300)=""/202, 0xca}, {&(0x7f0000000400)=""/35, 0x23}, {&(0x7f0000000440)=""/184, 0xb8}, {&(0x7f0000000500)=""/40, 0x28}, {&(0x7f0000000540)=""/145, 0x91}, {&(0x7f0000000600)=""/208, 0xd0}]}, &(0x7f00000007c0)="8c3bdad69b42d984c3c1e7c25c2d97b9ebd9686db32bbe2b54651a7b16d0288e9126477c73dfb5167bd93b2f18c20f6bbeaaa1067b36", &(0x7f0000000800)=""/39, 0x0, 0x3, 0xffffffffffffffff, &(0x7f0000000840)})
ioctl$SG_IO(r0, 0x2285, &(0x7f0000000c80)={0x53, 0xfffffffffffffffc, 0x0, 0x2, @scatter={0x3, 0x0, &(0x7f0000000b00)=[{&(0x7f0000000900)=""/226, 0xe2}, {&(0x7f0000000a00)=""/145, 0x91}, {&(0x7f0000000ac0)=""/18, 0x12}]}, &(0x7f0000000b40), &(0x7f0000000d00)=""/149, 0x8001, 0x0, 0x0, &(0x7f0000000b40)})
ioctl$CDROMRESET(r0, 0x5312)

19:41:54 executing program 1:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 35)

19:41:54 executing program 7:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0x401870cc)

[ 1898.496598]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 1898.496618]  do_mas_munmap+0x1ed/0x2c0
[ 1898.496650]  mmap_region+0x21c/0x1a70
[ 1898.496668]  ? lock_release+0x750/0x750
[ 1898.496684]  ? do_munmap+0x100/0x100
[ 1898.496700]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 1898.496719]  ? security_mmap_addr+0x79/0xa0
[ 1898.496736]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 1898.496754]  ? get_unmapped_area+0x2f0/0x3d0
[ 1898.496776]  do_mmap+0x824/0xf40
[ 1898.496795]  vm_mmap_pgoff+0x1b5/0x280
[ 1898.496818]  ? randomize_stack_top+0x100/0x100
[ 1898.496837]  ? __fget_files+0x287/0x470
[ 1898.496864]  ksys_mmap_pgoff+0x3cc/0x4f0
[ 1898.496880]  do_syscall_64+0x3b/0x90
[ 1898.496894]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1898.496910] RIP: 0033:0x7f011e7ddb62
[ 1898.496920] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64
[ 1898.496931] RSP: 002b:00007f011bd530f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009
19:41:54 executing program 4:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)=<r2=>0x0)
r3 = creat(&(0x7f0000000380)='./file1\x00', 0x0)
r4 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140))
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
r6 = syz_io_uring_setup(0x76e7, &(0x7f0000000340), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, 0x0, &(0x7f00000003c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0xa, 0x0, r5)
syz_io_uring_submit(0x0, r2, &(0x7f00000003c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x4, 0x0, @fd=r3, 0xfffffffffffffff9, 0x0, 0xf690, 0x0, 0x0, {0x0, r5}}, 0x1000)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
fchmodat(r7, &(0x7f0000000180)='./file0\x00', 0x4)
r8 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r9 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r9, r8, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r7, 0x5206, &(0x7f0000000480))

[ 1898.496942] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f011e7ddb62
[ 1898.496950] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffe000
[ 1898.496957] RBP: 0000000020ffe000 R08: 0000000000000005 R09: 0000000000000000
[ 1898.496964] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000240
[ 1898.496971] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1898.496993]  </TASK>
[ 1898.507164] FAULT_INJECTION: forcing a failure.
[ 1898.507164] name failslab, interval 1, probability 0, space 0, times 0
[ 1898.507198] CPU: 0 PID: 7605 Comm: syz-executor.2 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1898.507230] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1898.507250] Call Trace:
[ 1898.507257]  <TASK>
[ 1898.507267]  dump_stack_lvl+0x8b/0xb3
[ 1898.507299]  should_fail.cold+0x5/0xa
[ 1898.507328]  ? create_object.isra.0+0x3a/0xa20
19:41:55 executing program 6:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 59)

[ 1898.507373]  should_failslab+0x5/0x10
[ 1898.507409]  kmem_cache_alloc+0x5b/0x480
[ 1898.507443]  create_object.isra.0+0x3a/0xa20
[ 1898.507479]  ? kasan_unpoison+0x23/0x50
[ 1898.507519]  kmem_cache_alloc+0x239/0x480
[ 1898.507552]  mas_alloc_nodes+0x36e/0x6a0
19:41:55 executing program 2:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 58)

19:41:55 executing program 1:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 36)

[ 1898.507589]  ? find_vma+0x108/0x1a0
[ 1898.507622]  mas_preallocate+0xff/0x270
[ 1898.507642]  __vma_adjust+0x1f6/0x18a0
[ 1898.507667]  ? vma_expand+0xda0/0xda0
[ 1898.507682]  ? anon_vma_clone+0x3ae/0x560
[ 1898.507698]  ? mark_lock.part.0+0xef/0x2f60
19:41:55 executing program 5:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0x5312)
r1 = syz_io_uring_setup(0x7b5d, &(0x7f00000015c0)={0x0, 0xb41e, 0x0, 0x1, 0x2a3}, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000001640), &(0x7f0000001680))
r2 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x1, 0x1010, r1, 0x8000000)
r3 = syz_io_uring_complete(r2)
ioctl$CDROMREADMODE2(r3, 0x530c, &(0x7f0000000040)={0x20, 0x5, 0x0, 0x20, 0x8, 0x4})
fallocate(r0, 0x24, 0xb6a, 0x8)
r4 = accept4$bt_l2cap(r3, 0x0, &(0x7f0000000b00), 0x0)
ioctl$EXT4_IOC_GROUP_ADD(r4, 0x40286608, &(0x7f0000000b40)={0x50000000, 0x2, 0x0, 0x6, 0x4, 0x8})
ioctl$CDROMVOLREAD(r3, 0x5313, &(0x7f0000001280))
r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000012c0), 0x482000, 0x0)
sendmsg$unix(r5, &(0x7f0000001580)={&(0x7f0000001300)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000001540)=[{&(0x7f0000001380)="210e64f1dbd5b175359c375619563f0bcb397ab60aa597860a94135737469360ed8f75508d0cef612270fdaade24634e993b773845513f98349109176f80f9163054c0454820b7dfb11edf06094d997d4388e0de662660e1b9a344238382629f645ab2d1dde01e306368b509a97b3ca0966e9c82684a0d7da9f41866db8fc685f623440cd21636f2812db35f98a356e42b709ae1df96c3e0775f496c90620f34f83bbab1b07209c5183a1a65d23403ab95b71660e8e201b66a", 0xb9}, {&(0x7f0000001440)="ec188342c323646b90aba727921d1d6c28fedaa96c880080f935d13ab8e0c1014ed0b0ba5f5c37d2e9372d1cbd7a571ef2e3f67c6e996348387f0fbb779cab0434cfaa5a0a571685c744f4a28493ba3415994fcbd7b1dda10a360b291ab93722f98401ec5626632c2128755830b6f6ebb6a1281f94bef362e6db8e475162197a2f234f3daca06782dd17e548b0b18d5dfa662923bf4c887128150edc2dfc6301bed9983775693ec6d1b1cde69b035d103850a7781fd03274299824be241f9b9711ec6d9eb1dc7a58fff33b", 0xcb}], 0x2, 0x0, 0x0, 0x4000}, 0x10000)
r6 = openat$null(0xffffffffffffff9c, &(0x7f0000000b80), 0x141081, 0x0)
r7 = gettid()
process_vm_readv(r7, &(0x7f00000000c0)=[{&(0x7f0000000280)=""/4078, 0x7ffff000}, {&(0x7f0000000000)=""/123, 0x7b}, {&(0x7f0000000100)=""/57, 0x39}], 0x3, &(0x7f0000000240)=[{&(0x7f0000012940)=""/102400, 0xffffff76}], 0x1, 0x0)
ioctl$sock_FIOSETOWN(r6, 0x8901, &(0x7f0000000bc0)=r7)
ioctl$AUTOFS_IOC_SETTIMEOUT(r0, 0x80049367, &(0x7f0000000ac0)=0x800)

[ 1898.507719]  __split_vma+0x2a1/0x540
[ 1898.507734]  do_mas_align_munmap.constprop.0+0x263/0xfa0
[ 1898.507755]  ? __split_vma+0x540/0x540
[ 1898.507772]  ? mas_walk+0x48a/0x670
[ 1898.507794]  ? mas_find+0x203/0xdd0
[ 1898.507815]  ? inode_has_perm+0x171/0x1d0
[ 1898.507831]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 1898.507851]  do_mas_munmap+0x1ed/0x2c0
[ 1898.507866]  mmap_region+0x21c/0x1a70
[ 1898.507884]  ? lock_release+0x750/0x750
[ 1898.507900]  ? do_munmap+0x100/0x100
[ 1898.507916]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 1898.507934]  ? security_mmap_addr+0x79/0xa0
[ 1898.507951]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 1898.507969]  ? get_unmapped_area+0x2f0/0x3d0
[ 1898.507990]  do_mmap+0x824/0xf40
[ 1898.508008]  vm_mmap_pgoff+0x1b5/0x280
[ 1898.508031]  ? randomize_stack_top+0x100/0x100
[ 1898.508050]  ? __fget_files+0x287/0x470
[ 1898.508077]  ksys_mmap_pgoff+0x3cc/0x4f0
[ 1898.508092]  do_syscall_64+0x3b/0x90
[ 1898.508105]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1898.508121] RIP: 0033:0x7f4ea96a2b62
[ 1898.508129] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64
[ 1898.508141] RSP: 002b:00007f4ea6c180f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009
[ 1898.508152] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f4ea96a2b62
[ 1898.508160] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffe000
[ 1898.508168] RBP: 0000000020ffe000 R08: 0000000000000005 R09: 0000000000000000
[ 1898.508175] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000240
[ 1898.508182] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1898.508203]  </TASK>
[ 1898.520976] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1898.521096] I/O error, dev sr0, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1898.583404] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 1898.583429] I/O error, dev sr0, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1898.625632] FAULT_INJECTION: forcing a failure.
[ 1898.625632] name failslab, interval 1, probability 0, space 0, times 0
[ 1898.625653] CPU: 0 PID: 7618 Comm: syz-executor.1 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1898.625666] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1898.625675] Call Trace:
[ 1898.625678]  <TASK>
[ 1898.625683]  dump_stack_lvl+0x8b/0xb3
[ 1898.625703]  should_fail.cold+0x5/0xa
[ 1898.625716]  ? create_object.isra.0+0x3a/0xa20
[ 1898.625736]  should_failslab+0x5/0x10
[ 1898.625752]  kmem_cache_alloc+0x5b/0x480
[ 1898.625768]  create_object.isra.0+0x3a/0xa20
[ 1898.625786]  ? kasan_unpoison+0x23/0x50
[ 1898.625809]  kmem_cache_alloc+0x239/0x480
[ 1898.625823]  security_inode_alloc+0x34/0x160
[ 1898.625842]  inode_init_always+0x5d8/0xd20
[ 1898.625861]  alloc_inode+0x84/0x240
[ 1898.625878]  new_inode_pseudo+0x14/0xe0
[ 1898.625896]  alloc_anon_inode+0x22/0x3c0
[ 1898.625908]  ? _raw_spin_unlock+0x24/0x40
[ 1898.625924]  anon_inode_make_secure_inode+0xaa/0x180
[ 1898.625942]  ? __x64_sys_epoll_ctl+0x1c0/0x1c0
[ 1898.625956]  ? security_socket_post_create+0x9e/0xd0
[ 1898.625977]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 1898.626000]  anon_inode_getfile_secure+0x73/0x1e0
[ 1898.626019]  io_uring_setup.cold+0x1ed0/0x271c
[ 1898.626041]  ? io_sqe_files_register+0x230/0x230
[ 1898.626069]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1898.626092]  do_syscall_64+0x3b/0x90
[ 1898.626106]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1898.626122] RIP: 0033:0x7f2c579bdb19
[ 1898.626131] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1898.626142] RSP: 002b:00007f2c54f33108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1898.626154] RAX: ffffffffffffffda RBX: 00007f2c57ad0f60 RCX: 00007f2c579bdb19
[ 1898.626163] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1898.626170] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1898.626177] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1898.626184] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1898.626204]  </TASK>
[ 1898.668112] FAULT_INJECTION: forcing a failure.
[ 1898.668112] name failslab, interval 1, probability 0, space 0, times 0
[ 1898.668132] CPU: 0 PID: 7624 Comm: syz-executor.6 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1898.668145] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1898.668153] Call Trace:
[ 1898.668157]  <TASK>
[ 1898.668162]  dump_stack_lvl+0x8b/0xb3
[ 1898.668182]  should_fail.cold+0x5/0xa
[ 1898.668195]  ? create_object.isra.0+0x3a/0xa20
[ 1898.668214]  should_failslab+0x5/0x10
[ 1898.668231]  kmem_cache_alloc+0x5b/0x480
[ 1898.668248]  create_object.isra.0+0x3a/0xa20
[ 1898.668263]  ? kasan_unpoison+0x23/0x50
[ 1898.668285]  kmem_cache_alloc_bulk+0x3fa/0x780
[ 1898.668303]  mas_alloc_nodes+0x2a6/0x6a0
[ 1898.668327]  mas_preallocate+0xff/0x270
[ 1898.668346]  __vma_adjust+0x1f6/0x18a0
[ 1898.668372]  ? vma_expand+0xda0/0xda0
[ 1898.668390]  ? anon_vma_clone+0x3ae/0x560
[ 1898.668409]  ? mark_lock.part.0+0xef/0x2f60
[ 1898.668431]  __split_vma+0x2a1/0x540
[ 1898.668446]  do_mas_align_munmap.constprop.0+0x263/0xfa0
[ 1898.668467]  ? __split_vma+0x540/0x540
[ 1898.668485]  ? mas_walk+0x48a/0x670
[ 1898.668503]  ? mas_find+0x203/0xdd0
[ 1898.668522]  ? inode_has_perm+0x171/0x1d0
[ 1898.668537]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 1898.668556]  do_mas_munmap+0x1ed/0x2c0
[ 1898.668571]  mmap_region+0x21c/0x1a70
[ 1898.668589]  ? lock_release+0x750/0x750
[ 1898.668605]  ? do_munmap+0x100/0x100
[ 1898.668621]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 1898.668647]  ? security_mmap_addr+0x79/0xa0
[ 1898.668664]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 1898.668682]  ? get_unmapped_area+0x2f0/0x3d0
[ 1898.668704]  do_mmap+0x824/0xf40
[ 1898.668722]  vm_mmap_pgoff+0x1b5/0x280
[ 1898.668745]  ? randomize_stack_top+0x100/0x100
[ 1898.668764]  ? __fget_files+0x287/0x470
[ 1898.668791]  ksys_mmap_pgoff+0x3cc/0x4f0
[ 1898.668806]  do_syscall_64+0x3b/0x90
[ 1898.668824]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1898.668841] RIP: 0033:0x7f011e7ddb62
[ 1898.668850] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64
[ 1898.668862] RSP: 002b:00007f011bd530f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009
[ 1898.668874] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f011e7ddb62
[ 1898.668882] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffe000
[ 1898.668889] RBP: 0000000020ffe000 R08: 0000000000000005 R09: 0000000000000000
[ 1898.668896] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000240
[ 1898.668903] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1898.668924]  </TASK>
[ 1898.766468] FAULT_INJECTION: forcing a failure.
[ 1898.766468] name failslab, interval 1, probability 0, space 0, times 0
[ 1898.766508] CPU: 0 PID: 7634 Comm: syz-executor.2 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1898.766522] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1898.766530] Call Trace:
[ 1898.766533]  <TASK>
[ 1898.766539]  dump_stack_lvl+0x8b/0xb3
[ 1898.766561]  should_fail.cold+0x5/0xa
[ 1898.766576]  should_failslab+0x5/0x10
[ 1898.766596]  kmem_cache_alloc_bulk+0x47/0x780
[ 1898.766609]  ? rcu_read_lock_sched_held+0x3a/0x70
[ 1898.766626]  ? kmem_cache_alloc+0x332/0x480
[ 1898.766642]  mas_alloc_nodes+0x2a6/0x6a0
[ 1898.766666]  mas_preallocate+0xff/0x270
[ 1898.766686]  __vma_adjust+0x1f6/0x18a0
[ 1898.766712]  ? vma_expand+0xda0/0xda0
[ 1898.766727]  ? anon_vma_clone+0x3ae/0x560
[ 1898.766744]  ? mark_lock.part.0+0xef/0x2f60
[ 1898.766765]  __split_vma+0x2a1/0x540
[ 1898.766783]  do_mas_align_munmap.constprop.0+0x263/0xfa0
[ 1898.766805]  ? __split_vma+0x540/0x540
[ 1898.766826]  ? mas_walk+0x48a/0x670
[ 1898.766844]  ? mas_find+0x203/0xdd0
[ 1898.766864]  ? inode_has_perm+0x171/0x1d0
[ 1898.766879]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 1898.766898]  do_mas_munmap+0x1ed/0x2c0
[ 1898.766913]  mmap_region+0x21c/0x1a70
[ 1898.766932]  ? lock_release+0x750/0x750
[ 1898.766947]  ? do_munmap+0x100/0x100
[ 1898.766964]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 1898.766983]  ? security_mmap_addr+0x79/0xa0
[ 1898.767000]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 1898.767018]  ? get_unmapped_area+0x2f0/0x3d0
[ 1898.767041]  do_mmap+0x824/0xf40
[ 1898.767059]  vm_mmap_pgoff+0x1b5/0x280
[ 1898.767083]  ? randomize_stack_top+0x100/0x100
[ 1898.767102]  ? __fget_files+0x287/0x470
[ 1898.767129]  ksys_mmap_pgoff+0x3cc/0x4f0
[ 1898.767144]  do_syscall_64+0x3b/0x90
[ 1898.767159]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1898.767176] RIP: 0033:0x7f4ea96a2b62
[ 1898.767186] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64
[ 1898.767198] RSP: 002b:00007f4ea6c180f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009
[ 1898.767210] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f4ea96a2b62
[ 1898.767217] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffe000
[ 1898.767224] RBP: 0000000020ffe000 R08: 0000000000000005 R09: 0000000000000000
[ 1898.767231] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000240
[ 1898.767239] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1898.767260]  </TASK>
[ 1898.781449] FAULT_INJECTION: forcing a failure.
[ 1898.781449] name failslab, interval 1, probability 0, space 0, times 0
[ 1898.781469] CPU: 0 PID: 7637 Comm: syz-executor.1 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1898.781483] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1898.781492] Call Trace:
[ 1898.781495]  <TASK>
[ 1898.781500]  dump_stack_lvl+0x8b/0xb3
[ 1898.781523]  should_fail.cold+0x5/0xa
[ 1898.781538]  should_failslab+0x5/0x10
[ 1898.781555]  kmem_cache_alloc_lru+0x60/0x7c0
[ 1898.781567]  ? __d_alloc+0x31/0x990
[ 1898.781585]  __d_alloc+0x31/0x990
[ 1898.781602]  d_alloc_pseudo+0x19/0x70
[ 1898.781617]  alloc_file_pseudo+0xce/0x250
[ 1898.781634]  ? alloc_file+0x580/0x580
[ 1898.781650]  ? __x64_sys_epoll_ctl+0x1c0/0x1c0
[ 1898.781666]  ? security_socket_post_create+0x9e/0xd0
[ 1898.781692]  anon_inode_getfile_secure+0xb5/0x1e0
[ 1898.781711]  io_uring_setup.cold+0x1ed0/0x271c
[ 1898.781733]  ? io_sqe_files_register+0x230/0x230
[ 1898.781762]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1898.781788]  do_syscall_64+0x3b/0x90
[ 1898.781801]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1898.781818] RIP: 0033:0x7f2c579bdb19
[ 1898.781827] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1898.781839] RSP: 002b:00007f2c54f33108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1898.781851] RAX: ffffffffffffffda RBX: 00007f2c57ad0f60 RCX: 00007f2c579bdb19
[ 1898.781858] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1898.781866] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1898.781873] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1898.781880] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1898.781900]  </TASK>
[ 1898.918976] FAULT_INJECTION: forcing a failure.
[ 1898.918976] name failslab, interval 1, probability 0, space 0, times 0
[ 1898.918998] CPU: 0 PID: 7651 Comm: syz-executor.1 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1898.919011] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1898.919020] Call Trace:
[ 1898.919024]  <TASK>
[ 1898.919029]  dump_stack_lvl+0x8b/0xb3
[ 1898.919049]  should_fail.cold+0x5/0xa
[ 1898.919062]  ? create_object.isra.0+0x3a/0xa20
[ 1898.919084]  should_failslab+0x5/0x10
[ 1898.919101]  kmem_cache_alloc+0x5b/0x480
[ 1898.919118]  create_object.isra.0+0x3a/0xa20
[ 1898.919133]  ? kasan_unpoison+0x23/0x50
[ 1898.919151]  kmem_cache_alloc_lru+0x2d3/0x7c0
[ 1898.919162]  ? __d_alloc+0x31/0x990
[ 1898.919180]  __d_alloc+0x31/0x990
[ 1898.919196]  d_alloc_pseudo+0x19/0x70
[ 1898.919211]  alloc_file_pseudo+0xce/0x250
[ 1898.919228]  ? alloc_file+0x580/0x580
[ 1898.919244]  ? __x64_sys_epoll_ctl+0x1c0/0x1c0
[ 1898.919259]  ? security_socket_post_create+0x9e/0xd0
[ 1898.919286]  anon_inode_getfile_secure+0xb5/0x1e0
[ 1898.919304]  io_uring_setup.cold+0x1ed0/0x271c
[ 1898.919326]  ? io_sqe_files_register+0x230/0x230
[ 1898.919355]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1898.919378]  do_syscall_64+0x3b/0x90
[ 1898.919395]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1898.919411] RIP: 0033:0x7f2c579bdb19
[ 1898.919420] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1898.919432] RSP: 002b:00007f2c54f33108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1898.919444] RAX: ffffffffffffffda RBX: 00007f2c57ad0f60 RCX: 00007f2c579bdb19
[ 1898.919452] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1898.919459] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1898.919466] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1898.919473] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1898.919493]  </TASK>
[ 1898.933934] FAULT_INJECTION: forcing a failure.
[ 1898.933934] name failslab, interval 1, probability 0, space 0, times 0
[ 1898.933952] CPU: 0 PID: 7653 Comm: syz-executor.2 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1898.933965] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1898.933972] Call Trace:
[ 1898.933975]  <TASK>
[ 1898.933979]  dump_stack_lvl+0x8b/0xb3
[ 1898.933996]  should_fail.cold+0x5/0xa
[ 1898.934008]  ? create_object.isra.0+0x3a/0xa20
[ 1898.934027]  should_failslab+0x5/0x10
[ 1898.934042]  kmem_cache_alloc+0x5b/0x480
[ 1898.934058]  create_object.isra.0+0x3a/0xa20
[ 1898.934074]  ? kasan_unpoison+0x23/0x50
[ 1898.934092]  kmem_cache_alloc_bulk+0x3fa/0x780
[ 1898.934110]  mas_alloc_nodes+0x2a6/0x6a0
[ 1898.934133]  mas_preallocate+0xff/0x270
[ 1898.934154]  __vma_adjust+0x1f6/0x18a0
[ 1898.934180]  ? vma_expand+0xda0/0xda0
[ 1898.934195]  ? anon_vma_clone+0x3ae/0x560
[ 1898.934212]  ? mark_lock.part.0+0xef/0x2f60
[ 1898.934233]  __split_vma+0x2a1/0x540
[ 1898.934248]  do_mas_align_munmap.constprop.0+0x263/0xfa0
[ 1898.934269]  ? __split_vma+0x540/0x540
[ 1898.934287]  ? mas_walk+0x48a/0x670
[ 1898.934306]  ? mas_find+0x203/0xdd0
[ 1898.934325]  ? inode_has_perm+0x171/0x1d0
[ 1898.934339]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 1898.934359]  do_mas_munmap+0x1ed/0x2c0
[ 1898.934374]  mmap_region+0x21c/0x1a70
[ 1898.934392]  ? lock_release+0x750/0x750
[ 1898.934408]  ? do_munmap+0x100/0x100
[ 1898.934423]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 1898.934443]  ? security_mmap_addr+0x79/0xa0
[ 1898.934459]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 1898.934477]  ? get_unmapped_area+0x2f0/0x3d0
[ 1898.934499]  do_mmap+0x824/0xf40
[ 1898.934517]  vm_mmap_pgoff+0x1b5/0x280
[ 1898.934541]  ? randomize_stack_top+0x100/0x100
[ 1898.934560]  ? __fget_files+0x287/0x470
[ 1898.934586]  ksys_mmap_pgoff+0x3cc/0x4f0
[ 1898.934602]  do_syscall_64+0x3b/0x90
[ 1898.934615]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1898.934631] RIP: 0033:0x7f4ea96a2b62
[ 1898.934639] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64
[ 1898.934651] RSP: 002b:00007f4ea6c180f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009
[ 1898.934662] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f4ea96a2b62
[ 1898.934670] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffe000
[ 1898.934677] RBP: 0000000020ffe000 R08: 0000000000000005 R09: 0000000000000000
[ 1898.934685] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000240
[ 1898.934692] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1898.934713]  </TASK>
[ 1898.963573] FAULT_INJECTION: forcing a failure.
[ 1898.963573] name failslab, interval 1, probability 0, space 0, times 0
[ 1898.963607] CPU: 1 PID: 7650 Comm: syz-executor.6 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1898.963631] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1898.963645] Call Trace:
[ 1898.963651]  <TASK>
[ 1898.963659]  dump_stack_lvl+0x8b/0xb3
[ 1898.963692]  should_fail.cold+0x5/0xa
[ 1898.963716]  ? create_object.isra.0+0x3a/0xa20
[ 1898.963752]  should_failslab+0x5/0x10
[ 1898.963788]  kmem_cache_alloc+0x5b/0x480
[ 1898.963818]  create_object.isra.0+0x3a/0xa20
[ 1898.963847]  ? kasan_unpoison+0x23/0x50
[ 1898.963881]  kmem_cache_alloc+0x239/0x480
[ 1898.963910]  vm_area_dup+0x7f/0x220
[ 1898.963948]  ? uprobe_apply+0x150/0x150
[ 1898.963979]  ? up_write+0x148/0x460
[ 1898.964010]  ? __vma_adjust+0x1091/0x18a0
[ 1898.964041]  ? lock_is_held_type+0xd7/0x130
[ 1898.964073]  ? vm_area_alloc+0xf0/0xf0
[ 1898.964103]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 1898.964138]  ? mas_next_nentry+0x5c4/0x9e0
[ 1898.964189]  ? mas_find+0x203/0xdd0
[ 1898.964228]  __split_vma+0xa2/0x540
[ 1898.964248]  ? mas_walk+0x48a/0x670
[ 1898.964282]  do_mas_align_munmap.constprop.0+0x4ef/0xfa0
[ 1898.964321]  ? __split_vma+0x540/0x540
[ 1898.964355]  ? mas_walk+0x48a/0x670
[ 1898.964389]  ? mas_find+0x203/0xdd0
[ 1898.964425]  ? inode_has_perm+0x171/0x1d0
[ 1898.964451]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 1898.964488]  do_mas_munmap+0x1ed/0x2c0
[ 1898.964515]  mmap_region+0x21c/0x1a70
[ 1898.964550]  ? lock_release+0x750/0x750
[ 1898.964578]  ? do_munmap+0x100/0x100
[ 1898.964608]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 1898.964652]  ? security_mmap_addr+0x79/0xa0
[ 1898.964683]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 1898.964716]  ? get_unmapped_area+0x2f0/0x3d0
[ 1898.964756]  do_mmap+0x824/0xf40
[ 1898.964789]  vm_mmap_pgoff+0x1b5/0x280
[ 1898.964832]  ? randomize_stack_top+0x100/0x100
[ 1898.964867]  ? __fget_files+0x287/0x470
[ 1898.964916]  ksys_mmap_pgoff+0x3cc/0x4f0
[ 1898.964944]  do_syscall_64+0x3b/0x90
[ 1898.964969]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1898.964998] RIP: 0033:0x7f011e7ddb62
[ 1898.965015] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64
[ 1898.965036] RSP: 002b:00007f011bd530f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009
[ 1898.965057] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f011e7ddb62
[ 1898.965072] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffe000
[ 1898.965085] RBP: 0000000020ffe000 R08: 0000000000000005 R09: 0000000000000000
[ 1898.965097] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000240
[ 1898.965111] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1898.965150]  </TASK>
[ 1912.149215] kmemleak: 4 new suspected memory leaks (see /sys/kernel/debug/kmemleak)
19:42:15 executing program 0:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0xd, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240))

19:42:15 executing program 5:
openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/fscaps', 0x200000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x4042, 0x0)
fcntl$dupfd(r0, 0x0, r1)
r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000080), 0x60340, 0x0)
ioctl$CDROMRESET(r2, 0x5312)

19:42:15 executing program 6:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 60)

19:42:15 executing program 4:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)=<r2=>0x0)
r3 = creat(&(0x7f0000000380)='./file1\x00', 0x0)
r4 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140))
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
r6 = syz_io_uring_setup(0x76e7, &(0x7f0000000340), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, 0x0, &(0x7f00000003c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0xa, 0x0, r5)
syz_io_uring_submit(0x0, r2, &(0x7f00000003c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x4, 0x0, @fd=r3, 0xfffffffffffffff9, 0x0, 0xf690, 0x0, 0x0, {0x0, r5}}, 0x1000)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
fchmodat(r7, &(0x7f0000000180)='./file0\x00', 0x4)
r8 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r9 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r9, r8, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r7, 0x5206, &(0x7f0000000480))

19:42:15 executing program 7:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0x401c5820)

19:42:15 executing program 3:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)=<r2=>0x0)
creat(&(0x7f0000000380)='./file1\x00', 0x0)
r3 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140))
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r3, 0x9, 0x0, 0x0)
r5 = syz_io_uring_setup(0x76e7, &(0x7f0000000340), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000280), &(0x7f00000003c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r5, 0xa, 0x0, r4)
syz_io_uring_submit(0x0, r2, &(0x7f00000003c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x4, 0x0, @fd, 0xfffffffffffffff9, 0x0, 0xf690, 0x0, 0x0, {0x0, r4}}, 0x1000)
r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
fchmodat(r6, &(0x7f0000000180)='./file0\x00', 0x4)
r7 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r8 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r8, r7, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r6, 0x5206, &(0x7f0000000480))

19:42:15 executing program 1:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 37)

19:42:15 executing program 2:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 59)

[ 1919.121254] FAULT_INJECTION: forcing a failure.
[ 1919.121254] name failslab, interval 1, probability 0, space 0, times 0
[ 1919.121276] CPU: 1 PID: 7671 Comm: syz-executor.2 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1919.121289] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1919.121300] Call Trace:
[ 1919.121303]  <TASK>
[ 1919.121308]  dump_stack_lvl+0x8b/0xb3
[ 1919.121328]  should_fail.cold+0x5/0xa
[ 1919.121340]  ? create_object.isra.0+0x3a/0xa20
[ 1919.121360]  should_failslab+0x5/0x10
[ 1919.121377]  kmem_cache_alloc+0x5b/0x480
[ 1919.121393]  create_object.isra.0+0x3a/0xa20
[ 1919.121408]  ? kasan_unpoison+0x23/0x50
[ 1919.121427]  kmem_cache_alloc+0x239/0x480
[ 1919.121443]  vm_area_dup+0x7f/0x220
[ 1919.121464]  ? uprobe_apply+0x150/0x150
[ 1919.121481]  ? up_write+0x148/0x460
[ 1919.121499]  ? __vma_adjust+0x1091/0x18a0
[ 1919.121515]  ? lock_is_held_type+0xd7/0x130
[ 1919.121534]  ? vm_area_alloc+0xf0/0xf0
[ 1919.121550]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 1919.121569]  ? mas_next_nentry+0x5c4/0x9e0
[ 1919.121598]  ? mas_find+0x203/0xdd0
[ 1919.121619]  __split_vma+0xa2/0x540
[ 1919.121629]  ? mas_walk+0x48a/0x670
[ 1919.121647]  do_mas_align_munmap.constprop.0+0x4ef/0xfa0
[ 1919.121668]  ? __split_vma+0x540/0x540
[ 1919.121686]  ? mas_walk+0x48a/0x670
[ 1919.121705]  ? mas_find+0x203/0xdd0
[ 1919.121724]  ? inode_has_perm+0x171/0x1d0
[ 1919.121739]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 1919.121759]  do_mas_munmap+0x1ed/0x2c0
[ 1919.121774]  mmap_region+0x21c/0x1a70
19:42:15 executing program 3:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)=<r2=>0x0)
r3 = creat(&(0x7f0000000380)='./file1\x00', 0x0)
r4 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140))
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
r6 = syz_io_uring_setup(0x76e7, &(0x7f0000000340), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000280), &(0x7f00000003c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0xa, 0x0, r5)
syz_io_uring_submit(0x0, r2, &(0x7f00000003c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x4, 0x0, @fd=r3, 0x0, 0x0, 0xf690, 0x0, 0x0, {0x0, r5}}, 0x1000)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
fchmodat(r7, &(0x7f0000000180)='./file0\x00', 0x4)
r8 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r9 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r9, r8, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r7, 0x5206, &(0x7f0000000480))

[ 1919.121792]  ? lock_release+0x750/0x750
[ 1919.121808]  ? do_munmap+0x100/0x100
[ 1919.121824]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 1919.121842]  ? security_mmap_addr+0x79/0xa0
[ 1919.121859]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 1919.121877]  ? get_unmapped_area+0x2f0/0x3d0
[ 1919.121898]  do_mmap+0x824/0xf40
[ 1919.121916]  vm_mmap_pgoff+0x1b5/0x280
[ 1919.121940]  ? randomize_stack_top+0x100/0x100
[ 1919.121959]  ? __fget_files+0x287/0x470
[ 1919.121985]  ksys_mmap_pgoff+0x3cc/0x4f0
[ 1919.122001]  do_syscall_64+0x3b/0x90
[ 1919.122014]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1919.122030] RIP: 0033:0x7f4ea96a2b62
[ 1919.122040] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64
19:42:15 executing program 7:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0x4020940d)

[ 1919.122051] RSP: 002b:00007f4ea6c180f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009
[ 1919.122063] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f4ea96a2b62
[ 1919.122070] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffe000
[ 1919.122077] RBP: 0000000020ffe000 R08: 0000000000000005 R09: 0000000000000000
[ 1919.122084] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000240
[ 1919.122091] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1919.122112]  </TASK>
[ 1919.162151] FAULT_INJECTION: forcing a failure.
[ 1919.162151] name failslab, interval 1, probability 0, space 0, times 0
[ 1919.162170] CPU: 1 PID: 7668 Comm: syz-executor.1 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1919.162183] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1919.162191] Call Trace:
[ 1919.162194]  <TASK>
[ 1919.162198]  dump_stack_lvl+0x8b/0xb3
[ 1919.162215]  should_fail.cold+0x5/0xa
[ 1919.162228]  ? __alloc_file+0x21/0x230
[ 1919.162245]  should_failslab+0x5/0x10
[ 1919.162262]  kmem_cache_alloc+0x5b/0x480
[ 1919.162278]  __alloc_file+0x21/0x230
[ 1919.162294]  alloc_empty_file+0x6d/0x170
[ 1919.162311]  alloc_file+0x59/0x580
[ 1919.162329]  alloc_file_pseudo+0x16a/0x250
[ 1919.162345]  ? alloc_file+0x580/0x580
[ 1919.162369]  anon_inode_getfile_secure+0xb5/0x1e0
[ 1919.162390]  io_uring_setup.cold+0x1ed0/0x271c
[ 1919.162412]  ? io_sqe_files_register+0x230/0x230
[ 1919.162443]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1919.162465]  do_syscall_64+0x3b/0x90
[ 1919.162478]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1919.162493] RIP: 0033:0x7f2c579bdb19
[ 1919.162503] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1919.162514] RSP: 002b:00007f2c54f33108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1919.162525] RAX: ffffffffffffffda RBX: 00007f2c57ad0f60 RCX: 00007f2c579bdb19
[ 1919.162533] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1919.162540] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1919.162547] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1919.162554] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1919.162574]  </TASK>
[ 1919.206535] FAULT_INJECTION: forcing a failure.
[ 1919.206535] name failslab, interval 1, probability 0, space 0, times 0
[ 1919.206572] CPU: 0 PID: 7679 Comm: syz-executor.6 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1919.206596] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1919.206610] Call Trace:
[ 1919.206616]  <TASK>
[ 1919.206624]  dump_stack_lvl+0x8b/0xb3
[ 1919.206658]  should_fail.cold+0x5/0xa
[ 1919.206688]  ? vm_area_dup+0x7f/0x220
[ 1919.206722]  should_failslab+0x5/0x10
[ 1919.206751]  kmem_cache_alloc+0x5b/0x480
[ 1919.206770]  ? __vma_adjust+0xbe0/0x18a0
[ 1919.206798]  vm_area_dup+0x7f/0x220
[ 1919.206834]  ? uprobe_apply+0x150/0x150
[ 1919.206865]  ? up_write+0x148/0x460
[ 1919.206896]  ? __vma_adjust+0x1091/0x18a0
[ 1919.206926]  ? lock_is_held_type+0xd7/0x130
[ 1919.206958]  ? vm_area_alloc+0xf0/0xf0
[ 1919.206989]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 1919.207023]  ? mas_next_nentry+0x5c4/0x9e0
[ 1919.207074]  ? mas_find+0x203/0xdd0
[ 1919.207114]  __split_vma+0xa2/0x540
[ 1919.207133]  ? mas_walk+0x48a/0x670
[ 1919.207168]  do_mas_align_munmap.constprop.0+0x4ef/0xfa0
[ 1919.207207]  ? __split_vma+0x540/0x540
[ 1919.207241]  ? mas_walk+0x48a/0x670
[ 1919.207275]  ? mas_find+0x203/0xdd0
[ 1919.207311]  ? inode_has_perm+0x171/0x1d0
[ 1919.207337]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 1919.207374]  do_mas_munmap+0x1ed/0x2c0
[ 1919.207401]  mmap_region+0x21c/0x1a70
[ 1919.207435]  ? lock_release+0x750/0x750
[ 1919.207464]  ? do_munmap+0x100/0x100
[ 1919.207493]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 1919.207526]  ? security_mmap_addr+0x79/0xa0
[ 1919.207556]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 1919.207589]  ? get_unmapped_area+0x2f0/0x3d0
[ 1919.207630]  do_mmap+0x824/0xf40
[ 1919.207663]  vm_mmap_pgoff+0x1b5/0x280
[ 1919.207705]  ? randomize_stack_top+0x100/0x100
[ 1919.207740]  ? __fget_files+0x287/0x470
[ 1919.207790]  ksys_mmap_pgoff+0x3cc/0x4f0
[ 1919.207818]  do_syscall_64+0x3b/0x90
[ 1919.207843]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1919.207872] RIP: 0033:0x7f011e7ddb62
[ 1919.207889] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64
[ 1919.207910] RSP: 002b:00007f011bd530f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009
[ 1919.207931] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f011e7ddb62
[ 1919.207945] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffe000
[ 1919.207958] RBP: 0000000020ffe000 R08: 0000000000000005 R09: 0000000000000000
[ 1919.207971] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000240
[ 1919.207984] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1919.208024]  </TASK>
[ 1932.060869] kmemleak: 4 new suspected memory leaks (see /sys/kernel/debug/kmemleak)
19:42:43 executing program 1:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 38)

19:42:43 executing program 0:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0xe, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240))

19:42:43 executing program 4:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)=<r2=>0x0)
creat(&(0x7f0000000380)='./file1\x00', 0x0)
r3 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140))
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r3, 0x9, 0x0, 0x0)
r5 = syz_io_uring_setup(0x76e7, &(0x7f0000000340), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000280), &(0x7f00000003c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r5, 0xa, 0x0, r4)
syz_io_uring_submit(0x0, r2, &(0x7f00000003c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x4, 0x0, @fd, 0xfffffffffffffff9, 0x0, 0xf690, 0x0, 0x0, {0x0, r4}}, 0x1000)
r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
fchmodat(r6, &(0x7f0000000180)='./file0\x00', 0x4)
r7 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r8 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r8, r7, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r6, 0x5206, &(0x7f0000000480))

19:42:43 executing program 5:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x262b00, 0x0)
ioctl$CDROMRESET(r0, 0x5312)
ioctl$BTRFS_IOC_DEFRAG(r0, 0x50009402, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x149802, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'rose0\x00'})
pwritev2(r1, &(0x7f0000000600)=[{&(0x7f00000000c0)="7d6d540c10037b9b35480d310900", 0xe}, {0x0}], 0x2, 0x0, 0x0, 0x0)
readahead(r0, 0x2, 0x2)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f0000000040)={{0x1, 0x1, 0x18, r1, {0xea1}}, './file0\x00'})

19:42:43 executing program 2:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 60)

19:42:43 executing program 7:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0x80041284)

19:42:43 executing program 3:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)=<r2=>0x0)
r3 = creat(&(0x7f0000000380)='./file1\x00', 0x0)
r4 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140))
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
r6 = syz_io_uring_setup(0x76e7, &(0x7f0000000340), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000280), &(0x7f00000003c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0xa, 0x0, r5)
syz_io_uring_submit(0x0, r2, &(0x7f00000003c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x4, 0x0, @fd=r3, 0x0, 0x0, 0xf690, 0x0, 0x0, {0x0, r5}}, 0x1000)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
fchmodat(r7, &(0x7f0000000180)='./file0\x00', 0x4)
r8 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r9 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r9, r8, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r7, 0x5206, &(0x7f0000000480))

19:42:43 executing program 6:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 61)

[ 1946.974715] FAULT_INJECTION: forcing a failure.
[ 1946.974715] name failslab, interval 1, probability 0, space 0, times 0
[ 1946.974751] CPU: 0 PID: 7702 Comm: syz-executor.2 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1946.974781] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1946.974796] Call Trace:
[ 1946.974802]  <TASK>
[ 1946.974814]  dump_stack_lvl+0x8b/0xb3
[ 1946.974847]  should_fail.cold+0x5/0xa
[ 1946.974869]  ? create_object.isra.0+0x3a/0xa20
[ 1946.974904]  should_failslab+0x5/0x10
[ 1946.974933]  kmem_cache_alloc+0x5b/0x480
[ 1946.974952]  ? mark_held_locks+0x9e/0xe0
[ 1946.974988]  create_object.isra.0+0x3a/0xa20
[ 1946.975016]  ? kasan_unpoison+0x23/0x50
[ 1946.975049]  kmem_cache_alloc_bulk+0x3fa/0x780
[ 1946.975070]  ? kmem_cache_alloc+0x332/0x480
[ 1946.975099]  mas_alloc_nodes+0x2a6/0x6a0
[ 1946.975140]  mas_preallocate+0xff/0x270
[ 1946.975177]  __vma_adjust+0x1f6/0x18a0
[ 1946.975224]  ? vma_expand+0xda0/0xda0
[ 1946.975253]  ? anon_vma_clone+0x3ae/0x560
[ 1946.975282]  ? mark_lock.part.0+0xef/0x2f60
[ 1946.975318]  __split_vma+0x2a1/0x540
[ 1946.975346]  do_mas_align_munmap.constprop.0+0x263/0xfa0
[ 1946.975386]  ? __split_vma+0x540/0x540
[ 1946.975418]  ? mas_walk+0x48a/0x670
[ 1946.975453]  ? mas_find+0x203/0xdd0
[ 1946.975488]  ? inode_has_perm+0x171/0x1d0
[ 1946.975514]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 1946.975550]  do_mas_munmap+0x1ed/0x2c0
[ 1946.975578]  mmap_region+0x21c/0x1a70
19:42:43 executing program 5:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0)
ioctl$CDROMRESET(r0, 0x5312)
r1 = openat$sr(0xffffffffffffff9c, &(0x7f0000000040), 0x8080, 0x0)
ioctl$FS_IOC_GETFLAGS(r1, 0x80086601, &(0x7f0000000080))
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$BTRFS_IOC_QUOTA_RESCAN_STATUS(r2, 0x8040942d, &(0x7f00000000c0))

[ 1946.975611]  ? lock_release+0x750/0x750
[ 1946.975640]  ? do_munmap+0x100/0x100
[ 1946.975670]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
19:42:43 executing program 7:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0x80041285)

[ 1946.975704]  ? security_mmap_addr+0x79/0xa0
[ 1946.975734]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 1946.975767]  ? get_unmapped_area+0x2f0/0x3d0
[ 1946.975808]  do_mmap+0x824/0xf40
[ 1946.975841]  vm_mmap_pgoff+0x1b5/0x280
[ 1946.975884]  ? randomize_stack_top+0x100/0x100
[ 1946.975919]  ? __fget_files+0x287/0x470
[ 1946.975968]  ksys_mmap_pgoff+0x3cc/0x4f0
[ 1946.975996]  do_syscall_64+0x3b/0x90
[ 1946.976022]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1946.976052] RIP: 0033:0x7f4ea96a2b62
[ 1946.976068] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64
19:42:43 executing program 3:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)=<r2=>0x0)
r3 = creat(&(0x7f0000000380)='./file1\x00', 0x0)
r4 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140))
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
r6 = syz_io_uring_setup(0x76e7, &(0x7f0000000340), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000280), &(0x7f00000003c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0xa, 0x0, r5)
syz_io_uring_submit(0x0, r2, &(0x7f00000003c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x4, 0x0, @fd=r3, 0x0, 0x0, 0xf690, 0x0, 0x0, {0x0, r5}}, 0x1000)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
fchmodat(r7, &(0x7f0000000180)='./file0\x00', 0x4)
r8 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r9 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r9, r8, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r7, 0x5206, &(0x7f0000000480))

[ 1946.976089] RSP: 002b:00007f4ea6c180f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009
[ 1946.976111] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f4ea96a2b62
[ 1946.976125] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffe000
[ 1946.976138] RBP: 0000000020ffe000 R08: 0000000000000005 R09: 0000000000000000
19:42:43 executing program 0:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0xf, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240))

19:42:43 executing program 2:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 61)

[ 1946.976151] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000240
19:42:43 executing program 4:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)=<r2=>0x0)
r3 = creat(&(0x7f0000000380)='./file1\x00', 0x0)
r4 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140))
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
r6 = syz_io_uring_setup(0x76e7, &(0x7f0000000340), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, 0x0, &(0x7f00000003c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0xa, 0x0, r5)
syz_io_uring_submit(0x0, r2, &(0x7f00000003c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x4, 0x0, @fd=r3, 0xfffffffffffffff9, 0x0, 0xf690, 0x0, 0x0, {0x0, r5}}, 0x1000)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
fchmodat(r7, &(0x7f0000000180)='./file0\x00', 0x4)
r8 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r9 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r9, r8, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r7, 0x5206, &(0x7f0000000480))

19:42:43 executing program 1:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 39)

[ 1946.976163] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1946.976202]  </TASK>
[ 1946.981736] FAULT_INJECTION: forcing a failure.
[ 1946.981736] name failslab, interval 1, probability 0, space 0, times 0
[ 1946.981805] CPU: 1 PID: 7696 Comm: syz-executor.6 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1946.981831] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1946.981847] Call Trace:
[ 1946.981853]  <TASK>
19:42:43 executing program 6:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 62)

[ 1946.981861]  dump_stack_lvl+0x8b/0xb3
[ 1946.981897]  should_fail.cold+0x5/0xa
[ 1946.981920]  ? create_object.isra.0+0x3a/0xa20
[ 1946.981958]  should_failslab+0x5/0x10
[ 1946.981990]  kmem_cache_alloc+0x5b/0x480
[ 1946.982021]  create_object.isra.0+0x3a/0xa20
[ 1946.982051]  ? kasan_unpoison+0x23/0x50
[ 1946.982092]  kmem_cache_alloc+0x239/0x480
[ 1946.982120]  vm_area_dup+0x7f/0x220
[ 1946.982160]  ? uprobe_apply+0x150/0x150
[ 1946.982191]  ? up_write+0x148/0x460
[ 1946.982223]  ? __vma_adjust+0x1091/0x18a0
[ 1946.982255]  ? lock_is_held_type+0xd7/0x130
[ 1946.982288]  ? vm_area_alloc+0xf0/0xf0
[ 1946.982319]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 1946.982355]  ? mas_next_nentry+0x5c4/0x9e0
[ 1946.982406]  ? mas_find+0x203/0xdd0
[ 1946.982447]  __split_vma+0xa2/0x540
[ 1946.982466]  ? mas_walk+0x48a/0x670
[ 1946.982503]  do_mas_align_munmap.constprop.0+0x4ef/0xfa0
[ 1946.982545]  ? __split_vma+0x540/0x540
[ 1946.982578]  ? mas_walk+0x48a/0x670
[ 1946.982613]  ? mas_find+0x203/0xdd0
[ 1946.982649]  ? inode_has_perm+0x171/0x1d0
[ 1946.982676]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 1946.982713]  do_mas_munmap+0x1ed/0x2c0
[ 1946.982741]  mmap_region+0x21c/0x1a70
[ 1946.982775]  ? lock_release+0x750/0x750
[ 1946.982804]  ? do_munmap+0x100/0x100
[ 1946.982834]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 1946.982868]  ? security_mmap_addr+0x79/0xa0
[ 1946.982899]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 1946.982933]  ? get_unmapped_area+0x2f0/0x3d0
[ 1946.982973]  do_mmap+0x824/0xf40
[ 1946.983006]  vm_mmap_pgoff+0x1b5/0x280
[ 1946.983049]  ? randomize_stack_top+0x100/0x100
[ 1946.983085]  ? __fget_files+0x287/0x470
[ 1946.983134]  ksys_mmap_pgoff+0x3cc/0x4f0
[ 1946.983163]  do_syscall_64+0x3b/0x90
[ 1946.983188]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1946.983218] RIP: 0033:0x7f011e7ddb62
[ 1946.983234] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64
[ 1946.983255] RSP: 002b:00007f011bd530f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009
[ 1946.983277] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f011e7ddb62
[ 1946.983291] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffe000
[ 1946.983304] RBP: 0000000020ffe000 R08: 0000000000000005 R09: 0000000000000000
[ 1946.983318] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000240
[ 1946.983332] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1946.983371]  </TASK>
[ 1946.993144] FAULT_INJECTION: forcing a failure.
[ 1946.993144] name failslab, interval 1, probability 0, space 0, times 0
[ 1946.993173] CPU: 1 PID: 7708 Comm: syz-executor.1 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1946.993197] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1946.993211] Call Trace:
[ 1946.993217]  <TASK>
[ 1946.993224]  dump_stack_lvl+0x8b/0xb3
[ 1946.993251]  should_fail.cold+0x5/0xa
[ 1946.993274]  ? create_object.isra.0+0x3a/0xa20
[ 1946.993306]  should_failslab+0x5/0x10
[ 1946.993347]  kmem_cache_alloc+0x5b/0x480
[ 1946.993375]  create_object.isra.0+0x3a/0xa20
[ 1946.993403]  ? kasan_unpoison+0x23/0x50
[ 1946.993437]  kmem_cache_alloc+0x239/0x480
[ 1946.993465]  __alloc_file+0x21/0x230
[ 1946.993495]  alloc_empty_file+0x6d/0x170
19:42:43 executing program 3:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)=<r2=>0x0)
r3 = creat(&(0x7f0000000380)='./file1\x00', 0x0)
r4 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140))
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
r6 = syz_io_uring_setup(0x76e7, &(0x7f0000000340), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000280), &(0x7f00000003c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0xa, 0x0, r5)
syz_io_uring_submit(0x0, r2, &(0x7f00000003c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x4, 0x0, @fd=r3, 0xfffffffffffffff9, 0x0, 0x0, 0x0, 0x0, {0x0, r5}}, 0x1000)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
fchmodat(r7, &(0x7f0000000180)='./file0\x00', 0x4)
r8 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r9 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r9, r8, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r7, 0x5206, &(0x7f0000000480))

[ 1946.993527]  alloc_file+0x59/0x580
[ 1946.993559]  alloc_file_pseudo+0x16a/0x250
19:42:43 executing program 7:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0x80081270)

[ 1946.993589]  ? alloc_file+0x580/0x580
[ 1946.993640]  anon_inode_getfile_secure+0xb5/0x1e0
[ 1946.993677]  io_uring_setup.cold+0x1ed0/0x271c
[ 1946.993718]  ? io_sqe_files_register+0x230/0x230
[ 1946.993772]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1946.993813]  do_syscall_64+0x3b/0x90
[ 1946.993837]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1946.993865] RIP: 0033:0x7f2c579bdb19
[ 1946.993880] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
19:42:43 executing program 1:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 40)

19:42:43 executing program 6:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 63)

[ 1946.993900] RSP: 002b:00007f2c54f33108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1946.993920] RAX: ffffffffffffffda RBX: 00007f2c57ad0f60 RCX: 00007f2c579bdb19
[ 1946.993935] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1946.993948] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
19:42:43 executing program 0:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x10, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240))

[ 1946.993961] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1946.993975] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1946.994012]  </TASK>
[ 1947.323132] FAULT_INJECTION: forcing a failure.
[ 1947.323132] name failslab, interval 1, probability 0, space 0, times 0
[ 1947.323167] CPU: 0 PID: 7725 Comm: syz-executor.2 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1947.323191] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1947.323206] Call Trace:
[ 1947.323212]  <TASK>
[ 1947.323220]  dump_stack_lvl+0x8b/0xb3
[ 1947.323252]  should_fail.cold+0x5/0xa
[ 1947.323275]  ? create_object.isra.0+0x3a/0xa20
[ 1947.323310]  should_failslab+0x5/0x10
[ 1947.323339]  kmem_cache_alloc+0x5b/0x480
[ 1947.323358]  ? mark_held_locks+0x9e/0xe0
[ 1947.323393]  create_object.isra.0+0x3a/0xa20
[ 1947.323421]  ? kasan_unpoison+0x23/0x50
[ 1947.323455]  kmem_cache_alloc_bulk+0x3fa/0x780
[ 1947.323484]  ? kmem_cache_alloc+0x332/0x480
[ 1947.323534]  mas_alloc_nodes+0x2a6/0x6a0
[ 1947.323579]  mas_preallocate+0xff/0x270
[ 1947.323616]  __vma_adjust+0x1f6/0x18a0
[ 1947.323664]  ? vma_expand+0xda0/0xda0
[ 1947.323693]  ? anon_vma_clone+0x3ae/0x560
[ 1947.323722]  ? mark_lock.part.0+0xef/0x2f60
[ 1947.323759]  __split_vma+0x2a1/0x540
[ 1947.323787]  do_mas_align_munmap.constprop.0+0x263/0xfa0
[ 1947.323827]  ? __split_vma+0x540/0x540
[ 1947.323859]  ? mas_walk+0x48a/0x670
[ 1947.323893]  ? mas_find+0x203/0xdd0
[ 1947.323929]  ? inode_has_perm+0x171/0x1d0
[ 1947.323954]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 1947.323991]  do_mas_munmap+0x1ed/0x2c0
[ 1947.324018]  mmap_region+0x21c/0x1a70
[ 1947.324052]  ? lock_release+0x750/0x750
[ 1947.324081]  ? do_munmap+0x100/0x100
[ 1947.324111]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 1947.324145]  ? security_mmap_addr+0x79/0xa0
[ 1947.324175]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 1947.324209]  ? get_unmapped_area+0x2f0/0x3d0
[ 1947.324251]  do_mmap+0x824/0xf40
[ 1947.324284]  vm_mmap_pgoff+0x1b5/0x280
[ 1947.324326]  ? randomize_stack_top+0x100/0x100
[ 1947.324361]  ? __fget_files+0x287/0x470
[ 1947.324410]  ksys_mmap_pgoff+0x3cc/0x4f0
[ 1947.324439]  do_syscall_64+0x3b/0x90
[ 1947.324466]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1947.324509] RIP: 0033:0x7f4ea96a2b62
[ 1947.324527] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64
[ 1947.324547] RSP: 002b:00007f4ea6c180f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009
[ 1947.324570] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f4ea96a2b62
[ 1947.324584] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffe000
[ 1947.324598] RBP: 0000000020ffe000 R08: 0000000000000005 R09: 0000000000000000
[ 1947.324611] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000240
[ 1947.324624] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1947.324663]  </TASK>
[ 1947.325475] FAULT_INJECTION: forcing a failure.
[ 1947.325475] name failslab, interval 1, probability 0, space 0, times 0
[ 1947.325511] CPU: 1 PID: 7730 Comm: syz-executor.6 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1947.325535] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1947.325550] Call Trace:
[ 1947.325556]  <TASK>
[ 1947.325564]  dump_stack_lvl+0x8b/0xb3
[ 1947.325604]  should_fail.cold+0x5/0xa
[ 1947.325632]  should_failslab+0x5/0x10
[ 1947.325664]  kmem_cache_alloc_bulk+0x47/0x780
[ 1947.325685]  ? rcu_read_lock_sched_held+0x3a/0x70
[ 1947.325717]  ? kmem_cache_alloc+0x332/0x480
[ 1947.325746]  mas_alloc_nodes+0x2a6/0x6a0
[ 1947.325790]  mas_preallocate+0xff/0x270
[ 1947.325827]  __vma_adjust+0x1f6/0x18a0
[ 1947.325876]  ? vma_expand+0xda0/0xda0
[ 1947.325904]  ? anon_vma_clone+0x3ae/0x560
[ 1947.325934]  ? mas_find+0x203/0xdd0
[ 1947.325974]  __split_vma+0x452/0x540
[ 1947.325993]  ? mas_walk+0x48a/0x670
[ 1947.326030]  do_mas_align_munmap.constprop.0+0x4ef/0xfa0
[ 1947.326069]  ? __split_vma+0x540/0x540
[ 1947.326102]  ? mas_walk+0x48a/0x670
[ 1947.326137]  ? mas_find+0x203/0xdd0
[ 1947.326173]  ? inode_has_perm+0x171/0x1d0
[ 1947.326200]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 1947.326238]  do_mas_munmap+0x1ed/0x2c0
[ 1947.326265]  mmap_region+0x21c/0x1a70
[ 1947.326300]  ? lock_release+0x750/0x750
[ 1947.326329]  ? do_munmap+0x100/0x100
[ 1947.326359]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 1947.326395]  ? security_mmap_addr+0x79/0xa0
[ 1947.326426]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 1947.326460]  ? get_unmapped_area+0x2f0/0x3d0
[ 1947.326502]  do_mmap+0x824/0xf40
[ 1947.326536]  vm_mmap_pgoff+0x1b5/0x280
[ 1947.326579]  ? randomize_stack_top+0x100/0x100
[ 1947.326614]  ? __fget_files+0x287/0x470
[ 1947.326665]  ksys_mmap_pgoff+0x3cc/0x4f0
[ 1947.326694]  do_syscall_64+0x3b/0x90
[ 1947.326721]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1947.326751] RIP: 0033:0x7f011e7ddb62
[ 1947.326768] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64
[ 1947.326790] RSP: 002b:00007f011bd530f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009
[ 1947.326811] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f011e7ddb62
[ 1947.326826] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffe000
[ 1947.326839] RBP: 0000000020ffe000 R08: 0000000000000005 R09: 0000000000000000
[ 1947.326852] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000240
[ 1947.326865] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1947.326904]  </TASK>
[ 1947.342097] FAULT_INJECTION: forcing a failure.
[ 1947.342097] name failslab, interval 1, probability 0, space 0, times 0
[ 1947.342125] CPU: 1 PID: 7732 Comm: syz-executor.1 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1947.342149] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1947.342162] Call Trace:
[ 1947.342168]  <TASK>
[ 1947.342175]  dump_stack_lvl+0x8b/0xb3
[ 1947.342202]  should_fail.cold+0x5/0xa
[ 1947.342224]  ? security_file_alloc+0x34/0x170
[ 1947.342254]  should_failslab+0x5/0x10
[ 1947.342282]  kmem_cache_alloc+0x5b/0x480
[ 1947.342310]  security_file_alloc+0x34/0x170
[ 1947.342342]  __alloc_file+0xb6/0x230
[ 1947.342373]  alloc_empty_file+0x6d/0x170
[ 1947.342404]  alloc_file+0x59/0x580
[ 1947.342436]  alloc_file_pseudo+0x16a/0x250
[ 1947.342466]  ? alloc_file+0x580/0x580
[ 1947.342511]  anon_inode_getfile_secure+0xb5/0x1e0
[ 1947.342548]  io_uring_setup.cold+0x1ed0/0x271c
[ 1947.342588]  ? io_sqe_files_register+0x230/0x230
[ 1947.342642]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1947.342683]  do_syscall_64+0x3b/0x90
[ 1947.342707]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1947.342735] RIP: 0033:0x7f2c579bdb19
[ 1947.342751] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1947.342779] RSP: 002b:00007f2c54f33108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1947.342799] RAX: ffffffffffffffda RBX: 00007f2c57ad0f60 RCX: 00007f2c579bdb19
[ 1947.342813] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1947.342826] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1947.342839] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1947.342852] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1947.342889]  </TASK>
[ 1947.614669] FAULT_INJECTION: forcing a failure.
[ 1947.614669] name failslab, interval 1, probability 0, space 0, times 0
[ 1947.614704] CPU: 1 PID: 7742 Comm: syz-executor.1 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1947.614728] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1947.614742] Call Trace:
[ 1947.614748]  <TASK>
[ 1947.614756]  dump_stack_lvl+0x8b/0xb3
[ 1947.614794]  should_fail.cold+0x5/0xa
[ 1947.614816]  ? create_object.isra.0+0x3a/0xa20
[ 1947.614852]  should_failslab+0x5/0x10
[ 1947.614883]  kmem_cache_alloc+0x5b/0x480
[ 1947.614912]  create_object.isra.0+0x3a/0xa20
[ 1947.614942]  ? kasan_unpoison+0x23/0x50
[ 1947.614977]  kmem_cache_alloc+0x239/0x480
[ 1947.615004]  security_file_alloc+0x34/0x170
[ 1947.615039]  __alloc_file+0xb6/0x230
[ 1947.615069]  alloc_empty_file+0x6d/0x170
[ 1947.615101]  alloc_file+0x59/0x580
[ 1947.615134]  alloc_file_pseudo+0x16a/0x250
[ 1947.615165]  ? alloc_file+0x580/0x580
[ 1947.615213]  anon_inode_getfile_secure+0xb5/0x1e0
[ 1947.615250]  io_uring_setup.cold+0x1ed0/0x271c
[ 1947.615291]  ? io_sqe_files_register+0x230/0x230
[ 1947.615346]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1947.615389]  do_syscall_64+0x3b/0x90
[ 1947.615414]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1947.615444] RIP: 0033:0x7f2c579bdb19
[ 1947.615461] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1947.615482] RSP: 002b:00007f2c54f33108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1947.615504] RAX: ffffffffffffffda RBX: 00007f2c57ad0f60 RCX: 00007f2c579bdb19
[ 1947.615518] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1947.615531] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1947.615544] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1947.615557] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1947.615594]  </TASK>
[ 1947.619743] FAULT_INJECTION: forcing a failure.
[ 1947.619743] name failslab, interval 1, probability 0, space 0, times 0
[ 1947.619815] CPU: 1 PID: 7744 Comm: syz-executor.6 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1947.619839] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1947.619853] Call Trace:
[ 1947.619857]  <TASK>
[ 1947.619865]  dump_stack_lvl+0x8b/0xb3
[ 1947.619892]  should_fail.cold+0x5/0xa
[ 1947.619915]  ? create_object.isra.0+0x3a/0xa20
[ 1947.619947]  should_failslab+0x5/0x10
[ 1947.619975]  kmem_cache_alloc+0x5b/0x480
[ 1947.620003]  create_object.isra.0+0x3a/0xa20
[ 1947.620036]  ? kasan_unpoison+0x23/0x50
[ 1947.620070]  kmem_cache_alloc+0x239/0x480
[ 1947.620099]  vm_area_dup+0x7f/0x220
[ 1947.620137]  ? uprobe_apply+0x150/0x150
[ 1947.620169]  ? up_write+0x148/0x460
[ 1947.620201]  ? __vma_adjust+0x1091/0x18a0
[ 1947.620232]  ? lock_is_held_type+0xd7/0x130
[ 1947.620263]  ? vm_area_alloc+0xf0/0xf0
[ 1947.620294]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 1947.620329]  ? mas_next_nentry+0x5c4/0x9e0
[ 1947.620380]  ? mas_find+0x203/0xdd0
[ 1947.620420]  __split_vma+0xa2/0x540
[ 1947.620440]  ? mas_walk+0x48a/0x670
[ 1947.620474]  do_mas_align_munmap.constprop.0+0x4ef/0xfa0
[ 1947.620514]  ? __split_vma+0x540/0x540
[ 1947.620547]  ? mas_walk+0x48a/0x670
[ 1947.620581]  ? mas_find+0x203/0xdd0
[ 1947.620617]  ? inode_has_perm+0x171/0x1d0
[ 1947.620643]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 1947.620679]  do_mas_munmap+0x1ed/0x2c0
[ 1947.620707]  mmap_region+0x21c/0x1a70
[ 1947.620741]  ? lock_release+0x750/0x750
[ 1947.620769]  ? do_munmap+0x100/0x100
[ 1947.620799]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 1947.620832]  ? security_mmap_addr+0x79/0xa0
[ 1947.620862]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 1947.620895]  ? get_unmapped_area+0x2f0/0x3d0
[ 1947.620937]  do_mmap+0x824/0xf40
[ 1947.620970]  vm_mmap_pgoff+0x1b5/0x280
[ 1947.621012]  ? randomize_stack_top+0x100/0x100
[ 1947.621047]  ? __fget_files+0x287/0x470
[ 1947.621096]  ksys_mmap_pgoff+0x3cc/0x4f0
[ 1947.621125]  do_syscall_64+0x3b/0x90
[ 1947.621149]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1947.621177] RIP: 0033:0x7f011e7ddb62
[ 1947.621193] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64
[ 1947.621213] RSP: 002b:00007f011bd530f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009
[ 1947.621233] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f011e7ddb62
[ 1947.621247] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffe000
[ 1947.621260] RBP: 0000000020ffe000 R08: 0000000000000005 R09: 0000000000000000
[ 1947.621273] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000240
[ 1947.621286] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1947.621325]  </TASK>
[ 1962.145890] kmemleak: 4 new suspected memory leaks (see /sys/kernel/debug/kmemleak)
19:43:05 executing program 0:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x12, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240))

19:43:05 executing program 5:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0x5312)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/bus/input/devices\x00', 0x0, 0x0)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000180)='/sys/module/e1000e', 0x200000, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x4042, 0x0)
fcntl$dupfd(r1, 0x0, r2)
ioctl$CDROM_DISC_STATUS(r1, 0x5327)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x149802, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000000)={'rose0\x00'})
pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x80000)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000200)={'bond_slave_1\x00'})
ioctl$TUNATTACHFILTER(r0, 0x401054d5, &(0x7f0000000140)={0x4, &(0x7f0000000100)=[{0x7fff, 0x1, 0x7f, 0x1}, {0xb32, 0xfe, 0x1}, {0xfc00, 0x1, 0x4, 0x2}, {0x5, 0x7, 0x99, 0x31e8}]})
pwritev2(r3, &(0x7f0000000600)=[{&(0x7f00000000c0)="7d6d540c10037b9b35480d310900", 0xe}, {0x0}], 0x2, 0x0, 0x0, 0x0)
splice(r0, &(0x7f0000000040)=0xb68, r3, &(0x7f00000000c0), 0xde8, 0x1)

19:43:05 executing program 2:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 62)

19:43:05 executing program 7:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0x80081272)

19:43:05 executing program 6:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 64)

19:43:05 executing program 4:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)=<r2=>0x0)
r3 = creat(&(0x7f0000000380)='./file1\x00', 0x0)
r4 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140))
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
r6 = syz_io_uring_setup(0x76e7, &(0x7f0000000340), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000280), &(0x7f00000003c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0xa, 0x0, r5)
syz_io_uring_submit(0x0, r2, &(0x7f00000003c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x4, 0x0, @fd=r3, 0x0, 0x0, 0xf690, 0x0, 0x0, {0x0, r5}}, 0x1000)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
fchmodat(r7, &(0x7f0000000180)='./file0\x00', 0x4)
r8 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r9 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r9, r8, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r7, 0x5206, &(0x7f0000000480))

19:43:05 executing program 3:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)=<r2=>0x0)
r3 = creat(&(0x7f0000000380)='./file1\x00', 0x0)
r4 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140))
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
r6 = syz_io_uring_setup(0x76e7, &(0x7f0000000340), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000280), &(0x7f00000003c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0xa, 0x0, r5)
syz_io_uring_submit(0x0, r2, &(0x7f00000003c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x4, 0x0, @fd=r3, 0xfffffffffffffff9, 0x0, 0x0, 0x0, 0x0, {0x0, r5}}, 0x1000)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
fchmodat(r7, &(0x7f0000000180)='./file0\x00', 0x4)
r8 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r9 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r9, r8, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r7, 0x5206, &(0x7f0000000480))

19:43:05 executing program 1:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 41)

[ 1969.789566] FAULT_INJECTION: forcing a failure.
19:43:05 executing program 3:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)=<r2=>0x0)
r3 = creat(&(0x7f0000000380)='./file1\x00', 0x0)
r4 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140))
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
r6 = syz_io_uring_setup(0x76e7, &(0x7f0000000340), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000280), &(0x7f00000003c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0xa, 0x0, r5)
syz_io_uring_submit(0x0, r2, &(0x7f00000003c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x4, 0x0, @fd=r3, 0xfffffffffffffff9, 0x0, 0x0, 0x0, 0x0, {0x0, r5}}, 0x1000)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
fchmodat(r7, &(0x7f0000000180)='./file0\x00', 0x4)
r8 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r9 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r9, r8, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r7, 0x5206, &(0x7f0000000480))

[ 1969.789566] name failslab, interval 1, probability 0, space 0, times 0
[ 1969.789588] CPU: 1 PID: 7765 Comm: syz-executor.2 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1969.789602] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1969.789610] Call Trace:
[ 1969.789614]  <TASK>
[ 1969.789619]  dump_stack_lvl+0x8b/0xb3
[ 1969.789639]  should_fail.cold+0x5/0xa
[ 1969.789672]  should_failslab+0x5/0x10
[ 1969.789690]  kmem_cache_alloc_bulk+0x47/0x780
[ 1969.789701]  ? rcu_read_lock_sched_held+0x3a/0x70
[ 1969.789718]  ? kmem_cache_alloc+0x332/0x480
[ 1969.789733]  mas_alloc_nodes+0x2a6/0x6a0
[ 1969.789759]  mas_preallocate+0xff/0x270
[ 1969.789779]  __vma_adjust+0x1f6/0x18a0
[ 1969.789808]  ? vma_expand+0xda0/0xda0
[ 1969.789823]  ? anon_vma_clone+0x3ae/0x560
[ 1969.789838]  ? mas_find+0x203/0xdd0
[ 1969.789860]  __split_vma+0x452/0x540
[ 1969.789870]  ? mas_walk+0x48a/0x670
[ 1969.789889]  do_mas_align_munmap.constprop.0+0x4ef/0xfa0
[ 1969.789910]  ? __split_vma+0x540/0x540
[ 1969.789927]  ? mas_walk+0x48a/0x670
[ 1969.789946]  ? mas_find+0x203/0xdd0
[ 1969.789965]  ? inode_has_perm+0x171/0x1d0
[ 1969.789980]  ? lockdep_hardirqs_on_prepare+0x400/0x400
19:43:06 executing program 7:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0x80081280)

[ 1969.790000]  do_mas_munmap+0x1ed/0x2c0
[ 1969.790015]  mmap_region+0x21c/0x1a70
[ 1969.790034]  ? lock_release+0x750/0x750
[ 1969.790049]  ? do_munmap+0x100/0x100
[ 1969.790065]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 1969.790084]  ? security_mmap_addr+0x79/0xa0
[ 1969.790101]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 1969.790119]  ? get_unmapped_area+0x2f0/0x3d0
19:43:06 executing program 2:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 63)

[ 1969.790142]  do_mmap+0x824/0xf40
[ 1969.790159]  vm_mmap_pgoff+0x1b5/0x280
[ 1969.790182]  ? randomize_stack_top+0x100/0x100
[ 1969.790201]  ? __fget_files+0x287/0x470
19:43:06 executing program 6:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 65)

[ 1969.790228]  ksys_mmap_pgoff+0x3cc/0x4f0
[ 1969.790244]  do_syscall_64+0x3b/0x90
[ 1969.790258]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1969.790274] RIP: 0033:0x7f4ea96a2b62
[ 1969.790284] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64
[ 1969.790296] RSP: 002b:00007f4ea6c180f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009
[ 1969.790308] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f4ea96a2b62
[ 1969.790315] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffe000
[ 1969.790322] RBP: 0000000020ffe000 R08: 0000000000000005 R09: 0000000000000000
[ 1969.790329] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000240
[ 1969.790336] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1969.790357]  </TASK>
[ 1969.806492] FAULT_INJECTION: forcing a failure.
[ 1969.806492] name failslab, interval 1, probability 0, space 0, times 0
[ 1969.806525] CPU: 0 PID: 7760 Comm: syz-executor.1 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1969.806551] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1969.806566] Call Trace:
[ 1969.806572]  <TASK>
[ 1969.806579]  dump_stack_lvl+0x8b/0xb3
[ 1969.806613]  should_fail.cold+0x5/0xa
[ 1969.806636]  ? __io_uring_add_tctx_node+0x15f/0x390
[ 1969.806666]  should_failslab+0x5/0x10
[ 1969.806696]  kmem_cache_alloc_trace+0x55/0x3c0
[ 1969.806726]  __io_uring_add_tctx_node+0x15f/0x390
[ 1969.806761]  ? io_eventfd_put+0x50/0x50
[ 1969.806800]  io_uring_setup.cold+0x21c1/0x271c
[ 1969.806839]  ? io_sqe_files_register+0x230/0x230
[ 1969.806892]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1969.806932]  do_syscall_64+0x3b/0x90
[ 1969.806957]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1969.806987] RIP: 0033:0x7f2c579bdb19
[ 1969.807004] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1969.807025] RSP: 002b:00007f2c54f33108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1969.807047] RAX: ffffffffffffffda RBX: 00007f2c57ad0f60 RCX: 00007f2c579bdb19
[ 1969.807061] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1969.807075] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1969.807088] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1969.807101] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1969.807138]  </TASK>
[ 1969.811950] FAULT_INJECTION: forcing a failure.
[ 1969.811950] name failslab, interval 1, probability 0, space 0, times 0
[ 1969.811977] CPU: 0 PID: 7753 Comm: syz-executor.6 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1969.812001] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1969.812014] Call Trace:
[ 1969.812018]  <TASK>
[ 1969.812025]  dump_stack_lvl+0x8b/0xb3
[ 1969.812052]  should_fail.cold+0x5/0xa
[ 1969.812074]  ? mas_alloc_nodes+0x36e/0x6a0
[ 1969.812106]  should_failslab+0x5/0x10
[ 1969.812133]  kmem_cache_alloc+0x5b/0x480
[ 1969.812162]  mas_alloc_nodes+0x36e/0x6a0
[ 1969.812190]  ? find_vma+0x108/0x1a0
[ 1969.812232]  mas_preallocate+0xff/0x270
[ 1969.812268]  __vma_adjust+0x1f6/0x18a0
[ 1969.812316]  ? vma_expand+0xda0/0xda0
[ 1969.812344]  ? anon_vma_clone+0x3ae/0x560
[ 1969.812372]  ? mas_find+0x203/0xdd0
[ 1969.812417]  __split_vma+0x452/0x540
[ 1969.812436]  ? mas_walk+0x48a/0x670
[ 1969.812470]  do_mas_align_munmap.constprop.0+0x4ef/0xfa0
[ 1969.812510]  ? __split_vma+0x540/0x540
[ 1969.812543]  ? mas_walk+0x48a/0x670
[ 1969.812577]  ? mas_find+0x203/0xdd0
[ 1969.812613]  ? inode_has_perm+0x171/0x1d0
[ 1969.812639]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 1969.812678]  do_mas_munmap+0x1ed/0x2c0
[ 1969.812706]  mmap_region+0x21c/0x1a70
[ 1969.812739]  ? lock_release+0x750/0x750
[ 1969.812768]  ? do_munmap+0x100/0x100
[ 1969.812803]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 1969.812838]  ? security_mmap_addr+0x79/0xa0
[ 1969.812869]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 1969.812902]  ? get_unmapped_area+0x2f0/0x3d0
[ 1969.812943]  do_mmap+0x824/0xf40
[ 1969.812976]  vm_mmap_pgoff+0x1b5/0x280
[ 1969.813019]  ? randomize_stack_top+0x100/0x100
[ 1969.813054]  ? __fget_files+0x287/0x470
[ 1969.813104]  ksys_mmap_pgoff+0x3cc/0x4f0
[ 1969.813132]  do_syscall_64+0x3b/0x90
[ 1969.813157]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1969.813186] RIP: 0033:0x7f011e7ddb62
[ 1969.813201] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64
[ 1969.813221] RSP: 002b:00007f011bd530f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009
[ 1969.813242] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f011e7ddb62
[ 1969.813255] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffe000
[ 1969.813268] RBP: 0000000020ffe000 R08: 0000000000000005 R09: 0000000000000000
[ 1969.813281] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000240
[ 1969.813293] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1969.813332]  </TASK>
[ 1969.991370] FAULT_INJECTION: forcing a failure.
[ 1969.991370] name failslab, interval 1, probability 0, space 0, times 0
[ 1969.991391] CPU: 1 PID: 7781 Comm: syz-executor.6 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1969.991404] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1969.991413] Call Trace:
[ 1969.991416]  <TASK>
[ 1969.991421]  dump_stack_lvl+0x8b/0xb3
[ 1969.991442]  should_fail.cold+0x5/0xa
[ 1969.991454]  ? create_object.isra.0+0x3a/0xa20
[ 1969.991474]  should_failslab+0x5/0x10
[ 1969.991490]  kmem_cache_alloc+0x5b/0x480
[ 1969.991506]  create_object.isra.0+0x3a/0xa20
[ 1969.991521]  ? kasan_unpoison+0x23/0x50
[ 1969.991543]  kmem_cache_alloc+0x239/0x480
[ 1969.991559]  vm_area_dup+0x7f/0x220
[ 1969.991580]  ? uprobe_apply+0x150/0x150
[ 1969.991596]  ? up_write+0x148/0x460
[ 1969.991613]  ? __vma_adjust+0x1091/0x18a0
[ 1969.991630]  ? lock_is_held_type+0xd7/0x130
[ 1969.991648]  ? vm_area_alloc+0xf0/0xf0
[ 1969.991665]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 1969.991684]  ? mas_next_nentry+0x5c4/0x9e0
[ 1969.991712]  ? mas_find+0x203/0xdd0
[ 1969.991733]  __split_vma+0xa2/0x540
[ 1969.991743]  ? mas_walk+0x48a/0x670
[ 1969.991761]  do_mas_align_munmap.constprop.0+0x4ef/0xfa0
[ 1969.991783]  ? __split_vma+0x540/0x540
[ 1969.991800]  ? mas_walk+0x48a/0x670
[ 1969.991819]  ? mas_find+0x203/0xdd0
[ 1969.991838]  ? inode_has_perm+0x171/0x1d0
[ 1969.991853]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 1969.991872]  do_mas_munmap+0x1ed/0x2c0
[ 1969.991887]  mmap_region+0x21c/0x1a70
[ 1969.991905]  ? lock_release+0x750/0x750
[ 1969.991921]  ? do_munmap+0x100/0x100
[ 1969.991937]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 1969.991955]  ? security_mmap_addr+0x79/0xa0
[ 1969.991971]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 1969.991989]  ? get_unmapped_area+0x2f0/0x3d0
[ 1969.992011]  do_mmap+0x824/0xf40
[ 1969.992029]  vm_mmap_pgoff+0x1b5/0x280
[ 1969.992052]  ? randomize_stack_top+0x100/0x100
[ 1969.992071]  ? __fget_files+0x287/0x470
[ 1969.992097]  ksys_mmap_pgoff+0x3cc/0x4f0
[ 1969.992113]  do_syscall_64+0x3b/0x90
[ 1969.992126]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1969.992142] RIP: 0033:0x7f011e7ddb62
[ 1969.992152] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64
[ 1969.992164] RSP: 002b:00007f011bd530f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009
[ 1969.992176] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f011e7ddb62
[ 1969.992184] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffe000
[ 1969.992191] RBP: 0000000020ffe000 R08: 0000000000000005 R09: 0000000000000000
[ 1969.992198] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000240
[ 1969.992205] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1969.992226]  </TASK>
[ 1970.021335] FAULT_INJECTION: forcing a failure.
[ 1970.021335] name failslab, interval 1, probability 0, space 0, times 0
[ 1970.021363] CPU: 1 PID: 7783 Comm: syz-executor.2 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1970.021385] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1970.021400] Call Trace:
[ 1970.021404]  <TASK>
[ 1970.021414]  dump_stack_lvl+0x8b/0xb3
[ 1970.021441]  should_fail.cold+0x5/0xa
[ 1970.021462]  ? create_object.isra.0+0x3a/0xa20
[ 1970.021500]  should_failslab+0x5/0x10
[ 1970.021533]  kmem_cache_alloc+0x5b/0x480
[ 1970.021568]  create_object.isra.0+0x3a/0xa20
[ 1970.021610]  ? kasan_unpoison+0x23/0x50
[ 1970.021662]  kmem_cache_alloc_bulk+0x3fa/0x780
[ 1970.021697]  mas_alloc_nodes+0x2a6/0x6a0
[ 1970.021741]  mas_preallocate+0xff/0x270
[ 1970.021765]  __vma_adjust+0x1f6/0x18a0
[ 1970.021790]  ? vma_expand+0xda0/0xda0
[ 1970.021806]  ? anon_vma_clone+0x3ae/0x560
[ 1970.021821]  ? mas_find+0x203/0xdd0
[ 1970.021842]  __split_vma+0x452/0x540
[ 1970.021853]  ? mas_walk+0x48a/0x670
[ 1970.021872]  do_mas_align_munmap.constprop.0+0x4ef/0xfa0
[ 1970.021893]  ? __split_vma+0x540/0x540
[ 1970.021911]  ? mas_walk+0x48a/0x670
[ 1970.021929]  ? mas_find+0x203/0xdd0
[ 1970.021948]  ? inode_has_perm+0x171/0x1d0
[ 1970.021962]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 1970.021982]  do_mas_munmap+0x1ed/0x2c0
[ 1970.021997]  mmap_region+0x21c/0x1a70
[ 1970.022015]  ? lock_release+0x750/0x750
[ 1970.022031]  ? do_munmap+0x100/0x100
[ 1970.022047]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 1970.022066]  ? security_mmap_addr+0x79/0xa0
[ 1970.022082]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 1970.022100]  ? get_unmapped_area+0x2f0/0x3d0
[ 1970.022121]  do_mmap+0x824/0xf40
[ 1970.022139]  vm_mmap_pgoff+0x1b5/0x280
[ 1970.022162]  ? randomize_stack_top+0x100/0x100
[ 1970.022181]  ? __fget_files+0x287/0x470
[ 1970.022207]  ksys_mmap_pgoff+0x3cc/0x4f0
[ 1970.022223]  do_syscall_64+0x3b/0x90
[ 1970.022236]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1970.022252] RIP: 0033:0x7f4ea96a2b62
[ 1970.022260] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64
[ 1970.022272] RSP: 002b:00007f4ea6c180f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009
[ 1970.022283] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f4ea96a2b62
[ 1970.022291] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffe000
[ 1970.022298] RBP: 0000000020ffe000 R08: 0000000000000005 R09: 0000000000000000
[ 1970.022304] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000240
[ 1970.022311] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1970.022332]  </TASK>
[ 1982.336101] kmemleak: 4 new suspected memory leaks (see /sys/kernel/debug/kmemleak)
19:43:25 executing program 2:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 64)

19:43:25 executing program 0:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x18, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240))

19:43:25 executing program 1:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 42)

19:43:25 executing program 3:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)=<r2=>0x0)
r3 = creat(&(0x7f0000000380)='./file1\x00', 0x0)
r4 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140))
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
r6 = syz_io_uring_setup(0x76e7, &(0x7f0000000340), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000280), &(0x7f00000003c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0xa, 0x0, r5)
syz_io_uring_submit(0x0, r2, &(0x7f00000003c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x4, 0x0, @fd=r3, 0xfffffffffffffff9, 0x0, 0xf690}, 0x1000)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
fchmodat(r7, &(0x7f0000000180)='./file0\x00', 0x4)
r8 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r9 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r9, r8, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r7, 0x5206, &(0x7f0000000480))

19:43:25 executing program 5:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x4402, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x149802, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'rose0\x00'})
pwritev2(r1, &(0x7f0000000600)=[{&(0x7f00000000c0)="7d6d540c10037b9b35480d310900", 0xe}, {0x0}], 0x2, 0x0, 0x0, 0x0)
syz_mount_image$nfs(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', 0x401, 0xa, &(0x7f0000001900)=[{&(0x7f0000000140)="3a09ff3e213c6a7a23d2201e45e34d750fde2d007302f6121ed2c4b6730d63bb6315341d6c605020749b9a39d4c0d804eedc3dd4a26f5ea1e13974d0c425dd34c0d7c29bd1ce8e7b008f661e4c324c6360b568e998ce8e39a0b312c9e676dbdd71", 0x61, 0x6}, {&(0x7f0000000340)="227d507a6f5b28bc71e41878c04a62cf311429542db8af5eeebc893571c25df74a52a0e8e62b1cfb16d22ca2dc3a65aa8f7055b5e34a47c0a5672d4aac98dd91fca4f4b4ad79376552c1b5327d9d336c290a3da906fa0e103fae21dcbe2919f9874b07b940449c6fff6983093594c3ae136c85efafb65acae3e222e37376e64b369e1a8eb2c4b7b7eb91502b991574d3d4a77da918e371b932d5e53173b34157879a7ede37a85d9dd671a2e56ac18abe2a08fdefd730eb9233ce333b852d1c", 0xbf, 0xfff}, {&(0x7f0000000400)="fd547f976578779e8a52dc2d1d09000e594de5773223f1c0e9c3fa2482bbd9d3d6e4321cba884506f39a1fdd6ed8e70ae6ddb3e9ab62802ea89523e7981025690d0515cd087a742bd847998fa0cff1cbce11636fa99d7cdc486158f3bf8432e961", 0x61, 0x79}, {&(0x7f0000000480)="08552ecadca71eda31196f628aa1d15533b503d4a3128f69bd430d9b221d64c9147e8218f94d503ab44fef42654d179e283242fe79cab7f971d535ec7a88c4a35d7a322b62191eec651617b8c35f615d6fb6ceb8ca230bfbbb3be29fcfee19068bc6a5514c627e8cb875e366c3553e430b610e1558715b4606ecc6eca55f0c5342af1eada27db711e3e80f029b4d6547cecfba", 0x93}, {&(0x7f0000000640)="8d5cddfdf8fbf4eb6c7e328923f016a7873d9d145f3cc125bf2980863da678d74dfd2789584294678b4d1c13dcd6235459240269d814b964c1bc4df6e813dd26eca1759f006c4c97f4fccc887e4123822d599ae8c673816e4f78d4e0a70ce506de073f5d15bd311c199db9f2c024d4cc736f7d4ce948b155877a2d3c5c87c3c9e8fe9b2a54e31f192cdeb114280c41358ee65a459bb44483daabd56b3169b375995112976241f255eaf25c6787412fe39893e3c4da658c43a54f2778eb4a8e41517c6252d0b7", 0xc6, 0x108a}, {&(0x7f0000000740)="c031cc930dbb3940dcb79f2334be361317d3ec5f7bec115c1d2697207c22c416dfe52daa140d83f3bb1ca1e73a1a197cd2b0aebaea377d86156c6b4b8d40a53d74a7139c128aa6af24361e1a731cb0bdfb1171bbdde5da0831e2b25b22d7ec8b8e55af23d621cb10e9ebf3857fbb8d16e3e32d72d6039094ad4e81c41b4e63540902cb0cde5ea7134d5dc9ddfed989faa5f8253ba2a19f7850862d2d8d84182ad0c7292010e2b3d8f27090d6f3418f55b97671e70826202d6f84131a10716f2c682c44c077cbb8295147be1a3dda49af0211338c", 0xd4, 0xff}, {&(0x7f0000000840)="d85c13152e5bf9ba35b2d91cdbbea083e610e5e4edc658e3bbba0d81f646531d64fea4db1d34a8036c1626a42808da487b5304f6dd9596a78b3e523a2a07d9d883ad787965eb8b88ad2f10d6e8dd91925257b09067aad1088e40ae56d43b8d4c5131d23f32110c29a105365138776607c823450d62c11a28d92ff8fc86b5aad3e9ff1681514fb4c63ff3f061a33df8620f9dd831ed620366854079b266a2046967cb90b131497540a6be321c16b9dff6e1dcbf3107fbc601cacb2646d781baf4a560c797b95761fcc760c8f8d7c3d3a665d116515a1f6bb5786e01f5064d66f9479ab357234f85a16de8dc7b656c26f8365e11a1072db10c0fbfb4f6dac6003ec007a24aebd7a60ea3935c26ac1eb0629bb764527343192ad74e4f920e9ce2744f5a806231d60e0a3843343abe53cd17e74cfc40067218c71d98f5d8b950151b7d093a5e3b794ada2a65e927a55c708d4e1cff8b10c72d7edd97226c3e701fc076ebeb9455420f5d4b348fd5cec0851c8ea2ae359202c81f7ba21bafc2c3afad709ce376d9f6ced661190caf9ba9e96809fc17ea6db1caa1d89c1116f8c3ba1b26257dbd5f987710e978fb95534ddd1e82e39d4060eb33acbe2dd39f886146209c1f516745a30e51a77aef5c65f2f5d6a4635cd809743546d7d091aaaa32e6ab92f1606b017df58d818857ede88bcd21875e7d97859526893202952bfd2a88755b8b67146d140c0fb3220d12bfb8c4d9c7baac9b6f267a47ad1be3e254daac357bc5882c7b9454fbdeb040bf22e58f2303a413f7d419df352b66b2b94ed8633e8613b42984c6eae37f46ea3c96d48eef652d0c4b91c8ae8ebe7d3160cb22f149e961322de60a826230b7b4fe2bdef305d15bcfd85aad25cb1859b6861b22dde91a327ecc693a063536a24744b89c0b2b017493c10c6f9d5a14b35336b775826c1682757dd5f93978d1e872f9f48a560d73d7b5e46730a0065098cfcfd1e19a2f4f5423d0516d14d5b1f47e0b16ef680f43e12cb4285fcbe780a076751110c6ded6bae4ae28bd3b743ac73234e8a394f5496a224dce04e47acdfa3bbe8fecf434ec1710aee0fad6cd47651fabe4dc216a521bbd6f0f3415d6dada69e49379ac6a3a8f5266f2d02342a87514baa6288011069117e24ce749cd6ae0a5470d89ded6bdb7fc374659ba4c1d07e2182674d09a9c98b5bc5635d2f9a2333cc40396124ef70877f82338d652211aa4de7f7b858d004eb3a671ff355ab17f4ac39a0d52425f51be01ae69b85e0e4d9474dae939c4361773843e820223cd2b7a0194cdb889353bd2ce3a5749c8c0fedbf9932802d089150d86450377170ff355b069134bccf85e6c0a26778eec3ae06d9e8f56fd28d2fd89b5d31a8d8f78cda340cec69cd8ac275805aaf7362d018c4f121ffb78cfdaeea5525ff35f13104bde2af8a2bfbb1ac72881e54614cef3c8908f0c6d0b77188a58709914a794fa1a04a70d2bfdbd89a38202131d85bd50c936cfd7885050cd97675bdb2717fb133a20beed8cd4120266fd19604274ca55c1cd8ed2daaa66353b4f81cd6de2ec4eb333e042aeea2c2604ac22d16245861cb046fc7dc770da09a4a3e61f9d80846d05fdf9b82bb10053887a2f3ac6fb130bf23e6da8293156e67348921a8d9fe3c5c106e24c3e27c0d8ea40f74a2865816ab86810d523bd1db642876496e9e50846f15fa61c8471ec31bc42f390c865a7cec4f2808f5c191c27c736c7b84c42a745f16689c06d40185b50c9f3f0d94fc431c0115bdddaf29e4d3fe8657547514ae155c30787a1678f524f6b7a4b986b31fc8345d2b54eb03293d0ab90b2864c6566c2976170a69c5acc3c5baadeadea598878261a96763a409fb557ab62df05055dc73f48df9d66270bb2458f19169c52c2456f086282811e7d25b4cb1d44bd41c591805d7bc70e977e45ea2f7ca33a29516d5f17bc63183c47e374bc56e6391f608595d9762932aa695b0a95b742df28f982c0a321383db7926a6ac616839365f3b0394cf68700ef0ee2ab8febd5dabdeba8d92c571dd9c4588ea7972d1c2108b5a77d6ba7e772b4252d3aaa9d6d3b0723eacfde22a211723be562b4f3c522172618878c8ee29f796ee6c9e43070ab51f4da654172f9317630ced50875f2fd1defacc1a629956327d9200d23bcbe101149bc4f562f8a71f1a45fd5b07dc2af7b255134aee6001ba890ffdbd20741728745d46027b86ecf6f5855f12ec46c3d62272cb9f4e1334fe668f8bb02a2980c0792add95f43586d4115b004a483792aad9ea07067ab213e9ce5a5a79a113212b00955208cca863f2722d6b684442437344355156c42ba21a1e0c9e587d9dca48ae997556c62c67aff41d1b6e6bdcf3ef2621a41ae2ff54b3f1e8f83ca088b4ee927c13f0c26a1ee352b5d6478fccdc128701e881bdb4149ffc905b079f972a33eb8fba3fa3317c27b58c91459471df1a90d20e3880ad3a365fab5159c7aeed92d09658630b5c03886edb778e372d0547012fbbcb17f9ab90a6171c62030db7467d558bc96cae6b3196a6184a40ca1c75603a8636bdba177a3ade7536678e36a7e3f17d1c30b001c4270c7c6941f4ae8b878ac5e2195f8872bc02249e20814306f23388897ced3d19c26505d304af3e3ee5c56b46100abe7c091812b503deeaa2630e37325b65b54d16d913559205e977973a1b6913367e10b637d8094322f7dc0ad6970abe27dfbc05738744766dfe2015128df340ac9ee85b28761cffc59210037d122a331b114c865d35ba10fc5cc137aa71ebbd335386c7a158de11c37f71396d036457ff37e90e23dc1075f339203c44dd51a2465c22bd6635fcc9c2746eb2bcec405c0478b35cf657c2b200d53ccde42b17cb8b5af4669984664b94c8d3f19eb2814cf585f12980908f43d52e3290e52c4647e3c9bd947a40b211247a9ea41d387850eed13b2880f9b462b9bfb9097c7a360a5ab798b2839acf705ca9cdc92ddedd11ac76fb8fa952bbfd40531201be4dfb12c32fbabbc347419ee5a042cabacade4ec729c8c206731a912ed69cf7765925925d103e5d048633d9b92e5dd4ed4c96e0003d63a6155ac45016f91a5ec675e52de316463b8123a17e073e775ae2b87238d780a0336b72ce4482707bfa1a739cdc56f4ef96d0c6d6dd42276d6689b34e941135c5b423099d105536c3b69ac3d79ffa0955e5ac8c49be403bd7b9a19ba37e19e6503fc8d491c9bda19a8056c7cf4fb0c87aac5533085b76ef67a8e1e4ed81da6ebdaa4cd1143327a75fe5da10703551858281749820267e0909c25b24df77b40b8f3a25cfd523f03f1b60b255b9259b1520e689dab153504c904f61df75920de316642a11d1ec7593baed84f8f6d6cd4d1d129c1b55b9a486c0779d87aa998e04b650c40d880bbb6b007d50e18888664154a7374cdaa8d7c6ba9e749289e59421473ac97dc8288834b5d89acf55f67882f965daa37b45932dfb5dd75fe2d25b0ce8ab41642840ac36144cb638d88cf74389b84610769d2f34d37a214cdf0291a41bb8aa3668dcb6c9cea781f2c6850231ec0d9c3c5cb0083141aa4da5720f6fa61ec97cf102a7ac6050fa37a4dc500cf24178b5d5d4676bcda517a2810ada50fd4ed7d20f5404b83827022acd9220d561265f031af2d7a298e0cce94e686f6d4a93b65d851e236f9e354eafacc715d3d6b8f5701289a7985ef1c84d02a1cdae4e72274e4c9cb2388d1a747a899b00fcf259aff8805d66b5498549900635ec6cbe669db32b5f2ae7e727b5a3d3cf8e533b9930a1762ebc865a0f1da5d9426769a169e5a0fbaf846880d03708aa9ce49d3cd3dad598ee24d2460de3a777d1026d740292c88690cb98b52fb99bd272b5f215b8abe283031df0ff00df079477afa6c015902b60b1a573bc2c59c356ef2c12dff1103eee00120b149eabe418e2c6b275e7f168508c63b92280181032c36525a5d1afed1e6f09e613bb33a2b9ddb3d0ad25acfb741a66d7d7c7cf9b4f5d51df30941f9ea8ec962c15aeb0b56951a356ab254968903b581e664f8b80b0de6278b3303032a7335e6f3747e6ea532ad0fc241681ca01ec474932ef48801c42628628eac76a569803a19035fc69680b756faaac96811cc3751e153f6f5a103b9761ef4feb25e351dd33f1b972ea735b8389d275bef076aa2eeb91cac1636efedd8c8a87e3b0525f0fd0f8d032068e4c9ac7a390fdeca77553b88d2382dcae5e9e4f7a96aeae2e404542692ccd31366bf0bab8668cb97a9ece78f16c51c0802cede0fb674cdcf609897c3e5a90ec5d3c735d6a0aca9e07168856b0ed396b4a1f6b49bbebb294d3961f91a470676803152e720e411304056f0b300a60717c8b36c4f76a657bcd6211499bbb51f90c6a41fef5eaf94e560785a35feacd20a38bfe63e542b8b175c550338950009d2102b03e08977cad21355eefbeb0218f8bc6a327d33daccc67ae794814fe4a91c98ae6a36fc4f0ccd6be5b504bc8a260b9fb88e0d68609afa173e4661dfed218adc28f98d1f595ad603406b16b6940592fb1892f5a42d7e5d18a2e327ddd6a07c4152c9d1bfeb1d6305d14879ceb7d4acba18f399d2153998e4a0e3aad4dc6c399128acb5cb61849ca0d59382c6a2ec09100c4cf3c43e90802e8271518881f122b02e7868f4ad108488c8a621a4c65534b7931c9a02134d0537c2be8de649494b14c4c7cdf5c4eb439359f3ec4b15e1c39dab907342aaa33a60713500a40d96805e42add850cfa90dc7f078505c805254feb9664cef70b283c562980b7fe96a1498652b0d9cd34110202391966196820cff467d5e3ea3769cb904f350379f3d439697a73d4f8ea98307205512fdcbde5d126ecc5e3f3e49f65b3548775ea7967da1baeef9bfbdf624feccbf2dc5d8a62d97c24f85c0235d844a39275e8b3403aac4a82855370d491f7bdc167756d25ea141687a2b606c61c2cd860c617c2e7d6a2c716eed439c7d4a641cf1c4fdcad10d3c4a9fcbaac914e2d2bda8d29e5ed0943fc945ea1a202e98ead0712b6d359828119e07411173e916a978c5b6aea8e7be18814097d412f2187c8dfe465f1f771331fea9bf765fafcd2897ae197e18e9f42a5cb63cfaab763be34c59c51769299e822d20bd8fc59c786e60873b35068e1727c6ee3ced9b1993f42ee8041a527f1eb58e19c6cc58fd8f4a811cabde680d023d512d9e434fd4b6f2aab8f3f63eb605f703e71ee4a64a80a41cba10c71c5ca502325e2a0dd423a96fb66a472331b2ce3c87f842244ad5527a0105552eceabb6599ba2d9fc8bf571da38341361a32dbf15f7265c2f03d3c3070f5d655cffeff750ab9e767b6c39cda8828bc8eca23a1c23bb7ed74dde979489aa7dd1b21f55ad3536d8bf2404a018233dd35f67a3f0cbadd1bfe917997d473bcef84f010eb1da7adb70c62c2ed6efe8f1f1946d8354a1d70c1a13ac0eaad6b86037d223cc58083cddb47421fbfc4fa2bb1a75bb6b21fa0176507b7a8b2ba4be559ee147088cdacdfb95156ba04a244114822c028b3b46ab4361f14f3ba05156b3bbce4d639d94e37c5c0e8bb79b90e83d6d67c1bf2caaaecec57048e689342828aa5c008cbf1547a5db38ee8db412701d6c169119705b5e687e4d9bc057e90c07c1e9308e454a3367959516665bf5750b9867ecb0dbaafdd7f9e07d7227af75cd886cb29ee7c356bd3575ead987dbe45c225b313a5c02661d09ddb5c4639502f1f9e970821fdbd612b43e954403956149d842a9584ced7085bb99e28289", 0x1000, 0x9}, {&(0x7f0000000540)="4eb574d527f6f661b8f82351454e2260b0f242f406d0328df1a375f4536ec3eaee811246f95eaf2a580ef3aa25359cf5d99453dca85e3e35dece0d4b8eb8d38b0061c346616a9ba92415752f800b16e0309d78d43ca68855b6f39c07cb30d5e94953c7ecdb360342531d", 0x6a, 0x100000000}, {&(0x7f0000001840)="8c3cd36e3a84c3289756ec7fabb45607650abf1cbf226d8182eec1c52a2b424268626bfd8a062273f859a11d1f3197214da56be8b5534c18f40cdb3cb0acfad94d2d61ed13f5a57691b776cff9b318fc2b753c3051291a592dc17fab69a4dec63ddb191c35592cf79e6cea778ddf5e34c44816b1d86ed34b6d381c1b22515c63cf55d9896a967d97679e0611540fa688125eb7", 0x93, 0x8}, {&(0x7f00000005c0)="c129", 0x2, 0x8001}], 0x800082, &(0x7f0000001a00)={[{'^[@(^'}, {'/dev/sr0\x00'}], [{@permit_directio}]})
write(0xffffffffffffffff, &(0x7f00000001c0)="f4d05d69ce19ac07297cc40800000000000000ff68793613c164be3c206d5548aaf23996f419a671d92353ba136505e59ee52d78f6262ee6751ef599f77ebca6bac28016e5d42f7449c89f06000d120e53d5cf05000000000000002cc9082b39b2163d5c30131ac352ef01e133512d22157f03da894859f6b51812af9a879ac8ad102b2d090320d4889d407e1eee27d7979ad6f05a1d94372d98b464bbe363f7c816702e4384fca7355d8c678d3856a804ae4970ac8a5c5bc46c5c0e5240c119ab5879e29ab66dde0602396b5cb817030c7b50cd4d85d4ddafc842660c82e1af41fa12b21bc923267cd02072e71c117279eb1d7cafecfb930e822e9cb34a0231de0914c84118d918ff2b5907cdd0edac169f88aac7a02725b8ccade06a6f64e465fc74ffa21431069478f21db5cca8303f76f91f193a71452a97d9c2a61dc5d1caca587cd829639352d7afe098a5870d7b", 0xfffffeff)
ioctl$CDROMRESET(r0, 0x5312)

19:43:25 executing program 4:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)=<r2=>0x0)
r3 = creat(&(0x7f0000000380)='./file1\x00', 0x0)
r4 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140))
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
r6 = syz_io_uring_setup(0x76e7, &(0x7f0000000340), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000280), &(0x7f00000003c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0xa, 0x0, r5)
syz_io_uring_submit(0x0, r2, &(0x7f00000003c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x4, 0x0, @fd=r3, 0xfffffffffffffff9, 0x0, 0x0, 0x0, 0x0, {0x0, r5}}, 0x1000)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
fchmodat(r7, &(0x7f0000000180)='./file0\x00', 0x4)
r8 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r9 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r9, r8, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r7, 0x5206, &(0x7f0000000480))

19:43:25 executing program 7:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0x80086601)

19:43:25 executing program 6:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 66)

[ 1989.748065] FAULT_INJECTION: forcing a failure.
[ 1989.748065] name failslab, interval 1, probability 0, space 0, times 0
[ 1989.748097] CPU: 1 PID: 7802 Comm: syz-executor.6 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1989.748131] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1989.748151] Call Trace:
[ 1989.748156]  <TASK>
[ 1989.748164]  dump_stack_lvl+0x8b/0xb3
[ 1989.748201]  should_fail.cold+0x5/0xa
[ 1989.748227]  ? create_object.isra.0+0x3a/0xa20
[ 1989.748272]  should_failslab+0x5/0x10
[ 1989.748315]  kmem_cache_alloc+0x5b/0x480
[ 1989.748346]  ? mark_held_locks+0x9e/0xe0
[ 1989.748396]  create_object.isra.0+0x3a/0xa20
[ 1989.748430]  ? kasan_unpoison+0x23/0x50
[ 1989.748470]  kmem_cache_alloc_bulk+0x3fa/0x780
[ 1989.748509]  mas_alloc_nodes+0x2a6/0x6a0
[ 1989.748541]  mas_preallocate+0xff/0x270
[ 1989.748561]  __vma_adjust+0x1f6/0x18a0
[ 1989.748587]  ? vma_expand+0xda0/0xda0
[ 1989.748602]  ? anon_vma_clone+0x3ae/0x560
[ 1989.748618]  ? mas_find+0x203/0xdd0
19:43:25 executing program 3:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)=<r2=>0x0)
r3 = creat(&(0x7f0000000380)='./file1\x00', 0x0)
r4 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140))
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
r6 = syz_io_uring_setup(0x76e7, &(0x7f0000000340), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000280), &(0x7f00000003c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0xa, 0x0, r5)
syz_io_uring_submit(0x0, r2, &(0x7f00000003c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x4, 0x0, @fd=r3, 0xfffffffffffffff9, 0x0, 0xf690}, 0x1000)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
fchmodat(r7, &(0x7f0000000180)='./file0\x00', 0x4)
r8 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r9 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r9, r8, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r7, 0x5206, &(0x7f0000000480))

[ 1989.748639]  __split_vma+0x452/0x540
[ 1989.748649]  ? mas_walk+0x48a/0x670
[ 1989.748668]  do_mas_align_munmap.constprop.0+0x4ef/0xfa0
19:43:25 executing program 7:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0x80087601)

[ 1989.748689]  ? __split_vma+0x540/0x540
[ 1989.748707]  ? mas_walk+0x48a/0x670
[ 1989.748725]  ? mas_find+0x203/0xdd0
[ 1989.748744]  ? inode_has_perm+0x171/0x1d0
[ 1989.748759]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 1989.748779]  do_mas_munmap+0x1ed/0x2c0
[ 1989.748793]  mmap_region+0x21c/0x1a70
[ 1989.748812]  ? lock_release+0x750/0x750
[ 1989.748827]  ? do_munmap+0x100/0x100
[ 1989.748843]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
19:43:26 executing program 4:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)=<r2=>0x0)
r3 = creat(&(0x7f0000000380)='./file1\x00', 0x0)
r4 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140))
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
r6 = syz_io_uring_setup(0x76e7, &(0x7f0000000340), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000280), &(0x7f00000003c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0xa, 0x0, r5)
syz_io_uring_submit(0x0, r2, &(0x7f00000003c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x4, 0x0, @fd=r3, 0xfffffffffffffff9, 0x0, 0xf690}, 0x1000)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
fchmodat(r7, &(0x7f0000000180)='./file0\x00', 0x4)
r8 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r9 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r9, r8, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r7, 0x5206, &(0x7f0000000480))

[ 1989.748862]  ? security_mmap_addr+0x79/0xa0
[ 1989.748879]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 1989.748897]  ? get_unmapped_area+0x2f0/0x3d0
[ 1989.748918]  do_mmap+0x824/0xf40
[ 1989.748936]  vm_mmap_pgoff+0x1b5/0x280
[ 1989.748959]  ? randomize_stack_top+0x100/0x100
[ 1989.748978]  ? __fget_files+0x287/0x470
[ 1989.749005]  ksys_mmap_pgoff+0x3cc/0x4f0
19:43:26 executing program 6:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 67)

[ 1989.749020]  do_syscall_64+0x3b/0x90
[ 1989.749035]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1989.749052] RIP: 0033:0x7f011e7ddb62
[ 1989.749061] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64
[ 1989.749072] RSP: 002b:00007f011bd530f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009
19:43:26 executing program 2:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 65)

[ 1989.749085] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f011e7ddb62
[ 1989.749092] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffe000
[ 1989.749100] RBP: 0000000020ffe000 R08: 0000000000000005 R09: 0000000000000000
[ 1989.749107] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000240
[ 1989.749114] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1989.749135]  </TASK>
[ 1989.768225] FAULT_INJECTION: forcing a failure.
[ 1989.768225] name failslab, interval 1, probability 0, space 0, times 0
[ 1989.768259] CPU: 0 PID: 7793 Comm: syz-executor.1 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1989.768283] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1989.768298] Call Trace:
[ 1989.768304]  <TASK>
[ 1989.768311]  dump_stack_lvl+0x8b/0xb3
[ 1989.768344]  should_fail.cold+0x5/0xa
19:43:26 executing program 1:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 43)

[ 1989.768367]  ? create_object.isra.0+0x3a/0xa20
[ 1989.768403]  should_failslab+0x5/0x10
[ 1989.768433]  kmem_cache_alloc+0x5b/0x480
[ 1989.768468]  create_object.isra.0+0x3a/0xa20
[ 1989.768497]  ? kasan_unpoison+0x23/0x50
19:43:26 executing program 3:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)=<r2=>0x0)
r3 = creat(&(0x7f0000000380)='./file1\x00', 0x0)
r4 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140))
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
r6 = syz_io_uring_setup(0x76e7, &(0x7f0000000340), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000280), &(0x7f00000003c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0xa, 0x0, r5)
syz_io_uring_submit(0x0, r2, &(0x7f00000003c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x4, 0x0, @fd=r3, 0xfffffffffffffff9, 0x0, 0xf690}, 0x1000)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
fchmodat(r7, &(0x7f0000000180)='./file0\x00', 0x4)
r8 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r9 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r9, r8, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r7, 0x5206, &(0x7f0000000480))

[ 1989.768530]  kmem_cache_alloc_trace+0x22e/0x3c0
[ 1989.768559]  __io_uring_add_tctx_node+0x15f/0x390
[ 1989.768587]  ? io_eventfd_put+0x50/0x50
19:43:26 executing program 0:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x1e, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240))

[ 1989.768626]  io_uring_setup.cold+0x21c1/0x271c
[ 1989.768666]  ? io_sqe_files_register+0x230/0x230
[ 1989.768718]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1989.768758]  do_syscall_64+0x3b/0x90
[ 1989.768787]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1989.768816] RIP: 0033:0x7f2c579bdb19
[ 1989.768832] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1989.768854] RSP: 002b:00007f2c54f33108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1989.768876] RAX: ffffffffffffffda RBX: 00007f2c57ad0f60 RCX: 00007f2c579bdb19
[ 1989.768891] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
19:43:26 executing program 5:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x440f21, 0x0)
pipe(&(0x7f0000000040))
ioctl$CDROMRESET(r0, 0x5312)

[ 1989.768904] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1989.768918] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1989.768931] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1989.768968]  </TASK>
[ 1989.799142] FAULT_INJECTION: forcing a failure.
[ 1989.799142] name failslab, interval 1, probability 0, space 0, times 0
[ 1989.799178] CPU: 1 PID: 7805 Comm: syz-executor.2 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1989.799204] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1989.799222] Call Trace:
[ 1989.799227]  <TASK>
19:43:26 executing program 7:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0x801c581f)

[ 1989.799239]  dump_stack_lvl+0x8b/0xb3
[ 1989.799271]  should_fail.cold+0x5/0xa
[ 1989.799289]  ? mas_alloc_nodes+0x36e/0x6a0
[ 1989.799317]  should_failslab+0x5/0x10
[ 1989.799338]  kmem_cache_alloc+0x5b/0x480
[ 1989.799362]  mas_alloc_nodes+0x36e/0x6a0
[ 1989.799385]  ? find_vma+0x108/0x1a0
[ 1989.799442]  mas_preallocate+0xff/0x270
[ 1989.799477]  __vma_adjust+0x1f6/0x18a0
[ 1989.799515]  ? vma_expand+0xda0/0xda0
[ 1989.799530]  ? anon_vma_clone+0x3ae/0x560
[ 1989.799545]  ? mas_find+0x203/0xdd0
[ 1989.799567]  __split_vma+0x452/0x540
[ 1989.799578]  ? mas_walk+0x48a/0x670
[ 1989.799596]  do_mas_align_munmap.constprop.0+0x4ef/0xfa0
[ 1989.799618]  ? __split_vma+0x540/0x540
[ 1989.799635]  ? mas_walk+0x48a/0x670
[ 1989.799658]  ? mas_find+0x203/0xdd0
[ 1989.799677]  ? inode_has_perm+0x171/0x1d0
[ 1989.799692]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 1989.799713]  do_mas_munmap+0x1ed/0x2c0
[ 1989.799729]  mmap_region+0x21c/0x1a70
[ 1989.799747]  ? lock_release+0x750/0x750
[ 1989.799762]  ? do_munmap+0x100/0x100
[ 1989.799779]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 1989.799797]  ? security_mmap_addr+0x79/0xa0
[ 1989.799815]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 1989.799833]  ? get_unmapped_area+0x2f0/0x3d0
[ 1989.799855]  do_mmap+0x824/0xf40
[ 1989.799873]  vm_mmap_pgoff+0x1b5/0x280
[ 1989.799896]  ? randomize_stack_top+0x100/0x100
[ 1989.799915]  ? __fget_files+0x287/0x470
[ 1989.799943]  ksys_mmap_pgoff+0x3cc/0x4f0
[ 1989.799958]  do_syscall_64+0x3b/0x90
[ 1989.799973]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1989.799990] RIP: 0033:0x7f4ea96a2b62
[ 1989.800000] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64
[ 1989.800012] RSP: 002b:00007f4ea6c180f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009
[ 1989.800024] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f4ea96a2b62
[ 1989.800032] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffe000
[ 1989.800039] RBP: 0000000020ffe000 R08: 0000000000000005 R09: 0000000000000000
[ 1989.800046] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000240
[ 1989.800053] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1989.800073]  </TASK>
[ 1989.916720] FAULT_INJECTION: forcing a failure.
[ 1989.916720] name failslab, interval 1, probability 0, space 0, times 0
[ 1989.916742] CPU: 1 PID: 7817 Comm: syz-executor.6 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1989.916758] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1989.916766] Call Trace:
[ 1989.916770]  <TASK>
[ 1989.916774]  dump_stack_lvl+0x8b/0xb3
[ 1989.916795]  should_fail.cold+0x5/0xa
[ 1989.916807]  ? create_object.isra.0+0x3a/0xa20
[ 1989.916827]  should_failslab+0x5/0x10
[ 1989.916843]  kmem_cache_alloc+0x5b/0x480
[ 1989.916854]  ? mark_held_locks+0x9e/0xe0
[ 1989.916874]  create_object.isra.0+0x3a/0xa20
[ 1989.916889]  ? kasan_unpoison+0x23/0x50
[ 1989.916907]  kmem_cache_alloc_bulk+0x3fa/0x780
[ 1989.916919]  ? kmem_cache_alloc+0x332/0x480
[ 1989.916934]  mas_alloc_nodes+0x2a6/0x6a0
[ 1989.916957]  mas_preallocate+0xff/0x270
[ 1989.916977]  __vma_adjust+0x1f6/0x18a0
[ 1989.917003]  ? vma_expand+0xda0/0xda0
[ 1989.917018]  ? anon_vma_clone+0x3ae/0x560
[ 1989.917033]  ? mas_find+0x203/0xdd0
[ 1989.917055]  __split_vma+0x452/0x540
[ 1989.917065]  ? mas_walk+0x48a/0x670
[ 1989.917084]  do_mas_align_munmap.constprop.0+0x4ef/0xfa0
[ 1989.917105]  ? __split_vma+0x540/0x540
[ 1989.917123]  ? mas_walk+0x48a/0x670
[ 1989.917141]  ? mas_find+0x203/0xdd0
[ 1989.917164]  ? inode_has_perm+0x171/0x1d0
[ 1989.917178]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 1989.917198]  do_mas_munmap+0x1ed/0x2c0
[ 1989.917213]  mmap_region+0x21c/0x1a70
[ 1989.917231]  ? lock_release+0x750/0x750
[ 1989.917246]  ? do_munmap+0x100/0x100
[ 1989.917262]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 1989.917281]  ? security_mmap_addr+0x79/0xa0
[ 1989.917298]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 1989.917316]  ? get_unmapped_area+0x2f0/0x3d0
[ 1989.917338]  do_mmap+0x824/0xf40
[ 1989.917355]  vm_mmap_pgoff+0x1b5/0x280
[ 1989.917378]  ? randomize_stack_top+0x100/0x100
[ 1989.917397]  ? __fget_files+0x287/0x470
[ 1989.917424]  ksys_mmap_pgoff+0x3cc/0x4f0
[ 1989.917440]  do_syscall_64+0x3b/0x90
[ 1989.917454]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1989.917470] RIP: 0033:0x7f011e7ddb62
[ 1989.917479] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64
[ 1989.917491] RSP: 002b:00007f011bd530f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009
[ 1989.917502] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f011e7ddb62
[ 1989.917510] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffe000
[ 1989.917517] RBP: 0000000020ffe000 R08: 0000000000000005 R09: 0000000000000000
[ 1989.917524] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000240
[ 1989.917531] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1989.917552]  </TASK>
[ 1990.048214] FAULT_INJECTION: forcing a failure.
[ 1990.048214] name failslab, interval 1, probability 0, space 0, times 0
[ 1990.048248] CPU: 0 PID: 7822 Comm: syz-executor.1 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1990.048272] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1990.048287] Call Trace:
[ 1990.048293]  <TASK>
[ 1990.048301]  dump_stack_lvl+0x8b/0xb3
[ 1990.048333]  should_fail.cold+0x5/0xa
[ 1990.048361]  should_failslab+0x5/0x10
[ 1990.048391]  kmem_cache_alloc_lru+0x60/0x7c0
[ 1990.048411]  ? xas_alloc+0x35d/0x480
[ 1990.048448]  xas_alloc+0x35d/0x480
[ 1990.048481]  xas_create+0x35b/0x1030
[ 1990.048531]  xas_store+0x90/0x1c40
[ 1990.048579]  __xa_store+0x16d/0x2d0
[ 1990.048613]  ? xa_delete_node+0x270/0x270
[ 1990.048650]  ? rwlock_bug.part.0+0x90/0x90
[ 1990.048695]  xa_store+0x31/0x50
[ 1990.048726]  __io_uring_add_tctx_node+0x1d2/0x390
[ 1990.048758]  ? io_eventfd_put+0x50/0x50
[ 1990.048798]  io_uring_setup.cold+0x21c1/0x271c
[ 1990.048838]  ? io_sqe_files_register+0x230/0x230
[ 1990.048891]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1990.048933]  do_syscall_64+0x3b/0x90
[ 1990.048957]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1990.048987] RIP: 0033:0x7f2c579bdb19
[ 1990.049003] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1990.049024] RSP: 002b:00007f2c54f33108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 1990.049046] RAX: ffffffffffffffda RBX: 00007f2c57ad0f60 RCX: 00007f2c579bdb19
[ 1990.049061] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 1990.049073] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 1990.049087] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 1990.049100] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1990.049138]  </TASK>
[ 1990.072980] FAULT_INJECTION: forcing a failure.
[ 1990.072980] name failslab, interval 1, probability 0, space 0, times 0
[ 1990.073012] CPU: 0 PID: 7828 Comm: syz-executor.2 Not tainted 5.18.0-rc4-next-20220427 #1
[ 1990.073036] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 1990.073050] Call Trace:
[ 1990.073055]  <TASK>
[ 1990.073063]  dump_stack_lvl+0x8b/0xb3
[ 1990.073092]  should_fail.cold+0x5/0xa
[ 1990.073114]  ? create_object.isra.0+0x3a/0xa20
[ 1990.073148]  should_failslab+0x5/0x10
[ 1990.073176]  kmem_cache_alloc+0x5b/0x480
[ 1990.073204]  create_object.isra.0+0x3a/0xa20
[ 1990.073232]  ? kasan_unpoison+0x23/0x50
[ 1990.073267]  kmem_cache_alloc+0x239/0x480
[ 1990.073295]  mas_alloc_nodes+0x36e/0x6a0
[ 1990.073324]  ? find_vma+0x108/0x1a0
[ 1990.073366]  mas_preallocate+0xff/0x270
[ 1990.073403]  __vma_adjust+0x1f6/0x18a0
[ 1990.073450]  ? vma_expand+0xda0/0xda0
[ 1990.073478]  ? anon_vma_clone+0x3ae/0x560
[ 1990.073507]  ? mas_find+0x203/0xdd0
[ 1990.073546]  __split_vma+0x452/0x540
[ 1990.073565]  ? mas_walk+0x48a/0x670
[ 1990.073599]  do_mas_align_munmap.constprop.0+0x4ef/0xfa0
[ 1990.073638]  ? __split_vma+0x540/0x540
[ 1990.073671]  ? mas_walk+0x48a/0x670
[ 1990.073706]  ? mas_find+0x203/0xdd0
[ 1990.073741]  ? inode_has_perm+0x171/0x1d0
[ 1990.073777]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 1990.073814]  do_mas_munmap+0x1ed/0x2c0
[ 1990.073841]  mmap_region+0x21c/0x1a70
[ 1990.073875]  ? lock_release+0x750/0x750
[ 1990.073904]  ? do_munmap+0x100/0x100
[ 1990.073933]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 1990.073994]  ? security_mmap_addr+0x79/0xa0
[ 1990.074024]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 1990.074057]  ? get_unmapped_area+0x2f0/0x3d0
[ 1990.074098]  do_mmap+0x824/0xf40
[ 1990.074131]  vm_mmap_pgoff+0x1b5/0x280
[ 1990.074173]  ? randomize_stack_top+0x100/0x100
[ 1990.074207]  ? __fget_files+0x287/0x470
[ 1990.074256]  ksys_mmap_pgoff+0x3cc/0x4f0
[ 1990.074284]  do_syscall_64+0x3b/0x90
[ 1990.074309]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1990.074338] RIP: 0033:0x7f4ea96a2b62
[ 1990.074354] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64
[ 1990.074374] RSP: 002b:00007f4ea6c180f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009
[ 1990.074396] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f4ea96a2b62
[ 1990.074411] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffe000
[ 1990.074425] RBP: 0000000020ffe000 R08: 0000000000000005 R09: 0000000000000000
[ 1990.074438] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000240
[ 1990.074452] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 1990.074492]  </TASK>
[ 2001.197553] kmemleak: 4 new suspected memory leaks (see /sys/kernel/debug/kmemleak)
19:43:44 executing program 2:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 66)

19:43:44 executing program 6:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 68)

19:43:44 executing program 0:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x24, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240))

19:43:44 executing program 7:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0xc0045878)

19:43:44 executing program 4:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)=<r2=>0x0)
r3 = creat(&(0x7f0000000380)='./file1\x00', 0x0)
r4 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140))
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
r6 = syz_io_uring_setup(0x76e7, &(0x7f0000000340), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000280), &(0x7f00000003c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0xa, 0x0, r5)
syz_io_uring_submit(0x0, r2, &(0x7f00000003c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x4, 0x0, @fd=r3, 0xfffffffffffffff9, 0x0, 0xf690}, 0x1000)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
fchmodat(r7, &(0x7f0000000180)='./file0\x00', 0x4)
r8 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r9 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r9, r8, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r7, 0x5206, &(0x7f0000000480))

19:43:44 executing program 3:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)=<r2=>0x0)
r3 = creat(&(0x7f0000000380)='./file1\x00', 0x0)
r4 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140))
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
r6 = syz_io_uring_setup(0x76e7, &(0x7f0000000340), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000280), &(0x7f00000003c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0xa, 0x0, r5)
syz_io_uring_submit(0x0, r2, &(0x7f00000003c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x4, 0x0, @fd=r3, 0xfffffffffffffff9, 0x0, 0xf690, 0x0, 0x0, {0x0, r5}}, 0x0)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
fchmodat(r7, &(0x7f0000000180)='./file0\x00', 0x4)
r8 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r9 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r9, r8, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r7, 0x5206, &(0x7f0000000480))

19:43:44 executing program 5:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0x5312)
fsetxattr$trusted_overlay_origin(r0, &(0x7f0000000040), &(0x7f0000000080), 0x2, 0x0)

19:43:44 executing program 1:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 44)

[ 2008.262553] FAULT_INJECTION: forcing a failure.
[ 2008.262553] name failslab, interval 1, probability 0, space 0, times 0
[ 2008.262575] CPU: 1 PID: 7844 Comm: syz-executor.6 Not tainted 5.18.0-rc4-next-20220427 #1
[ 2008.262588] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 2008.262596] Call Trace:
[ 2008.262600]  <TASK>
[ 2008.262604]  dump_stack_lvl+0x8b/0xb3
[ 2008.262629]  should_fail.cold+0x5/0xa
[ 2008.262641]  ? create_object.isra.0+0x3a/0xa20
[ 2008.262661]  should_failslab+0x5/0x10
[ 2008.262678]  kmem_cache_alloc+0x5b/0x480
[ 2008.262689]  ? mark_held_locks+0x9e/0xe0
[ 2008.262708]  create_object.isra.0+0x3a/0xa20
[ 2008.262724]  ? kasan_unpoison+0x23/0x50
[ 2008.262744]  kmem_cache_alloc_bulk+0x3fa/0x780
[ 2008.262756]  ? kmem_cache_alloc+0x332/0x480
[ 2008.262771]  mas_alloc_nodes+0x2a6/0x6a0
[ 2008.262795]  mas_preallocate+0xff/0x270
[ 2008.262815]  __vma_adjust+0x1f6/0x18a0
[ 2008.262841]  ? vma_expand+0xda0/0xda0
[ 2008.262857]  ? anon_vma_clone+0x3ae/0x560
[ 2008.262872]  ? mas_find+0x203/0xdd0
[ 2008.262893]  __split_vma+0x452/0x540
[ 2008.262904]  ? mas_walk+0x48a/0x670
[ 2008.262923]  do_mas_align_munmap.constprop.0+0x4ef/0xfa0
[ 2008.262944]  ? __split_vma+0x540/0x540
[ 2008.262962]  ? mas_walk+0x48a/0x670
[ 2008.262980]  ? mas_find+0x203/0xdd0
[ 2008.263000]  ? inode_has_perm+0x171/0x1d0
[ 2008.263015]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 2008.263035]  do_mas_munmap+0x1ed/0x2c0
[ 2008.263050]  mmap_region+0x21c/0x1a70
[ 2008.263068]  ? lock_release+0x750/0x750
[ 2008.263084]  ? do_munmap+0x100/0x100
[ 2008.263100]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2008.263119]  ? security_mmap_addr+0x79/0xa0
[ 2008.263136]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 2008.263154]  ? get_unmapped_area+0x2f0/0x3d0
[ 2008.263176]  do_mmap+0x824/0xf40
[ 2008.263194]  vm_mmap_pgoff+0x1b5/0x280
[ 2008.263217]  ? randomize_stack_top+0x100/0x100
[ 2008.263236]  ? __fget_files+0x287/0x470
[ 2008.263263]  ksys_mmap_pgoff+0x3cc/0x4f0
[ 2008.263279]  do_syscall_64+0x3b/0x90
[ 2008.263293]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2008.263309] RIP: 0033:0x7f011e7ddb62
[ 2008.263318] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64
[ 2008.263330] RSP: 002b:00007f011bd530f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009
[ 2008.263342] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f011e7ddb62
19:43:44 executing program 7:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0xc0045878)

[ 2008.263350] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffe000
[ 2008.263357] RBP: 0000000020ffe000 R08: 0000000000000005 R09: 0000000000000000
[ 2008.263363] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000240
[ 2008.263371] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
19:43:44 executing program 4:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)=<r2=>0x0)
r3 = creat(&(0x7f0000000380)='./file1\x00', 0x0)
r4 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140))
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
r6 = syz_io_uring_setup(0x76e7, &(0x7f0000000340), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000280), &(0x7f00000003c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0xa, 0x0, r5)
syz_io_uring_submit(0x0, r2, &(0x7f00000003c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x4, 0x0, @fd=r3, 0xfffffffffffffff9, 0x0, 0xf690}, 0x1000)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
fchmodat(r7, &(0x7f0000000180)='./file0\x00', 0x4)
r8 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r9 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r9, r8, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r7, 0x5206, &(0x7f0000000480))

[ 2008.263392]  </TASK>
[ 2008.332597] FAULT_INJECTION: forcing a failure.
[ 2008.332597] name failslab, interval 1, probability 0, space 0, times 0
[ 2008.332624] CPU: 1 PID: 7853 Comm: syz-executor.2 Not tainted 5.18.0-rc4-next-20220427 #1
[ 2008.332643] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 2008.332655] Call Trace:
[ 2008.332661]  <TASK>
[ 2008.332666]  dump_stack_lvl+0x8b/0xb3
[ 2008.332692]  should_fail.cold+0x5/0xa
[ 2008.332708]  ? create_object.isra.0+0x3a/0xa20
[ 2008.332732]  should_failslab+0x5/0x10
[ 2008.332758]  kmem_cache_alloc+0x5b/0x480
[ 2008.332771]  ? mark_held_locks+0x9e/0xe0
[ 2008.332798]  create_object.isra.0+0x3a/0xa20
[ 2008.332831]  ? kasan_unpoison+0x23/0x50
[ 2008.332854]  kmem_cache_alloc_bulk+0x3fa/0x780
[ 2008.332871]  ? kmem_cache_alloc+0x332/0x480
[ 2008.332888]  mas_alloc_nodes+0x2a6/0x6a0
[ 2008.332911]  mas_preallocate+0xff/0x270
[ 2008.332931]  __vma_adjust+0x1f6/0x18a0
[ 2008.332957]  ? vma_expand+0xda0/0xda0
[ 2008.332972]  ? anon_vma_clone+0x3ae/0x560
[ 2008.332987]  ? mas_find+0x203/0xdd0
[ 2008.333009]  __split_vma+0x452/0x540
[ 2008.333019]  ? mas_walk+0x48a/0x670
[ 2008.333037]  do_mas_align_munmap.constprop.0+0x4ef/0xfa0
[ 2008.333058]  ? __split_vma+0x540/0x540
19:43:44 executing program 6:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 69)

[ 2008.333076]  ? mas_walk+0x48a/0x670
[ 2008.333095]  ? mas_find+0x203/0xdd0
[ 2008.333114]  ? inode_has_perm+0x171/0x1d0
[ 2008.333130]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 2008.333149]  do_mas_munmap+0x1ed/0x2c0
[ 2008.333164]  mmap_region+0x21c/0x1a70
[ 2008.333182]  ? lock_release+0x750/0x750
[ 2008.333197]  ? do_munmap+0x100/0x100
[ 2008.333213]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2008.333232]  ? security_mmap_addr+0x79/0xa0
[ 2008.333249]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 2008.333267]  ? get_unmapped_area+0x2f0/0x3d0
[ 2008.333289]  do_mmap+0x824/0xf40
[ 2008.333307]  vm_mmap_pgoff+0x1b5/0x280
[ 2008.333330]  ? randomize_stack_top+0x100/0x100
[ 2008.333349]  ? __fget_files+0x287/0x470
[ 2008.333375]  ksys_mmap_pgoff+0x3cc/0x4f0
19:43:44 executing program 0:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x2a, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240))

[ 2008.333390]  do_syscall_64+0x3b/0x90
[ 2008.333405]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2008.333421] RIP: 0033:0x7f4ea96a2b62
[ 2008.333430] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64
[ 2008.333442] RSP: 002b:00007f4ea6c180f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009
[ 2008.333454] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f4ea96a2b62
19:43:44 executing program 1:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 45)

[ 2008.333462] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffe000
[ 2008.333470] RBP: 0000000020ffe000 R08: 0000000000000005 R09: 0000000000000000
[ 2008.333478] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000240
[ 2008.333485] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 2008.333506]  </TASK>
[ 2008.333842] FAULT_INJECTION: forcing a failure.
[ 2008.333842] name failslab, interval 1, probability 0, space 0, times 0
[ 2008.333870] CPU: 1 PID: 7856 Comm: syz-executor.1 Not tainted 5.18.0-rc4-next-20220427 #1
[ 2008.333896] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 2008.333910] Call Trace:
[ 2008.333914]  <TASK>
[ 2008.333921]  dump_stack_lvl+0x8b/0xb3
[ 2008.333955]  should_fail.cold+0x5/0xa
[ 2008.333981]  ? create_object.isra.0+0x3a/0xa20
[ 2008.334024]  should_failslab+0x5/0x10
[ 2008.334058]  kmem_cache_alloc+0x5b/0x480
[ 2008.334082]  ? arch_stack_walk+0x99/0xf0
[ 2008.334125]  create_object.isra.0+0x3a/0xa20
[ 2008.334154]  ? kasan_unpoison+0x23/0x50
19:43:44 executing program 2:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 67)

[ 2008.334208]  kmem_cache_alloc_lru+0x2d3/0x7c0
[ 2008.334240]  ? xas_alloc+0x35d/0x480
[ 2008.334278]  xas_alloc+0x35d/0x480
[ 2008.334305]  xas_create+0x35b/0x1030
[ 2008.334334]  xas_store+0x90/0x1c40
[ 2008.334361]  __xa_store+0x16d/0x2d0
[ 2008.334379]  ? xa_delete_node+0x270/0x270
[ 2008.334399]  ? rwlock_bug.part.0+0x90/0x90
[ 2008.334423]  xa_store+0x31/0x50
[ 2008.334440]  __io_uring_add_tctx_node+0x1d2/0x390
[ 2008.334456]  ? io_eventfd_put+0x50/0x50
[ 2008.334478]  io_uring_setup.cold+0x21c1/0x271c
[ 2008.334500]  ? io_sqe_files_register+0x230/0x230
[ 2008.334529]  ? syscall_enter_from_user_mode+0x1d/0x50
19:43:44 executing program 5:
openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000040), 0x4a81, 0x0)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/fscaps', 0x200000, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x4042, 0x0)
fcntl$dupfd(r1, 0x0, r2)
ioctl$CDROMRESET(r0, 0x5312)

19:43:44 executing program 3:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)=<r2=>0x0)
r3 = creat(&(0x7f0000000380)='./file1\x00', 0x0)
r4 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140))
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
r6 = syz_io_uring_setup(0x76e7, &(0x7f0000000340), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000280), &(0x7f00000003c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0xa, 0x0, r5)
syz_io_uring_submit(0x0, r2, &(0x7f00000003c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x4, 0x0, @fd=r3, 0xfffffffffffffff9, 0x0, 0xf690, 0x0, 0x0, {0x0, r5}}, 0x0)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
fchmodat(r7, &(0x7f0000000180)='./file0\x00', 0x4)
r8 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r9 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r9, r8, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r7, 0x5206, &(0x7f0000000480))

[ 2008.334552]  do_syscall_64+0x3b/0x90
[ 2008.334565]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2008.334581] RIP: 0033:0x7f2c579bdb19
[ 2008.334590] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2008.334602] RSP: 002b:00007f2c54f33108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2008.334613] RAX: ffffffffffffffda RBX: 00007f2c57ad0f60 RCX: 00007f2c579bdb19
[ 2008.334621] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 2008.334628] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
19:43:44 executing program 7:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0xc0101282)

[ 2008.334638] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 2008.334645] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 2008.334666]  </TASK>
[ 2008.451433] FAULT_INJECTION: forcing a failure.
[ 2008.451433] name failslab, interval 1, probability 0, space 0, times 0
[ 2008.451455] CPU: 1 PID: 7865 Comm: syz-executor.6 Not tainted 5.18.0-rc4-next-20220427 #1
[ 2008.451468] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
19:43:44 executing program 6:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 70)

[ 2008.451477] Call Trace:
[ 2008.451480]  <TASK>
[ 2008.451484]  dump_stack_lvl+0x8b/0xb3
[ 2008.451505]  should_fail.cold+0x5/0xa
[ 2008.451517]  ? create_object.isra.0+0x3a/0xa20
[ 2008.451536]  should_failslab+0x5/0x10
[ 2008.451553]  kmem_cache_alloc+0x5b/0x480
[ 2008.451569]  create_object.isra.0+0x3a/0xa20
[ 2008.451584]  ? kasan_unpoison+0x23/0x50
[ 2008.451602]  kmem_cache_alloc_bulk+0x3fa/0x780
[ 2008.451620]  mas_alloc_nodes+0x2a6/0x6a0
[ 2008.451643]  mas_preallocate+0xff/0x270
[ 2008.451663]  __vma_adjust+0x1f6/0x18a0
[ 2008.451689]  ? vma_expand+0xda0/0xda0
[ 2008.451704]  ? anon_vma_clone+0x3ae/0x560
[ 2008.451719]  ? mas_find+0x203/0xdd0
[ 2008.451744]  __split_vma+0x452/0x540
[ 2008.451755]  ? mas_walk+0x48a/0x670
[ 2008.451774]  do_mas_align_munmap.constprop.0+0x4ef/0xfa0
[ 2008.451795]  ? __split_vma+0x540/0x540
[ 2008.451813]  ? mas_walk+0x48a/0x670
[ 2008.451831]  ? mas_find+0x203/0xdd0
[ 2008.451850]  ? inode_has_perm+0x171/0x1d0
[ 2008.451865]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 2008.451886]  do_mas_munmap+0x1ed/0x2c0
[ 2008.451901]  mmap_region+0x21c/0x1a70
[ 2008.451919]  ? lock_release+0x750/0x750
[ 2008.451935]  ? do_munmap+0x100/0x100
19:43:44 executing program 1:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 46)

[ 2008.451951]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2008.451970]  ? security_mmap_addr+0x79/0xa0
[ 2008.451987]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 2008.452005]  ? get_unmapped_area+0x2f0/0x3d0
[ 2008.452027]  do_mmap+0x824/0xf40
[ 2008.452045]  vm_mmap_pgoff+0x1b5/0x280
[ 2008.452068]  ? randomize_stack_top+0x100/0x100
[ 2008.452086]  ? __fget_files+0x287/0x470
[ 2008.452114]  ksys_mmap_pgoff+0x3cc/0x4f0
[ 2008.452129]  do_syscall_64+0x3b/0x90
[ 2008.452143]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2008.452160] RIP: 0033:0x7f011e7ddb62
[ 2008.452169] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64
[ 2008.452180] RSP: 002b:00007f011bd530f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009
[ 2008.452192] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f011e7ddb62
[ 2008.452200] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffe000
[ 2008.452207] RBP: 0000000020ffe000 R08: 0000000000000005 R09: 0000000000000000
[ 2008.452213] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000240
[ 2008.452220] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 2008.452245]  </TASK>
[ 2008.520938] FAULT_INJECTION: forcing a failure.
[ 2008.520938] name failslab, interval 1, probability 0, space 0, times 0
[ 2008.520970] CPU: 1 PID: 7868 Comm: syz-executor.1 Not tainted 5.18.0-rc4-next-20220427 #1
19:43:44 executing program 3:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)=<r2=>0x0)
r3 = creat(&(0x7f0000000380)='./file1\x00', 0x0)
r4 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140))
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
r6 = syz_io_uring_setup(0x76e7, &(0x7f0000000340), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000280), &(0x7f00000003c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0xa, 0x0, r5)
syz_io_uring_submit(0x0, r2, &(0x7f00000003c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x4, 0x0, @fd=r3, 0xfffffffffffffff9, 0x0, 0xf690, 0x0, 0x0, {0x0, r5}}, 0x0)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
fchmodat(r7, &(0x7f0000000180)='./file0\x00', 0x4)
r8 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r9 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r9, r8, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r7, 0x5206, &(0x7f0000000480))

[ 2008.520983] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 2008.520991] Call Trace:
[ 2008.520995]  <TASK>
[ 2008.520999]  dump_stack_lvl+0x8b/0xb3
[ 2008.521019]  should_fail.cold+0x5/0xa
[ 2008.521029]  ? xas_alloc+0x35d/0x480
[ 2008.521046]  ? create_object.isra.0+0x3a/0xa20
[ 2008.521065]  should_failslab+0x5/0x10
[ 2008.521081]  kmem_cache_alloc+0x5b/0x480
[ 2008.521092]  ? arch_stack_walk+0x99/0xf0
[ 2008.521113]  create_object.isra.0+0x3a/0xa20
[ 2008.521128]  ? kasan_unpoison+0x23/0x50
[ 2008.521147]  kmem_cache_alloc_lru+0x2d3/0x7c0
[ 2008.521157]  ? xas_alloc+0x35d/0x480
[ 2008.521176]  xas_alloc+0x35d/0x480
[ 2008.521194]  xas_create+0x35b/0x1030
[ 2008.521221]  xas_store+0x90/0x1c40
[ 2008.521247]  __xa_store+0x16d/0x2d0
[ 2008.521264]  ? xa_delete_node+0x270/0x270
[ 2008.521284]  ? rwlock_bug.part.0+0x90/0x90
[ 2008.521309]  xa_store+0x31/0x50
[ 2008.521326]  __io_uring_add_tctx_node+0x1d2/0x390
[ 2008.521342]  ? io_eventfd_put+0x50/0x50
[ 2008.521363]  io_uring_setup.cold+0x21c1/0x271c
[ 2008.521385]  ? io_sqe_files_register+0x230/0x230
[ 2008.521414]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2008.521437]  do_syscall_64+0x3b/0x90
[ 2008.521450]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2008.521466] RIP: 0033:0x7f2c579bdb19
[ 2008.521475] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2008.521487] RSP: 002b:00007f2c54f33108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2008.521499] RAX: ffffffffffffffda RBX: 00007f2c57ad0f60 RCX: 00007f2c579bdb19
[ 2008.521506] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 2008.521513] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 2008.521522] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 2008.521530] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 2008.521553]  </TASK>
[ 2008.590596] FAULT_INJECTION: forcing a failure.
[ 2008.590596] name failslab, interval 1, probability 0, space 0, times 0
[ 2008.590617] CPU: 1 PID: 7875 Comm: syz-executor.2 Not tainted 5.18.0-rc4-next-20220427 #1
[ 2008.590630] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 2008.590641] Call Trace:
[ 2008.590645]  <TASK>
[ 2008.590649]  dump_stack_lvl+0x8b/0xb3
[ 2008.590672]  should_fail.cold+0x5/0xa
[ 2008.590685]  ? create_object.isra.0+0x3a/0xa20
[ 2008.590705]  should_failslab+0x5/0x10
[ 2008.590721]  kmem_cache_alloc+0x5b/0x480
[ 2008.590741]  create_object.isra.0+0x3a/0xa20
[ 2008.590756]  ? kasan_unpoison+0x23/0x50
[ 2008.590775]  kmem_cache_alloc+0x239/0x480
[ 2008.590790]  mas_alloc_nodes+0x36e/0x6a0
[ 2008.590807]  ? find_vma+0x108/0x1a0
[ 2008.590830]  mas_preallocate+0xff/0x270
[ 2008.590850]  __vma_adjust+0x1f6/0x18a0
[ 2008.590875]  ? vma_expand+0xda0/0xda0
[ 2008.590891]  ? anon_vma_clone+0x3ae/0x560
[ 2008.590906]  ? mas_find+0x203/0xdd0
[ 2008.590927]  __split_vma+0x452/0x540
[ 2008.590938]  ? mas_walk+0x48a/0x670
[ 2008.590956]  do_mas_align_munmap.constprop.0+0x4ef/0xfa0
[ 2008.590977]  ? __split_vma+0x540/0x540
[ 2008.590995]  ? mas_walk+0x48a/0x670
[ 2008.591013]  ? mas_find+0x203/0xdd0
[ 2008.591033]  ? inode_has_perm+0x171/0x1d0
[ 2008.591047]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 2008.591068]  do_mas_munmap+0x1ed/0x2c0
[ 2008.591083]  mmap_region+0x21c/0x1a70
[ 2008.591102]  ? lock_release+0x750/0x750
[ 2008.591117]  ? do_munmap+0x100/0x100
[ 2008.591133]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2008.591152]  ? security_mmap_addr+0x79/0xa0
[ 2008.591169]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 2008.591187]  ? get_unmapped_area+0x2f0/0x3d0
[ 2008.591209]  do_mmap+0x824/0xf40
[ 2008.591227]  vm_mmap_pgoff+0x1b5/0x280
[ 2008.591250]  ? randomize_stack_top+0x100/0x100
[ 2008.591269]  ? __fget_files+0x287/0x470
[ 2008.591295]  ksys_mmap_pgoff+0x3cc/0x4f0
[ 2008.591310]  do_syscall_64+0x3b/0x90
[ 2008.591324]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2008.591340] RIP: 0033:0x7f4ea96a2b62
[ 2008.591350] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64
[ 2008.591362] RSP: 002b:00007f4ea6c180f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009
[ 2008.591374] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f4ea96a2b62
[ 2008.591382] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffe000
[ 2008.591390] RBP: 0000000020ffe000 R08: 0000000000000005 R09: 0000000000000000
[ 2008.591397] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000240
[ 2008.591404] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 2008.591426]  </TASK>
[ 2008.631474] FAULT_INJECTION: forcing a failure.
[ 2008.631474] name failslab, interval 1, probability 0, space 0, times 0
[ 2008.631497] CPU: 1 PID: 7881 Comm: syz-executor.6 Not tainted 5.18.0-rc4-next-20220427 #1
[ 2008.631510] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 2008.631519] Call Trace:
[ 2008.631523]  <TASK>
[ 2008.631527]  dump_stack_lvl+0x8b/0xb3
[ 2008.631548]  should_fail.cold+0x5/0xa
[ 2008.631561]  ? create_object.isra.0+0x3a/0xa20
[ 2008.631581]  should_failslab+0x5/0x10
[ 2008.631597]  kmem_cache_alloc+0x5b/0x480
[ 2008.631608]  ? mark_held_locks+0x9e/0xe0
[ 2008.631628]  create_object.isra.0+0x3a/0xa20
[ 2008.631643]  ? kasan_unpoison+0x23/0x50
[ 2008.631662]  kmem_cache_alloc_bulk+0x3fa/0x780
[ 2008.631679]  mas_alloc_nodes+0x2a6/0x6a0
[ 2008.631703]  mas_preallocate+0xff/0x270
[ 2008.631722]  __vma_adjust+0x1f6/0x18a0
[ 2008.631751]  ? vma_expand+0xda0/0xda0
[ 2008.631767]  ? anon_vma_clone+0x3ae/0x560
[ 2008.631782]  ? mas_find+0x203/0xdd0
[ 2008.631804]  __split_vma+0x452/0x540
[ 2008.631814]  ? mas_walk+0x48a/0x670
[ 2008.631832]  do_mas_align_munmap.constprop.0+0x4ef/0xfa0
[ 2008.631853]  ? __split_vma+0x540/0x540
[ 2008.631871]  ? mas_walk+0x48a/0x670
[ 2008.631890]  ? mas_find+0x203/0xdd0
[ 2008.631909]  ? inode_has_perm+0x171/0x1d0
[ 2008.631924]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 2008.631943]  do_mas_munmap+0x1ed/0x2c0
[ 2008.631958]  mmap_region+0x21c/0x1a70
[ 2008.631977]  ? lock_release+0x750/0x750
[ 2008.631992]  ? do_munmap+0x100/0x100
[ 2008.632008]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2008.632027]  ? security_mmap_addr+0x79/0xa0
[ 2008.632044]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 2008.632062]  ? get_unmapped_area+0x2f0/0x3d0
[ 2008.632084]  do_mmap+0x824/0xf40
[ 2008.632102]  vm_mmap_pgoff+0x1b5/0x280
[ 2008.632125]  ? randomize_stack_top+0x100/0x100
[ 2008.632144]  ? __fget_files+0x287/0x470
[ 2008.632171]  ksys_mmap_pgoff+0x3cc/0x4f0
[ 2008.632186]  do_syscall_64+0x3b/0x90
[ 2008.632200]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2008.632216] RIP: 0033:0x7f011e7ddb62
[ 2008.632225] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64
[ 2008.632236] RSP: 002b:00007f011bd530f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009
[ 2008.632248] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f011e7ddb62
[ 2008.632255] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffe000
[ 2008.632263] RBP: 0000000020ffe000 R08: 0000000000000005 R09: 0000000000000000
[ 2008.632270] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000240
[ 2008.632276] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 2008.632297]  </TASK>
[ 2008.663007] FAULT_INJECTION: forcing a failure.
[ 2008.663007] name failslab, interval 1, probability 0, space 0, times 0
[ 2008.663027] CPU: 1 PID: 7886 Comm: syz-executor.1 Not tainted 5.18.0-rc4-next-20220427 #1
[ 2008.663042] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 2008.663051] Call Trace:
[ 2008.663054]  <TASK>
[ 2008.663059]  dump_stack_lvl+0x8b/0xb3
[ 2008.663080]  should_fail.cold+0x5/0xa
[ 2008.663091]  ? kmem_cache_alloc_lru+0x2d3/0x7c0
[ 2008.663105]  ? create_object.isra.0+0x3a/0xa20
[ 2008.663123]  should_failslab+0x5/0x10
[ 2008.663140]  kmem_cache_alloc+0x5b/0x480
[ 2008.663149]  ? mark_held_locks+0x9e/0xe0
[ 2008.663169]  create_object.isra.0+0x3a/0xa20
[ 2008.663185]  ? kasan_unpoison+0x23/0x50
[ 2008.663204]  kmem_cache_alloc_lru+0x2d3/0x7c0
[ 2008.663214]  ? xas_alloc+0x35d/0x480
[ 2008.663235]  xas_alloc+0x35d/0x480
[ 2008.663253]  xas_create+0x35b/0x1030
[ 2008.663280]  xas_store+0x90/0x1c40
[ 2008.663306]  __xa_store+0x16d/0x2d0
[ 2008.663324]  ? xa_delete_node+0x270/0x270
[ 2008.663344]  ? rwlock_bug.part.0+0x90/0x90
[ 2008.663368]  xa_store+0x31/0x50
[ 2008.663385]  __io_uring_add_tctx_node+0x1d2/0x390
[ 2008.663400]  ? io_eventfd_put+0x50/0x50
[ 2008.663422]  io_uring_setup.cold+0x21c1/0x271c
[ 2008.663443]  ? io_sqe_files_register+0x230/0x230
[ 2008.663472]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2008.663495]  do_syscall_64+0x3b/0x90
[ 2008.663508]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2008.663525] RIP: 0033:0x7f2c579bdb19
[ 2008.663533] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2008.663545] RSP: 002b:00007f2c54f33108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2008.663556] RAX: ffffffffffffffda RBX: 00007f2c57ad0f60 RCX: 00007f2c579bdb19
[ 2008.663564] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 2008.663571] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 2008.663579] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 2008.663586] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 2008.663607]  </TASK>
[ 2022.328679] kmemleak: 4 new suspected memory leaks (see /sys/kernel/debug/kmemleak)
19:44:05 executing program 3:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)=<r2=>0x0)
r3 = creat(&(0x7f0000000380)='./file1\x00', 0x0)
r4 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140))
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
r6 = syz_io_uring_setup(0x76e7, &(0x7f0000000340), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000280), &(0x7f00000003c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0xa, 0x0, r5)
syz_io_uring_submit(0x0, r2, &(0x7f00000003c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x4, 0x0, @fd=r3, 0xfffffffffffffff9, 0x0, 0xf690, 0x0, 0x0, {0x0, r5}}, 0x1000)
r7 = syz_open_procfs(0xffffffffffffffff, 0x0)
fchmodat(r7, &(0x7f0000000180)='./file0\x00', 0x4)
r8 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r9 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r9, r8, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r7, 0x5206, &(0x7f0000000480))

19:44:05 executing program 4:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)=<r2=>0x0)
r3 = creat(&(0x7f0000000380)='./file1\x00', 0x0)
r4 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140))
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
r6 = syz_io_uring_setup(0x76e7, &(0x7f0000000340), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000280), &(0x7f00000003c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0xa, 0x0, r5)
syz_io_uring_submit(0x0, r2, &(0x7f00000003c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x4, 0x0, @fd=r3, 0xfffffffffffffff9, 0x0, 0xf690, 0x0, 0x0, {0x0, r5}}, 0x0)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
fchmodat(r7, &(0x7f0000000180)='./file0\x00', 0x4)
r8 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r9 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r9, r8, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r7, 0x5206, &(0x7f0000000480))

19:44:05 executing program 0:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x30, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240))

19:44:05 executing program 6:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 71)

[ 2029.640593] FAULT_INJECTION: forcing a failure.
[ 2029.640593] name failslab, interval 1, probability 0, space 0, times 0
[ 2029.640615] CPU: 1 PID: 7899 Comm: syz-executor.1 Not tainted 5.18.0-rc4-next-20220427 #1
[ 2029.640628] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 2029.640636] Call Trace:
[ 2029.640640]  <TASK>
[ 2029.640645]  dump_stack_lvl+0x8b/0xb3
[ 2029.640664]  should_fail.cold+0x5/0xa
[ 2029.640679]  should_failslab+0x5/0x10
[ 2029.640697]  kmem_cache_alloc_lru+0x60/0x7c0
[ 2029.640708]  ? xas_alloc+0x35d/0x480
[ 2029.640732]  xas_alloc+0x35d/0x480
[ 2029.640750]  xas_create+0x35b/0x1030
[ 2029.640777]  xas_store+0x90/0x1c40
[ 2029.640803]  __xa_store+0x16d/0x2d0
19:44:05 executing program 2:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 68)

19:44:05 executing program 5:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0x5312)

19:44:05 executing program 7:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0xc0189436)

19:44:05 executing program 1:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 47)

19:44:05 executing program 1:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 48)

[ 2029.640820]  ? xa_delete_node+0x270/0x270
[ 2029.640840]  ? rwlock_bug.part.0+0x90/0x90
[ 2029.640865]  xa_store+0x31/0x50
[ 2029.640882]  __io_uring_add_tctx_node+0x1d2/0x390
[ 2029.640898]  ? io_eventfd_put+0x50/0x50
[ 2029.640923]  io_uring_setup.cold+0x21c1/0x271c
[ 2029.640945]  ? io_sqe_files_register+0x230/0x230
[ 2029.640975]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2029.640998]  do_syscall_64+0x3b/0x90
[ 2029.641011]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2029.641027] RIP: 0033:0x7f2c579bdb19
[ 2029.641036] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
19:44:05 executing program 6:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 72)

[ 2029.641048] RSP: 002b:00007f2c54f33108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2029.641059] RAX: ffffffffffffffda RBX: 00007f2c57ad0f60 RCX: 00007f2c579bdb19
[ 2029.641067] RDX: 0000000020feb000 RSI: 0000000020000140 RDI: 00000000000062e9
[ 2029.641074] RBP: 0000000020000140 R08: 0000000020000240 R09: 0000000020000240
[ 2029.641081] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000240
[ 2029.641088] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 2029.641109]  </TASK>
[ 2029.642020] FAULT_INJECTION: forcing a failure.
[ 2029.642020] name failslab, interval 1, probability 0, space 0, times 0
[ 2029.642036] CPU: 1 PID: 7900 Comm: syz-executor.6 Not tainted 5.18.0-rc4-next-20220427 #1
[ 2029.642049] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 2029.642056] Call Trace:
[ 2029.642059]  <TASK>
[ 2029.642063]  dump_stack_lvl+0x8b/0xb3
[ 2029.642077]  should_fail.cold+0x5/0xa
[ 2029.642089]  ? create_object.isra.0+0x3a/0xa20
[ 2029.642108]  should_failslab+0x5/0x10
[ 2029.642123]  kmem_cache_alloc+0x5b/0x480
[ 2029.642133]  ? mark_held_locks+0x9e/0xe0
[ 2029.642151]  create_object.isra.0+0x3a/0xa20
[ 2029.642166]  ? kasan_unpoison+0x23/0x50
[ 2029.642185]  kmem_cache_alloc_bulk+0x3fa/0x780
[ 2029.642197]  ? kmem_cache_alloc+0x332/0x480
[ 2029.642212]  mas_alloc_nodes+0x2a6/0x6a0
[ 2029.642235]  mas_preallocate+0xff/0x270
[ 2029.642259]  __vma_adjust+0x1f6/0x18a0
[ 2029.642285]  ? vma_expand+0xda0/0xda0
[ 2029.642300]  ? anon_vma_clone+0x3ae/0x560
[ 2029.642316]  ? mas_find+0x203/0xdd0
19:44:06 executing program 7:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0xc020660b)

[ 2029.642337]  __split_vma+0x452/0x540
[ 2029.642348]  ? mas_walk+0x48a/0x670
[ 2029.642366]  do_mas_align_munmap.constprop.0+0x4ef/0xfa0
[ 2029.642387]  ? __split_vma+0x540/0x540
[ 2029.642405]  ? mas_walk+0x48a/0x670
[ 2029.642423]  ? mas_find+0x203/0xdd0
[ 2029.642443]  ? inode_has_perm+0x171/0x1d0
[ 2029.642457]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 2029.642477]  do_mas_munmap+0x1ed/0x2c0
[ 2029.642492]  mmap_region+0x21c/0x1a70
[ 2029.642521]  ? lock_release+0x750/0x750
[ 2029.642536]  ? do_munmap+0x100/0x100
[ 2029.642553]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2029.642572]  ? security_mmap_addr+0x79/0xa0
[ 2029.642589]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 2029.642607]  ? get_unmapped_area+0x2f0/0x3d0
[ 2029.642629]  do_mmap+0x824/0xf40
[ 2029.642647]  vm_mmap_pgoff+0x1b5/0x280
[ 2029.642671]  ? randomize_stack_top+0x100/0x100
[ 2029.642690]  ? __fget_files+0x287/0x470
[ 2029.642717]  ksys_mmap_pgoff+0x3cc/0x4f0
[ 2029.642732]  do_syscall_64+0x3b/0x90
[ 2029.642746]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2029.642761] RIP: 0033:0x7f011e7ddb62
[ 2029.642769] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64
[ 2029.642779] RSP: 002b:00007f011bd530f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009
[ 2029.642790] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f011e7ddb62
[ 2029.642798] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffe000
[ 2029.642805] RBP: 0000000020ffe000 R08: 0000000000000005 R09: 0000000000000000
[ 2029.642812] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000240
[ 2029.642819] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 2029.642839]  </TASK>
[ 2029.704256] FAULT_INJECTION: forcing a failure.
[ 2029.704256] name failslab, interval 1, probability 0, space 0, times 0
[ 2029.704291] CPU: 1 PID: 7905 Comm: syz-executor.2 Not tainted 5.18.0-rc4-next-20220427 #1
[ 2029.704316] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 2029.704332] Call Trace:
[ 2029.704339]  <TASK>
[ 2029.704347]  dump_stack_lvl+0x8b/0xb3
[ 2029.704380]  should_fail.cold+0x5/0xa
[ 2029.704410]  should_failslab+0x5/0x10
[ 2029.704442]  kmem_cache_alloc_bulk+0x47/0x780
[ 2029.704464]  ? rcu_read_lock_sched_held+0x3a/0x70
[ 2029.704504]  ? kmem_cache_alloc+0x332/0x480
[ 2029.704535]  mas_alloc_nodes+0x2a6/0x6a0
[ 2029.704580]  mas_preallocate+0xff/0x270
[ 2029.704619]  __vma_adjust+0x1f6/0x18a0
[ 2029.704671]  ? vma_expand+0xda0/0xda0
[ 2029.704701]  ? anon_vma_clone+0x3ae/0x560
[ 2029.704732]  ? mas_find+0x203/0xdd0
[ 2029.704775]  __split_vma+0x452/0x540
[ 2029.704796]  ? mas_walk+0x48a/0x670
[ 2029.704833]  do_mas_align_munmap.constprop.0+0x4ef/0xfa0
[ 2029.704877]  ? __split_vma+0x540/0x540
[ 2029.704916]  ? mas_walk+0x48a/0x670
[ 2029.704953]  ? mas_find+0x203/0xdd0
[ 2029.704992]  ? inode_has_perm+0x171/0x1d0
[ 2029.705020]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 2029.705059]  do_mas_munmap+0x1ed/0x2c0
[ 2029.705089]  mmap_region+0x21c/0x1a70
[ 2029.705125]  ? lock_release+0x750/0x750
[ 2029.705156]  ? do_munmap+0x100/0x100
[ 2029.705188]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2029.705225]  ? security_mmap_addr+0x79/0xa0
[ 2029.705258]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 2029.705294]  ? get_unmapped_area+0x2f0/0x3d0
[ 2029.705337]  do_mmap+0x824/0xf40
[ 2029.705373]  vm_mmap_pgoff+0x1b5/0x280
[ 2029.705418]  ? randomize_stack_top+0x100/0x100
[ 2029.705456]  ? __fget_files+0x287/0x470
[ 2029.705509]  ksys_mmap_pgoff+0x3cc/0x4f0
[ 2029.705539]  do_syscall_64+0x3b/0x90
[ 2029.705566]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2029.705597] RIP: 0033:0x7f4ea96a2b62
[ 2029.705615] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64
[ 2029.705637] RSP: 002b:00007f4ea6c180f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009
[ 2029.705660] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f4ea96a2b62
[ 2029.705675] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffe000
[ 2029.705689] RBP: 0000000020ffe000 R08: 0000000000000005 R09: 0000000000000000
[ 2029.705703] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000240
[ 2029.705717] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 2029.705760]  </TASK>
[ 2029.878194] FAULT_INJECTION: forcing a failure.
[ 2029.878194] name failslab, interval 1, probability 0, space 0, times 0
[ 2029.878231] CPU: 0 PID: 7916 Comm: syz-executor.1 Not tainted 5.18.0-rc4-next-20220427 #1
[ 2029.878258] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 2029.878276] Call Trace:
[ 2029.878283]  <TASK>
[ 2029.878291]  dump_stack_lvl+0x8b/0xb3
[ 2029.878328]  should_fail.cold+0x5/0xa
[ 2029.878352]  ? create_object.isra.0+0x3a/0xa20
[ 2029.878392]  should_failslab+0x5/0x10
[ 2029.878429]  kmem_cache_alloc+0x5b/0x480
[ 2029.878463]  create_object.isra.0+0x3a/0xa20
[ 2029.878500]  ? kasan_unpoison+0x23/0x50
[ 2029.878549]  kmem_cache_alloc+0x239/0x480
[ 2029.878584]  vm_area_dup+0x7f/0x220
[ 2029.878642]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 2029.878684]  ? mark_lock.part.0+0xef/0x2f60
[ 2029.878732]  ? lock_is_held_type+0xd7/0x130
[ 2029.878764]  ? find_held_lock+0x2c/0x110
[ 2029.878791]  ? vm_area_alloc+0xf0/0xf0
[ 2029.878823]  ? lock_release+0x3b2/0x750
[ 2029.878849]  ? avc_has_perm_noaudit+0x1c8/0x390
[ 2029.878874]  ? lock_downgrade+0x6d0/0x6d0
[ 2029.878900]  ? find_held_lock+0x2c/0x110
[ 2029.878934]  ? __sanitizer_cov_trace_cmp2+0x22/0x80
[ 2029.878974]  ? mark_lock.part.0+0xef/0x2f60
[ 2029.879004]  ? avc_has_perm_noaudit+0x1ef/0x390
[ 2029.879030]  __split_vma+0xa2/0x540
[ 2029.879060]  do_mas_align_munmap.constprop.0+0x263/0xfa0
[ 2029.879100]  ? __split_vma+0x540/0x540
[ 2029.879134]  ? mas_walk+0x48a/0x670
[ 2029.879171]  ? mas_find+0x203/0xdd0
[ 2029.879209]  ? inode_has_perm+0x171/0x1d0
[ 2029.879235]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 2029.879272]  do_mas_munmap+0x1ed/0x2c0
[ 2029.879301]  mmap_region+0x21c/0x1a70
[ 2029.879337]  ? lock_release+0x750/0x750
[ 2029.879366]  ? do_munmap+0x100/0x100
[ 2029.879397]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2029.879432]  ? security_mmap_addr+0x79/0xa0
[ 2029.879463]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 2029.879498]  ? get_unmapped_area+0x2f0/0x3d0
[ 2029.879540]  do_mmap+0x824/0xf40
[ 2029.879575]  vm_mmap_pgoff+0x1b5/0x280
[ 2029.879618]  ? randomize_stack_top+0x100/0x100
[ 2029.879655]  ? __fget_files+0x287/0x470
[ 2029.879705]  ksys_mmap_pgoff+0x3cc/0x4f0
[ 2029.879735]  do_syscall_64+0x3b/0x90
[ 2029.879761]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2029.879793] RIP: 0033:0x7f2c579bdb62
[ 2029.879809] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64
[ 2029.879830] RSP: 002b:00007f2c54f330f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009
[ 2029.879852] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f2c579bdb62
[ 2029.879867] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffe000
[ 2029.879880] RBP: 0000000020ffe000 R08: 0000000000000005 R09: 0000000000000000
[ 2029.879893] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000240
[ 2029.879907] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 2029.879947]  </TASK>
[ 2029.918534] FAULT_INJECTION: forcing a failure.
[ 2029.918534] name failslab, interval 1, probability 0, space 0, times 0
[ 2029.918568] CPU: 1 PID: 7919 Comm: syz-executor.6 Not tainted 5.18.0-rc4-next-20220427 #1
[ 2029.918592] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 2029.918608] Call Trace:
[ 2029.918613]  <TASK>
[ 2029.918621]  dump_stack_lvl+0x8b/0xb3
[ 2029.918654]  should_fail.cold+0x5/0xa
[ 2029.918677]  ? create_object.isra.0+0x3a/0xa20
[ 2029.918712]  should_failslab+0x5/0x10
[ 2029.918747]  kmem_cache_alloc+0x5b/0x480
[ 2029.918776]  create_object.isra.0+0x3a/0xa20
[ 2029.918804]  ? kasan_unpoison+0x23/0x50
[ 2029.918839]  kmem_cache_alloc+0x239/0x480
[ 2029.918867]  vm_area_alloc+0x1c/0xf0
[ 2029.918899]  mmap_region+0x44b/0x1a70
[ 2029.918934]  ? lock_release+0x750/0x750
[ 2029.918964]  ? do_munmap+0x100/0x100
[ 2029.918993]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2029.919029]  ? security_mmap_addr+0x79/0xa0
[ 2029.919059]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 2029.919093]  ? get_unmapped_area+0x2f0/0x3d0
[ 2029.919133]  do_mmap+0x824/0xf40
[ 2029.919167]  vm_mmap_pgoff+0x1b5/0x280
[ 2029.919208]  ? randomize_stack_top+0x100/0x100
[ 2029.919243]  ? __fget_files+0x287/0x470
[ 2029.919292]  ksys_mmap_pgoff+0x3cc/0x4f0
[ 2029.919321]  do_syscall_64+0x3b/0x90
[ 2029.919346]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2029.919375] RIP: 0033:0x7f011e7ddb62
[ 2029.919392] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64
[ 2029.919413] RSP: 002b:00007f011bd530f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009
[ 2029.919433] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f011e7ddb62
[ 2029.919448] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffe000
[ 2029.919460] RBP: 0000000020ffe000 R08: 0000000000000005 R09: 0000000000000000
[ 2029.919473] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000240
[ 2029.919486] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 2029.919525]  </TASK>
[ 2041.736965] kmemleak: 4 new suspected memory leaks (see /sys/kernel/debug/kmemleak)
19:44:26 executing program 7:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0xc0481273)

19:44:26 executing program 5:
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, &(0x7f0000000040)={{0x1, 0x1, 0x18, <r0=>0xffffffffffffffff}, './file0\x00'})
ioctl$HIDIOCGFLAG(r0, 0x8004480e, &(0x7f0000000080))
r1 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
write$binfmt_aout(r1, &(0x7f00000000c0)={{0x107, 0x40, 0x3f, 0x3a, 0x1a8, 0x8, 0x134}, "da2d34904727b97a9ae57227ac496b0c84ac8b69bb80daec4adb65bf3a64f05dad5e4a5451afd62dd94d3f755d200391e7877e30db2a99c4f0bdc952004d354e00c46ccb883a9c2ea583997522ac79ab28c82a3e0fc7e475e373933d3debbdc737aa542ffa3be65df56dd0e76e789a0eacec0f04f487e407534496d649b78a545fa725d2504cd68ded6f7ebe4c0ba60489cdb13c8f38b79effd8555b1538c82062a300269aad92f1d641863327aa7a836835947cdb615da6c91366423b39baacf0bd", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0xae2)
ioctl$BTRFS_IOC_FS_INFO(r0, 0x8400941f, &(0x7f0000000bc0))
ioctl$CDROMRESET(r1, 0x5312)

19:44:26 executing program 1:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 49)

19:44:26 executing program 4:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)=<r2=>0x0)
r3 = creat(&(0x7f0000000380)='./file1\x00', 0x0)
r4 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140))
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
r6 = syz_io_uring_setup(0x76e7, &(0x7f0000000340), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000280), &(0x7f00000003c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0xa, 0x0, r5)
syz_io_uring_submit(0x0, r2, &(0x7f00000003c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x4, 0x0, @fd=r3, 0xfffffffffffffff9, 0x0, 0x0, 0x0, 0x0, {0x0, r5}}, 0x1000)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
fchmodat(r7, &(0x7f0000000180)='./file0\x00', 0x4)
r8 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r9 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r9, r8, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r7, 0x5206, &(0x7f0000000480))

19:44:26 executing program 2:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 69)

19:44:26 executing program 3:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)=<r2=>0x0)
r3 = creat(&(0x7f0000000380)='./file1\x00', 0x0)
r4 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140))
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
r6 = syz_io_uring_setup(0x76e7, &(0x7f0000000340), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000280), &(0x7f00000003c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0xa, 0x0, r5)
syz_io_uring_submit(0x0, r2, &(0x7f00000003c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x4, 0x0, @fd=r3, 0xfffffffffffffff9, 0x0, 0xf690, 0x0, 0x0, {0x0, r5}}, 0x1000)
r7 = syz_open_procfs(0xffffffffffffffff, 0x0)
fchmodat(r7, &(0x7f0000000180)='./file0\x00', 0x4)
r8 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r9 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r9, r8, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r7, 0x5206, &(0x7f0000000480))

19:44:26 executing program 0:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x36, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240))

19:44:26 executing program 6:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 73)

[ 2050.014437] FAULT_INJECTION: forcing a failure.
[ 2050.014437] name failslab, interval 1, probability 0, space 0, times 0
[ 2050.014459] CPU: 0 PID: 7929 Comm: syz-executor.2 Not tainted 5.18.0-rc4-next-20220427 #1
[ 2050.014472] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 2050.014481] Call Trace:
[ 2050.014484]  <TASK>
[ 2050.014489]  dump_stack_lvl+0x8b/0xb3
[ 2050.014509]  should_fail.cold+0x5/0xa
[ 2050.014521]  ? mas_alloc_nodes+0x36e/0x6a0
19:44:26 executing program 2:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 70)

[ 2050.014539]  should_failslab+0x5/0x10
[ 2050.014560]  kmem_cache_alloc+0x5b/0x480
[ 2050.014576]  mas_alloc_nodes+0x36e/0x6a0
[ 2050.014598]  mas_node_count+0x101/0x130
[ 2050.014615]  mas_root_expand.isra.0+0xe5/0xa60
[ 2050.014633]  ? lock_is_held_type+0xd7/0x130
[ 2050.014654]  mas_wr_store_entry.isra.0+0x33c/0x10f0
[ 2050.014673]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[ 2050.014697]  mas_store_gfp+0xca/0x1f0
[ 2050.014714]  ? mtree_alloc_range+0xe80/0xe80
[ 2050.014741]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2050.014759]  ? __split_vma+0x3b5/0x540
[ 2050.014775]  do_mas_align_munmap.constprop.0+0x60f/0xfa0
[ 2050.014805]  ? __split_vma+0x540/0x540
[ 2050.014823]  ? mas_walk+0x48a/0x670
[ 2050.014841]  ? mas_find+0x203/0xdd0
[ 2050.014860]  ? inode_has_perm+0x171/0x1d0
[ 2050.014875]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 2050.014896]  do_mas_munmap+0x1ed/0x2c0
[ 2050.014911]  mmap_region+0x21c/0x1a70
[ 2050.014930]  ? lock_release+0x750/0x750
[ 2050.014945]  ? do_munmap+0x100/0x100
[ 2050.014961]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2050.014979]  ? security_mmap_addr+0x79/0xa0
[ 2050.014996]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 2050.015014]  ? get_unmapped_area+0x2f0/0x3d0
[ 2050.015037]  do_mmap+0x824/0xf40
[ 2050.015055]  vm_mmap_pgoff+0x1b5/0x280
[ 2050.015078]  ? randomize_stack_top+0x100/0x100
[ 2050.015097]  ? __fget_files+0x287/0x470
[ 2050.015125]  ksys_mmap_pgoff+0x3cc/0x4f0
[ 2050.015140]  do_syscall_64+0x3b/0x90
[ 2050.015153]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2050.015170] RIP: 0033:0x7f4ea96a2b62
[ 2050.015179] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64
19:44:26 executing program 4:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)=<r2=>0x0)
r3 = creat(&(0x7f0000000380)='./file1\x00', 0x0)
r4 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140))
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
r6 = syz_io_uring_setup(0x76e7, 0x0, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000280), &(0x7f00000003c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0xa, 0x0, r5)
syz_io_uring_submit(0x0, r2, &(0x7f00000003c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x4, 0x0, @fd=r3, 0xfffffffffffffff9, 0x0, 0xf690, 0x0, 0x0, {0x0, r5}}, 0x1000)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
fchmodat(r7, &(0x7f0000000180)='./file0\x00', 0x4)
r8 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r9 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r9, r8, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r7, 0x5206, &(0x7f0000000480))

[ 2050.015191] RSP: 002b:00007f4ea6c180f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009
[ 2050.015203] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f4ea96a2b62
[ 2050.015210] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffe000
[ 2050.015218] RBP: 0000000020ffe000 R08: 0000000000000005 R09: 0000000000000000
[ 2050.015224] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000240
[ 2050.015232] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 2050.015253]  </TASK>
[ 2050.064792] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 2050.064833] I/O error, dev sr0, sector 5 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 2050.106159] FAULT_INJECTION: forcing a failure.
[ 2050.106159] name failslab, interval 1, probability 0, space 0, times 0
[ 2050.106202] CPU: 1 PID: 7939 Comm: syz-executor.6 Not tainted 5.18.0-rc4-next-20220427 #1
[ 2050.106237] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 2050.106259] Call Trace:
[ 2050.106267]  <TASK>
[ 2050.106278]  dump_stack_lvl+0x8b/0xb3
[ 2050.106320]  should_fail.cold+0x5/0xa
[ 2050.106352]  ? create_object.isra.0+0x3a/0xa20
[ 2050.106408]  should_failslab+0x5/0x10
[ 2050.106448]  kmem_cache_alloc+0x5b/0x480
[ 2050.106480]  ? mark_held_locks+0x9e/0xe0
[ 2050.106534]  create_object.isra.0+0x3a/0xa20
[ 2050.106573]  ? kasan_unpoison+0x23/0x50
[ 2050.106617]  kmem_cache_alloc_bulk+0x3fa/0x780
[ 2050.106658]  mas_alloc_nodes+0x2a6/0x6a0
[ 2050.106701]  mas_preallocate+0xff/0x270
[ 2050.106737]  __vma_adjust+0x1f6/0x18a0
19:44:26 executing program 7:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
io_setup(0x1c13, &(0x7f00000000c0)=<r1=>0x0)
io_submit(r1, 0x0, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x149802, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={'rose0\x00'})
pwritev2(r2, &(0x7f0000000600)=[{&(0x7f00000000c0)="7d6d540c10037b9b35480d310900", 0x2}, {0x0}], 0x2, 0x0, 0x0, 0x0)
syz_open_dev$ttys(0xc, 0x2, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x149802, 0x0)
r4 = syz_open_dev$ptys(0xc, 0x3, 0x1)
r5 = openat$random(0xffffffffffffff9c, &(0x7f0000001780), 0x116002, 0x0)
pwritev2(0xffffffffffffffff, &(0x7f0000000600)=[{&(0x7f00000000c0)="7d6d540c10037b9b35480d310900", 0xe}, {0x0}], 0x2, 0x0, 0x0, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0xffffffffffffff87)
close_range(r4, r5, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000000)={'rose0\x00'})
pwritev2(0xffffffffffffffff, &(0x7f0000000600)=[{&(0x7f00000000c0)="7d6d540c10037b9b35480d310900", 0xe}, {0x0}], 0x2, 0x0, 0x0, 0x0)
r6 = dup3(0xffffffffffffffff, r0, 0x80000)
r7 = open(&(0x7f0000001640)='./file0\x00', 0x140, 0x80)
io_submit(r1, 0x8, &(0x7f0000001740)=[&(0x7f0000001040)={0x0, 0x0, 0x0, 0x8, 0x4, r0, &(0x7f0000000040)="0b380cf37947d004b810757403c05eb9a27a1dccd19d711a91824bd2a3780eb98463ffef11d1c83ae53d27b53941aedb537f5045ffbb19022ffa4b687a7a22d5f8d5a6dad52710a28fd28baebcabbbfafb330afbd668e583f1df2ea2a494bbdb37a2bf3dd2f4e5be3966c12a4835e6a2ac4ebfce34038479b558e8d0f716dbcbb85e535bd723bc1a0d6e01ae49a578d10d20893ee4f434250e173d3b014b3d60e0ba668ad1a571011d803aa0c98637974a2d6639d8a89187f0f2827a86dd0d0d8e576785ec8859cdb55daf4cff000bf00c0119d75b747c3dd25cb09dfbf253e3aef9c571321e1f0de19d5c705f0b3ffbff073cf0ab8cda3424131f7aed9d03d5c3a6686b99ca1a37374bfd9ca6afd7ac3b708af9e6d35ec1f6dd1e54be30e97fcfea307190256ddc996066f8b3b6f1af3e309f60c21089828f861683b6c07f29c0879ccdcd82635d285d88ff8cf82410a8b7d66e52524726a043b8de19e67639aa5877d416d242827bf2ea92f9d8043a7175eb8b825cbceba1ddbf5dfd08142ebf76b42eac47387471cc4801bac21e1bd11ce907343fdbaa8d1a80327bf39509434b9667438d94a70d907db142be9c496b2bc732d79ccc187620fcf9461541a9a71d46a8876f26072f5aecf8473243dc247940f6da75438a61c7b00249ad24db0de7251bdf36f78e182bbf5fe3d71886b6d08ed4389e90281f554147fee853a05cde2935e34141e90fb45026686c01dac91cc78fcd9af15e116127e35be0f229b51c1487e4f2b9836c023da19a1c76199a319336a7dba5ef5f41a837f41e34183661d9a5706f3b581b707588a2e95963b8ea4cb50a9506f5aa5fe2659630523048b4aa4fb62357ff3615b7bb9e77a018b4c724497187ecd305c6c48e0a0892889d7064fc5c4b96a128c993f99fabe467ae0fbcb3eac549676ebc34c37bdd9817f077f6bf2e44e16a7c19c93dde36ed903c4e466cd0281186873b322246fd99d4eb2a699926bc5a057f374b442f2cb7edf767eb7aab0be8dc60172ae40f22fdfb3b78d41719979050f86376f9a8c27f31fc96250a0f135c05a65566c1ab2038f8401c5a6079a9a0aea85af50bce35809ecdc21801de74c932dc922fd604767a8f3230a2b4172667a7bcc1ae26e366d1fe2acff470fc61308be01da03993eeff25135fa2c655c7e8868dbcb1084233193320735184324aa3606b3aea6225a6bf1d092055e67f24cd3d40a8fb88156edc8ea1d3ae902315e54ddd546a76ec88f76f03e438b46ede6486346cbe7845fcb8d1b93cd1270de6cd25283e4c4aba1ed5a5ef4adc89354d2272c5f7bcc1bba0ed41cec7e64912756a81ad35f7e323557097e8b4225d3e12aa8d7872ce2cfa4a370b49d6b5ecf6e2a7fbe33f94494d445b7664ac9597c1e3805aa8a918e4a72d3ecf17247f0957f5421e6b7996f1ec3dcbc37d92fe6897a4ba69962307a87f4769a324084f31fc46c216cea4533b2010df27bb146a9f71057cf88cc98a760847539e0872277c295ab1c96e6cc3f8d40742dee650ead3a7f3ef48b79f7d8310ac75b6f5a134da64e6ef08dbcf04aff096d3761249a935c67434b315bb6153cf2681883ad1af22807183df9f688b5669079792aab65b9383dc98524f1bf5059263a191a0971ae08f13cec4c7dda3b3977915ee3292e24296483ee9959dc7ef3413818d8f3c00e61e3b43cdd1a75c52f10ed036f578179d6d6975a19765f1965bc36e245f0dfd94e52ae6af533d00d9348dd3d47caed312378c84cfc5773834f531ac0a86205f7f5d0b4aef17dd6d94c13f452e470ee4ae4e3960bf3735b67428d9cd0811c4ffcf90a92a42a5c8464da6191c55ce8da275ee564c424d1ae98368d7fdd78ea68f16ab5ae1dd0fb7ad9a9906438e17dd8a4113baabaa2ce4666cba53393e750b5afae604f9969d1e6028a348a4b6d35001ad8405949863d0dad3e57134a1392a4b87a990a61145449265ca49b6b3b8dc85c749e81840a04d8f6fbd3a06c2619e2657f4b368796fef5489f49288b4f1425d70a778995c8079e5e5e7b1ac35628417148d3aa9a9248000ed96f3308bade4227f0bec798376cd3072c1ce9d7109a4093ab253b652f502dcde1e5233710897c26b734ab01b1b12b545d5ec5e8c114dd5e0f805b2ac0e11c1f253cad69b5463a995cd807e0fe6d39f2935af8013f52e58f723b8bb0ef42f18daca9871b6bc34213de23b36a3b474f44197dd24652b8479985895523082e26336c7c44e6283243e51f92bb48a86289c54c8d7d55bb397e7e13655d81723c2d653a98616b7d07473f29ea16d8fb9a5c6e0700decc8be2282fdf4471b623cb60cfae3c498efb6a4cabc8c268832dad0bb9aad1de8bf26e058af21fbb187ad64466376ff19ec134c72ce4be4fc1f19ec72653569487e56251dc2569781752b8529d67cbb27bf7e0bb9de88c1edbf6585d4cf14177b6a5c5d07a3f18fcb18ec022499795961482765378d174ba5066deb086e41c0e3d3092377527f420e78f8bec64dbeeadb911ff38f6b2937ee484ad601f606d45765d8544ac8d1104e50b64326913705e5768c0dcbc660995a5274e6c6739e38bdd0c4bac90668c9ea8ae0b44d29ce6bb2a014ff96b125dc6517a7ba16586873ced582e2a39c5d431acb68f4bd5d930d061c6a9745351a9615104cda37ff2d778e287bcf43049bc9e31358fff26df98c62ba56609870544089697d253975d2e19b279646ba76166e0398ea876a55a1f0abff9cb0216c69cda5dd6c13d000b7b03e8ef76d4758d2447a9a3d791516aeda1f1bcf58d3a1c7ea2fe44505580e47b15d61eac993636e2fd33204f7eb9e18caca3447e124518b09d06b667b71e1d4801bc2e74ebc2b4080c514f5c275fc01c975d41666931fcb189e8ff1dda4adfe6b203e1537071ca5d3e012c84ac397e93760044afad456b54a94c41de6b5e75fd477ee1a96477e1917eb505550c4e5c5d1a9c56786263c5019e4069c96fa23162df8c4ede9df8fb7d789742869ad69223f0f22392c77701cdb53019f071df20c1421fc4bc28e69eed6a4093f64b401979e2d4b5c9c0d263fd16c97874c408a4a1df28e3ecff9f006a6710c4be15c003921431e4bd597b4a2caf88ac186db322c764b5e96849258c242e4c9a043667987cd670e036b60e6fa40d4343f045a85239aa3dd3d5156c7e9e34d6c9b52003bd3e0a11305b5852089f661ad03bf9298bb0189f0149f90464c3c917dd0acdfe8e1ed6c2f0f591c080f3d9fde016827aa654948ccfa3328eab74c8dc9141bb32069262b9e49cf1590de939246989c19d7ae64a2bc62519ec5e6806280c741802f40c01d9e5351235fcabe1d593b5dbf05a5a9a5b3e9dfd9a57f5f91dcc463e3b90ef1be18b77c5509c6a61fd34b2a5fb43e7aa5e77784f548816b2c0a44c69855f8f28aae091789ef02482818f005d75239556ef10626a375ef2a5b4d4cd5760ff5fdbd068dd5811ecd6cbd18c76239c47407f6c501ef71f4f7bd96607f7ee46f403293b5f6dbb9adeed75230a3d84294f016f5e3de4770fbafde532c34327253128655f93ed5c2aa08724ccb91d5c8d21c6f073759c02b9c8e8d8e4c356e143389670026a1360cfa13f11afd91a0ad96991f7c649c56b2ef4d89d8dd58167fd68585651724cdd5f0d5e631d3cf6c2afbd1c6871567dd3283bfb1c6963d843b32a17999e99e87a229cfb6ecc8fc382354af5c8304ed107d64df8fd3131cb05ac0cf1b7ebb197cffa4be1dee83ba6911e2252e30d44fbf99fbdca7b9e71d0ec148eb9e7fefe24cdaaa92152f49f0f9adf82a6fe0a5445195a306ed987e69b4eb9d23e31ad6782c62f48ed330f8e347f88c3cedc1aaf06d6538f556e1e68174cc5c04832a2ff278608dd04bbe36689c70f083622ede788445a78393e1919457d9da321e615280ec6db0cd1b76db7975bcbc71041494c937c6c851797f98aceed601f35f8e530cf174cd67871850d210a141aad4c597aa348ece3cf8bbba41f81a3464012e7fd0fc3cac2f21bd17e2b29ca2702863a3697b94bed32252cc26cfa7fddb72da8dcaedfdbc7a215fc956cf1cf7332b6aad892ecdef666034bc75db2104421b8b935d0a198da27f6dd57b435bc00a18e778ee4267b6f14ce7039e6e8a7a0850cc79a36450778e6eed518437e670ad8d5be1408012c12af595f78a7128eeb9470e34f768b060612347d4db28ba9046c99604b651d2e15420b0f55bc700067efa06792745762cde142a2c11e0290bd6a96aa2b3e7c1e1f8fc5502fd00f168e30e1038f6027447f0acacd1976caa132fa110687823625cda2869c3b0ef84b2ba2e0ba16a4b5593350f9146fae5b34a09ea258f427de66c8bfee897ceb680e1743e8abb7363e27da68e285e92838c0b4a5ae40dc640f8ec8b834ef14a5406ae29c622a1782b259d3120ede4a1eea1c46de2aa344df68a8b4a096d94386a03a55e34510ce39529e1e1805ec55c2272ba23bf8028ea0ff966167a5dc5ecfa19e1456f300b45c3323c9d2320b66fc8695c4090663456d5e80f2954052bd5bf6a88e94676f968e3a9e17716be922fadc6d84b3d4bfb4574cc90f03536638536e88aacc484b080b6f691ff43a46b5e6caa2634aecf5539c14152d497fc483ad22914a955984cef8e9154f7284646fcabf81bd8c3b355898ca57a35882a1586820acef74a778994db18f1300a214d0aa87bc1a07cd9fb0ecf834bea16f513bbc642b7cd331a1708a30bb7b7493450333fa70343a31d0340b80b66118820bdb66c5dbe29acac64f934f0c508015ec767071177b33d5bebd93ff47716b0b899d277f09524fb36b725c2c4f113625940a5d9acad7a24cbfb41726465d99c3ba0be7757d6bb523e502527bc2988d4923f78889d8a09a8129986da82065eefef478517c644ce1a1d312254926231881e5bfbf2b69eb354f4002836d20f42acd3336d50b209f4d6d0a9065f026e0f5d0ab2a7e0f6f2a2933d73f2e86ce8dde64642dae8e7b277012872ba8939cfc1c1e9817f2143d6a20537d9cc014fbb4a8d1fd1b72599b163e6f8abbd39ec079e7c5c063e411350978d4e2edb67bd6d11e1ff7d140baffabca6f5014185fb625f154206f4e4d1196037d6cdfeca8504b40c4c315125a88a1254db1306b4fffb12bd59b72a60808d5f3a1425885b90caee71c40eb6ebbacca6bedfc5372fd32986a8f6b27f86c2f97f4a8b79350c2e4feffbf927f625bb20eb05e03f5f23ef0bf402face234a82a1309f5f05911e1347acd7c6dc947e37c6512c4a8bc5ac77b3274cd4913627db3327794e6b27ace0dc6b9e1c56c6fe9815d20460d7955117b390a1713056df0bd6c874ffbbb9ffc518e86d23f7acc1c13b62d29f82372524090bfe9cb50b43442742de367f48a2986224c7edbf40eaa92d1d18fe9fbd76e3c7d2081f4f7e7dfde4eeaee23e208acadc3dd5dfe13c26cbbf151b3ecfe4d1f8bdb0b54d5eeabf31e4a88bfc2fc382d8cffa5c5d7dd91df87b6ef984c55c901e7c2cfa5248dc4941804ec6a9649fab2f35833dd3e03a342e77d7d7c3a901a14dc1d50fbeceb732ac5a487fbaee94ba7abe407cbbb179c13d8f2d9961941c40c3e699244c2d669d29fec3080921f76a89019314bfb03a8109ab4edd04593981e31b490a9e2de3a5f5ea04ac1824cab9238d63dfe6a60926bc002e5d30742eec9df33fc4dec12f72ac13399e00a14afab7f14fcb412fa7adb6c62807c425e275284eed7bac9b7f4a4bcbe4746c255db92c83f9fb4522cdd1881342600f58", 0x1000, 0x9, 0x0, 0x2, r0}, &(0x7f0000001140)={0x0, 0x0, 0x0, 0x5, 0x20, r2, &(0x7f0000001080)="dc39d5d0978c17c62bd0408960c1515f57b2d3efd4fd80dc0b8dda038a833e7402ed7822b969217b568126e9090834953a6ca64e945c6c50ef2ba5f239ac6381c0e8c0a90f762bf043973a56d22f2b260704622d4163d924d43c1f79960650ace2129caebb94e939f1e6a6702158aa550b08af4d0226b6d7130acb642e45139bb2b837e59bd3227a4a53ec1a0b1677a62d66cad9d083c6fceadd193b1a40dbbd5a9b71cfa1226f660abfc8868d027ad222eebf131f133a41ad0149", 0xbb, 0x84, 0x0, 0x1}, &(0x7f0000001280)={0x0, 0x0, 0x0, 0x5, 0x5, r0, &(0x7f0000001180)="93d2826a76d7545e264eb7ec0d93c41e79014198e35ecd724947a21ea7072a657e204381034f2ebadebbc3c4e986e71d878f92454c2bc937fa01ce0b2962aa4f3bc83f09b53108f5f4fff819710c724e69160bf11589d24cabe0c8346865981cee16eaba4428c4c6decf0cc971ae4f39047454162b6ab174b4996017e47009b57e9b09ae8494e38ca85184ada76cf49ba02e0f0c35da1b6a3e4d012f4267fcfcc3a14e896284ab8e390234e134c038b06fe292826e50cf15b5294e08b4e20983b924842648", 0xc5, 0xf85, 0x0, 0x2, r0}, &(0x7f0000001380)={0x0, 0x0, 0x0, 0x3, 0x8, 0xffffffffffffffff, &(0x7f00000012c0)="abed524f406006deb66be3d21a5ee4d5f65293295c32e7f34dfd16bc326926f827d8fd90923dab27005f30b41b80131993cc59a7d9e5520e0571458a355fa6b5045a7c4b13c8c85d0805789be66faea02782535b288f82694c4a9a3b474ae64f132481a43f44e36babe531b90c248fb3149e8c6e58c70eeedb9be5c058b9d77cdfee1d9592bae962d6be910c9514a95f6cd84f33af50e746ea4a8430ed2eab9cd9f608fbca", 0xa5, 0x5, 0x0, 0x2, r0}, &(0x7f0000001480)={0x0, 0x0, 0x0, 0x2, 0xffc1, 0xffffffffffffffff, &(0x7f00000013c0)="a057d90ca33250452229543897f0bdb50b448722c9a573b657016375aba89c494a4d186775b8bb398f02fdd302230d487843e2c554f1b413e09c5a4f7252e5176abd53d70f720d86a7a028865a5ab097f551068e4f036977fcaa5fdd5b66650c9e52143f98c89e2b94aaba3178f36acff12b99ee43fd222f95c3462c1c6b19a6ca738f1ab154e681e6bfbdd33a9e55b2917b734722bccfa44bcb644d2780dc71af2e23befe7637aa507d6bcb72b358800a", 0xb1, 0x9, 0x0, 0x2, r0}, &(0x7f00000017c0)={0x0, 0x0, 0x0, 0x0, 0xb, r0, &(0x7f00000014c0)="61227a7fd5c2bd8172387f01c4f5b0b99dc5648a0c796646e7f86f16cab38b30461bdc471a4dfa1a75e78abd9f4ba69552162918313862dac8693ee77f21dc3177db34da6ab168274427a84aa0b39dd92003970cd1c5d5bf031af943dd3b535a571ddba0b85f6811fdf95067e0c7063cca43fd3e", 0x74, 0x5, 0x0, 0x2, r0}, &(0x7f0000001600)={0x0, 0x0, 0x0, 0x2, 0x100, r6, &(0x7f00000015c0)="b80c18449f85ba6a825b5f0e60ba1c84cdef8adc11acc7fb43fdd412f9f64825d07052fe9b6acec831cc3473f55f171bcdb3c538b0ced2", 0x37, 0x189, 0x0, 0x6, r0}, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x1, 0xa610, r7, &(0x7f0000001680)="0404679084205f3d3c6659ba4353c91a4a715c447eeddf8456ee23be576d4d48cfd4d6883ae04151c3f4828cfc6289c15cfb8785c8cd8d7e02b066c224f65e58615c7534b8234192675d15d6e6", 0x4d, 0x3ab5}])
ioctl$CDROMRESET(r0, 0x5321)

[ 2050.106790]  ? vma_expand+0xda0/0xda0
[ 2050.106830]  ? anon_vma_clone+0x3ae/0x560
[ 2050.106859]  ? mas_find+0x203/0xdd0
[ 2050.106899]  __split_vma+0x452/0x540
[ 2050.106919]  ? mas_walk+0x48a/0x670
[ 2050.106954]  do_mas_align_munmap.constprop.0+0x4ef/0xfa0
[ 2050.106993]  ? __split_vma+0x540/0x540
[ 2050.107026]  ? mas_walk+0x48a/0x670
[ 2050.107060]  ? mas_find+0x203/0xdd0
[ 2050.107096]  ? inode_has_perm+0x171/0x1d0
[ 2050.107121]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 2050.107157]  do_mas_munmap+0x1ed/0x2c0
[ 2050.107185]  mmap_region+0x21c/0x1a70
[ 2050.107220]  ? lock_release+0x750/0x750
[ 2050.107248]  ? do_munmap+0x100/0x100
[ 2050.107278]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2050.107312]  ? security_mmap_addr+0x79/0xa0
19:44:26 executing program 0:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x3c, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240))

[ 2050.107343]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 2050.107376]  ? get_unmapped_area+0x2f0/0x3d0
[ 2050.107417]  do_mmap+0x824/0xf40
19:44:26 executing program 2:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 71)

19:44:26 executing program 5:
ioctl$sock_inet_SIOCRTMSG(0xffffffffffffffff, 0x890d, &(0x7f0000000080)={0x0, {0x2, 0x4e22, @multicast1}, {0x2, 0x4e22, @broadcast}, {0x2, 0x4e21, @remote}, 0x2e8, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)='bond0\x00', 0x0, 0xffffffffffffffff, 0x81})
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0x5312)

[ 2050.107451]  vm_mmap_pgoff+0x1b5/0x280
[ 2050.107493]  ? randomize_stack_top+0x100/0x100
[ 2050.107528]  ? __fget_files+0x287/0x470
[ 2050.107577]  ksys_mmap_pgoff+0x3cc/0x4f0
[ 2050.107606]  do_syscall_64+0x3b/0x90
[ 2050.107632]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2050.107661] RIP: 0033:0x7f011e7ddb62
[ 2050.107678] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64
[ 2050.107700] RSP: 002b:00007f011bd530f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009
[ 2050.107721] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f011e7ddb62
[ 2050.107736] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffe000
[ 2050.107749] RBP: 0000000020ffe000 R08: 0000000000000005 R09: 0000000000000000
19:44:26 executing program 3:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)=<r2=>0x0)
r3 = creat(&(0x7f0000000380)='./file1\x00', 0x0)
r4 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140))
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
r6 = syz_io_uring_setup(0x76e7, &(0x7f0000000340), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000280), &(0x7f00000003c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0xa, 0x0, r5)
syz_io_uring_submit(0x0, r2, &(0x7f00000003c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x4, 0x0, @fd=r3, 0xfffffffffffffff9, 0x0, 0xf690, 0x0, 0x0, {0x0, r5}}, 0x1000)
r7 = syz_open_procfs(0xffffffffffffffff, 0x0)
fchmodat(r7, &(0x7f0000000180)='./file0\x00', 0x4)
r8 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r9 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r9, r8, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r7, 0x5206, &(0x7f0000000480))

[ 2050.107762] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000240
[ 2050.107776] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 2050.107815]  </TASK>
[ 2050.111669] FAULT_INJECTION: forcing a failure.
[ 2050.111669] name failslab, interval 1, probability 0, space 0, times 0
19:44:26 executing program 1:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 50)

19:44:26 executing program 6:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 74)

[ 2050.111698] CPU: 1 PID: 7942 Comm: syz-executor.1 Not tainted 5.18.0-rc4-next-20220427 #1
[ 2050.111727] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 2050.111741] Call Trace:
[ 2050.111746]  <TASK>
[ 2050.111757]  dump_stack_lvl+0x8b/0xb3
[ 2050.111784]  should_fail.cold+0x5/0xa
[ 2050.111806]  ? vm_area_dup+0x7f/0x220
[ 2050.111839]  should_failslab+0x5/0x10
[ 2050.111866]  kmem_cache_alloc+0x5b/0x480
[ 2050.111894]  vm_area_dup+0x7f/0x220
[ 2050.111937]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 2050.111965]  ? mark_lock.part.0+0xef/0x2f60
[ 2050.112011]  ? lock_is_held_type+0xd7/0x130
[ 2050.112041]  ? find_held_lock+0x2c/0x110
[ 2050.112067]  ? vm_area_alloc+0xf0/0xf0
[ 2050.112099]  ? lock_release+0x3b2/0x750
[ 2050.112125]  ? avc_has_perm_noaudit+0x1c8/0x390
[ 2050.112148]  ? lock_downgrade+0x6d0/0x6d0
[ 2050.112173]  ? find_held_lock+0x2c/0x110
19:44:26 executing program 4:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0xc0481273)

[ 2050.112207]  ? __sanitizer_cov_trace_cmp2+0x22/0x80
[ 2050.112245]  ? mark_lock.part.0+0xef/0x2f60
[ 2050.112275]  ? avc_has_perm_noaudit+0x1ef/0x390
[ 2050.112300]  __split_vma+0xa2/0x540
[ 2050.112329]  do_mas_align_munmap.constprop.0+0x263/0xfa0
[ 2050.112369]  ? __split_vma+0x540/0x540
[ 2050.112402]  ? mas_walk+0x48a/0x670
[ 2050.112437]  ? mas_find+0x203/0xdd0
[ 2050.112473]  ? inode_has_perm+0x171/0x1d0
[ 2050.112498]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 2050.112534]  do_mas_munmap+0x1ed/0x2c0
[ 2050.112563]  mmap_region+0x21c/0x1a70
[ 2050.112597]  ? lock_release+0x750/0x750
[ 2050.112627]  ? do_munmap+0x100/0x100
[ 2050.112657]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2050.112691]  ? security_mmap_addr+0x79/0xa0
[ 2050.112721]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 2050.112755]  ? get_unmapped_area+0x2f0/0x3d0
[ 2050.112796]  do_mmap+0x824/0xf40
[ 2050.112830]  vm_mmap_pgoff+0x1b5/0x280
[ 2050.112872]  ? randomize_stack_top+0x100/0x100
[ 2050.112907]  ? __fget_files+0x287/0x470
[ 2050.112956]  ksys_mmap_pgoff+0x3cc/0x4f0
[ 2050.112986]  do_syscall_64+0x3b/0x90
[ 2050.113011]  entry_SYSCALL_64_after_hwframe+0x44/0xae
19:44:26 executing program 0:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x42, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240))

[ 2050.113040] RIP: 0033:0x7f2c579bdb62
[ 2050.113055] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64
[ 2050.113077] RSP: 002b:00007f2c54f330f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009
19:44:26 executing program 6:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 75)

[ 2050.113097] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f2c579bdb62
[ 2050.113112] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffe000
[ 2050.113125] RBP: 0000000020ffe000 R08: 0000000000000005 R09: 0000000000000000
[ 2050.113138] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000240
[ 2050.113151] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 2050.113190]  </TASK>
[ 2050.135309] sr 1:0:0:0: [sr0] tag#0 unaligned transfer
[ 2050.135347] I/O error, dev sr0, sector 5 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 2050.136894] FAULT_INJECTION: forcing a failure.
[ 2050.136894] name failslab, interval 1, probability 0, space 0, times 0
[ 2050.136915] CPU: 0 PID: 7948 Comm: syz-executor.2 Not tainted 5.18.0-rc4-next-20220427 #1
[ 2050.136932] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 2050.136941] Call Trace:
[ 2050.136945]  <TASK>
[ 2050.136950]  dump_stack_lvl+0x8b/0xb3
[ 2050.136973]  should_fail.cold+0x5/0xa
[ 2050.136986]  ? create_object.isra.0+0x3a/0xa20
[ 2050.137009]  should_failslab+0x5/0x10
[ 2050.137026]  kmem_cache_alloc+0x5b/0x480
[ 2050.137044]  create_object.isra.0+0x3a/0xa20
[ 2050.137060]  ? kasan_unpoison+0x23/0x50
[ 2050.137079]  kmem_cache_alloc+0x239/0x480
[ 2050.137095]  mas_alloc_nodes+0x36e/0x6a0
[ 2050.137119]  mas_node_count+0x101/0x130
[ 2050.137136]  mas_root_expand.isra.0+0xe5/0xa60
[ 2050.137155]  ? lock_is_held_type+0xd7/0x130
[ 2050.137176]  mas_wr_store_entry.isra.0+0x33c/0x10f0
[ 2050.137195]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[ 2050.137220]  mas_store_gfp+0xca/0x1f0
[ 2050.137238]  ? mtree_alloc_range+0xe80/0xe80
[ 2050.137266]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2050.137284]  ? __split_vma+0x3b5/0x540
[ 2050.137300]  do_mas_align_munmap.constprop.0+0x60f/0xfa0
[ 2050.137322]  ? __split_vma+0x540/0x540
[ 2050.137340]  ? mas_walk+0x48a/0x670
[ 2050.137359]  ? mas_find+0x203/0xdd0
[ 2050.137378]  ? inode_has_perm+0x171/0x1d0
[ 2050.137394]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 2050.137415]  do_mas_munmap+0x1ed/0x2c0
[ 2050.137430]  mmap_region+0x21c/0x1a70
[ 2050.137450]  ? lock_release+0x750/0x750
[ 2050.137465]  ? do_munmap+0x100/0x100
[ 2050.137482]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2050.137500]  ? security_mmap_addr+0x79/0xa0
[ 2050.137517]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 2050.137535]  ? get_unmapped_area+0x2f0/0x3d0
[ 2050.137558]  do_mmap+0x824/0xf40
[ 2050.137576]  vm_mmap_pgoff+0x1b5/0x280
[ 2050.137600]  ? randomize_stack_top+0x100/0x100
[ 2050.137619]  ? __fget_files+0x287/0x470
[ 2050.137647]  ksys_mmap_pgoff+0x3cc/0x4f0
[ 2050.137662]  do_syscall_64+0x3b/0x90
[ 2050.137676]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2050.137693] RIP: 0033:0x7f4ea96a2b62
[ 2050.137703] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64
[ 2050.137715] RSP: 002b:00007f4ea6c180f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009
[ 2050.137728] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f4ea96a2b62
[ 2050.137736] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffe000
[ 2050.137744] RBP: 0000000020ffe000 R08: 0000000000000005 R09: 0000000000000000
[ 2050.137752] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000240
[ 2050.137759] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 2050.137781]  </TASK>
[ 2050.324469] FAULT_INJECTION: forcing a failure.
[ 2050.324469] name failslab, interval 1, probability 0, space 0, times 0
[ 2050.324491] CPU: 0 PID: 7962 Comm: syz-executor.6 Not tainted 5.18.0-rc4-next-20220427 #1
[ 2050.324504] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 2050.324513] Call Trace:
[ 2050.324516]  <TASK>
[ 2050.324522]  dump_stack_lvl+0x8b/0xb3
[ 2050.324543]  should_fail.cold+0x5/0xa
[ 2050.324557]  ? create_object.isra.0+0x3a/0xa20
[ 2050.324578]  should_failslab+0x5/0x10
[ 2050.324595]  kmem_cache_alloc+0x5b/0x480
[ 2050.324608]  ? mark_held_locks+0x9e/0xe0
[ 2050.324631]  create_object.isra.0+0x3a/0xa20
[ 2050.324647]  ? kasan_unpoison+0x23/0x50
[ 2050.324666]  kmem_cache_alloc_bulk+0x3fa/0x780
[ 2050.324684]  mas_alloc_nodes+0x2a6/0x6a0
[ 2050.324708]  mas_preallocate+0xff/0x270
[ 2050.324732]  __vma_adjust+0x1f6/0x18a0
[ 2050.324759]  ? vma_expand+0xda0/0xda0
[ 2050.324775]  ? anon_vma_clone+0x3ae/0x560
[ 2050.324790]  ? mas_find+0x203/0xdd0
[ 2050.324812]  __split_vma+0x452/0x540
[ 2050.324823]  ? mas_walk+0x48a/0x670
[ 2050.324841]  do_mas_align_munmap.constprop.0+0x4ef/0xfa0
[ 2050.324863]  ? __split_vma+0x540/0x540
[ 2050.324881]  ? mas_walk+0x48a/0x670
[ 2050.324900]  ? mas_find+0x203/0xdd0
[ 2050.324920]  ? inode_has_perm+0x171/0x1d0
[ 2050.324935]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 2050.324954]  do_mas_munmap+0x1ed/0x2c0
[ 2050.324970]  mmap_region+0x21c/0x1a70
[ 2050.324989]  ? lock_release+0x750/0x750
[ 2050.325004]  ? do_munmap+0x100/0x100
[ 2050.325021]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2050.325040]  ? security_mmap_addr+0x79/0xa0
[ 2050.325057]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 2050.325076]  ? get_unmapped_area+0x2f0/0x3d0
[ 2050.325098]  do_mmap+0x824/0xf40
[ 2050.325117]  vm_mmap_pgoff+0x1b5/0x280
[ 2050.325140]  ? randomize_stack_top+0x100/0x100
[ 2050.325159]  ? __fget_files+0x287/0x470
[ 2050.325187]  ksys_mmap_pgoff+0x3cc/0x4f0
[ 2050.325203]  do_syscall_64+0x3b/0x90
[ 2050.325217]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2050.325234] RIP: 0033:0x7f011e7ddb62
[ 2050.325243] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64
[ 2050.325255] RSP: 002b:00007f011bd530f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009
[ 2050.325267] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f011e7ddb62
[ 2050.325275] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffe000
[ 2050.325283] RBP: 0000000020ffe000 R08: 0000000000000005 R09: 0000000000000000
[ 2050.325290] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000240
[ 2050.325298] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 2050.325319]  </TASK>
[ 2050.344978] FAULT_INJECTION: forcing a failure.
[ 2050.344978] name failslab, interval 1, probability 0, space 0, times 0
[ 2050.345038] CPU: 1 PID: 7959 Comm: syz-executor.2 Not tainted 5.18.0-rc4-next-20220427 #1
[ 2050.345063] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 2050.345078] Call Trace:
[ 2050.345085]  <TASK>
[ 2050.345093]  dump_stack_lvl+0x8b/0xb3
[ 2050.345129]  should_fail.cold+0x5/0xa
[ 2050.345153]  ? vm_area_alloc+0x1c/0xf0
[ 2050.345192]  should_failslab+0x5/0x10
[ 2050.345222]  kmem_cache_alloc+0x5b/0x480
[ 2050.345253]  vm_area_alloc+0x1c/0xf0
[ 2050.345285]  mmap_region+0x44b/0x1a70
[ 2050.345321]  ? lock_release+0x750/0x750
[ 2050.345352]  ? do_munmap+0x100/0x100
[ 2050.345382]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2050.345418]  ? security_mmap_addr+0x79/0xa0
[ 2050.345450]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 2050.345484]  ? get_unmapped_area+0x2f0/0x3d0
[ 2050.345526]  do_mmap+0x824/0xf40
[ 2050.345560]  vm_mmap_pgoff+0x1b5/0x280
[ 2050.345603]  ? randomize_stack_top+0x100/0x100
[ 2050.345639]  ? __fget_files+0x287/0x470
[ 2050.345689]  ksys_mmap_pgoff+0x3cc/0x4f0
[ 2050.345719]  do_syscall_64+0x3b/0x90
[ 2050.345754]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2050.345784] RIP: 0033:0x7f4ea96a2b62
[ 2050.345801] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64
[ 2050.345823] RSP: 002b:00007f4ea6c180f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009
[ 2050.345844] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f4ea96a2b62
[ 2050.345859] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffe000
[ 2050.345873] RBP: 0000000020ffe000 R08: 0000000000000005 R09: 0000000000000000
[ 2050.345886] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000240
[ 2050.345899] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 2050.345939]  </TASK>
[ 2050.419133] FAULT_INJECTION: forcing a failure.
[ 2050.419133] name failslab, interval 1, probability 0, space 0, times 0
[ 2050.419164] CPU: 0 PID: 7973 Comm: syz-executor.1 Not tainted 5.18.0-rc4-next-20220427 #1
[ 2050.419189] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 2050.419203] Call Trace:
[ 2050.419208]  <TASK>
[ 2050.419217]  dump_stack_lvl+0x8b/0xb3
[ 2050.419247]  should_fail.cold+0x5/0xa
[ 2050.419272]  ? create_object.isra.0+0x3a/0xa20
[ 2050.419312]  should_failslab+0x5/0x10
[ 2050.419343]  kmem_cache_alloc+0x5b/0x480
[ 2050.419374]  create_object.isra.0+0x3a/0xa20
[ 2050.419403]  ? kasan_unpoison+0x23/0x50
[ 2050.419434]  kmem_cache_alloc+0x239/0x480
[ 2050.419462]  mas_alloc_nodes+0x36e/0x6a0
[ 2050.419496]  ? find_vma+0x108/0x1a0
[ 2050.419535]  mas_preallocate+0xff/0x270
[ 2050.419555]  __vma_adjust+0x1f6/0x18a0
[ 2050.419584]  ? vma_expand+0xda0/0xda0
[ 2050.419601]  ? anon_vma_clone+0x3ae/0x560
[ 2050.419618]  ? mark_lock.part.0+0xef/0x2f60
[ 2050.419639]  __split_vma+0x2a1/0x540
[ 2050.419654]  do_mas_align_munmap.constprop.0+0x263/0xfa0
[ 2050.419676]  ? __split_vma+0x540/0x540
[ 2050.419694]  ? mas_walk+0x48a/0x670
[ 2050.419713]  ? mas_find+0x203/0xdd0
[ 2050.419732]  ? inode_has_perm+0x171/0x1d0
[ 2050.419747]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 2050.419767]  do_mas_munmap+0x1ed/0x2c0
[ 2050.419782]  mmap_region+0x21c/0x1a70
[ 2050.419802]  ? lock_release+0x750/0x750
[ 2050.419817]  ? do_munmap+0x100/0x100
[ 2050.419834]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2050.419853]  ? security_mmap_addr+0x79/0xa0
[ 2050.419870]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 2050.419889]  ? get_unmapped_area+0x2f0/0x3d0
[ 2050.419911]  do_mmap+0x824/0xf40
[ 2050.419929]  vm_mmap_pgoff+0x1b5/0x280
[ 2050.419953]  ? randomize_stack_top+0x100/0x100
[ 2050.419972]  ? __fget_files+0x287/0x470
[ 2050.420000]  ksys_mmap_pgoff+0x3cc/0x4f0
[ 2050.420015]  do_syscall_64+0x3b/0x90
[ 2050.420030]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2050.420047] RIP: 0033:0x7f2c579bdb62
[ 2050.420057] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64
[ 2050.420070] RSP: 002b:00007f2c54f330f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009
[ 2050.420082] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f2c579bdb62
[ 2050.420091] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffe000
[ 2050.420099] RBP: 0000000020ffe000 R08: 0000000000000005 R09: 0000000000000000
[ 2050.420107] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000240
[ 2050.420115] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 2050.420137]  </TASK>
[ 2050.481838] FAULT_INJECTION: forcing a failure.
[ 2050.481838] name failslab, interval 1, probability 0, space 0, times 0
[ 2050.481877] CPU: 0 PID: 7977 Comm: syz-executor.6 Not tainted 5.18.0-rc4-next-20220427 #1
[ 2050.481891] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 2050.481899] Call Trace:
[ 2050.481903]  <TASK>
[ 2050.481908]  dump_stack_lvl+0x8b/0xb3
[ 2050.481928]  should_fail.cold+0x5/0xa
[ 2050.481941]  ? mas_alloc_nodes+0x36e/0x6a0
[ 2050.481959]  should_failslab+0x5/0x10
[ 2050.481977]  kmem_cache_alloc+0x5b/0x480
[ 2050.481993]  mas_alloc_nodes+0x36e/0x6a0
[ 2050.482016]  mas_node_count+0x101/0x130
[ 2050.482032]  mas_root_expand.isra.0+0xe5/0xa60
[ 2050.482051]  ? lock_is_held_type+0xd7/0x130
[ 2050.482072]  mas_wr_store_entry.isra.0+0x33c/0x10f0
[ 2050.482091]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[ 2050.482116]  mas_store_gfp+0xca/0x1f0
[ 2050.482133]  ? mtree_alloc_range+0xe80/0xe80
[ 2050.482161]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2050.482179]  ? __split_vma+0x3b5/0x540
[ 2050.482195]  do_mas_align_munmap.constprop.0+0x60f/0xfa0
[ 2050.482217]  ? __split_vma+0x540/0x540
[ 2050.482235]  ? mas_walk+0x48a/0x670
[ 2050.482254]  ? mas_find+0x203/0xdd0
[ 2050.482274]  ? inode_has_perm+0x171/0x1d0
[ 2050.482289]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 2050.482310]  do_mas_munmap+0x1ed/0x2c0
[ 2050.482325]  mmap_region+0x21c/0x1a70
[ 2050.482345]  ? lock_release+0x750/0x750
[ 2050.482360]  ? do_munmap+0x100/0x100
[ 2050.482377]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2050.482395]  ? security_mmap_addr+0x79/0xa0
[ 2050.482412]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 2050.482431]  ? get_unmapped_area+0x2f0/0x3d0
[ 2050.482453]  do_mmap+0x824/0xf40
[ 2050.482472]  vm_mmap_pgoff+0x1b5/0x280
[ 2050.482495]  ? randomize_stack_top+0x100/0x100
[ 2050.482514]  ? __fget_files+0x287/0x470
[ 2050.482543]  ksys_mmap_pgoff+0x3cc/0x4f0
[ 2050.482558]  do_syscall_64+0x3b/0x90
[ 2050.482572]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2050.482589] RIP: 0033:0x7f011e7ddb62
[ 2050.482599] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64
[ 2050.482611] RSP: 002b:00007f011bd530f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009
[ 2050.482623] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f011e7ddb62
[ 2050.482631] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffe000
[ 2050.482638] RBP: 0000000020ffe000 R08: 0000000000000005 R09: 0000000000000000
[ 2050.482645] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000240
[ 2050.482652] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 2050.482678]  </TASK>
[ 2064.795877] kmemleak: 4 new suspected memory leaks (see /sys/kernel/debug/kmemleak)
19:44:47 executing program 0:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x60, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240))

19:44:47 executing program 7:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0xf811d42aaf31c0ae, 0x0)
ioctl$CDROMRESET(r0, 0x5321)
ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000180)=<r1=>0x0)
r2 = syz_open_procfs$namespace(r1, &(0x7f00000001c0)='ns/time_for_children\x00')
read(r2, &(0x7f0000000100)=""/31, 0x1f)
r3 = openat$cgroup_ro(r0, &(0x7f0000000080)='blkio.bfq.io_wait_time_recursive\x00', 0x0, 0x0)
ioctl$FS_IOC_GET_ENCRYPTION_NONCE(r3, 0x8010661b, &(0x7f00000000c0))
ioctl$HIDIOCGRAWPHYS(r0, 0x80404805, &(0x7f0000000040))

19:44:47 executing program 6:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 76)

19:44:47 executing program 3:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)=<r2=>0x0)
r3 = creat(&(0x7f0000000380)='./file1\x00', 0x0)
r4 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140))
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
r6 = syz_io_uring_setup(0x76e7, &(0x7f0000000340), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000280), &(0x7f00000003c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0xa, 0x0, r5)
syz_io_uring_submit(0x0, r2, &(0x7f00000003c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x4, 0x0, @fd=r3, 0xfffffffffffffff9, 0x0, 0xf690, 0x0, 0x0, {0x0, r5}}, 0x1000)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
fchmodat(0xffffffffffffffff, &(0x7f0000000180)='./file0\x00', 0x4)
r8 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r9 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r9, r8, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r7, 0x5206, &(0x7f0000000480))

19:44:47 executing program 4:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000080)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r1 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[])
r2 = openat(r1, &(0x7f0000000180)='./file0\x00', 0x101042, 0x2500)
write(r2, &(0x7f0000000080)="01", 0xffff8000) (fail_nth: 1)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
io_submit(0x0, 0x1, &(0x7f0000001340)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x2}])
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f00000006c0)={<r4=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r3, 0xc0182101, &(0x7f0000000740)={r4, 0x37, 0x9})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000000)={r4, 0x0, r0, 0xffffff80, 0x80000})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000200)={0x0, 0x0, 0xffffffffffffffff, 0x0, 0xfe7})

19:44:47 executing program 5:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0x5312)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x149802, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'rose0\x00'})
pwritev2(r1, &(0x7f0000000600)=[{&(0x7f00000000c0)="7d6d540c10037b9b35480d310900", 0xe}, {0x0}], 0x2, 0x0, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r0, 0xc018937b, &(0x7f0000000040)=ANY=[@ANYBLOB="010000000100001000000000", @ANYRES32=r1, @ANYRES32=0xee00, @ANYRES32=0x0, @ANYBLOB='./file0\x00'])

19:44:47 executing program 2:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 72)

19:44:47 executing program 1:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 51)

[ 2071.469502] FAULT_INJECTION: forcing a failure.
[ 2071.469502] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2071.469524] CPU: 0 PID: 7996 Comm: syz-executor.4 Not tainted 5.18.0-rc4-next-20220427 #1
[ 2071.469537] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 2071.469546] Call Trace:
[ 2071.469550]  <TASK>
[ 2071.469556]  dump_stack_lvl+0x8b/0xb3
[ 2071.469577]  should_fail.cold+0x5/0xa
[ 2071.469593]  _copy_to_user+0x2a/0x140
[ 2071.469609]  simple_read_from_buffer+0xcc/0x160
[ 2071.469627]  proc_fail_nth_read+0x194/0x220
[ 2071.469649]  ? proc_exe_link+0x1d0/0x1d0
[ 2071.469667]  ? security_file_permission+0xb1/0xd0
[ 2071.469689]  ? proc_exe_link+0x1d0/0x1d0
[ 2071.469707]  vfs_read+0x1ea/0x5d0
[ 2071.469729]  ksys_read+0x127/0x250
[ 2071.469744]  ? __ia32_sys_pwrite64+0x220/0x220
[ 2071.469760]  ? __secure_computing+0x195/0x2f0
19:44:47 executing program 4:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000080)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r1 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[])
r2 = openat(r1, &(0x7f0000000180)='./file0\x00', 0x101042, 0x2500)
write(r2, &(0x7f0000000080)="01", 0xffff8000)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
io_submit(0x0, 0x1, &(0x7f0000001340)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x2}])
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f00000006c0)={<r4=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r3, 0xc0182101, &(0x7f0000000740)={r4, 0x37, 0x9})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000000)={r4, 0x0, r0, 0xffffff80, 0x80000})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000200)={0x0, 0x0, 0xffffffffffffffff, 0x0, 0xfe7})

[ 2071.469783]  do_syscall_64+0x3b/0x90
[ 2071.469797]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2071.469815] RIP: 0033:0x7f22a79d869c
[ 2071.469824] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48
[ 2071.469836] RSP: 002b:00007f22a4f9b170 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 2071.469848] RAX: ffffffffffffffda RBX: ffffffffffffffff RCX: 00007f22a79d869c
[ 2071.469856] RDX: 000000000000000f RSI: 00007f22a4f9b1e0 RDI: 0000000000000004
[ 2071.469863] RBP: 00007f22a4f9b1d0 R08: 0000000000000000 R09: 0000000000000000
19:44:47 executing program 7:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x511100, 0x0)
ioctl$CDROMRESET(r0, 0x5321)

[ 2071.469870] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2071.469878] R13: 00007ffde4ae6e8f R14: 00007f22a4f9b300 R15: 0000000000022000
[ 2071.469899]  </TASK>
[ 2071.487580] FAULT_INJECTION: forcing a failure.
[ 2071.487580] name failslab, interval 1, probability 0, space 0, times 0
[ 2071.487603] CPU: 0 PID: 7993 Comm: syz-executor.2 Not tainted 5.18.0-rc4-next-20220427 #1
[ 2071.487618] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 2071.487627] Call Trace:
[ 2071.487630]  <TASK>
[ 2071.487636]  dump_stack_lvl+0x8b/0xb3
[ 2071.487656]  should_fail.cold+0x5/0xa
[ 2071.487667]  ? mas_alloc_nodes+0x36e/0x6a0
[ 2071.487686]  ? create_object.isra.0+0x3a/0xa20
[ 2071.487707]  should_failslab+0x5/0x10
[ 2071.487727]  kmem_cache_alloc+0x5b/0x480
[ 2071.487744]  create_object.isra.0+0x3a/0xa20
[ 2071.487760]  ? kasan_unpoison+0x23/0x50
[ 2071.487779]  kmem_cache_alloc+0x239/0x480
[ 2071.487795]  mas_alloc_nodes+0x36e/0x6a0
[ 2071.487817]  mas_node_count+0x101/0x130
[ 2071.487834]  mas_root_expand.isra.0+0xe5/0xa60
[ 2071.487853]  ? lock_is_held_type+0xd7/0x130
[ 2071.487874]  mas_wr_store_entry.isra.0+0x33c/0x10f0
[ 2071.487893]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[ 2071.487918]  mas_store_gfp+0xca/0x1f0
[ 2071.487936]  ? mtree_alloc_range+0xe80/0xe80
[ 2071.487963]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2071.487982]  ? __split_vma+0x3b5/0x540
[ 2071.487998]  do_mas_align_munmap.constprop.0+0x60f/0xfa0
[ 2071.488020]  ? __split_vma+0x540/0x540
[ 2071.488038]  ? mas_walk+0x48a/0x670
[ 2071.488057]  ? mas_find+0x203/0xdd0
[ 2071.488077]  ? inode_has_perm+0x171/0x1d0
[ 2071.488092]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 2071.488113]  do_mas_munmap+0x1ed/0x2c0
[ 2071.488128]  mmap_region+0x21c/0x1a70
[ 2071.488147]  ? lock_release+0x750/0x750
[ 2071.488163]  ? do_munmap+0x100/0x100
[ 2071.488179]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2071.488197]  ? security_mmap_addr+0x79/0xa0
[ 2071.488215]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 2071.488233]  ? get_unmapped_area+0x2f0/0x3d0
[ 2071.488255]  do_mmap+0x824/0xf40
[ 2071.488273]  vm_mmap_pgoff+0x1b5/0x280
[ 2071.488297]  ? randomize_stack_top+0x100/0x100
[ 2071.488316]  ? __fget_files+0x287/0x470
[ 2071.488344]  ksys_mmap_pgoff+0x3cc/0x4f0
[ 2071.488359]  do_syscall_64+0x3b/0x90
[ 2071.488373]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2071.488390] RIP: 0033:0x7f4ea96a2b62
[ 2071.488399] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64
[ 2071.488412] RSP: 002b:00007f4ea6c180f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009
[ 2071.488424] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f4ea96a2b62
[ 2071.488432] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffe000
[ 2071.488439] RBP: 0000000020ffe000 R08: 0000000000000005 R09: 0000000000000000
[ 2071.488447] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000240
[ 2071.488454] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 2071.488475]  </TASK>
[ 2071.493198] FAULT_INJECTION: forcing a failure.
[ 2071.493198] name failslab, interval 1, probability 0, space 0, times 0
[ 2071.493214] CPU: 0 PID: 7998 Comm: syz-executor.6 Not tainted 5.18.0-rc4-next-20220427 #1
[ 2071.493226] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 2071.493234] Call Trace:
[ 2071.493237]  <TASK>
[ 2071.493241]  dump_stack_lvl+0x8b/0xb3
[ 2071.493256]  should_fail.cold+0x5/0xa
[ 2071.493268]  ? create_object.isra.0+0x3a/0xa20
[ 2071.493286]  should_failslab+0x5/0x10
[ 2071.493302]  kmem_cache_alloc+0x5b/0x480
[ 2071.493317]  create_object.isra.0+0x3a/0xa20
[ 2071.493334]  ? kasan_unpoison+0x23/0x50
[ 2071.493352]  kmem_cache_alloc+0x239/0x480
[ 2071.493368]  mas_alloc_nodes+0x36e/0x6a0
[ 2071.493384]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 2071.493409]  mas_preallocate+0xff/0x270
[ 2071.493429]  mmap_region+0x770/0x1a70
[ 2071.493451]  ? do_munmap+0x100/0x100
[ 2071.493467]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2071.493486]  ? security_mmap_addr+0x79/0xa0
[ 2071.493503]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 2071.493521]  ? get_unmapped_area+0x2f0/0x3d0
[ 2071.493544]  do_mmap+0x824/0xf40
[ 2071.493563]  vm_mmap_pgoff+0x1b5/0x280
[ 2071.493586]  ? randomize_stack_top+0x100/0x100
[ 2071.493605]  ? __fget_files+0x287/0x470
[ 2071.493631]  ksys_mmap_pgoff+0x3cc/0x4f0
[ 2071.493647]  do_syscall_64+0x3b/0x90
[ 2071.493661]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2071.493677] RIP: 0033:0x7f011e7ddb62
[ 2071.493686] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64
[ 2071.493698] RSP: 002b:00007f011bd530f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009
[ 2071.493709] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f011e7ddb62
[ 2071.493721] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffe000
[ 2071.493728] RBP: 0000000020ffe000 R08: 0000000000000005 R09: 0000000000000000
[ 2071.493735] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000240
[ 2071.493742] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 2071.493764]  </TASK>
[ 2071.564081] FAULT_INJECTION: forcing a failure.
[ 2071.564081] name failslab, interval 1, probability 0, space 0, times 0
[ 2071.564114] CPU: 0 PID: 8005 Comm: syz-executor.1 Not tainted 5.18.0-rc4-next-20220427 #1
[ 2071.564139] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 2071.564154] Call Trace:
[ 2071.564160]  <TASK>
[ 2071.564169]  dump_stack_lvl+0x8b/0xb3
[ 2071.564209]  should_fail.cold+0x5/0xa
[ 2071.564236]  ? mas_alloc_nodes+0x36e/0x6a0
[ 2071.564272]  should_failslab+0x5/0x10
[ 2071.564313]  kmem_cache_alloc+0x5b/0x480
[ 2071.564348]  mas_alloc_nodes+0x36e/0x6a0
[ 2071.564393]  ? find_vma+0x108/0x1a0
[ 2071.564449]  mas_preallocate+0xff/0x270
[ 2071.564500]  __vma_adjust+0x1f6/0x18a0
[ 2071.564551]  ? vma_expand+0xda0/0xda0
[ 2071.564576]  ? anon_vma_clone+0x3ae/0x560
[ 2071.564593]  ? mark_lock.part.0+0xef/0x2f60
[ 2071.564615]  __split_vma+0x2a1/0x540
[ 2071.564631]  do_mas_align_munmap.constprop.0+0x263/0xfa0
[ 2071.564652]  ? __split_vma+0x540/0x540
[ 2071.564670]  ? mas_walk+0x48a/0x670
[ 2071.564689]  ? mas_find+0x203/0xdd0
[ 2071.564709]  ? inode_has_perm+0x171/0x1d0
[ 2071.564728]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 2071.564748]  do_mas_munmap+0x1ed/0x2c0
[ 2071.564763]  mmap_region+0x21c/0x1a70
[ 2071.564782]  ? lock_release+0x750/0x750
[ 2071.564797]  ? do_munmap+0x100/0x100
[ 2071.564814]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2071.564834]  ? security_mmap_addr+0x79/0xa0
[ 2071.564851]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 2071.564869]  ? get_unmapped_area+0x2f0/0x3d0
[ 2071.564891]  do_mmap+0x824/0xf40
[ 2071.564910]  vm_mmap_pgoff+0x1b5/0x280
[ 2071.564934]  ? randomize_stack_top+0x100/0x100
[ 2071.564953]  ? __fget_files+0x287/0x470
[ 2071.564981]  ksys_mmap_pgoff+0x3cc/0x4f0
[ 2071.564996]  do_syscall_64+0x3b/0x90
[ 2071.565011]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2071.565028] RIP: 0033:0x7f2c579bdb62
[ 2071.565038] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64
[ 2071.565050] RSP: 002b:00007f2c54f330f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009
[ 2071.565062] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f2c579bdb62
[ 2071.565070] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffe000
[ 2071.565078] RBP: 0000000020ffe000 R08: 0000000000000005 R09: 0000000000000000
[ 2071.565086] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000240
[ 2071.565093] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 2071.565114]  </TASK>
[ 2085.941200] kmemleak: 4 new suspected memory leaks (see /sys/kernel/debug/kmemleak)
[ 2093.054272] FAULT_INJECTION: forcing a failure.
[ 2093.054272] name failslab, interval 1, probability 0, space 0, times 0
[ 2093.054295] CPU: 1 PID: 8017 Comm: syz-executor.1 Not tainted 5.18.0-rc4-next-20220427 #1
[ 2093.054309] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 2093.054319] Call Trace:
[ 2093.054322]  <TASK>
[ 2093.054328]  dump_stack_lvl+0x8b/0xb3
[ 2093.054349]  should_fail.cold+0x5/0xa
[ 2093.054361]  ? create_object.isra.0+0x3a/0xa20
[ 2093.054382]  should_failslab+0x5/0x10
[ 2093.054399]  kmem_cache_alloc+0x5b/0x480
19:45:09 executing program 2:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 73)

19:45:09 executing program 4:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000080)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r1 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[])
r2 = openat(r1, &(0x7f0000000180)='./file0\x00', 0x101042, 0x2500)
write(r2, &(0x7f0000000080)="c2", 0xffff8000)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
io_submit(0x0, 0x1, &(0x7f0000001340)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x2}])
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f00000006c0)={<r4=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r3, 0xc0182101, &(0x7f0000000740)={r4, 0x37, 0x9})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000000)={r4, 0x0, r0, 0xffffff80, 0x80000})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000200)={0x0, 0x0, 0xffffffffffffffff, 0x0, 0xfe7})

19:45:09 executing program 1:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 52)

19:45:09 executing program 5:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$CDROMRESET(r0, 0x5312)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/fscaps', 0x200000, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x4042, 0x0)
fcntl$dupfd(r1, 0x0, r2)
getsockopt$inet6_IPV6_IPSEC_POLICY(r1, 0x29, 0x22, &(0x7f0000000040)={{{@in6=@loopback, @in6=@initdev}}, {{@in=@private}, 0x0, @in=@multicast1}}, &(0x7f0000000140)=0xe8)

19:45:09 executing program 6:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 77)

19:45:09 executing program 7:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x404082, 0x0)
r1 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r1}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240))
ioctl$CDROMRESET(r0, 0x5321)

19:45:09 executing program 3:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)=<r2=>0x0)
r3 = creat(&(0x7f0000000380)='./file1\x00', 0x0)
r4 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140))
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
r6 = syz_io_uring_setup(0x76e7, &(0x7f0000000340), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000280), &(0x7f00000003c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0xa, 0x0, r5)
syz_io_uring_submit(0x0, r2, &(0x7f00000003c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x4, 0x0, @fd=r3, 0xfffffffffffffff9, 0x0, 0xf690, 0x0, 0x0, {0x0, r5}}, 0x1000)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
fchmodat(0xffffffffffffffff, &(0x7f0000000180)='./file0\x00', 0x4)
r8 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r9 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r9, r8, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r7, 0x5206, &(0x7f0000000480))

19:45:09 executing program 0:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x121, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240))

19:45:09 executing program 1:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 53)

[ 2093.054416]  create_object.isra.0+0x3a/0xa20
[ 2093.054431]  ? kasan_unpoison+0x23/0x50
[ 2093.054450]  kmem_cache_alloc+0x239/0x480
[ 2093.054465]  vm_area_dup+0x7f/0x220
[ 2093.054490]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 2093.054507]  ? mark_lock.part.0+0xef/0x2f60
[ 2093.054531]  ? lock_is_held_type+0xd7/0x130
[ 2093.054549]  ? find_held_lock+0x2c/0x110
[ 2093.054563]  ? vm_area_alloc+0xf0/0xf0
[ 2093.054580]  ? lock_release+0x3b2/0x750
[ 2093.054594]  ? avc_has_perm_noaudit+0x1c8/0x390
[ 2093.054608]  ? lock_downgrade+0x6d0/0x6d0
[ 2093.054621]  ? find_held_lock+0x2c/0x110
[ 2093.054640]  ? __sanitizer_cov_trace_cmp2+0x22/0x80
[ 2093.054666]  ? mark_lock.part.0+0xef/0x2f60
[ 2093.054681]  ? avc_has_perm_noaudit+0x1ef/0x390
[ 2093.054695]  __split_vma+0xa2/0x540
[ 2093.054712]  do_mas_align_munmap.constprop.0+0x263/0xfa0
[ 2093.054733]  ? __split_vma+0x540/0x540
[ 2093.054751]  ? mas_walk+0x48a/0x670
[ 2093.054771]  ? mas_find+0x203/0xdd0
[ 2093.054791]  ? inode_has_perm+0x171/0x1d0
[ 2093.054804]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 2093.054823]  do_mas_munmap+0x1ed/0x2c0
[ 2093.054839]  mmap_region+0x21c/0x1a70
[ 2093.054858]  ? lock_release+0x750/0x750
[ 2093.054873]  ? do_munmap+0x100/0x100
[ 2093.054890]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2093.054908]  ? security_mmap_addr+0x79/0xa0
[ 2093.054925]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 2093.054943]  ? get_unmapped_area+0x2f0/0x3d0
[ 2093.054965]  do_mmap+0x824/0xf40
[ 2093.054983]  vm_mmap_pgoff+0x1b5/0x280
[ 2093.055007]  ? randomize_stack_top+0x100/0x100
[ 2093.055026]  ? __fget_files+0x287/0x470
[ 2093.055053]  ksys_mmap_pgoff+0x3cc/0x4f0
[ 2093.055069]  do_syscall_64+0x3b/0x90
[ 2093.055082]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2093.055099] RIP: 0033:0x7f2c579bdb62
[ 2093.055108] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64
19:45:09 executing program 4:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000080)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r1 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[])
r2 = openat(r1, &(0x7f0000000180)='./file0\x00', 0x101042, 0x2500)
write(r2, &(0x7f0000000080)="01", 0xffff8000)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
io_submit(0x0, 0x1, &(0x7f0000001340)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x2}])
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f00000006c0)={<r4=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r3, 0xc0182101, &(0x7f0000000740)={r4, 0x37, 0x9})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000000)={r4, 0x0, r0, 0xffffff80, 0x80000})
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x149802, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000000)={'rose0\x00'})
pwritev2(r5, &(0x7f0000000600)=[{&(0x7f00000000c0)="7d6d540c10037b9b35480d310900", 0xe}, {0x0}], 0x2, 0x0, 0x0, 0x0)
fadvise64(r5, 0xc6c, 0x7, 0x2)
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000200)={0x0, 0x0, 0xffffffffffffffff, 0x0, 0xfe7})

[ 2093.055120] RSP: 002b:00007f2c54f330f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009
[ 2093.055132] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f2c579bdb62
[ 2093.055140] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffe000
[ 2093.055148] RBP: 0000000020ffe000 R08: 0000000000000005 R09: 0000000000000000
[ 2093.055155] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000240
[ 2093.055162] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 2093.055183]  </TASK>
[ 2093.173492] FAULT_INJECTION: forcing a failure.
[ 2093.173492] name failslab, interval 1, probability 0, space 0, times 0
[ 2093.173514] CPU: 1 PID: 8039 Comm: syz-executor.1 Not tainted 5.18.0-rc4-next-20220427 #1
[ 2093.173528] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 2093.173537] Call Trace:
[ 2093.173541]  <TASK>
[ 2093.173546]  dump_stack_lvl+0x8b/0xb3
[ 2093.173569]  should_fail.cold+0x5/0xa
19:45:09 executing program 3:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)=<r2=>0x0)
r3 = creat(&(0x7f0000000380)='./file1\x00', 0x0)
r4 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140))
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
r6 = syz_io_uring_setup(0x76e7, &(0x7f0000000340), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000280), &(0x7f00000003c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0xa, 0x0, r5)
syz_io_uring_submit(0x0, r2, &(0x7f00000003c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x4, 0x0, @fd=r3, 0xfffffffffffffff9, 0x0, 0xf690, 0x0, 0x0, {0x0, r5}}, 0x1000)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
fchmodat(0xffffffffffffffff, &(0x7f0000000180)='./file0\x00', 0x4)
r8 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r9 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r9, r8, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r7, 0x5206, &(0x7f0000000480))

[ 2093.173582]  ? create_object.isra.0+0x3a/0xa20
[ 2093.173605]  should_failslab+0x5/0x10
[ 2093.173622]  kmem_cache_alloc+0x5b/0x480
[ 2093.173635]  ? mark_held_locks+0x9e/0xe0
[ 2093.173655]  create_object.isra.0+0x3a/0xa20
[ 2093.173671]  ? kasan_unpoison+0x23/0x50
[ 2093.173690]  kmem_cache_alloc_bulk+0x3fa/0x780
[ 2093.173702]  ? kmem_cache_alloc+0x332/0x480
[ 2093.173722]  mas_alloc_nodes+0x2a6/0x6a0
[ 2093.173746]  mas_preallocate+0xff/0x270
[ 2093.173766]  __vma_adjust+0x1f6/0x18a0
[ 2093.173793]  ? vma_expand+0xda0/0xda0
[ 2093.173809]  ? anon_vma_clone+0x3ae/0x560
[ 2093.173826]  ? mark_lock.part.0+0xef/0x2f60
[ 2093.173846]  __split_vma+0x2a1/0x540
[ 2093.173862]  do_mas_align_munmap.constprop.0+0x263/0xfa0
[ 2093.173883]  ? __split_vma+0x540/0x540
[ 2093.173901]  ? mas_walk+0x48a/0x670
[ 2093.173920]  ? mas_find+0x203/0xdd0
[ 2093.173940]  ? inode_has_perm+0x171/0x1d0
[ 2093.173955]  ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 2093.173975]  do_mas_munmap+0x1ed/0x2c0
[ 2093.173990]  mmap_region+0x21c/0x1a70
[ 2093.174009]  ? lock_release+0x750/0x750
[ 2093.174025]  ? do_munmap+0x100/0x100
[ 2093.174041]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2093.174060]  ? security_mmap_addr+0x79/0xa0
[ 2093.174078]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 2093.174096]  ? get_unmapped_area+0x2f0/0x3d0
[ 2093.174119]  do_mmap+0x824/0xf40
[ 2093.174137]  vm_mmap_pgoff+0x1b5/0x280
[ 2093.174160]  ? randomize_stack_top+0x100/0x100
[ 2093.174180]  ? __fget_files+0x287/0x470
[ 2093.174207]  ksys_mmap_pgoff+0x3cc/0x4f0
[ 2093.174223]  do_syscall_64+0x3b/0x90
[ 2093.174238]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2093.174255] RIP: 0033:0x7f2c579bdb62
[ 2093.174265] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64
[ 2093.174277] RSP: 002b:00007f2c54f330f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009
[ 2093.174289] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f2c579bdb62
[ 2093.174297] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffe000
[ 2093.174305] RBP: 0000000020ffe000 R08: 0000000000000005 R09: 0000000000000000
[ 2093.174312] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000240
[ 2093.174320] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 2093.174342]  </TASK>
[ 2093.189937] FAULT_INJECTION: forcing a failure.
[ 2093.189937] name failslab, interval 1, probability 0, space 0, times 0
[ 2093.189957] CPU: 1 PID: 8037 Comm: syz-executor.2 Not tainted 5.18.0-rc4-next-20220427 #1
[ 2093.189972] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 2093.189982] Call Trace:
[ 2093.189986]  <TASK>
[ 2093.189991]  dump_stack_lvl+0x8b/0xb3
[ 2093.190011]  should_fail.cold+0x5/0xa
[ 2093.190029]  ? vm_area_alloc+0x1c/0xf0
[ 2093.190067]  should_failslab+0x5/0x10
[ 2093.190090]  kmem_cache_alloc+0x5b/0x480
[ 2093.190113]  vm_area_alloc+0x1c/0xf0
[ 2093.190133]  mmap_region+0x44b/0x1a70
[ 2093.190154]  ? lock_release+0x750/0x750
[ 2093.190172]  ? do_munmap+0x100/0x100
[ 2093.190189]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2093.190207]  ? security_mmap_addr+0x79/0xa0
[ 2093.190223]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 2093.190242]  ? get_unmapped_area+0x2f0/0x3d0
[ 2093.190264]  do_mmap+0x824/0xf40
[ 2093.190285]  vm_mmap_pgoff+0x1b5/0x280
[ 2093.190308]  ? randomize_stack_top+0x100/0x100
[ 2093.190327]  ? __fget_files+0x287/0x470
[ 2093.190353]  ksys_mmap_pgoff+0x3cc/0x4f0
[ 2093.190369]  do_syscall_64+0x3b/0x90
[ 2093.190382]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2093.190398] RIP: 0033:0x7f4ea96a2b62
[ 2093.190407] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64
[ 2093.190418] RSP: 002b:00007f4ea6c180f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009
[ 2093.190430] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f4ea96a2b62
[ 2093.190438] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffe000
[ 2093.190445] RBP: 0000000020ffe000 R08: 0000000000000005 R09: 0000000000000000
[ 2093.190452] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000240
[ 2093.190460] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 2093.190481]  </TASK>
[ 2093.191531] FAULT_INJECTION: forcing a failure.
[ 2093.191531] name failslab, interval 1, probability 0, space 0, times 0
[ 2093.191546] CPU: 1 PID: 8032 Comm: syz-executor.6 Not tainted 5.18.0-rc4-next-20220427 #1
[ 2093.191558] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 2093.191565] Call Trace:
[ 2093.191568]  <TASK>
[ 2093.191571]  dump_stack_lvl+0x8b/0xb3
[ 2093.191587]  should_fail.cold+0x5/0xa
[ 2093.191602]  should_failslab+0x5/0x10
[ 2093.191617]  kmem_cache_alloc_bulk+0x47/0x780
[ 2093.191629]  ? rcu_read_lock_sched_held+0x3a/0x70
[ 2093.191647]  ? kmem_cache_alloc+0x332/0x480
[ 2093.191662]  mas_alloc_nodes+0x2a6/0x6a0
[ 2093.191685]  mas_preallocate+0xff/0x270
[ 2093.191705]  mmap_region+0x770/0x1a70
[ 2093.191730]  ? do_munmap+0x100/0x100
[ 2093.191746]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2093.191764]  ? security_mmap_addr+0x79/0xa0
[ 2093.191781]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 2093.191799]  ? get_unmapped_area+0x2f0/0x3d0
[ 2093.191821]  do_mmap+0x824/0xf40
[ 2093.191839]  vm_mmap_pgoff+0x1b5/0x280
[ 2093.191862]  ? randomize_stack_top+0x100/0x100
[ 2093.191881]  ? __fget_files+0x287/0x470
[ 2093.191908]  ksys_mmap_pgoff+0x3cc/0x4f0
[ 2093.191923]  do_syscall_64+0x3b/0x90
19:45:09 executing program 2:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 74)

[ 2093.191937]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2093.191952] RIP: 0033:0x7f011e7ddb62
[ 2093.191961] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64
[ 2093.191973] RSP: 002b:00007f011bd530f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009
[ 2093.191984] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f011e7ddb62
[ 2093.191992] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffe000
[ 2093.191999] RBP: 0000000020ffe000 R08: 0000000000000005 R09: 0000000000000000
[ 2093.192007] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000240
[ 2093.192014] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 2093.192036]  </TASK>
[ 2093.208988] ------------[ cut here ]------------
[ 2093.209000] WARNING: CPU: 0 PID: 8033 at arch/x86/mm/pat/memtype.c:1099 untrack_pfn+0x247/0x290
[ 2093.268248] Modules linked in:
[ 2093.268560] CPU: 0 PID: 8033 Comm: iou-sqp-8032 Not tainted 5.18.0-rc4-next-20220427 #1
[ 2093.269338] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 2093.270378] RIP: 0010:untrack_pfn+0x247/0x290
[ 2093.270841] Code: 84 6c ff ff ff e8 a9 0f 31 00 4c 89 ee 4c 89 e7 e8 9e db ff ff e8 99 0f 31 00 48 85 db 0f 85 58 ff ff ff eb 82 e8 89 0f 31 00 <0f> 0b e9 76 ff ff ff 48 89 df e8 0a 48 64 00 e9 98 fe ff ff e8 10
[ 2093.272517] RSP: 0018:ffff888044ae78e8 EFLAGS: 00010293
[ 2093.273043] RAX: 0000000000000000 RBX: ffff888008412ea0 RCX: 0000000000000000
[ 2093.273691] RDX: ffff88801d07d040 RSI: ffffffff811339b7 RDI: 0000000000000003
[ 2093.274372] RBP: 1ffff1100895cf1d R08: 0000000000000000 R09: 000000000000000d
[ 2093.275052] R10: ffffffff81133886 R11: 0000000000000007 R12: 00000000ffffffea
[ 2093.275749] R13: 0000000000000000 R14: 0000000000000000 R15: ffff888008412ec0
[ 2093.276406] FS:  0000000000000000(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000
[ 2093.277160] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2093.277695] CR2: 00005555557976d0 CR3: 000000000bc02000 CR4: 0000000000350ef0
[ 2093.278848] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 2093.279788] DR3: 0000000000000000 DR6: 00000000ffff4ff0 DR7: 0000000000000400
[ 2093.280412] Call Trace:
[ 2093.280645]  <TASK>
[ 2093.280887]  ? track_pfn_insert+0x140/0x140
[ 2093.281296]  ? mas_find+0x203/0xdd0
[ 2093.281638]  ? uprobe_munmap+0x1c/0x550
[ 2093.282041]  unmap_single_vma+0x1b4/0x350
[ 2093.282442]  unmap_vmas+0x21e/0x370
[ 2093.282793]  ? unmap_mapping_range+0x270/0x270
[ 2093.283197]  ? find_held_lock+0x2c/0x110
[ 2093.283603]  ? lock_downgrade+0x6d0/0x6d0
[ 2093.284021]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2093.284533]  exit_mmap+0x1b5/0x690
[ 2093.284894]  ? __ia32_sys_remap_file_pages+0x150/0x150
[ 2093.285401]  ? delayed_uprobe_remove+0x27/0x230
[ 2093.285852]  mmput+0xd1/0x390
[ 2093.286149]  do_exit+0xa10/0x27f0
[ 2093.286484]  ? lock_downgrade+0x6d0/0x6d0
[ 2093.286892]  ? _raw_spin_lock_irqsave+0x4e/0x50
[ 2093.287325]  ? mm_update_next_owner+0x7e0/0x7e0
[ 2093.287786]  ? _raw_spin_unlock_irqrestore+0x28/0x50
[ 2093.288245]  io_sq_thread.cold+0x17f/0x17f
[ 2093.288646]  ? __io_uring_free+0x1b0/0x1b0
[ 2093.289048]  ? lock_release+0x3b2/0x750
[ 2093.289139]  ? ret_from_fork+0x8/0x30
[ 2093.289866]  ? destroy_sched_domains_rcu+0x50/0x50
[ 2093.290322]  ? rwlock_bug.part.0+0x90/0x90
[ 2093.290698]  ? _raw_spin_unlock_irq+0x1f/0x40
[ 2093.291133]  ? __io_uring_free+0x1b0/0x1b0
[ 2093.291524]  ret_from_fork+0x22/0x30
[ 2093.291906]  </TASK>
[ 2093.292118] irq event stamp: 1241
[ 2093.292427] hardirqs last  enabled at (1251): [<ffffffff812ae868>] __up_console_sem+0x78/0x80
[ 2093.293169] hardirqs last disabled at (1262): [<ffffffff812ae84d>] __up_console_sem+0x5d/0x80
[ 2093.293927] softirqs last  enabled at (348): [<ffffffff81167c43>] __irq_exit_rcu+0x113/0x170
[ 2093.294660] softirqs last disabled at (313): [<ffffffff81167c43>] __irq_exit_rcu+0x113/0x170
[ 2093.295407] ---[ end trace 0000000000000000 ]---
19:45:09 executing program 1:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 54)

[ 2093.309957] general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN NOPTI
[ 2093.310935] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]
[ 2093.311639] CPU: 0 PID: 8033 Comm: iou-sqp-8032 Tainted: G        W         5.18.0-rc4-next-20220427 #1
[ 2093.312428] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 2093.313367] RIP: 0010:__rb_erase_color+0x155/0xe80
[ 2093.313787] Code: 89 ee 48 89 c5 e9 f6 fe ff ff 4c 8d 45 10 4c 89 c0 48 c1 e8 03 80 3c 18 00 0f 85 67 08 00 00 4c 8b 65 10 4c 89 e0 48 c1 e8 03 <80> 3c 18 00 0f 85 97 08 00 00 49 8d 7c 24 08 49 8b 04 24 48 89 f9
[ 2093.315273] RSP: 0018:ffff888044ae7960 EFLAGS: 00010256
[ 2093.315736] RAX: 0000000000000000 RBX: dffffc0000000000 RCX: 0000000000000000
[ 2093.316332] RDX: ffffffff81657c40 RSI: ffff88800b81cda8 RDI: ffff888008638438
[ 2093.316917] RBP: ffff888008638438 R08: ffff888008638448 R09: ffff88800b81cda7
[ 2093.317525] R10: ffffffff81658e58 R11: 0000000000000001 R12: 0000000000000000
[ 2093.318111] R13: ffffed10017039b5 R14: 0000000000000000 R15: ffff88800b81cda8
[ 2093.318709] FS:  0000000000000000(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000
[ 2093.319386] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2093.319884] CR2: 00005555557976d0 CR3: 000000000d9a8000 CR4: 0000000000350ef0
[ 2093.320484] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 2093.321070] DR3: 0000000000000000 DR6: 00000000ffff4ff0 DR7: 0000000000000400
[ 2093.321678] Call Trace:
[ 2093.321900]  <TASK>
[ 2093.322098]  vma_interval_tree_remove+0x694/0xec0
[ 2093.322532]  unlink_file_vma+0xbd/0x110
[ 2093.322871]  free_pgtables+0x255/0x420
[ 2093.323209]  ? free_pgd_range+0x1360/0x1360
[ 2093.323608]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2093.324080]  exit_mmap+0x1c8/0x690
[ 2093.324401]  ? __ia32_sys_remap_file_pages+0x150/0x150
[ 2093.324850]  ? delayed_uprobe_remove+0x27/0x230
[ 2093.325260]  mmput+0xd1/0x390
[ 2093.325556]  do_exit+0xa10/0x27f0
[ 2093.325861]  ? lock_downgrade+0x6d0/0x6d0
[ 2093.326212]  ? _raw_spin_lock_irqsave+0x4e/0x50
[ 2093.326626]  ? mm_update_next_owner+0x7e0/0x7e0
[ 2093.327023]  ? _raw_spin_unlock_irqrestore+0x28/0x50
[ 2093.327475]  io_sq_thread.cold+0x17f/0x17f
[ 2093.327843]  ? __io_uring_free+0x1b0/0x1b0
[ 2093.328207]  ? lock_release+0x3b2/0x750
[ 2093.328559]  ? ret_from_fork+0x8/0x30
[ 2093.328889]  ? destroy_sched_domains_rcu+0x50/0x50
[ 2093.329326]  ? rwlock_bug.part.0+0x90/0x90
[ 2093.329692]  ? _raw_spin_unlock_irq+0x1f/0x40
[ 2093.330072]  ? __io_uring_free+0x1b0/0x1b0
[ 2093.330448]  ret_from_fork+0x22/0x30
[ 2093.330776]  </TASK>
[ 2093.330979] Modules linked in:
[ 2093.331323] ---[ end trace 0000000000000000 ]---
[ 2093.331333] RIP: 0010:__rb_erase_color+0x155/0xe80
[ 2093.331350] Code: 89 ee 48 89 c5 e9 f6 fe ff ff 4c 8d 45 10 4c 89 c0 48 c1 e8 03 80 3c 18 00 0f 85 67 08 00 00 4c 8b 65 10 4c 89 e0 48 c1 e8 03 <80> 3c 18 00 0f 85 97 08 00 00 49 8d 7c 24 08 49 8b 04 24 48 89 f9
[ 2093.331364] RSP: 0018:ffff888044ae7960 EFLAGS: 00010256
[ 2093.331376] RAX: 0000000000000000 RBX: dffffc0000000000 RCX: 0000000000000000
[ 2093.331386] RDX: ffffffff81657c40 RSI: ffff88800b81cda8 RDI: ffff888008638438
[ 2093.331396] RBP: ffff888008638438 R08: ffff888008638448 R09: ffff88800b81cda7
[ 2093.331406] R10: ffffffff81658e58 R11: 0000000000000001 R12: 0000000000000000
[ 2093.331434] R13: ffffed10017039b5 R14: 0000000000000000 R15: ffff88800b81cda8
[ 2093.331445] FS:  0000000000000000(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000
[ 2093.331459] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2093.331470] CR2: 00005555557976d0 CR3: 000000000d9a8000 CR4: 0000000000350ef0
[ 2093.331480] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 2093.331490] DR3: 0000000000000000 DR6: 00000000ffff4ff0 DR7: 0000000000000400
[ 2093.331501] Fixing recursive fault but reboot is needed!
[ 2093.331508] BUG: using smp_processor_id() in preemptible [00000000] code: iou-sqp-8032/8033
[ 2093.331521] caller is __schedule+0x7f/0x2460
[ 2093.331547] CPU: 0 PID: 8033 Comm: iou-sqp-8032 Tainted: G      D W         5.18.0-rc4-next-20220427 #1
[ 2093.331563] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 2093.331573] Call Trace:
[ 2093.331577]  <TASK>
[ 2093.331582]  dump_stack_lvl+0x8b/0xb3
[ 2093.331599]  check_preemption_disabled+0x16b/0x170
[ 2093.331622]  __schedule+0x7f/0x2460
[ 2093.331643]  ? vprintk+0x88/0x90
[ 2093.331663]  ? lock_downgrade+0x6d0/0x6d0
[ 2093.331682]  ? io_schedule_timeout+0x140/0x140
[ 2093.331705]  ? destroy_sched_domains_rcu+0x50/0x50
19:45:09 executing program 5:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'veth0_to_team\x00'})
sendmsg$IPVS_CMD_NEW_SERVICE(r0, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x48, 0x0, 0x100, 0x70bd26, 0x25dfdbfd, {}, [@IPVS_CMD_ATTR_SERVICE={0x34, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x10000}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'dh\x00'}, @IPVS_SVC_ATTR_PROTOCOL={0x6, 0x2, 0x6c}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'nq\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x1}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x2e}]}]}, 0x48}, 0x1, 0x0, 0x0, 0x40080}, 0x0)
ioctl$CDROMRESET(r0, 0x5312)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/fscaps', 0x200000, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x4042, 0x0)
fcntl$dupfd(r1, 0x0, r2)
ioctl$CDROMSETSPINDOWN(r2, 0x531e, &(0x7f00000001c0)=0xa)

[ 2093.331730]  ? _raw_spin_unlock_irqrestore+0x28/0x50
[ 2093.331750]  do_task_dead+0xd1/0x100
[ 2093.331767]  make_task_dead.cold+0xb9/0x1c9
[ 2093.331787]  rewind_stack_and_make_dead+0x17/0x17
[ 2093.331804] RIP: 0033:0x0
[ 2093.331813] Code: Unable to access opcode bytes at RIP 0xffffffffffffffd6.
[ 2093.331820] RSP: 002b:0000000000000000 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2093.331834] RAX: 0000000000000000 RBX: 00007f011e8f0f60 RCX: 00007f011e7ddb19
[ 2093.331844] RDX: 0000000020fec000 RSI: 0000000020000080 RDI: 00000000000048cf
[ 2093.331853] RBP: 0000000020000080 R08: 0000000020000040 R09: 0000000020000040
[ 2093.331863] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000040
[ 2093.331873] R13: 0000000020fec000 R14: 0000000020000100 R15: 00000000200a0000
19:45:09 executing program 4:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000080)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r1 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000040)=[{&(0x7f0000010000)="601c6d6b646f736689254300080120000400004000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x10000}], 0x800010, &(0x7f0000000040)=ANY=[])
r2 = openat(r1, &(0x7f0000000180)='./file0\x00', 0x101042, 0x2500)
write(r2, &(0x7f0000000080)="01", 0xffff8000)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
sendfile(r2, r0, &(0x7f0000000140)=0x100, 0x8a8)
io_submit(0x0, 0x1, &(0x7f0000001340)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x2}])
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f00000006c0)={<r4=>0x0})
r5 = openat$cgroup_procs(r3, &(0x7f00000001c0)='cgroup.threads\x00', 0x2, 0x0)
ioctl$F2FS_IOC_RESIZE_FS(r5, 0x4008f510, &(0x7f00000002c0)=0x60b0)
perf_event_open(&(0x7f0000000240)={0x4, 0x80, 0x6, 0x80, 0x0, 0x44, 0x0, 0x401, 0x1260e, 0x8, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0xfffffff9, 0x2, @perf_config_ext={0x5, 0x1000}, 0x4, 0x1f, 0x7, 0x6, 0x1000, 0x433, 0x1f, 0x0, 0x101}, 0xffffffffffffffff, 0xc, 0xffffffffffffffff, 0x2)
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r3, 0xc0182101, &(0x7f0000000740)={r4, 0x37, 0x9})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000000)={r4, 0x0, r0, 0xffffff80, 0x80000})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000200)={0x0, 0x0, 0xffffffffffffffff, 0x0, 0xfe7})

19:45:09 executing program 0:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x2f1, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240))

19:45:09 executing program 5:
sendmsg$IPSET_CMD_GET_BYINDEX(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x1c, 0xf, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000014}, 0x14)
r0 = syz_genetlink_get_family_id$gtp(&(0x7f0000000140), 0xffffffffffffffff)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000200)={'ip6_vti0\x00', &(0x7f0000000180)={'syztnl1\x00', <r1=>0x0, 0x4, 0xf9, 0x33, 0x0, 0x12, @ipv4={'\x00', '\xff\xff', @local}, @private2, 0x1, 0x700, 0xfff, 0x5}})
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000240)={<r2=>0xffffffffffffffff, 0x3ff, 0x1, 0x1})
sendmsg$GTP_CMD_DELPDP(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000300)={&(0x7f0000000280)={0x58, r0, 0x2, 0x70bd29, 0x25dfdbfe, {}, [@GTPA_LINK={0x8, 0x1, r1}, @GTPA_FLOW={0x6, 0x6, 0x4}, @GTPA_TID={0xc}, @GTPA_VERSION={0x8, 0x2, 0x1}, @GTPA_VERSION={0x8, 0x2, 0x1}, @GTPA_FLOW={0x6, 0x6, 0x1}, @GTPA_NET_NS_FD={0x8, 0x7, r2}, @GTPA_VERSION={0x8}]}, 0x58}, 0x1, 0x0, 0x0, 0x84}, 0x4000)

[ 2093.331888]  </TASK>
[ 2093.331975] BUG: scheduling while atomic: iou-sqp-8032/8033/0x00000000
[ 2093.331987] INFO: lockdep is turned off.
[ 2093.331990] Modules linked in:
[ 2093.331995] Preemption disabled at:
[ 2093.331999] [<0000000000000000>] 0x0
[ 2093.332010] CPU: 0 PID: 8033 Comm: iou-sqp-8032 Tainted: G      D W         5.18.0-rc4-next-20220427 #1
19:45:09 executing program 7:
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x40b01, 0x0)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/fscaps', 0x200000, 0x0)
r2 = openat(r0, &(0x7f0000000040)='./file1\x00', 0x84e40, 0x0)
r3 = syz_mount_image$tmpfs(&(0x7f0000000140), &(0x7f0000000200)='./file1\x00', 0x5, 0x1, &(0x7f0000000280)=[{&(0x7f0000000240)="f805b3493226f9294dc9e696f519427016174716d8f2b74399", 0x19, 0x1701}], 0x810, &(0x7f00000002c0)={[{@huge_never}], [{@appraise_type}]})
openat(r3, &(0x7f0000000300)='./file1\x00', 0x541002, 0xd)
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/fscaps', 0x200000, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x4042, 0x0)
fcntl$dupfd(r4, 0x0, r5)
syz_io_uring_setup(0x7efd, &(0x7f0000000080)={0x0, 0x9f0f, 0x10, 0x1, 0x2a, 0x0, r5}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000400000/0xc00000)=nil, &(0x7f0000000100), &(0x7f0000000180))
fcntl$dupfd(r1, 0x0, r2)
ioctl$CDROMRESET(r1, 0x5321)

[ 2093.332026] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 2093.332036] Call Trace:
[ 2093.332039]  <TASK>
[ 2093.332044]  dump_stack_lvl+0x8b/0xb3
[ 2093.332059]  __schedule_bug.cold+0x133/0x143
[ 2093.332081]  __schedule+0x18e7/0x2460
[ 2093.332102]  ? vprintk+0x88/0x90
[ 2093.332121]  ? lock_downgrade+0x6d0/0x6d0
[ 2093.332141]  ? io_schedule_timeout+0x140/0x140
[ 2093.332163]  ? destroy_sched_domains_rcu+0x50/0x50
[ 2093.332185]  ? _raw_spin_unlock_irqrestore+0x28/0x50
19:45:09 executing program 2:
r0 = syz_io_uring_setup(0x48cf, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f0000fec000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000040))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_setup(0x62e9, &(0x7f0000000140)={0x0, 0x0, 0x37, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000feb000/0x14000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (fail_nth: 75)

19:45:09 executing program 3:
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x4a}, 0x0)
r1 = syz_io_uring_setup(0x214b, &(0x7f0000000200)={0x0, 0x66d3, 0x4, 0x1, 0xbb, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000000340)=<r2=>0x0)
r3 = creat(&(0x7f0000000380)='./file1\x00', 0x0)
r4 = syz_io_uring_setup(0x1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000140))
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
r6 = syz_io_uring_setup(0x76e7, &(0x7f0000000340), &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000280), &(0x7f00000003c0))
io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0xa, 0x0, r5)
syz_io_uring_submit(0x0, r2, &(0x7f00000003c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x4, 0x0, @fd=r3, 0xfffffffffffffff9, 0x0, 0xf690, 0x0, 0x0, {0x0, r5}}, 0x1000)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002480)='fd/3\x00')
fchmodat(r7, 0x0, 0x4)
r8 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x400c013, 0xffffffffffffffff, 0x10000000)
r9 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2, 0x10, r1, 0x8000000)
syz_io_uring_submit(r9, r8, &(0x7f0000000440)=@IORING_OP_POLL_REMOVE={0x7, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x401)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="de000000cacbd0f7d57c2308", @ANYRES32, @ANYBLOB="80000000000000002e2f66696c653000"])
perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000400), 0x1a4022c6cccc73be}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x4003, 0x0)
openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$RNDCLEARPOOL(r7, 0x5206, &(0x7f0000000480))

[ 2093.332205]  do_task_dead+0xd1/0x100
[ 2093.332222]  make_task_dead.cold+0xb9/0x1c9
[ 2093.332250]  rewind_stack_and_make_dead+0x17/0x17
[ 2093.332270] RIP: 0033:0x0
[ 2093.332279] Code: Unable to access opcode bytes at RIP 0xffffffffffffffd6.
[ 2093.332285] RSP: 002b:0000000000000000 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2093.332299] RAX: 0000000000000000 RBX: 00007f011e8f0f60 RCX: 00007f011e7ddb19
[ 2093.332309] RDX: 0000000020fec000 RSI: 0000000020000080 RDI: 00000000000048cf
[ 2093.332318] RBP: 0000000020000080 R08: 0000000020000040 R09: 0000000020000040
[ 2093.332328] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000040
[ 2093.332337] R13: 0000000020fec000 R14: 0000000020000100 R15: 00000000200a0000
[ 2093.332353]  </TASK>
[ 2093.370579] FAULT_INJECTION: forcing a failure.
[ 2093.370579] name failslab, interval 1, probability 0, space 0, times 0
[ 2093.370603] CPU: 1 PID: 8052 Comm: syz-executor.2 Tainted: G      D W         5.18.0-rc4-next-20220427 #1
[ 2093.370619] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 2093.370629] Call Trace:
[ 2093.370633]  <TASK>
[ 2093.370637]  dump_stack_lvl+0x8b/0xb3
[ 2093.370660]  should_fail.cold+0x5/0xa
[ 2093.370674]  ? create_object.isra.0+0x3a/0xa20
[ 2093.370697]  should_failslab+0x5/0x10
[ 2093.370721]  kmem_cache_alloc+0x5b/0x480
[ 2093.370738]  create_object.isra.0+0x3a/0xa20
[ 2093.370753]  ? kasan_unpoison+0x23/0x50
[ 2093.370769]  kmem_cache_alloc+0x239/0x480
[ 2093.370782]  mas_alloc_nodes+0x36e/0x6a0
[ 2093.370799]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 2093.370821]  mas_preallocate+0xff/0x270
[ 2093.370838]  mmap_region+0x770/0x1a70
[ 2093.370854]  ? do_munmap+0x100/0x100
[ 2093.370866]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2093.370885]  ? security_mmap_addr+0x79/0xa0
[ 2093.370901]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 2093.370919]  ? get_unmapped_area+0x2f0/0x3d0
[ 2093.370939]  do_mmap+0x824/0xf40
[ 2093.370952]  vm_mmap_pgoff+0x1b5/0x280
[ 2093.370970]  ? randomize_stack_top+0x100/0x100
[ 2093.370988]  ? __fget_files+0x287/0x470
[ 2093.371008]  ksys_mmap_pgoff+0x3cc/0x4f0
[ 2093.371021]  do_syscall_64+0x3b/0x90
[ 2093.371034]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2093.371051] RIP: 0033:0x7f4ea96a2b62
[ 2093.371061] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64
[ 2093.371073] RSP: 002b:00007f4ea6c180f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009
[ 2093.371085] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f4ea96a2b62
[ 2093.371093] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffe000
[ 2093.371101] RBP: 0000000020ffe000 R08: 0000000000000005 R09: 0000000000000000
[ 2093.371108] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000240
[ 2093.371115] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 2093.371127]  </TASK>
[ 2093.406268] FAULT_INJECTION: forcing a failure.
[ 2093.406268] name failslab, interval 1, probability 0, space 0, times 0
[ 2093.406295] CPU: 1 PID: 8057 Comm: syz-executor.1 Tainted: G      D W         5.18.0-rc4-next-20220427 #1
[ 2093.406313] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 2093.406329] Call Trace:
[ 2093.406333]  <TASK>
[ 2093.406337]  dump_stack_lvl+0x8b/0xb3
[ 2093.406358]  should_fail.cold+0x5/0xa
[ 2093.406375]  ? create_object.isra.0+0x3a/0xa20
[ 2093.406413]  should_failslab+0x5/0x10
[ 2093.406442]  kmem_cache_alloc+0x5b/0x480
[ 2093.406459]  create_object.isra.0+0x3a/0xa20
[ 2093.406478]  ? kasan_unpoison+0x23/0x50
[ 2093.406497]  kmem_cache_alloc_bulk+0x3fa/0x780
[ 2093.406513]  mas_alloc_nodes+0x2a6/0x6a0
[ 2093.406537]  mas_preallocate+0xff/0x270
[ 2093.406556]  __vma_adjust+0x1f6/0x18a0
[ 2093.406573]  ? vma_expand+0xda0/0xda0
[ 2093.406584]  ? anon_vma_clone+0x3ae/0x560
[ 2093.406602]  __split_vma+0x2a1/0x540
[ 2093.406612]  ? lock_release+0x543/0x750
[ 2093.406628]  do_mas_align_munmap.constprop.0+0x263/0xfa0
[ 2093.406644]  ? __split_vma+0x540/0x540
[ 2093.406656]  ? mas_walk+0x48a/0x670
[ 2093.406672]  ? mas_find+0x203/0xdd0
[ 2093.406688]  ? inode_has_perm+0x171/0x1d0
[ 2093.406704]  do_mas_munmap+0x1ed/0x2c0
[ 2093.406718]  ? avc_has_perm_noaudit+0x390/0x390
[ 2093.406730]  mmap_region+0x21c/0x1a70
[ 2093.406743]  ? lock_release+0x750/0x750
[ 2093.406758]  ? do_munmap+0x100/0x100
[ 2093.406770]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2093.406790]  ? security_mmap_addr+0x79/0xa0
[ 2093.406806]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 2093.406825]  ? get_unmapped_area+0x2f0/0x3d0
[ 2093.406843]  do_mmap+0x824/0xf40
[ 2093.406856]  vm_mmap_pgoff+0x1b5/0x280
[ 2093.406875]  ? randomize_stack_top+0x100/0x100
[ 2093.406892]  ? __fget_files+0x287/0x470
[ 2093.406913]  ksys_mmap_pgoff+0x3cc/0x4f0
[ 2093.406925]  do_syscall_64+0x3b/0x90
[ 2093.406939]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2093.406956] RIP: 0033:0x7f2c579bdb62
[ 2093.406966] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64
[ 2093.406978] RSP: 002b:00007f2c54f330f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009
[ 2093.406991] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f2c579bdb62
[ 2093.406999] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffe000
[ 2093.407007] RBP: 0000000020ffe000 R08: 0000000000000005 R09: 0000000000000000
[ 2093.407014] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000240
[ 2093.407021] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 2093.407033]  </TASK>
[ 2093.463115] loop7: detected capacity change from 0 to 23
[ 2093.463809] tmpfs: Unknown parameter 'appraise_type'
[ 2093.505539] loop7: detected capacity change from 0 to 23
[ 2093.505935] tmpfs: Unknown parameter 'appraise_type'
[ 2093.512609] FAULT_INJECTION: forcing a failure.
[ 2093.512609] name failslab, interval 1, probability 0, space 0, times 0
[ 2093.512631] CPU: 1 PID: 8079 Comm: syz-executor.2 Tainted: G      D W         5.18.0-rc4-next-20220427 #1
[ 2093.512645] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 2093.512654] Call Trace:
[ 2093.512657]  <TASK>
[ 2093.512662]  dump_stack_lvl+0x8b/0xb3
[ 2093.512682]  should_fail.cold+0x5/0xa
[ 2093.512693]  ? mas_alloc_nodes+0x36e/0x6a0
[ 2093.512714]  should_failslab+0x5/0x10
[ 2093.512732]  kmem_cache_alloc+0x5b/0x480
[ 2093.512744]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2093.512766]  mas_alloc_nodes+0x36e/0x6a0
[ 2093.512780]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 2093.512801]  mas_preallocate+0xff/0x270
[ 2093.512818]  mmap_region+0x770/0x1a70
[ 2093.512833]  ? do_munmap+0x100/0x100
[ 2093.512846]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2093.512864]  ? security_mmap_addr+0x79/0xa0
[ 2093.512883]  ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 2093.512902]  ? get_unmapped_area+0x2f0/0x3d0
[ 2093.512921]  do_mmap+0x824/0xf40
[ 2093.512934]  vm_mmap_pgoff+0x1b5/0x280
[ 2093.512953]  ? randomize_stack_top+0x100/0x100
[ 2093.512971]  ? __fget_files+0x287/0x470
[ 2093.512993]  ksys_mmap_pgoff+0x3cc/0x4f0
[ 2093.513005]  do_syscall_64+0x3b/0x90
[ 2093.513019]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 2093.513037] RIP: 0033:0x7f4ea96a2b62
[ 2093.513047] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64
[ 2093.513060] RSP: 002b:00007f4ea6c180f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009
[ 2093.513072] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f4ea96a2b62
[ 2093.513080] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffe000
[ 2093.513088] RBP: 0000000020ffe000 R08: 0000000000000005 R09: 0000000000000000
[ 2093.513095] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000240
[ 2093.513102] R13: 0000000020feb000 R14: 0000000020000200 R15: 0000000020ffe000
[ 2093.513114]  </TASK>
[ 2093.531006] general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#2] PREEMPT SMP KASAN NOPTI
[ 2093.531028] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]
[ 2093.531040] CPU: 0 PID: 8080 Comm: iou-sqp-8079 Tainted: G      D W         5.18.0-rc4-next-20220427 #1
[ 2093.531056] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 2093.531066] RIP: 0010:__rb_erase_color+0x155/0xe80
[ 2093.531088] Code: 89 ee 48 89 c5 e9 f6 fe ff ff 4c 8d 45 10 4c 89 c0 48 c1 e8 03 80 3c 18 00 0f 85 67 08 00 00 4c 8b 65 10 4c 89 e0 48 c1 e8 03 <80> 3c 18 00 0f 85 97 08 00 00 49 8d 7c 24 08 49 8b 04 24 48 89 f9
[ 2093.531103] RSP: 0018:ffff888044b57960 EFLAGS: 00010256
[ 2093.531115] RAX: 0000000000000000 RBX: dffffc0000000000 RCX: 0000000000000000
[ 2093.531128] RDX: ffffffff81657c40 RSI: ffff88801d9fe680 RDI: ffff88800d6ef6a8
[ 2093.531139] RBP: ffff88800d6ef6a8 R08: ffff88800d6ef6b8 R09: ffff88801d9fe67f
[ 2093.531149] R10: ffffffff81658e58 R11: 0000000000000001 R12: 0000000000000000
[ 2093.531159] R13: ffffed1003b3fcd0 R14: 0000000000000000 R15: ffff88801d9fe680
[ 2093.531171] FS:  0000000000000000(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000
[ 2093.531186] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2093.531196] CR2: 00007f1b5bfa4e25 CR3: 0000000044104000 CR4: 0000000000350ef0
[ 2093.531205] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 2093.531214] DR3: 0000000000000000 DR6: 00000000ffff4ff0 DR7: 0000000000000400
[ 2093.531223] Call Trace:
[ 2093.531228]  <TASK>
[ 2093.531235]  vma_interval_tree_remove+0x694/0xec0
[ 2093.531257]  unlink_file_vma+0xbd/0x110
[ 2093.531272]  free_pgtables+0x255/0x420
[ 2093.531290]  ? free_pgd_range+0x1360/0x1360
[ 2093.531309]  ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 2093.531335]  exit_mmap+0x1c8/0x690
[ 2093.531348]  ? __ia32_sys_remap_file_pages+0x150/0x150
[ 2093.531370]  ? delayed_uprobe_remove+0x27/0x230
[ 2093.531390]  mmput+0xd1/0x390
[ 2093.531409]  do_exit+0xa10/0x27f0
[ 2093.531444]  ? lock_downgrade+0x6d0/0x6d0
[ 2093.531464]  ? mm_update_next_owner+0x7e0/0x7e0
[ 2093.531481]  ? _raw_spin_unlock_irqrestore+0x28/0x50
[ 2093.531502]  io_sq_thread.cold+0x17f/0x17f
[ 2093.531526]  ? __io_uring_free+0x1b0/0x1b0
[ 2093.531546]  ? lock_release+0x543/0x750
[ 2093.531562]  ? ret_from_fork+0x8/0x30
[ 2093.531579]  ? destroy_sched_domains_rcu+0x50/0x50
[ 2093.531599]  ? rwlock_bug.part.0+0x90/0x90
[ 2093.531618]  ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[ 2093.531640]  ? __io_uring_free+0x1b0/0x1b0
[ 2093.531659]  ret_from_fork+0x22/0x30
[ 2093.531679]  </TASK>
[ 2093.531684] Modules linked in:
[ 2093.531706] ---[ end trace 0000000000000000 ]---
[ 2093.531737] RIP: 0010:__rb_erase_color+0x155/0xe80
[ 2093.531751] Code: 89 ee 48 89 c5 e9 f6 fe ff ff 4c 8d 45 10 4c 89 c0 48 c1 e8 03 80 3c 18 00 0f 85 67 08 00 00 4c 8b 65 10 4c 89 e0 48 c1 e8 03 <80> 3c 18 00 0f 85 97 08 00 00 49 8d 7c 24 08 49 8b 04 24 48 89 f9
[ 2093.531765] RSP: 0018:ffff888044ae7960 EFLAGS: 00010256
[ 2093.531776] RAX: 0000000000000000 RBX: dffffc0000000000 RCX: 0000000000000000
[ 2093.531786] RDX: ffffffff81657c40 RSI: ffff88800b81cda8 RDI: ffff888008638438
[ 2093.531796] RBP: ffff888008638438 R08: ffff888008638448 R09: ffff88800b81cda7
[ 2093.531806] R10: ffffffff81658e58 R11: 0000000000000001 R12: 0000000000000000
[ 2093.531815] R13: ffffed10017039b5 R14: 0000000000000000 R15: ffff88800b81cda8
[ 2093.531826] FS:  0000000000000000(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000
[ 2093.531839] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2093.531850] CR2: 00007f1b5bfa4e25 CR3: 0000000044104000 CR4: 0000000000350ef0
[ 2093.531859] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 2093.531867] DR3: 0000000000000000 DR6: 00000000ffff4ff0 DR7: 0000000000000400
[ 2093.531877] Fixing recursive fault but reboot is needed!
[ 2093.531883] BUG: using smp_processor_id() in preemptible [00000000] code: iou-sqp-8079/8080
[ 2093.531895] caller is __schedule+0x7f/0x2460
[ 2093.531917] CPU: 0 PID: 8080 Comm: iou-sqp-8079 Tainted: G      D W         5.18.0-rc4-next-20220427 #1
[ 2093.531932] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 2093.531941] Call Trace:
[ 2093.531945]  <TASK>
[ 2093.531950]  dump_stack_lvl+0x8b/0xb3
[ 2093.531966]  check_preemption_disabled+0x16b/0x170
[ 2093.531987]  __schedule+0x7f/0x2460
[ 2093.532007]  ? vprintk+0x88/0x90
[ 2093.532025]  ? lock_downgrade+0x6d0/0x6d0
[ 2093.532043]  ? io_schedule_timeout+0x140/0x140
[ 2093.532064]  ? destroy_sched_domains_rcu+0x50/0x50
[ 2093.532083]  ? _raw_spin_unlock_irqrestore+0x28/0x50
[ 2093.532102]  do_task_dead+0xd1/0x100
[ 2093.532118]  make_task_dead.cold+0xb9/0x1c9
[ 2093.532137]  rewind_stack_and_make_dead+0x17/0x17
[ 2093.532153] RIP: 0033:0x0
[ 2093.532163] Code: Unable to access opcode bytes at RIP 0xffffffffffffffd6.
[ 2093.532169] RSP: 002b:0000000000000000 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2093.532182] RAX: 0000000000000000 RBX: 00007f4ea97b5f60 RCX: 00007f4ea96a2b19
[ 2093.532192] RDX: 0000000020fec000 RSI: 0000000020000080 RDI: 00000000000048cf
[ 2093.532201] RBP: 0000000020000080 R08: 0000000020000040 R09: 0000000020000040
[ 2093.532210] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000040
[ 2093.532219] R13: 0000000020fec000 R14: 0000000020000100 R15: 00000000200a0000
[ 2093.532234]  </TASK>
[ 2093.532239] BUG: scheduling while atomic: iou-sqp-8079/8080/0x00000000
[ 2093.532248] INFO: lockdep is turned off.
[ 2093.532252] Modules linked in:
[ 2093.532256] Preemption disabled at:
[ 2093.532260] [<0000000000000000>] 0x0
[ 2093.532270] CPU: 0 PID: 8080 Comm: iou-sqp-8079 Tainted: G      D W         5.18.0-rc4-next-20220427 #1
[ 2093.532284] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 2093.532293] Call Trace:
[ 2093.532297]  <TASK>
[ 2093.532301]  dump_stack_lvl+0x8b/0xb3
[ 2093.532315]  __schedule_bug.cold+0x133/0x143
[ 2093.532335]  __schedule+0x18e7/0x2460
[ 2093.532355]  ? vprintk+0x88/0x90
[ 2093.532373]  ? lock_downgrade+0x6d0/0x6d0
[ 2093.532392]  ? io_schedule_timeout+0x140/0x140
[ 2093.532413]  ? destroy_sched_domains_rcu+0x50/0x50
[ 2093.532433]  ? _raw_spin_unlock_irqrestore+0x28/0x50
[ 2093.532451]  do_task_dead+0xd1/0x100
[ 2093.532465]  make_task_dead.cold+0xb9/0x1c9
[ 2093.532482]  rewind_stack_and_make_dead+0x17/0x17
[ 2093.532498] RIP: 0033:0x0
[ 2093.532508] Code: Unable to access opcode bytes at RIP 0xffffffffffffffd6.
[ 2093.532515] RSP: 002b:0000000000000000 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 2093.532527] RAX: 0000000000000000 RBX: 00007f4ea97b5f60 RCX: 00007f4ea96a2b19
[ 2093.532537] RDX: 0000000020fec000 RSI: 0000000020000080 RDI: 00000000000048cf
[ 2093.532547] RBP: 0000000020000080 R08: 0000000020000040 R09: 0000000020000040
[ 2093.532556] R10: 0000000020000100 R11: 0000000000000202 R12: 0000000020000040
[ 2093.532565] R13: 0000000020fec000 R14: 0000000020000100 R15: 00000000200a0000
[ 2093.532580]  </TASK>

VM DIAGNOSIS:
19:45:09  Registers:
info registers vcpu 0
RAX=0000000000000030 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff8242f1d1 RDI=ffffffff873e04e0 RBP=ffffffff873e04a0 RSP=ffff888044ae7278
R8 =0000000000000010 R9 =0000000000000030 R10=ffffffff8243eaf6 R11=000000000000000a
R12=0000000000000030 R13=ffffffff873e04a0 R14=0000000000000010 R15=ffffffff8242f1c0
RIP=ffffffff8242f229 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000000000000000 00000000 00000000
GS =0000 ffff88806ce00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00005555557976d0 CR3=000000000bc02000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff4ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM01=0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffffff
YMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM04=0000000000000000 0000000000000000 0000000000000000 00000000000000ff
YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245
YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040
YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1
RAX=0000000000000001 RBX=0000000000000002 RCX=0000000000000001 RDX=0000000000000000
RSI=0000000000000002 RDI=0000000000000000 RBP=ffffffff85203700 RSP=ffff888046e9f660
R8 =0000000000000000 R9 =ffffffff858eeb57 R10=fffffbfff0b1dd6a R11=0000000000000001
R12=ffff888043321ac0 R13=0000000000000000 R14=00000000ffffffff R15=ffff888043322468
RIP=ffffffff8417ae44 RFL=00000057 [---ZAPC] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 0000000000000000 00000000 00000000
GS =0000 ffff88806cf00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f3eaa053000 CR3=0000000005026000 CR4=00350ee0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM01=0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffffff
YMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM04=0000000000000000 0000000000000000 0000000000000000 00000000000000ff
YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM06=0000000000000000 0000000000000000 0000000000000000 000000524f525245
YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM08=0000000000000000 0000000000000000 0000000000000000 00524f5252450040
YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000
YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000